CLSA-2021:1634919016 TuxCare License Agreement 0 - CVE-2021-40145: check for memory allocation errors processing GD2 images - CVE-2017-6363: make sure transparent index is within bounds of the palette Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-40145: check for memory allocation errors processing GD2 images - CVE-2017-6363: make sure transparent index is within bounds of the palette

0 cloudlinux-x86_64-server-6 gd-devel-2.0.35-12.el6.cloudlinux.els.x86_64.rpm 41d0d320fd426bb283cb5cd51fbcfc3bcff195c5 gd-devel-2.0.35-12.el6.cloudlinux.els.i686.rpm e8debeb1299fb61a944ee2b5992671535c549b66 gd-progs-2.0.35-12.el6.cloudlinux.els.x86_64.rpm ceb768f2d6c5fabf1275b68a97ee6cd92b5d21db gd-2.0.35-12.el6.cloudlinux.els.x86_64.rpm 79339c744bfc3313d6b6fb162f6e07365565c143 gd-2.0.35-12.el6.cloudlinux.els.i686.rpm cdf0516de841ecbe7e31c6e8c6fb6cbe000d58f7 CLSA-2021:1634922250 TuxCare License Agreement 0 - A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214) - An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215) - A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack (CVE-2021-25216) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214) - An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215) - A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack (CVE-2021-25216)

0 cloudlinux-x86_64-server-6 bind-sdb-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm 4dd7f54941c028a8064fdd77ae889785448f5863 bind-devel-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm c11e848f05d199cf4a65d49caa5515b33b79e644 bind-chroot-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm adc78c8725dd408d620c77530726de15604d4a28 bind-devel-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.i686.rpm 151a77d46d035d46e7bcdcb5cddc2b367bd638af bind-libs-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm 4a40697653bff4b0a92c87ed52436d4380d04d5b bind-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm b23e4167275b418e5faef82ce8bc6dabeb5d37d9 bind-libs-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.i686.rpm 12a091ffbabf3d307d91eda7e6daf68ae815c94c bind-utils-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm 69b4af48966777bf19ffa20367100b92ced90784 CLSA-2021:1634922380 TuxCare License Agreement 0 - CVE-2021-3487: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section(). Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3487: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section().

0 cloudlinux-x86_64-server-6 binutils-devel-2.20.51.0.2-5.48.0.4.el6.cloudlinux.els.i686.rpm bb3d37bd2b30b3305ae8197bd971cbeec81cf376 binutils-devel-2.20.51.0.2-5.48.0.4.el6.cloudlinux.els.x86_64.rpm d3fc54a91ef5c853570a034ad49e093a55fffaec binutils-2.20.51.0.2-5.48.0.4.el6.cloudlinux.els.x86_64.rpm 9aa6dc42f4265b7f1bdf696a4069362470e1769f CLSA-2021:1634922397 TuxCare License Agreement 0 - trusting FTP PASV responses (CVE-2020-8284) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- trusting FTP PASV responses (CVE-2020-8284)

0 cloudlinux-x86_64-server-6 libcurl-7.19.7-54.el6.cloudlinux.els6.x86_64.rpm 7abf2d2f3c512116702895c31d3b35dec39d7a6f curl-7.19.7-54.el6.cloudlinux.els6.x86_64.rpm 151312f487d193e72f3d6d1760a35332e76b938c libcurl-7.19.7-54.el6.cloudlinux.els6.i686.rpm aea2d615539338e31d64b5072ae74afdfb392490 libcurl-devel-7.19.7-54.el6.cloudlinux.els6.i686.rpm c2fbb48a5c3e6794505885a53f9b83516207610e libcurl-devel-7.19.7-54.el6.cloudlinux.els6.x86_64.rpm b48b6f848004353183b651ac8811cb4850e08115 CLSA-2021:1634922414 TuxCare License Agreement 0 - trusting FTP PASV responses (CVE-2020-8284) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- trusting FTP PASV responses (CVE-2020-8284)

0 cloudlinux-x86_64-server-6 libcurl-devel-7.19.7-55.el6.cloudlinux.ol.els6.i686.rpm 0f589bc06ebf7665c5e5e1b598ecd1e13ac7322a libcurl-devel-7.19.7-55.el6.cloudlinux.ol.els6.x86_64.rpm 3678cc229cba81d60e3fc7a664ac68b01a81e310 libcurl-7.19.7-55.el6.cloudlinux.ol.els6.i686.rpm 06198c7797a7e8bacc4c7265dfd73513bfee9d88 curl-7.19.7-55.el6.cloudlinux.ol.els6.x86_64.rpm 83afa6e0d522d5ee0be712a2aab3f6af0d72445a libcurl-7.19.7-55.el6.cloudlinux.ol.els6.x86_64.rpm 8c061ff004872556958506bd4f759cfac354e95f CLSA-2021:1634922432 TuxCare License Agreement 0 - back-port urlapi from v7.75.0 (used by CVE-2021-22876) - strip credentials from the auto-referer header (CVE-2021-22876) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- back-port urlapi from v7.75.0 (used by CVE-2021-22876) - strip credentials from the auto-referer header (CVE-2021-22876)

0 cloudlinux-x86_64-server-6 libcurl-devel-7.19.7-56.el6.cloudlinux.ol.els6.x86_64.rpm 876f81258d6031abb9b5714e7d90f290ab5abe75 libcurl-devel-7.19.7-56.el6.cloudlinux.ol.els6.i686.rpm 2a236d3df679f5f1ae8739d8e7decee1ef933bf5 curl-7.19.7-56.el6.cloudlinux.ol.els6.x86_64.rpm e6d649bcf49f3508ff230d914ad095846d443dbc libcurl-7.19.7-56.el6.cloudlinux.ol.els6.i686.rpm 81d35e6a607ac2fda5db6853472e4592c9a20018 libcurl-7.19.7-56.el6.cloudlinux.ol.els6.x86_64.rpm 4cd72ff344a558d40e1c62c5883bf04290b521ca CLSA-2021:1634922501 TuxCare License Agreement 0 - telnet stack contents disclosure again (CVE-2021-22925) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- telnet stack contents disclosure again (CVE-2021-22925)

0 cloudlinux-x86_64-server-6 libcurl-devel-7.19.7-57.el6.cloudlinux.ol.els6.x86_64.rpm 3980228245267fd16089290dd20131324ab8cb8b curl-7.19.7-57.el6.cloudlinux.ol.els6.x86_64.rpm 7667cc97bdb8518f845e15c2bf5149eff4288464 libcurl-7.19.7-57.el6.cloudlinux.ol.els6.x86_64.rpm 3fd66952538cf65b05b465ca9bb8f30817269642 libcurl-devel-7.19.7-57.el6.cloudlinux.ol.els6.i686.rpm 94fb7f537962160a013548b75093492c2f4a2000 libcurl-7.19.7-57.el6.cloudlinux.ol.els6.i686.rpm 47043a36e14e97eef38349898ad25b2632f3c741 CLSA-2021:1634922517 TuxCare License Agreement 0 - telnet stack contents disclosure again (CVE-2021-22925) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- telnet stack contents disclosure again (CVE-2021-22925)

0 cloudlinux-x86_64-server-6 libcurl-devel-7.19.7-58.el6.cloudlinux.els.x86_64.rpm 37b850c4337f41d1f470186134c311421adb4845 libcurl-7.19.7-58.el6.cloudlinux.els.i686.rpm 3b7bf860028887fa9927f7e39c45cbc1350cbff9 curl-7.19.7-58.el6.cloudlinux.els.x86_64.rpm 114614fc97260a0d4935c2531e80378cefaa4a31 libcurl-7.19.7-58.el6.cloudlinux.els.x86_64.rpm 5124677dde1b59bd266a066b5102ebe9bfe33e05 libcurl-devel-7.19.7-58.el6.cloudlinux.els.i686.rpm 11521af8aab2b7c9f68c7aa493f2987044b587c4 CLSA-2021:1634922534 TuxCare License Agreement 0 - fix connection reuse checks for issuer cert and case sensitivity (CVE-2021-22924) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- fix connection reuse checks for issuer cert and case sensitivity (CVE-2021-22924)

0 cloudlinux-x86_64-server-6 curl-7.19.7-59.el6.cloudlinux.els.x86_64.rpm 619a8ff0b74327d7835d349aaef3163cc8b450f4 libcurl-7.19.7-59.el6.cloudlinux.els.i686.rpm 2fb7891c31cac1df03e490f1a7ccee3a70b506da libcurl-devel-7.19.7-59.el6.cloudlinux.els.x86_64.rpm 62ff56782a177dabb1a6a281b2ed5d6b15a4adaa libcurl-7.19.7-59.el6.cloudlinux.els.x86_64.rpm f482fe11e370d6facba7bb36830524f8b63dc494 libcurl-devel-7.19.7-59.el6.cloudlinux.els.i686.rpm e5442f11f98c8bf95c4bda5530843e830a831d6e CLSA-2021:1634922551 TuxCare License Agreement 0 - CVE-2021-25217: avoid buffer overrun Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-25217: avoid buffer overrun

0 cloudlinux-x86_64-server-6 dhcp-common-4.1.1-64.P1.0.1.el6.cloudlinux.ol.els.x86_64.rpm 1e9ad48bddc58c792ad679b0c2ed0bc07bf05f02 dhclient-4.1.1-64.P1.0.1.el6.cloudlinux.ol.els.x86_64.rpm e2f9467ef7ee3e4b85e572b8ac7a48bb3c701d53 dhcp-devel-4.1.1-64.P1.0.1.el6.cloudlinux.ol.els.i686.rpm 057d816daedca44b0442338bd63a0575b7a564ca dhcp-4.1.1-64.P1.0.1.el6.cloudlinux.ol.els.x86_64.rpm d28d0baf9b9b418e645754a565ee473f29632759 dhcp-devel-4.1.1-64.P1.0.1.el6.cloudlinux.ol.els.x86_64.rpm e09b63649354579e67c510577fdbaa9daa595c56 CLSA-2021:1634922570 TuxCare License Agreement 0 - CVE-2020-12100: Resource exhaustion via deeply nested MIME parts - CVE-2020-25275: Denial of service via mail MIME parsing Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-12100: Resource exhaustion via deeply nested MIME parts - CVE-2020-25275: Denial of service via mail MIME parsing

0 cloudlinux-x86_64-server-6 dovecot-pigeonhole-2.0.9-23.el6.cloudlinux.els.x86_64.rpm ab374c009a1407be4832e4d3aae44ecb93763928 dovecot-pgsql-2.0.9-23.el6.cloudlinux.els.x86_64.rpm c6cc0cc3e8ee30fd67cdfed8e3cd9c612de0b7bf dovecot-2.0.9-23.el6.cloudlinux.els.x86_64.rpm ad962be574e3ee2fb4547b57a268019a8d486c23 dovecot-2.0.9-23.el6.cloudlinux.els.i686.rpm 7109c459375bce0b42d2ec7655c0a57c2d1bc1eb dovecot-devel-2.0.9-23.el6.cloudlinux.els.i686.rpm e5d35dbc6b76dc50878375d36034bb7bd01da57e dovecot-devel-2.0.9-23.el6.cloudlinux.els.x86_64.rpm 8086b5f7334a61159fcf26884bb84562f7eb12fa dovecot-mysql-2.0.9-23.el6.cloudlinux.els.x86_64.rpm 43376c264411ef9af04ec2eb4b041a7ff65fe720 CLSA-2021:1634922588 TuxCare License Agreement 0 - Fixed CVE-2021-28153: g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION creates empty target for dangling symlink Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fixed CVE-2021-28153: g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION creates empty target for dangling symlink

0 cloudlinux-x86_64-server-6 glib2-2.28.8-12.el6.cloudlinux.els.i686.rpm ae06a73c62eaefa30826bd2ff406d07af701d1cc glib2-static-2.28.8-12.el6.cloudlinux.els.x86_64.rpm 03de38d6bd4b07a9b45a5cdf51f90681e1dbaf9f glib2-devel-2.28.8-12.el6.cloudlinux.els.i686.rpm bc52f560244dd9b8d87bd89254f5376385f11567 glib2-doc-2.28.8-12.el6.cloudlinux.els.noarch.rpm 8a2df118c66a244f693468b82c536960565d8972 glib2-devel-2.28.8-12.el6.cloudlinux.els.x86_64.rpm dc2fd8d6f6933624ec61b92de01f26243178fbce glib2-2.28.8-12.el6.cloudlinux.els.x86_64.rpm 605fe0a1f676c68440b2f62cfb460e6f9277626e CLSA-2021:1634922609 TuxCare License Agreement 0 - Adopt pthread_attr_copy functionality, test case is included - CVE-2021-33574: avoid use-after-free vulnerability - CVE-2021-35942: avoid out-of-bounds read via signed integer overflow in array index - CVE-2021-38604: considered. No NULL pointer dereference is possible Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Adopt pthread_attr_copy functionality, test case is included - CVE-2021-33574: avoid use-after-free vulnerability - CVE-2021-35942: avoid out-of-bounds read via signed integer overflow in array index - CVE-2021-38604: considered. No NULL pointer dereference is possible

0 cloudlinux-x86_64-server-6 glibc-2.12-2.213.el6.cloudlinux.els.i686.rpm 84d6a8c1a07bd178cb2cfd03064cda8f7275791d glibc-devel-2.12-2.213.el6.cloudlinux.els.i686.rpm a93dcd2fd490714619b3a72aae0d71b3404b2751 glibc-headers-2.12-2.213.el6.cloudlinux.els.x86_64.rpm 1f59bfcff758071fc889f5a2981b06279dac816b glibc-2.12-2.213.el6.cloudlinux.els.x86_64.rpm 3e7dbe88ec84eca9cfce2b4666f49589a434d167 nscd-2.12-2.213.el6.cloudlinux.els.x86_64.rpm f18e3b718502a6db1fe6fec00644e7b325f0aa88 glibc-static-2.12-2.213.el6.cloudlinux.els.x86_64.rpm 26208a207292b077fbfa5dd5dd7df2d530142437 glibc-devel-2.12-2.213.el6.cloudlinux.els.x86_64.rpm 282210d965fad9fd535c706d0a34cb22daf41cb9 glibc-static-2.12-2.213.el6.cloudlinux.els.i686.rpm ef333bcd4b17e548665e66e36c15ed21a522daf1 glibc-common-2.12-2.213.el6.cloudlinux.els.x86_64.rpm 109486b33944d6305e5dc5e9c59d1ddd36b99770 glibc-utils-2.12-2.213.el6.cloudlinux.els.x86_64.rpm c6efaa880828043d0840aeca8c29199e18c606a2 CLSA-2021:1634922624 TuxCare License Agreement 0 - CVE-2020-35452: fix stack overflow in mod_auth_digest due to crafted digest nonce Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-35452: fix stack overflow in mod_auth_digest due to crafted digest nonce

0 cloudlinux-x86_64-server-6 httpd-manual-2.2.15-71.el6.cloudlinux.els.noarch.rpm 0fb581eec1780034665c19f9281f95af06f63a93 httpd-devel-2.2.15-71.el6.cloudlinux.els.x86_64.rpm 62c018a3972728cc2d3b810c25dcaf8f40a52761 httpd-tools-2.2.15-71.el6.cloudlinux.els.x86_64.rpm af7b9d66d89d1d426731d2a4bb1c3fb63ee54f21 httpd-2.2.15-71.el6.cloudlinux.els.x86_64.rpm 10ef223ae80913c7b3af6c9547fc266d23189ce2 httpd-devel-2.2.15-71.el6.cloudlinux.els.i686.rpm af76c2e5f5d25bb9d8d96c70e45b8b251e2c4bb3 mod_ssl-2.2.15-71.el6.cloudlinux.els.x86_64.rpm 51a4b12efb6e253c327aa860bb3489ac27c1f98c CLSA-2021:1634922666 TuxCare License Agreement 0 - CVE-2021-39275: ap_escape_quotes() algorithm which led to buffer overflow. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-39275: ap_escape_quotes() algorithm which led to buffer overflow.

0 cloudlinux-x86_64-server-6 mod_ssl-2.2.15-72.el6.cloudlinux.els.x86_64.rpm 1d8efc54cca79b3df2047356db8bdaa74a62bc3c httpd-tools-2.2.15-72.el6.cloudlinux.els.x86_64.rpm c9d1fbfcd43a33af4fc053c4714bed5ba65750bd httpd-2.2.15-72.el6.cloudlinux.els.x86_64.rpm 31aae194f4dfce5bdf8b73b226e15a6aeace75fc httpd-manual-2.2.15-72.el6.cloudlinux.els.noarch.rpm 80cd8e8764ef863e351d98930bfd4ddc705a3a80 httpd-devel-2.2.15-72.el6.cloudlinux.els.x86_64.rpm eceb7f1c98e348747768fe3903d4d087616c2993 httpd-devel-2.2.15-72.el6.cloudlinux.els.i686.rpm 241c344add869776e2e9d4e53295c97a1a271919 CLSA-2021:1634922702 TuxCare License Agreement 0 - Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination

0 cloudlinux-x86_64-server-6 java-1.8.0-openjdk-javadoc-debug-1.8.0.275.b01-1.el6.cloudlinux.els.noarch.rpm 3ca6b71c68debf34a5c7bb3c73cdf5e4220c5f66 java-1.8.0-openjdk-headless-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 768eb30677a9afa416124891441aa757a5c81fc9 java-1.8.0-openjdk-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 3d815db2a82862ec4a242ace84ca20c6327da70b java-1.8.0-openjdk-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 30c95e99fa3d4631f075fcade8e52660b186ac00 java-1.8.0-openjdk-src-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 166bcc84441b40c92c99df433742a5b7b0294aea java-1.8.0-openjdk-devel-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 7747a9233a9c2cda62891488d323ebf794aa23c6 java-1.8.0-openjdk-headless-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 3a05a5cfb674d1ea0c0b283d076e33d1a1b2d08a java-1.8.0-openjdk-devel-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm cec608e233a0311d1d422248dd1671c2c78d97f4 java-1.8.0-openjdk-javadoc-1.8.0.275.b01-1.el6.cloudlinux.els.noarch.rpm 907fd7771e181ed5d5b677c0314abe802a6dc8f2 java-1.8.0-openjdk-demo-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 5e8767492d9213dcbbb453b4a5ba91fce0a9dcb9 java-1.8.0-openjdk-demo-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 10f2a8b76986577f9197cc6264b1e60d7993c2c8 java-1.8.0-openjdk-src-debug-1.8.0.275.b01-1.el6.cloudlinux.els.x86_64.rpm 5d5a8f342bba0d39e8bcc6056b173e7c946e8a4d CLSA-2021:1634922728 TuxCare License Agreement 0 - ELS-138: netfilter: x_tables: add missing tables zeroing - ELS-138: CVE-2021-33909: seq_file: disallow extremely large seq buffer allocation - ELS-138: CVE-2021-22555: netfilter: x_tables: fix compat match/target pad out-of-bound write - ELS-138: CVE-2020-29661: tty: Fix ->pgrp locking in tiocspgrp() - ELS-138: CVE-2020-25656: vt: keyboard, extend func_buf_lock to readers - ELS-138: CVE-2020-25656: tty/vt: fix write/write race in ioctl(KDSKBSENT) handler - ELS-138: CVE-2020-25656: vt: keyboard, simplify vt_kdgkbsent - ELS-138: CVE-2020-25211: netfilter: ctnetlink: add a range check for l3/l4 protonum - ELS-138: CKSIX-276: CVE-2019-19532: HID: Fix assumption that devices have inputs - ELS-138: CVE-2021-27365: scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE - ELS-138: CVE-2021-27365: scsi: iscsi: Verify lengths on passthrough PDUs - ELS-138: CVE-2021-27363: CVE-2021-27364: scsi: iscsi: Restrict sessions and handles to admin capabilities - ELS-138: sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output - ELS-138: USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data - ELS-138: CVE-2019-14615: drm/i915/gen9: Clear residual context state on context switch - ELS-138: CVE-2020-8647, CVE-2020-8649: vgacon: Fix a UAF in vgacon_invert_region - ELS-138: CVE-2020-14331: vgacon: Fix for missing check in scrollback handling - ELS-138: CVE-2021-3347: futex: Handle faults correctly for PI futexes - ELS-138: CVE-2021-3347: futex: Provide and use pi_state_update_owner() - ELS-138: KEYS: allow reaching the keys quotas exactly - ELS-138: KEYS: reaching the keys quotas correctly - ELS-138: fix -ENOMEM result with invalid user space pointer in sendto() syscall - ELS-138: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify - ELS-138: CVE-2018-6927: futex: Prevent overflow by strengthen input validation - ELS-138: CVE-2017-6951: KEYS: Change the name of the dead type to ".dead" to prevent user access - ELS-138: CVE-2017-15299: KEYS: don't let add_key() update an uninstantiated key - ELS-138: fix CVE-2016-9604 - ELS-138: KEYS: add missing permission check for request_key() destination - ELS-138: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper - ELS-138: fix CVE-2017-7472 - ELS-138: fix CVE-2017-15274 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- ELS-138: netfilter: x_tables: add missing tables zeroing - ELS-138: CVE-2021-33909: seq_file: disallow extremely large seq buffer allocation - ELS-138: CVE-2021-22555: netfilter: x_tables: fix compat match/target pad out-of-bound write - ELS-138: CVE-2020-29661: tty: Fix ->pgrp locking in tiocspgrp() - ELS-138: CVE-2020-25656: vt: keyboard, extend func_buf_lock to readers - ELS-138: CVE-2020-25656: tty/vt: fix write/write race in ioctl(KDSKBSENT) handler - ELS-138: CVE-2020-25656: vt: keyboard, simplify vt_kdgkbsent - ELS-138: CVE-2020-25211: netfilter: ctnetlink: add a range check for l3/l4 protonum - ELS-138: CKSIX-276: CVE-2019-19532: HID: Fix assumption that devices have inputs - ELS-138: CVE-2021-27365: scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE - ELS-138: CVE-2021-27365: scsi: iscsi: Verify lengths on passthrough PDUs - ELS-138: CVE-2021-27363: CVE-2021-27364: scsi: iscsi: Restrict sessions and handles to admin capabilities - ELS-138: sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output - ELS-138: USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data - ELS-138: CVE-2019-14615: drm/i915/gen9: Clear residual context state on context switch - ELS-138: CVE-2020-8647, CVE-2020-8649: vgacon: Fix a UAF in vgacon_invert_region - ELS-138: CVE-2020-14331: vgacon: Fix for missing check in scrollback handling - ELS-138: CVE-2021-3347: futex: Handle faults correctly for PI futexes - ELS-138: CVE-2021-3347: futex: Provide and use pi_state_update_owner() - ELS-138: KEYS: allow reaching the keys quotas exactly - ELS-138: KEYS: reaching the keys quotas correctly - ELS-138: fix -ENOMEM result with invalid user space pointer in sendto() syscall - ELS-138: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify - ELS-138: CVE-2018-6927: futex: Prevent overflow by strengthen input validation - ELS-138: CVE-2017-6951: KEYS: Change the name of the dead type to ".dead" to prevent user access - ELS-138: CVE-2017-15299: KEYS: don't let add_key() update an uninstantiated key - ELS-138: fix CVE-2016-9604 - ELS-138: KEYS: add missing permission check for request_key() destination - ELS-138: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper - ELS-138: fix CVE-2017-7472 - ELS-138: fix CVE-2017-15274

0 cloudlinux-x86_64-server-6 python-perf-2.6.32-754.35.2.el6.x86_64.rpm e600bd9ca77582782f0a6fa0cdd21be3d66544d4 kernel-debug-2.6.32-754.35.2.el6.x86_64.rpm 09024f8db31fc13d64ebb556e05dd788967fd4d7 perf-2.6.32-754.35.2.el6.x86_64.rpm a48edc640ee3fb6d928c955f56a1a2013d136fff kernel-2.6.32-754.35.2.el6.x86_64.rpm f3446222efa05b25691a47e8bd51f88bf951cf53 kernel-headers-2.6.32-754.35.2.el6.x86_64.rpm 1e146d1814714ccafeb3c2f411ec7404fdd27f1a kernel-debug-devel-2.6.32-754.35.2.el6.x86_64.rpm f37c8e36297f1db7362be2d1aec092b3979db059 kernel-devel-2.6.32-754.35.2.el6.x86_64.rpm da6956ddb2278374a2b119fbd8c7f4e92933923e CLSA-2021:1634922771 TuxCare License Agreement 0 - Do not use "grep -q" in a pipe in check_caveats. - Update Intel CPU microcode to microcode-20210608 release: - Fixes in releasenote.md file. - Update Intel CPU microcode to microcode-20210525 release, addresses CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513 (#1962659, #1962709, #1962729, #1962675): - Addition of 06-55-05/0xb7 (CLX-SP A0) microcode at revision 0x3000010; - Addition of 06-6a-05/0x87 (ICX-SP C0) microcode at revision 0xc0002f0; - Addition of 06-6a-06/0x87 (ICX-SP D0) microcode at revision 0xd0002a0; - Addition of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f; - Addition of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04) at revision 0xb00000f; - Addition of 06-86-04/0x01 (SNR B0) microcode (in intel-ucode/06-86-05) at revision 0xb00000f; - Addition of 06-86-05/0x01 (SNR B1) microcode at revision 0xb00000f; - Addition of 06-8c-02/0xc2 (TGL-R C0) microcode at revision 0x16; - Addition of 06-8d-01/0xc2 (TGL-H R0) microcode at revision 0x2c; - Addition of 06-96-01/0x01 (EHL B1) microcode at revision 0x11; - Addition of 06-9c-00/0x01 (JSL A0/A1) microcode at revision 0x1d; - Addition of 06-a7-01/0x02 (RKL-S B0) microcode at revision 0x40; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xe2 up to 0xea; - Update of 06-4f-01/0xef (BDX-E/EP/EX/ML B0/M0/R0) microcode (in intel-06-4f-01/intel-ucode/06-4f-01) from revision 0xb000038 up to 0xb00003e; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a0a up to 0x2006b06; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xe2 up to 0xea; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in intel-06-8c-01/intel-ucode/06-8c-01) from revision 0x68 up to 0x88; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up to 0xea; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up to 0xea; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xe0 up to 0xea; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xde up to 0xea; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xde up to 0xea; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xde up to 0xea; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xde up to 0xea; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xde up to 0xea; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xde up to 0xea; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xde up to 0xea; - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x44 up to 0x46; - Update of 06-3f-04/0x80 (HSX-EX E0) microcode from revision 0x16 up to 0x19; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000159 up to 0x100015b; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003006 up to 0x4003102; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003006 up to 0x5003102; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x700001e up to 0x7002302; - Update of 06-56-03/0x10 (BDX-DE V2/V3) microcode from revision 0x7000019 up to 0x700001b; - Update of 06-56-04/0x10 (BDX-DE Y0) microcode from revision 0xf000017 up to 0xf000019; - Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision 0xe00000f up to 0xe000012; - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x40 up to 0x44; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x1e up to 0x20; - Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x2e up to 0x34; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x34 up to 0x36; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x18 up to 0x1a; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa0 up to 0xa6; - Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x28 up to 0x2a; - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xe0 up to 0xea; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xe0 up to 0xea; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xe0 up to 0xec; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xe0 up to 0xe8; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode from revision 0xe0 up to 0xea. - Update Intel CPU microcode to microcode-20210216 release (#1905111): - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a08 up to 0x2006a0a; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003003 up to 0x4003006; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003003 up to 0x5003006. - Update Intel CPU microcode to microcode-20201112 release: - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up to 0x34; - Updated releasenote file. Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Do not use "grep -q" in a pipe in check_caveats. - Update Intel CPU microcode to microcode-20210608 release: - Fixes in releasenote.md file. - Update Intel CPU microcode to microcode-20210525 release, addresses CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513 (#1962659, #1962709, #1962729, #1962675): - Addition of 06-55-05/0xb7 (CLX-SP A0) microcode at revision 0x3000010; - Addition of 06-6a-05/0x87 (ICX-SP C0) microcode at revision 0xc0002f0; - Addition of 06-6a-06/0x87 (ICX-SP D0) microcode at revision 0xd0002a0; - Addition of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f; - Addition of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04) at revision 0xb00000f; - Addition of 06-86-04/0x01 (SNR B0) microcode (in intel-ucode/06-86-05) at revision 0xb00000f; - Addition of 06-86-05/0x01 (SNR B1) microcode at revision 0xb00000f; - Addition of 06-8c-02/0xc2 (TGL-R C0) microcode at revision 0x16; - Addition of 06-8d-01/0xc2 (TGL-H R0) microcode at revision 0x2c; - Addition of 06-96-01/0x01 (EHL B1) microcode at revision 0x11; - Addition of 06-9c-00/0x01 (JSL A0/A1) microcode at revision 0x1d; - Addition of 06-a7-01/0x02 (RKL-S B0) microcode at revision 0x40; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xe2 up to 0xea; - Update of 06-4f-01/0xef (BDX-E/EP/EX/ML B0/M0/R0) microcode (in intel-06-4f-01/intel-ucode/06-4f-01) from revision 0xb000038 up to 0xb00003e; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a0a up to 0x2006b06; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xe2 up to 0xea; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in intel-06-8c-01/intel-ucode/06-8c-01) from revision 0x68 up to 0x88; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up to 0xea; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up to 0xea; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xe0 up to 0xea; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xde up to 0xea; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xde up to 0xea; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xde up to 0xea; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xde up to 0xea; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xde up to 0xea; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xde up to 0xea; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xde up to 0xea; - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x44 up to 0x46; - Update of 06-3f-04/0x80 (HSX-EX E0) microcode from revision 0x16 up to 0x19; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000159 up to 0x100015b; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003006 up to 0x4003102; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003006 up to 0x5003102; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x700001e up to 0x7002302; - Update of 06-56-03/0x10 (BDX-DE V2/V3) microcode from revision 0x7000019 up to 0x700001b; - Update of 06-56-04/0x10 (BDX-DE Y0) microcode from revision 0xf000017 up to 0xf000019; - Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision 0xe00000f up to 0xe000012; - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x40 up to 0x44; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x1e up to 0x20; - Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x2e up to 0x34; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x34 up to 0x36; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x18 up to 0x1a; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa0 up to 0xa6; - Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x28 up to 0x2a; - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xe0 up to 0xea; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xe0 up to 0xea; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xe0 up to 0xec; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xe0 up to 0xe8; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode from revision 0xe0 up to 0xea. - Update Intel CPU microcode to microcode-20210216 release (#1905111): - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a08 up to 0x2006a0a; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003003 up to 0x4003006; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003003 up to 0x5003006. - Update Intel CPU microcode to microcode-20201112 release: - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up to 0x34; - Updated releasenote file.

0 cloudlinux-x86_64-server-6 microcode_ctl-1.17-33.34.el6.cloudlinux.els.x86_64.rpm bfd9d7d16766b75f645f48bf281569a6e3f9be6e CLSA-2021:1634922789 TuxCare License Agreement 0 - Fixed CVE-2021-23017 : Off-by-one in ngx_resolver_copy() when - labels are followed by a pointer to a root domain name Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fixed CVE-2021-23017 : Off-by-one in ngx_resolver_copy() when - labels are followed by a pointer to a root domain name

0 cloudlinux-x86_64-server-6 nginx-mod-mail-1.10.3-2.el6.cloudlinux.els.x86_64.rpm ecc1c8707e618249916efb15b60c47e8ef50845f nginx-mod-http-xslt-filter-1.10.3-2.el6.cloudlinux.els.x86_64.rpm 98c1be256b9f082fd0e817731d0a91427c2648dc nginx-mod-http-geoip-1.10.3-2.el6.cloudlinux.els.x86_64.rpm d91b62893bb1ef71a8111f84a4da7ce8061cdf9e nginx-filesystem-1.10.3-2.el6.cloudlinux.els.noarch.rpm 63ef2710bdee895ec7109ea67987680b0169ec62 nginx-mod-stream-1.10.3-2.el6.cloudlinux.els.x86_64.rpm 13ea9c81b55b27a581f8c760f150fe3a392c5aef nginx-mod-http-perl-1.10.3-2.el6.cloudlinux.els.x86_64.rpm 1f2d6f305bd25cf92500752ff16bd1a572d38094 nginx-all-modules-1.10.3-2.el6.cloudlinux.els.noarch.rpm dff4200409f8e1cd8f5dc28c250738e9dfc10f59 nginx-1.10.3-2.el6.cloudlinux.els.x86_64.rpm a2d214006a988ffc8898ba28202247002bc7a2a5 nginx-mod-http-image-filter-1.10.3-2.el6.cloudlinux.els.x86_64.rpm 5f406f1bd322e88f649493317ef2222735808664 CLSA-2021:1634922818 TuxCare License Agreement 0 - Update fix for CVE-2021-23017 accoding nginx.org recomendations Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update fix for CVE-2021-23017 accoding nginx.org recomendations

0 cloudlinux-x86_64-server-6 nginx-mod-stream-1.10.3-3.el6.cloudlinux.els.x86_64.rpm ec24b01d5f715167927075b9e720319937f13c0b nginx-mod-http-image-filter-1.10.3-3.el6.cloudlinux.els.x86_64.rpm 6afd92fe26d4af8065358ede22094888c16f03c9 nginx-mod-http-geoip-1.10.3-3.el6.cloudlinux.els.x86_64.rpm 409656a66e43f6858b4dc0e71690f7c71fb7f471 nginx-all-modules-1.10.3-3.el6.cloudlinux.els.noarch.rpm e1b30fc1f2bf6c18152ccc3e5f25c5b652add9de nginx-mod-http-xslt-filter-1.10.3-3.el6.cloudlinux.els.x86_64.rpm 4c647c5cf878fa38e45f9f9c60137d9dd3eccb86 nginx-1.10.3-3.el6.cloudlinux.els.x86_64.rpm 73ddd61fb1a173acfe116b0ffc3b7057dc172323 nginx-mod-mail-1.10.3-3.el6.cloudlinux.els.x86_64.rpm 216f6a172f301f09a8e5577578973623c16ac9ff nginx-filesystem-1.10.3-3.el6.cloudlinux.els.noarch.rpm 6c9a7c27aa667b67fa5902b6563c827885ec1425 nginx-mod-http-perl-1.10.3-3.el6.cloudlinux.els.x86_64.rpm cd2efea090f7128bfef20ebc258bd5d10ad6fa7d CLSA-2021:1634922835 TuxCare License Agreement 0 - CVE-2020-11868: incorrect handling of packets from unauthenticated synchronization source with spoofed IP address leads to denial of service. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-11868: incorrect handling of packets from unauthenticated synchronization source with spoofed IP address leads to denial of service.

0 cloudlinux-x86_64-server-6 ntp-4.2.6p5-16.el6.cloudlinux.els.x86_64.rpm 4d223e076e2c5ecca1de75c86c991ef0d068e2f2 ntp-doc-4.2.6p5-16.el6.cloudlinux.els.noarch.rpm f79b032f8dbf34c5e649572a958050b08e983326 ntpdate-4.2.6p5-16.el6.cloudlinux.els.x86_64.rpm 5cd11bf3d5ce24edf739e55220a7f814eef8dd8d ntp-perl-4.2.6p5-16.el6.cloudlinux.els.x86_64.rpm 2731eacd544261d62c1d394fcd332952cfe6a57b CLSA-2021:1634922862 TuxCare License Agreement 0 - Fixed integer overflow in CipherUpdate(CVE-2021-23840) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fixed integer overflow in CipherUpdate(CVE-2021-23840)

0 cloudlinux-x86_64-server-6 openssl-devel-1.0.1e-60.0.1.el6.cloudlinux.ol.els.i686.rpm 999ef94fd21ecdb715fe9ea00d6b1b9ffc5cd3eb openssl-1.0.1e-60.0.1.el6.cloudlinux.ol.els.i686.rpm fc7971b4366bd52c46ffa4bacd037fe3f03e3af7 openssl-devel-1.0.1e-60.0.1.el6.cloudlinux.ol.els.x86_64.rpm 5d93b70e0bc217a37f89319703724079b105a67b openssl-1.0.1e-60.0.1.el6.cloudlinux.ol.els.x86_64.rpm 27fe6f7aeb7eb9f3a82b800a9ed666f34d3cd971 openssl-static-1.0.1e-60.0.1.el6.cloudlinux.ol.els.x86_64.rpm 0fe066018b0b8a8c523ebb7e3e4a32a5776b996b openssl-perl-1.0.1e-60.0.1.el6.cloudlinux.ol.els.x86_64.rpm 485638e4a994ecfc650064af91eab11d1503a283 CLSA-2021:1634922881 TuxCare License Agreement 0 - fix CVE-2021-3712 - handling ASN.1 string as NULL terminated leads to read buffer overrun - Port patches from oracle6els branch, original changelog entry: - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used for the RSA pairwise consistency test instead of sha1 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- fix CVE-2021-3712 - handling ASN.1 string as NULL terminated leads to read buffer overrun - Port patches from oracle6els branch, original changelog entry: - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used for the RSA pairwise consistency test instead of sha1

0 cloudlinux-x86_64-server-6 openssl-1.0.1e-62.el6.cloudlinux.els.i686.rpm 0cba5e970f17e6cccdaa7df739a5e41d97d969c9 openssl-perl-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm 15f6bd16fe45db7306a5f099881d0f60641b50fb openssl-static-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm a811b703a2165a7f8d4674f310ea87ed7dfe1815 openssl-devel-1.0.1e-62.el6.cloudlinux.els.i686.rpm 6df568f38a46786e31d13531a9820d8a0e5f9a80 openssl-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm 3b7a33e183f59e8826502b1c73c68b55e49b84ce openssl-devel-1.0.1e-62.el6.cloudlinux.els.x86_64.rpm 850b11f0e2fff292f2c03e6dc8db6b7c97003ddc CLSA-2021:1634922899 TuxCare License Agreement 0 - Always check certificates from local root store first Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Always check certificates from local root store first

0 cloudlinux-x86_64-server-6 openssl-1.0.1e-63.el6.cloudlinux.els.x86_64.rpm a3dc957da8c174f0fe0350fcf38d564bddba5f8f openssl-devel-1.0.1e-63.el6.cloudlinux.els.i686.rpm 7ed476d7e284fabde49430ca632f5862ba8c7f25 openssl-perl-1.0.1e-63.el6.cloudlinux.els.x86_64.rpm e1ca84af19b224f444a4d98c6f29c088e19e0eeb openssl-devel-1.0.1e-63.el6.cloudlinux.els.x86_64.rpm 8195748f33f97dbea05b262686e6da4cca5d5739 openssl-1.0.1e-63.el6.cloudlinux.els.i686.rpm f8b46c3abd158a07e9bc37859f0525c0fae9f9a4 openssl-static-1.0.1e-63.el6.cloudlinux.els.x86_64.rpm 5c4ad1d00b79aeacea6590d8c4a4c90739924a54 CLSA-2021:1634922919 TuxCare License Agreement 0 - CVE-2020-10878: fix integer overflow leading to RCE Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-10878: fix integer overflow leading to RCE

0 cloudlinux-x86_64-server-6 perl-Package-Constants-0.02-145.el6.cloudlinux.els.x86_64.rpm 4ade56780b453611310489f4ce977fc3b512d7d4 perl-Module-Build-0.3500-145.el6.cloudlinux.els.x86_64.rpm 6143e5b7ede0247d9190c20857374b96561efd2d perl-IO-Compress-Bzip2-2.021-145.el6.cloudlinux.els.x86_64.rpm d0920af6e4b2252bbe01c94c53e3314a849b86c9 perl-Parse-CPAN-Meta-1.40-145.el6.cloudlinux.els.x86_64.rpm 1b0a8b83364de5fe3e5ed91fda50508ef0e41489 perl-Compress-Raw-Zlib-2.021-145.el6.cloudlinux.els.x86_64.rpm 3571e3c54fb44fe94d3f942c30a6820c54c67c92 perl-Module-Pluggable-3.90-145.el6.cloudlinux.els.x86_64.rpm ab85f8b5ea8e313c9601e3a449f613ddcbad6893 perl-Time-HiRes-1.9721-145.el6.cloudlinux.els.x86_64.rpm f1f231a4d84f04c8cb66b379509f96e7ce742240 perl-Archive-Tar-1.58-145.el6.cloudlinux.els.x86_64.rpm 4da4b67c97c3a5af60059cdcce030e67c78f05ab perl-devel-5.10.1-145.el6.cloudlinux.els.x86_64.rpm 357b97d55517450509b6b9deed642ba395ff4f9a perl-suidperl-5.10.1-145.el6.cloudlinux.els.x86_64.rpm a5a2f110dd77f1c0dc55381ffd17767997ac35f8 perl-Test-Harness-3.17-145.el6.cloudlinux.els.x86_64.rpm b2728413b43662e8d800a78a0012c9e1eab8a79a perl-Log-Message-0.02-145.el6.cloudlinux.els.x86_64.rpm 18ce8840ba128a2f6125535ca0c13f4ef108541f perl-Digest-SHA-5.47-145.el6.cloudlinux.els.x86_64.rpm a374a88b6476aef91e949276d92b72c15e6731db perl-libs-5.10.1-145.el6.cloudlinux.els.x86_64.rpm a7e36a2ea1c8c23edc2b29549c0172333f545f73 perl-ExtUtils-Embed-1.28-145.el6.cloudlinux.els.x86_64.rpm 00f15957010a10649635d864e2737aca83cc35f9 perl-libs-5.10.1-145.el6.cloudlinux.els.i686.rpm d2a4b32f1ad810a14ec4012e95df9a58ea711ce6 perl-core-5.10.1-145.el6.cloudlinux.els.x86_64.rpm e371a7f24635b8d384ece203eb758c00b9ae87ea perl-version-0.77-145.el6.cloudlinux.els.x86_64.rpm 46817b9d23083d5f7aadced46956858c2ddc97cd perl-CGI-3.51-145.el6.cloudlinux.els.x86_64.rpm 8c40407ebf66f6464c4f05db4067e897ddd1bef3 perl-Log-Message-Simple-0.04-145.el6.cloudlinux.els.x86_64.rpm 527412d0e0cd869d30eeae94d9b6566bf1a7adf6 perl-Object-Accessor-0.34-145.el6.cloudlinux.els.x86_64.rpm 9515365d86c1895adc50aac53f4ca668c0923b67 perl-ExtUtils-ParseXS-2.2003.0-145.el6.cloudlinux.els.x86_64.rpm b0f96ed5723f3c968042ef2797b4ca597414b901 perl-devel-5.10.1-145.el6.cloudlinux.els.i686.rpm 5d960838ffa34172d849f615aa4e5ef2434b3e21 perl-Locale-Maketext-Simple-0.18-145.el6.cloudlinux.els.x86_64.rpm b0d9f02cf68100846e000bf0faf3398a842c2b85 perl-IO-Zlib-1.09-145.el6.cloudlinux.els.x86_64.rpm 17ec1b8d95c1ec98278dceca874ace29e9fc5335 perl-CPAN-1.9402-145.el6.cloudlinux.els.x86_64.rpm c86f99d10a3dc69ad78a0cae78f58067565ad8fc perl-Compress-Raw-Bzip2-2.021-145.el6.cloudlinux.els.x86_64.rpm 6424e327e17caf1542184d106f4bc362948b026e perl-ExtUtils-MakeMaker-6.55-145.el6.cloudlinux.els.x86_64.rpm e1daaef3fc9a0270420d497242fc082ec4db6392 perl-IO-Compress-Zlib-2.021-145.el6.cloudlinux.els.x86_64.rpm 0626064448907ae9b5f8eca66b67d79a762697fc perl-CPANPLUS-0.88-145.el6.cloudlinux.els.x86_64.rpm 35ac08e5ca2a8e326fce7f6014a65081a7bb4c28 perl-File-Fetch-0.26-145.el6.cloudlinux.els.x86_64.rpm 1fc400c64aa15428f6f6f920d0094c03c12bf77c perl-parent-0.221-145.el6.cloudlinux.els.x86_64.rpm 0ed429ab4624986c1ad6d015ec4e9159d2295748 perl-Module-CoreList-2.18-145.el6.cloudlinux.els.x86_64.rpm 125a17411188725322cd643726b5a256217f3608 perl-Pod-Escapes-1.04-145.el6.cloudlinux.els.x86_64.rpm 3c645fdf781dd991f152a099dd2cdb562ab933ed perl-ExtUtils-CBuilder-0.27-145.el6.cloudlinux.els.x86_64.rpm 22e50ac3fd6fbe90ddac8ce231b81b64dacdbe85 perl-Test-Simple-0.92-145.el6.cloudlinux.els.x86_64.rpm 9bdeec0a69be5db558621db5bc50a0d89c5c49ff perl-Compress-Zlib-2.021-145.el6.cloudlinux.els.x86_64.rpm 610a30a3f5c9f3b32dc4714d9f353f7aad9726fc perl-Time-Piece-1.15-145.el6.cloudlinux.els.x86_64.rpm af7d008497c5c6215ffa4926ea588e6ea37e975a perl-Module-Load-0.16-145.el6.cloudlinux.els.x86_64.rpm 709f885c0affcaf4294e1339c7429ddbcdfb6329 perl-Params-Check-0.26-145.el6.cloudlinux.els.x86_64.rpm 6da0fb396ace5eb9cdcb64cf5e90014aefce8a9a perl-Module-Load-Conditional-0.30-145.el6.cloudlinux.els.x86_64.rpm da95721bfa108f3bdfed21b161b9855b3fea0abb perl-Pod-Simple-3.13-145.el6.cloudlinux.els.x86_64.rpm 4d66c07f18d67f71fb8f65c3f16e03a84469a599 perl-Archive-Extract-0.38-145.el6.cloudlinux.els.x86_64.rpm 1f9caa708575c600d5b94226aa974d9e80d6be13 perl-IO-Compress-Base-2.021-145.el6.cloudlinux.els.x86_64.rpm 989331810075ec3b1ede2653db16265c0907410a perl-5.10.1-145.el6.cloudlinux.els.x86_64.rpm ae552a9fcc945eab5bb8eefd77f4f641c69e461f perl-Term-UI-0.20-145.el6.cloudlinux.els.x86_64.rpm 1e62be0c4648f89751dd0faea6248a7fe7c3b924 perl-Module-Loaded-0.02-145.el6.cloudlinux.els.x86_64.rpm 5c5dd6e06b9777bc4d823b23cdaf7b3419db6ae7 perl-IPC-Cmd-0.56-145.el6.cloudlinux.els.x86_64.rpm 9c5524867c0ee4569849d52c9325229d21b221c4 CLSA-2021:1634922942 TuxCare License Agreement 0 - CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun

0 cloudlinux-x86_64-server-6 perl-Pod-Simple-3.13-146.el6.cloudlinux.els.x86_64.rpm e43f285c016bef8550d7bb9e7ba5d66770e0a9d3 perl-5.10.1-146.el6.cloudlinux.els.x86_64.rpm c0ab8636c74c8273da382790e88a0e257c5e56d1 perl-IO-Compress-Zlib-2.021-146.el6.cloudlinux.els.x86_64.rpm 55033f9bc2308bf90ab7bf3d6008c50eefc479d0 perl-Test-Simple-0.92-146.el6.cloudlinux.els.x86_64.rpm 0ed39d395d0016e82108f6b7ebda1a945a965cf3 perl-Archive-Tar-1.58-146.el6.cloudlinux.els.x86_64.rpm c5d787ddfe1769f188dcca699920529c2230fb8b perl-version-0.77-146.el6.cloudlinux.els.x86_64.rpm bd567d6b3eb6271a5c472edd714df8a63208887e perl-Params-Check-0.26-146.el6.cloudlinux.els.x86_64.rpm 415981799b178d9238a3d8659d90dba161a5afdc perl-libs-5.10.1-146.el6.cloudlinux.els.i686.rpm 8f77f7e4d866da51f63f86cfd980541b96b98481 perl-Test-Harness-3.17-146.el6.cloudlinux.els.x86_64.rpm c0744c8c275ec6e0f9e67b8893c834da86dbc31f perl-Compress-Zlib-2.021-146.el6.cloudlinux.els.x86_64.rpm 109f0b3381c816bd0e41b66086b17cd7c4b160a6 perl-IPC-Cmd-0.56-146.el6.cloudlinux.els.x86_64.rpm e1956909ba831ad1a2ea47adbdd1389ef3301d50 perl-Package-Constants-0.02-146.el6.cloudlinux.els.x86_64.rpm e5019d1f1de70dcb98d13976167420f23b35d8e8 perl-IO-Compress-Bzip2-2.021-146.el6.cloudlinux.els.x86_64.rpm eca7ed16aedb5e3ac85af26b8ab7820d7fa8439e perl-Digest-SHA-5.47-146.el6.cloudlinux.els.x86_64.rpm d49bbf62ab30eab6dfdbe349ca5c2bbd0a9e071e perl-ExtUtils-CBuilder-0.27-146.el6.cloudlinux.els.x86_64.rpm c0ef1a1cb292ae1252c8b3e4f7e9a7b6dc4fb23c perl-IO-Zlib-1.09-146.el6.cloudlinux.els.x86_64.rpm b02b55913616bea10e3ede283bf9251d781955f0 perl-Compress-Raw-Bzip2-2.021-146.el6.cloudlinux.els.x86_64.rpm 69ea075fdee7f8161bb57ea68458b3705e726cce perl-Object-Accessor-0.34-146.el6.cloudlinux.els.x86_64.rpm d41b78cc50518889ceab9bdcad831fe5b9d2a104 perl-Module-Pluggable-3.90-146.el6.cloudlinux.els.x86_64.rpm 69ae3d242b828f79c6321dc3f12f9c90ad745b15 perl-libs-5.10.1-146.el6.cloudlinux.els.x86_64.rpm c8d20ab0d52f71d34eadeb3fdb344ba85f19b830 perl-Term-UI-0.20-146.el6.cloudlinux.els.x86_64.rpm 0b00086286985d84d164e4499a24d95d3d3095d4 perl-Module-CoreList-2.18-146.el6.cloudlinux.els.x86_64.rpm ff34851806fa79a8f285c8ade10b0e7cebd857c1 perl-devel-5.10.1-146.el6.cloudlinux.els.x86_64.rpm 71e1f75298c1d99d159b0e7b57e621d666327205 perl-Compress-Raw-Zlib-2.021-146.el6.cloudlinux.els.x86_64.rpm 3fce7b92e3d0edfa5f1bbc334edd2c9d00dda0db perl-Time-HiRes-1.9721-146.el6.cloudlinux.els.x86_64.rpm 8a75d044a7fcd0bd11a363f0dc1190895b7119f4 perl-Log-Message-0.02-146.el6.cloudlinux.els.x86_64.rpm 15785ad454e9b7c4f3dfc862aebfec57d0f9dc0c perl-Parse-CPAN-Meta-1.40-146.el6.cloudlinux.els.x86_64.rpm b674a9623d635ef488fcfb5ae25c850ab785a239 perl-Module-Load-0.16-146.el6.cloudlinux.els.x86_64.rpm 7d260c3cd5dde91fdfde6dd89e70abfdcb5a5d53 perl-Time-Piece-1.15-146.el6.cloudlinux.els.x86_64.rpm d33db1610243bd073903485c4f5c5ae892d13ae7 perl-CGI-3.51-146.el6.cloudlinux.els.x86_64.rpm 29a67d55ebe1bd184256ab1f5f18bc612aef50a1 perl-Pod-Escapes-1.04-146.el6.cloudlinux.els.x86_64.rpm 146991c3118cb3a0b5081bd4cb04358877ac1950 perl-Locale-Maketext-Simple-0.18-146.el6.cloudlinux.els.x86_64.rpm 05836a76f6abea9069ea57b3086b419e21b6a9ec perl-File-Fetch-0.26-146.el6.cloudlinux.els.x86_64.rpm 3948df4737a50de11e3cb61c27fd31a719154c5b perl-suidperl-5.10.1-146.el6.cloudlinux.els.x86_64.rpm 64aa932957f1c858f580050f2424579a1edd7dee perl-core-5.10.1-146.el6.cloudlinux.els.x86_64.rpm 5c72d68f032878bb4cd34c351feb282990091197 perl-ExtUtils-Embed-1.28-146.el6.cloudlinux.els.x86_64.rpm 7f3f3b68c741118b408aaf9ffcb719106c6a307e perl-CPANPLUS-0.88-146.el6.cloudlinux.els.x86_64.rpm e21c841cd56e1cdf74bc80bc3d2980fe239d4dd3 perl-Archive-Extract-0.38-146.el6.cloudlinux.els.x86_64.rpm 73c18e67a7f349049c0e5545fe77c4c689bf0ded perl-ExtUtils-ParseXS-2.2003.0-146.el6.cloudlinux.els.x86_64.rpm ee359cab0834ae681a3fd85b5f4a81a4802e2067 perl-IO-Compress-Base-2.021-146.el6.cloudlinux.els.x86_64.rpm 820f1d7898659f01ff950099d3c4e8554b413c45 perl-ExtUtils-MakeMaker-6.55-146.el6.cloudlinux.els.x86_64.rpm c88461388a460679b71393db9264b2ce37958bd2 perl-Module-Loaded-0.02-146.el6.cloudlinux.els.x86_64.rpm 46dafd37d01fc9a308ee94feb1bdcb93f7b2a21b perl-Module-Build-0.3500-146.el6.cloudlinux.els.x86_64.rpm 31d6b1f3d99a1b3c1d00c3de2a629be3776e7b8c perl-Log-Message-Simple-0.04-146.el6.cloudlinux.els.x86_64.rpm 2fc5c4dd454c34c4bfef8b186d5c92bf14928f82 perl-parent-0.221-146.el6.cloudlinux.els.x86_64.rpm b65c993a1f1edff67e27048260945d95f5c26cd1 perl-Module-Load-Conditional-0.30-146.el6.cloudlinux.els.x86_64.rpm 43b9edcd3ac970ccdc50e8b20bf8015d7bd7c905 perl-devel-5.10.1-146.el6.cloudlinux.els.i686.rpm 8758881765e9af7e1c9f99b8290406cb79685bef perl-CPAN-1.9402-146.el6.cloudlinux.els.x86_64.rpm b4895ac181751172a290665da78f9dab3ce1188b CLSA-2021:1634925483 TuxCare License Agreement 0 - Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client - CVE-2020-26116: http.client allows CRLF injection if the attacker controls the HTTP request method - CVE-2020-27619: Unsafe use of eval() on data retrieved via HTTP in the test suite Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client - CVE-2020-26116: http.client allows CRLF injection if the attacker controls the HTTP request method - CVE-2020-27619: Unsafe use of eval() on data retrieved via HTTP in the test suite

0 cloudlinux-x86_64-server-6 python-devel-2.6.6-70.el6.cloudlinux.els.x86_64.rpm 9e4f1a6166f885c8d7ed12dbac2a0a244b933ddb python-tools-2.6.6-70.el6.cloudlinux.els.x86_64.rpm 737a067b7c093df6f113268c6742195eeb5d14f4 tkinter-2.6.6-70.el6.cloudlinux.els.x86_64.rpm f599dd1c74549e263a1470d505426389bbea3dc0 python-2.6.6-70.el6.cloudlinux.els.x86_64.rpm 366e2f63916b5e8337042d057d151b59a8cd1ff7 python-libs-2.6.6-70.el6.cloudlinux.els.i686.rpm ccb272da75672e3bb92cc332f213747b2b1919e8 python-libs-2.6.6-70.el6.cloudlinux.els.x86_64.rpm a030527403cacbf91408ef4528ac112552648d36 python-2.6.6-70.el6.cloudlinux.els.i686.rpm ce1c60046c278755e733a7f094563dd1bef4c934 python-devel-2.6.6-70.el6.cloudlinux.els.i686.rpm ad5bc6ef9a5530367dee480025eacb5469b08f07 python-test-2.6.6-70.el6.cloudlinux.els.x86_64.rpm c131944e1bb51dd54ea3d5a08d2132361be5eb7f CLSA-2021:1634925515 TuxCare License Agreement 0 - fix CVE-2021-26937 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- fix CVE-2021-26937

0 cloudlinux-x86_64-server-6 screen-4.0.3-20.el6.cloudlinux.els6.x86_64.rpm dcf1cd43e01a8b107aad3671fef183403a36eaf7 CLSA-2021:1634925537 TuxCare License Agreement 0 - CVE-2021-28651: fix memory leak leading to denial of service Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-28651: fix memory leak leading to denial of service

0 cloudlinux-x86_64-server-6 squid-3.1.23-25.el6.cloudlinux.els.x86_64.rpm b0abbf20593ede85899dce2a2aaec60a8d28973e CLSA-2021:1634925554 TuxCare License Agreement 0 - CVE-2020-8449: fix improper HTTP request validation allowing access to resources which are prohibited by security filters - CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow - CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer and leading to denial of service Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-8449: fix improper HTTP request validation allowing access to resources which are prohibited by security filters - CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow - CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer and leading to denial of service

0 cloudlinux-x86_64-server-6 squid-3.1.23-29.el6.cloudlinux.els.x86_64.rpm 2df9229200a23a5d2c367a75936cd1679f9946f3 CLSA-2021:1634925600 TuxCare License Agreement 0 - CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack

0 cloudlinux-x86_64-server-6 squid-3.1.23-30.el6.cloudlinux.els.x86_64.rpm 9477c3042f87383ce0051ba47184caf9aacbd609 CLSA-2021:1634925634 TuxCare License Agreement 0 - CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack - CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-25097: fix improper input validation allowing HTTP smuggling from trusted client - CVE-2020-11945: fix nonce reference counter overflow allowing replay attack - CVE-2020-24606: fix handle of EOF in peerDigestHandleReply() leading to Denial of service - CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer and leading to denial of service - CVE-2020-8449: fix improper HTTP request validation allowing access to resources which are prohibited by security filters - CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow - CVE-2021-28651: fix memory leak leading to denial of service Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack - CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-25097: fix improper input validation allowing HTTP smuggling from trusted client - CVE-2020-11945: fix nonce reference counter overflow allowing replay attack - CVE-2020-24606: fix handle of EOF in peerDigestHandleReply() leading to Denial of service - CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer and leading to denial of service - CVE-2020-8449: fix improper HTTP request validation allowing access to resources which are prohibited by security filters - CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow - CVE-2021-28651: fix memory leak leading to denial of service

0 cloudlinux-x86_64-server-6 squid34-3.4.14-16.el6.cloudlinux.els.x86_64.rpm a23152fd21c8368efb65f38ad7a08f44a787bdd0 CLSA-2021:1634925665 TuxCare License Agreement 0 - Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fixed Heap-based buffer overflow in Sudo (CVE-2021-3156)

0 cloudlinux-x86_64-server-6 sudo-devel-1.8.6p3-30.el6.cloudlinux.els6.x86_64.rpm 8f3c8e2d4f27f343755a050ffdfbe87783cd937f sudo-devel-1.8.6p3-30.el6.cloudlinux.els6.i686.rpm 62fca93696e81ef87401bbb53478b51d6d57f853 sudo-1.8.6p3-30.el6.cloudlinux.els6.x86_64.rpm 54b689130a0487947c65b60539735c3c4f07de49 CLSA-2021:1634925704 TuxCare License Agreement 0 - sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit - sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit - sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh

0 cloudlinux-x86_64-server-6 sudo-devel-1.8.6p3-32.el6.cloudlinux.els.x86_64.rpm 568e074dce04bdacb9d44807ef77fbaa13b69d5f sudo-1.8.6p3-32.el6.cloudlinux.els.x86_64.rpm 2b422e7ebdae10e8136ea556d11ea1b316bc828d sudo-devel-1.8.6p3-32.el6.cloudlinux.els.i686.rpm f5aeee297eef96708bbcfb9ecaa7f41b26568f47 CLSA-2021:1634925719 TuxCare License Agreement 0 - CVE-2021-3778: crafted input leads to heap-based buffer overflow - CVE-2021-3796: crafted input leads to use-after-free Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3778: crafted input leads to heap-based buffer overflow - CVE-2021-3796: crafted input leads to use-after-free

0 cloudlinux-x86_64-server-6 vim-filesystem-7.4.629-6.el6.cloudlinux.els.x86_64.rpm 94a34f4ddf73ce8ce3bd23eb344104b9dadfd7e9 vim-enhanced-7.4.629-6.el6.cloudlinux.els.x86_64.rpm 3852130d02dc208ed4e60ee54b53b58144a6ed7f vim-minimal-7.4.629-6.el6.cloudlinux.els.x86_64.rpm 8164c4324d12bad0aa34c018ff377dc8ec66f456 vim-common-7.4.629-6.el6.cloudlinux.els.x86_64.rpm 98665d725ac7a2c4e7420f60fe308872abcc290e vim-X11-7.4.629-6.el6.cloudlinux.els.x86_64.rpm 4c91eed00e0655a4ce4d607fe7a7c0aad56aff0e CLSA-2021:1635427159 TuxCare License Agreement 0 - CVE-2017-20005: fix buffer overflow for years that exceed four digits Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2017-20005: fix buffer overflow for years that exceed four digits

0 cloudlinux-x86_64-server-6 nginx-mod-http-image-filter-1.10.3-4.el6.cloudlinux.els.x86_64.rpm 0dfc9644d6db09cd9ad940741adaea5cc6289274 nginx-mod-mail-1.10.3-4.el6.cloudlinux.els.x86_64.rpm 77cf7aae8d69784d207d03cdc8049e674301e9e8 nginx-mod-http-xslt-filter-1.10.3-4.el6.cloudlinux.els.x86_64.rpm 1e7eee329c2c03bacc2b53b89a91bc9438e68a86 nginx-mod-stream-1.10.3-4.el6.cloudlinux.els.x86_64.rpm a76f4843f3ccfcf37e612d4b5ac3ac56e4599368 nginx-mod-http-perl-1.10.3-4.el6.cloudlinux.els.x86_64.rpm 540aa72ce4fdf87b821b0f36d2038067ba95b8b7 nginx-1.10.3-4.el6.cloudlinux.els.x86_64.rpm ecb203ab96ae4b3441717e483a9ffd38e859fefc nginx-all-modules-1.10.3-4.el6.cloudlinux.els.noarch.rpm 16cedb62c6614042068ef9108b02d54f9ec826df nginx-filesystem-1.10.3-4.el6.cloudlinux.els.noarch.rpm 5da4209683faf9c7a76ec4b98b0e087d0c7edc58 nginx-mod-http-geoip-1.10.3-4.el6.cloudlinux.els.x86_64.rpm b46256e75cc876f442d8a4f379e1e88b8fc4810b CLSA-2021:1635957830 TuxCare License Agreement 0 - CVE-2021-25219: Fix resolver performance degradation via lame cache abuse Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-25219: Fix resolver performance degradation via lame cache abuse

0 cloudlinux-x86_64-server-6 bind-chroot-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm 7535c57be56a5c2fb60de120ff9bf0a37c198d6a bind-devel-9.8.2-0.68.rc1.el6.11.cloudlinux.els.i686.rpm f033f1ae0e7528f3e06644e744ab48352979daef bind-devel-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm 5873d347faf47d986a473ef550f74bab3f23f1fc bind-sdb-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm 75387a98e74a20b6596aad54cc146efa5a33a18c bind-libs-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm 7cec3a71e7c8b173df383de5bc6ac52719d9f19c bind-utils-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm da397fd33aa469d98925bdb27e581178a4069ace bind-libs-9.8.2-0.68.rc1.el6.11.cloudlinux.els.i686.rpm b77811efbb5ebed807b11f108c7a6f9a77daee1c bind-9.8.2-0.68.rc1.el6.11.cloudlinux.els.x86_64.rpm 18f07c751264254d19ef894fe3b61223e07cac50 CLSA-2021:1636389447 TuxCare License Agreement 0 - CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code

0 cloudlinux-x86_64-server-6 glibc-2.12-2.215.el6.cloudlinux.els.x86_64.rpm e963f999dd4103bd9cbbc256ba7f1af9732a8172 nscd-2.12-2.215.el6.cloudlinux.els.x86_64.rpm 6b13af119bd392109c0eeb0cb34372fb6494cb10 glibc-devel-2.12-2.215.el6.cloudlinux.els.i686.rpm 80acd3fc1cddcbf948450588dcb0feddf1896b98 glibc-devel-2.12-2.215.el6.cloudlinux.els.x86_64.rpm 395c913dd5eb1550308b3473f8d53233cc0bdc36 glibc-static-2.12-2.215.el6.cloudlinux.els.i686.rpm 0c122bb4645d5a4d0ee6ad28f6f97d189729f967 glibc-static-2.12-2.215.el6.cloudlinux.els.x86_64.rpm ac48c4f8fdd77954b880aaa27f88f40a592c2f74 glibc-utils-2.12-2.215.el6.cloudlinux.els.x86_64.rpm 44de0fc893d63628888b3d3e184fa9a5542a9b00 glibc-2.12-2.215.el6.cloudlinux.els.i686.rpm fefeb00a06402872fee042e03651930653edbb61 glibc-common-2.12-2.215.el6.cloudlinux.els.x86_64.rpm 793e1fc9fb30c730c39d9ee96ff5ab18df28e25f glibc-headers-2.12-2.215.el6.cloudlinux.els.x86_64.rpm b2003d5de6c24f363ef7962976b3fafa045d6634 CLSA-2021:1636568737 TuxCare License Agreement 0 - CVE-2021-3872: fix illegal memory access if buffer name is very long - CVE-2021-3875: fix ml_get error after search with range - CVE-2021-3903: fix invalid memory access when scrolling without a valid screen Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3872: fix illegal memory access if buffer name is very long - CVE-2021-3875: fix ml_get error after search with range - CVE-2021-3903: fix invalid memory access when scrolling without a valid screen

0 cloudlinux-x86_64-server-6 vim-minimal-7.4.629-7.el6.cloudlinux.els.x86_64.rpm 3fe4e406359629a2673a1ac3807be1c4f188ad8b vim-enhanced-7.4.629-7.el6.cloudlinux.els.x86_64.rpm cec2af038bfd5d046ee0973b573cf57957737fbf vim-filesystem-7.4.629-7.el6.cloudlinux.els.x86_64.rpm 2c668c61f1bac90a9680b559e6296812f4806aa3 vim-X11-7.4.629-7.el6.cloudlinux.els.x86_64.rpm abc980eae3a2f4fa0438dcee60524cc47e13b3b1 vim-common-7.4.629-7.el6.cloudlinux.els.x86_64.rpm adbafcb7beebad2fd3b60adbf7df4e5de71846f8 CLSA-2021:1637770001 TuxCare License Agreement 0 - CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm 60ecf4eddc46f198bc5a4f750018ba2f2efed0c1 vim-minimal-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm b2ba3c35159de705763bd9f37794d4512b01fe0c vim-filesystem-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm 3113999a41280ec86284b611eb4017bf141196c1 vim-common-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm a09a47fa0754bd40576ecd0a3eba96098a21e59a vim-X11-7.4.629-5.2.el6.tuxcare.els3.x86_64.rpm d8d8cb2797899f160bf79831698a1dc6e6c9ff69 CLSA-2021:1637770462 TuxCare License Agreement 0 - CVE-2021-27212: fix DoS via malicious packet Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-27212: fix DoS via malicious packet

0 cloudlinux-x86_64-server-6 openldap-servers-sql-2.4.40-16.el6.tuxcare.els1.x86_64.rpm 2d2fc87294100a98203ef1588054cd265246aee1 openldap-clients-2.4.40-16.el6.tuxcare.els1.x86_64.rpm 122293860154e68629588f0625aa6f61ae910d65 openldap-2.4.40-16.el6.tuxcare.els1.x86_64.rpm 33c23c25acdea7a2c96699e46ea4c8ae13757be1 openldap-devel-2.4.40-16.el6.tuxcare.els1.x86_64.rpm ce66aee329e8e006649fd0ac9a0f58c85b949f31 openldap-2.4.40-16.el6.tuxcare.els1.i686.rpm c67818ff75cc38467e357d543c981e1e015c8e9e openldap-servers-2.4.40-16.el6.tuxcare.els1.x86_64.rpm 4b485292ae52209073e5d7692f2618238edb3205 openldap-devel-2.4.40-16.el6.tuxcare.els1.i686.rpm e188fd43205c5af66fa629a0505c2733638d43de CLSA-2021:1637770725 TuxCare License Agreement 0 - CVE-2017-7223: Fix global buffer overflow (of size 1) - CVE-2017-7224: Fix invalid write (of size 1) while disassembling - CVE-2017-7225: Fix NULL pointer dereference and an invalid write - CVE-2017-7226: Fix heap-based buffer over-read of size 4049 - CVE-2017-7227: Fix heap-based buffer overflow - CVE-2017-7299: Fix invalid read (of size 8) in ELF reloc section - CVE-2017-7300: Fix heap-based buffer over-read (off-by-one) - CVE-2017-7301: Fix off-by-one vulnerability - CVE-2017-7302: Fix invalid read (of size 4) - CVE-2017-7614: Fix undefined behavior issue - CVE-2017-8393: Fix global buffer over-read error - CVE-2017-8394: Fix invalid read of size 4 due to NULL pointer dereferencing - CVE-2017-8398: Fix invalid read of size 1 during dumping of debug information - CVE-2017-8421: Fix memory leak vulnerability - CVE-2017-9742: Fix buffer overflow - CVE-2017-9744: Fix buffer overflow - CVE-2017-9747: Fix buffer overflow - CVE-2017-9748: Fix buffer overflow - CVE-2017-9749: Fix buffer overflow - CVE-2017-9753: Fix buffer overflow - CVE-2017-9754: Fix buffer overflow - CVE-2017-12448: Fix use after free - CVE-2017-12449: Fix out of bounds heap read - CVE-2017-12455: Fix out of bounds heap read - CVE-2017-12457: Fix NULL dereference - CVE-2017-12458: Fix out of bounds heap read - CVE-2017-12459: Fix out of bounds heap write - CVE-2017-12450: Fix out of bounds heap write - CVE-2017-12452: Fix out of bounds heap read - CVE-2017-12453: Fix out of bounds heap read - CVE-2017-12454: Fix arbitrary memory read - CVE-2017-12456: Fix out of bounds heap read - CVE-2017-14333: Fix integer overflow, and hang because of a time-consuming loop - CVE-2017-12451: Fix out of bounds stack read - CVE-2017-12799: Fix buffer overflow - CVE-2017-13710: Fix NULL pointer dereference - CVE-2017-14130: Fix _bfd_elf_attr_strdup heap-based buffer over-read - CVE-2017-14932: Fix infinite loop - CVE-2017-14938: Fix excessive memory allocation - CVE-2017-14940: Fix NULL pointer dereference - CVE-2017-15020: Fix parse_die heap-based buffer over-read - CVE-2017-15022: Fix bfd_hash_hash NULL pointer dereference - CVE-2017-15225: Fix divide-by-zero error - CVE-2017-15938: Fix find_abstract_instance_name invalid memory read, segmentation fault - CVE-2017-15939: Fix NULL pointer dereference - CVE-2017-15996: Fix buffer overflow on fuzzed archive header - CVE-2017-16826: Fix invalid memory access - CVE-2017-16827: Fix slurp_symtab invalid free - CVE-2017-16828: Fix integer overflow and heap-based buffer over-read - CVE-2017-16831: Fix integer overflow or excessive memory allocation - CVE-2017-17080: Fix bfd_getl32 heap-based buffer over-read - CVE-2017-8396: Fix invalid read of size 1 - CVE-2017-17121: Fix memory access violation - CVE-2017-17123: Fix NULL pointer dereference - CVE-2017-17124: Fix excessive memory consumption or heap-based buffer overflow - CVE-2017-17125: Fix buffer over-read Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2017-7223: Fix global buffer overflow (of size 1) - CVE-2017-7224: Fix invalid write (of size 1) while disassembling - CVE-2017-7225: Fix NULL pointer dereference and an invalid write - CVE-2017-7226: Fix heap-based buffer over-read of size 4049 - CVE-2017-7227: Fix heap-based buffer overflow - CVE-2017-7299: Fix invalid read (of size 8) in ELF reloc section - CVE-2017-7300: Fix heap-based buffer over-read (off-by-one) - CVE-2017-7301: Fix off-by-one vulnerability - CVE-2017-7302: Fix invalid read (of size 4) - CVE-2017-7614: Fix undefined behavior issue - CVE-2017-8393: Fix global buffer over-read error - CVE-2017-8394: Fix invalid read of size 4 due to NULL pointer dereferencing - CVE-2017-8398: Fix invalid read of size 1 during dumping of debug information - CVE-2017-8421: Fix memory leak vulnerability - CVE-2017-9742: Fix buffer overflow - CVE-2017-9744: Fix buffer overflow - CVE-2017-9747: Fix buffer overflow - CVE-2017-9748: Fix buffer overflow - CVE-2017-9749: Fix buffer overflow - CVE-2017-9753: Fix buffer overflow - CVE-2017-9754: Fix buffer overflow - CVE-2017-12448: Fix use after free - CVE-2017-12449: Fix out of bounds heap read - CVE-2017-12455: Fix out of bounds heap read - CVE-2017-12457: Fix NULL dereference - CVE-2017-12458: Fix out of bounds heap read - CVE-2017-12459: Fix out of bounds heap write - CVE-2017-12450: Fix out of bounds heap write - CVE-2017-12452: Fix out of bounds heap read - CVE-2017-12453: Fix out of bounds heap read - CVE-2017-12454: Fix arbitrary memory read - CVE-2017-12456: Fix out of bounds heap read - CVE-2017-14333: Fix integer overflow, and hang because of a time-consuming loop - CVE-2017-12451: Fix out of bounds stack read - CVE-2017-12799: Fix buffer overflow - CVE-2017-13710: Fix NULL pointer dereference - CVE-2017-14130: Fix _bfd_elf_attr_strdup heap-based buffer over-read - CVE-2017-14932: Fix infinite loop - CVE-2017-14938: Fix excessive memory allocation - CVE-2017-14940: Fix NULL pointer dereference - CVE-2017-15020: Fix parse_die heap-based buffer over-read - CVE-2017-15022: Fix bfd_hash_hash NULL pointer dereference - CVE-2017-15225: Fix divide-by-zero error - CVE-2017-15938: Fix find_abstract_instance_name invalid memory read, segmentation fault - CVE-2017-15939: Fix NULL pointer dereference - CVE-2017-15996: Fix buffer overflow on fuzzed archive header - CVE-2017-16826: Fix invalid memory access - CVE-2017-16827: Fix slurp_symtab invalid free - CVE-2017-16828: Fix integer overflow and heap-based buffer over-read - CVE-2017-16831: Fix integer overflow or excessive memory allocation - CVE-2017-17080: Fix bfd_getl32 heap-based buffer over-read - CVE-2017-8396: Fix invalid read of size 1 - CVE-2017-17121: Fix memory access violation - CVE-2017-17123: Fix NULL pointer dereference - CVE-2017-17124: Fix excessive memory consumption or heap-based buffer overflow - CVE-2017-17125: Fix buffer over-read

0 cloudlinux-x86_64-server-6 binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els2.i686.rpm a822843d1fa693e7149f4dfcfdf7e3149366171c binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els2.x86_64.rpm afd2d88ba22da4588ce5b18bd20adf8ecd836078 binutils-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els2.x86_64.rpm 04de7ddd4b71a4fd49292a6ec1bf0e1e6c1486de CLSA-2021:1638804170 TuxCare License Agreement 0 - CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) - Update to CKBI 2.50 from NSS 3.67 - Removing: - # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - # Certificate "AddTrust Low-Value Services Root" - # Certificate "AddTrust External Root" - # Certificate "GeoTrust Global CA" - # Certificate "GeoTrust Universal CA" - # Certificate "GeoTrust Universal CA 2" - # Certificate "QuoVadis Root CA" - # Certificate "Sonera Class 2 Root CA" - # Certificate "UTN USERFirst Email Root CA" - # Certificate "Taiwan GRCA" - # Certificate "Certplus Class 2 Primary CA" - # Certificate "GeoTrust Primary Certification Authority" - # Certificate "thawte Primary Root CA" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" - # Certificate "Deutsche Telekom Root CA 2" - # Certificate "GeoTrust Primary Certification Authority - G3" - # Certificate "thawte Primary Root CA - G2" - # Certificate "thawte Primary Root CA - G3" - # Certificate "GeoTrust Primary Certification Authority - G2" - # Certificate "VeriSign Universal Root Certification Authority" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" - # Certificate "Staat der Nederlanden Root CA - G2" - # Certificate "Trustis FPS Root CA" - # Certificate "EE Certification Centre Root CA" - # Certificate "Swisscom Root CA 2" - # Certificate "Certinomis - Root CA" - # Certificate "LuxTrust Global Root 2" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" - Adding: - # Certificate "Entrust Root Certification Authority - G4" - # Certificate "Microsoft ECC Root Certificate Authority 2017" - # Certificate "Microsoft RSA Root Certificate Authority 2017" - # Certificate "e-Szigno Root CA 2017" - # Certificate "certSIGN Root CA G2" - # Certificate "Trustwave Global Certification Authority" - # Certificate "Trustwave Global ECC P256 Certification Authority" - # Certificate "Trustwave Global ECC P384 Certification Authority" - # Certificate "NAVER Global Root Certification Authority" - # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" - # Certificate "GlobalSign Secure Mail Root R45" - # Certificate "GlobalSign Secure Mail Root E45" - # Certificate "GlobalSign Root R46" - # Certificate "GlobalSign Root E46" - # Certificate "GLOBALTRUST 2020" - # Certificate "ANF Secure Server Root CA" - # Certificate "Certum EC-384 CA" - # Certificate "Certum Trusted Root CA" - revert last change. Patch was for nss-softokn - Fix out-of-bounds write in NSC_EncryptUpdate (#1775909) Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) - Update to CKBI 2.50 from NSS 3.67 - Removing: - # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - # Certificate "AddTrust Low-Value Services Root" - # Certificate "AddTrust External Root" - # Certificate "GeoTrust Global CA" - # Certificate "GeoTrust Universal CA" - # Certificate "GeoTrust Universal CA 2" - # Certificate "QuoVadis Root CA" - # Certificate "Sonera Class 2 Root CA" - # Certificate "UTN USERFirst Email Root CA" - # Certificate "Taiwan GRCA" - # Certificate "Certplus Class 2 Primary CA" - # Certificate "GeoTrust Primary Certification Authority" - # Certificate "thawte Primary Root CA" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" - # Certificate "Deutsche Telekom Root CA 2" - # Certificate "GeoTrust Primary Certification Authority - G3" - # Certificate "thawte Primary Root CA - G2" - # Certificate "thawte Primary Root CA - G3" - # Certificate "GeoTrust Primary Certification Authority - G2" - # Certificate "VeriSign Universal Root Certification Authority" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" - # Certificate "Staat der Nederlanden Root CA - G2" - # Certificate "Trustis FPS Root CA" - # Certificate "EE Certification Centre Root CA" - # Certificate "Swisscom Root CA 2" - # Certificate "Certinomis - Root CA" - # Certificate "LuxTrust Global Root 2" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" - Adding: - # Certificate "Entrust Root Certification Authority - G4" - # Certificate "Microsoft ECC Root Certificate Authority 2017" - # Certificate "Microsoft RSA Root Certificate Authority 2017" - # Certificate "e-Szigno Root CA 2017" - # Certificate "certSIGN Root CA G2" - # Certificate "Trustwave Global Certification Authority" - # Certificate "Trustwave Global ECC P256 Certification Authority" - # Certificate "Trustwave Global ECC P384 Certification Authority" - # Certificate "NAVER Global Root Certification Authority" - # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" - # Certificate "GlobalSign Secure Mail Root R45" - # Certificate "GlobalSign Secure Mail Root E45" - # Certificate "GlobalSign Root R46" - # Certificate "GlobalSign Root E46" - # Certificate "GLOBALTRUST 2020" - # Certificate "ANF Secure Server Root CA" - # Certificate "Certum EC-384 CA" - # Certificate "Certum Trusted Root CA" - revert last change. Patch was for nss-softokn - Fix out-of-bounds write in NSC_EncryptUpdate (#1775909)

0 cloudlinux-x86_64-server-6 nss-devel-3.44.0-12.el6.tuxcare.els1.x86_64.rpm 845f422b1bfe4691e5e3d088b59513d3848b0715 nss-3.44.0-12.el6.tuxcare.els1.x86_64.rpm 1a6ba4bb96830e696301c987f5a6f69ff43812e4 nss-3.44.0-12.el6.tuxcare.els1.i686.rpm 3964369baa0d10a4f62ecf136734b24e933ad805 nss-sysinit-3.44.0-12.el6.tuxcare.els1.x86_64.rpm 4eaf3c2963b894549470e8f936891205b4310e74 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els1.x86_64.rpm f4b63df099704f8beafdee88a63f1bdec1656789 nss-devel-3.44.0-12.el6.tuxcare.els1.i686.rpm 207e2f80c1cb5bbbcd84277a44d165b7b8bd7557 nss-tools-3.44.0-12.el6.tuxcare.els1.x86_64.rpm 463b86312939b8e149550ace7d979c0810078961 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els1.i686.rpm f85731a10e60bb6b7b17bef2f3c7662f84150c72 CLSA-2021:1639578578 TuxCare License Agreement 0 - CVE-2021-3974: fix using freed memory with regexp using a mark - CVE-2021-3984: fix illegal memory access when C-indenting - CVE-2021-3973: fix crash when using CTRL-W f without finding a file name - CVE-2021-4019: fix buffer overflow with long help argument - CVE-2021-4069: fix using freed memory in open command Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3974: fix using freed memory with regexp using a mark - CVE-2021-3984: fix illegal memory access when C-indenting - CVE-2021-3973: fix crash when using CTRL-W f without finding a file name - CVE-2021-4019: fix buffer overflow with long help argument - CVE-2021-4069: fix using freed memory in open command

0 cloudlinux-x86_64-server-6 vim-filesystem-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm ec51811dfec5181a3fd9fb9b04a360f4ed28048c vim-common-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm 6c40e027c8d36a79c6144b8d2bb316e519378d8d vim-X11-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm dc1706d0c8a50885d02d46f03be3cc2b42024acb vim-enhanced-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm b867bf159cc7e14686ac8d9c99ebd98596740cc4 vim-minimal-7.4.629-5.2.el6.tuxcare.els4.x86_64.rpm 5ab09e3c595a7e0644ca96956166d0cc6514002a CLSA-2021:1639670584 TuxCare License Agreement 0 - CVE-2018-6323: Fix unsigned integer overflow - CVE-2018-19931: Fix heap-based buffer overflow in bfd_elf32_swap_phdr_in - CVE-2018-6543: Fix integer overflow - CVE-2018-20671: Fix integer overflow vulnerability - CVE-2018-6759: Fix segmentation fault - CVE-2018-7208: Fix segmentation fault - CVE-2018-7568: Fix integer overflow - CVE-2018-7569: Fix integer underflow or overflow - CVE-2018-7642: Fix aout_32_swap_std_reloc_out NULL pointer dereference - CVE-2018-7643: Fix integer overflow - CVE-2018-8945: Fix segmentation fault - CVE-2018-13033: Fix excessive memory allocation - CVE-2018-10373: Fix NULL pointer dereference - CVE-2018-10535: Fix NULL pointer dereference - CVE-2018-18309: Fix invalid memory address dereference - CVE-2018-18605: Fix mishandles section merges - CVE-2018-18606: Fix NULL pointer dereference - CVE-2018-18607: Fix NULL pointer dereference in elf_link_input_bfd - CVE-2018-19932: Fix integer overflow and infinite loop - CVE-2018-20002: Fix memory consumption - CVE-2018-20623: Fix use-after-free in the error function - CVE-2018-1000876: Fix integer overflow trigger heap overflow - CVE-2019-9073: Fix excessive memory allocation - CVE-2019-9075: Fix heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap - CVE-2019-9077: Fix heap-based buffer overflow in process_mips_specific - CVE-2019-12972: Fix heap-based buffer over-read in _bfd_doprnt - CVE-2019-14444: Fix integer overflow - CVE-2019-17450: Fix infinite recursion - CVE-2016-2226: Fix integer overflow in the string_appends function in cplus-dem.c - CVE-2016-4487: Fix use-after-free vulnerability in libiberty - CVE-2016-4488: Fix use-after-free vulnerability in libiberty - CVE-2016-4489: Fix integer overflow in libiberty - CVE-2016-4490: Fix integer overflow in cp-demangle.c in libiberty - CVE-2016-4492: Fix buffer overflow in the do_type function in cplus-dem.c in libiberty - CVE-2016-4493: Fix out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal - CVE-2016-6131: Fix infinite loop, stack overflow Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-6323: Fix unsigned integer overflow - CVE-2018-19931: Fix heap-based buffer overflow in bfd_elf32_swap_phdr_in - CVE-2018-6543: Fix integer overflow - CVE-2018-20671: Fix integer overflow vulnerability - CVE-2018-6759: Fix segmentation fault - CVE-2018-7208: Fix segmentation fault - CVE-2018-7568: Fix integer overflow - CVE-2018-7569: Fix integer underflow or overflow - CVE-2018-7642: Fix aout_32_swap_std_reloc_out NULL pointer dereference - CVE-2018-7643: Fix integer overflow - CVE-2018-8945: Fix segmentation fault - CVE-2018-13033: Fix excessive memory allocation - CVE-2018-10373: Fix NULL pointer dereference - CVE-2018-10535: Fix NULL pointer dereference - CVE-2018-18309: Fix invalid memory address dereference - CVE-2018-18605: Fix mishandles section merges - CVE-2018-18606: Fix NULL pointer dereference - CVE-2018-18607: Fix NULL pointer dereference in elf_link_input_bfd - CVE-2018-19932: Fix integer overflow and infinite loop - CVE-2018-20002: Fix memory consumption - CVE-2018-20623: Fix use-after-free in the error function - CVE-2018-1000876: Fix integer overflow trigger heap overflow - CVE-2019-9073: Fix excessive memory allocation - CVE-2019-9075: Fix heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap - CVE-2019-9077: Fix heap-based buffer overflow in process_mips_specific - CVE-2019-12972: Fix heap-based buffer over-read in _bfd_doprnt - CVE-2019-14444: Fix integer overflow - CVE-2019-17450: Fix infinite recursion - CVE-2016-2226: Fix integer overflow in the string_appends function in cplus-dem.c - CVE-2016-4487: Fix use-after-free vulnerability in libiberty - CVE-2016-4488: Fix use-after-free vulnerability in libiberty - CVE-2016-4489: Fix integer overflow in libiberty - CVE-2016-4490: Fix integer overflow in cp-demangle.c in libiberty - CVE-2016-4492: Fix buffer overflow in the do_type function in cplus-dem.c in libiberty - CVE-2016-4493: Fix out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal - CVE-2016-6131: Fix infinite loop, stack overflow

0 cloudlinux-x86_64-server-6 binutils-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els3.x86_64.rpm 21664c30bd97f99b0dfde48eb1a5de5c1c4e9ed9 binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els3.x86_64.rpm efe6248cec89864f26e9937e7c943f2298c90af5 binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els3.i686.rpm e626965281c01574de5667cedd36125bd8e8e4ab CLSA-2021:1640700669 TuxCare License Agreement 0 - CVE-2021-3517.patch: validate UTF8 in xmlEncodeEntities - CVE-2021-3518.patch: fix user-after-free with 'xmllint --xinclude --dropdtd' - CVE-2021-3537.patch: propagate error in xmlParseElementChildrenContentDeclPriv - CVE-2021-3541.patch: parser fix for the billion laughs attack - CVE-2021-3516.patch: fix use-after-free with 'xmllint --html --push' - CVE-2017-8872.patch: free input buffer in xmlHaltParser - CVE-2019-20388.patch: fix memory leak in xmlSchemaValidateStream - CVE-2020-24977.patch: fix out-of-bounds read with 'xmllint --htmlout' Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3517.patch: validate UTF8 in xmlEncodeEntities - CVE-2021-3518.patch: fix user-after-free with 'xmllint --xinclude --dropdtd' - CVE-2021-3537.patch: propagate error in xmlParseElementChildrenContentDeclPriv - CVE-2021-3541.patch: parser fix for the billion laughs attack - CVE-2021-3516.patch: fix use-after-free with 'xmllint --html --push' - CVE-2017-8872.patch: free input buffer in xmlHaltParser - CVE-2019-20388.patch: fix memory leak in xmlSchemaValidateStream - CVE-2020-24977.patch: fix out-of-bounds read with 'xmllint --htmlout'

0 cloudlinux-x86_64-server-6 libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els1.x86_64.rpm b99b2475ddfd6c5d1398b085d628e3cd7a9423ad libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els1.x86_64.rpm e844495f94444419beb8d96795ad439da00156ae libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els1.x86_64.rpm df988e390884a3e4d3d36154398bd81520e73c4a libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els1.x86_64.rpm 48a9363ada2a053b70f034d6bbe3cba389bcbafb libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els1.i686.rpm 597cc006056c10d0c933ef7a923a1af8d14e0432 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els1.i686.rpm 745cb31722181fa09ad5ebd13c64f312d2ea4066 CLSA-2021:1640790635 TuxCare License Agreement 0 - CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer dereference - CVE-2018-17985: Fix recursive calls - CVE-2018-18484: Fix stack exhaustion - CVE-2018-18700: Fix stack consumption vulnerability - CVE-2018-18701: Fix infinite recursion - CVE-2018-18483: Fix malloc call with the result of an integer-overflowing calculation - CVE-2018-12934: Fix excessive memory consumption - CVE-2021-45078: Fix heap-based buffer overflow Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer dereference - CVE-2018-17985: Fix recursive calls - CVE-2018-18484: Fix stack exhaustion - CVE-2018-18700: Fix stack consumption vulnerability - CVE-2018-18701: Fix infinite recursion - CVE-2018-18483: Fix malloc call with the result of an integer-overflowing calculation - CVE-2018-12934: Fix excessive memory consumption - CVE-2021-45078: Fix heap-based buffer overflow

0 cloudlinux-x86_64-server-6 binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els4.i686.rpm 1c189a6dbfc5775b7f589f0d2675d8f06748f35a binutils-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els4.x86_64.rpm 4a644adb9a3e9fddaf4f32c785b89c8d1e905255 binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els4.x86_64.rpm 919188a4acc9414ea7a6e3c4ddbc1878e243078e CLSA-2022:1642083911 TuxCare License Agreement 0 - CVE-2021-3800: Fix privilege escalation Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3800: Fix privilege escalation

0 cloudlinux-x86_64-server-6 glib2-devel-2.28.8-12.el6.tuxcare.els3.i686.rpm c577c87638db4bd04b6df23bce1a3b1d069134ab glib2-devel-2.28.8-12.el6.tuxcare.els3.x86_64.rpm bf90aeca34b4166b0d7b2739441b6c57404004bb glib2-static-2.28.8-12.el6.tuxcare.els3.x86_64.rpm f60c5c10a46d8ef4c62e1e382452283041feaf86 glib2-2.28.8-12.el6.tuxcare.els3.x86_64.rpm c6f8ea6ffb7c3608a4fc07c9b4a99db6d7504b4c glib2-2.28.8-12.el6.tuxcare.els3.i686.rpm bb4b31444ed888a8267b8bc656bd92e8fa36fabe glib2-doc-2.28.8-12.el6.tuxcare.els3.noarch.rpm f6c9bbc1b6032c80faea76c0084f2aa789f56a98 CLSA-2022:1642087587 TuxCare License Agreement 0 - CVE-2021-4192: fix using freed memory in /\%V - CVE-2021-4193: fix going beyond the end of the line with /\%V Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-4192: fix using freed memory in /\%V - CVE-2021-4193: fix going beyond the end of the line with /\%V

0 cloudlinux-x86_64-server-6 vim-common-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm dd199dc45f9cdea7cb84b84024626a7d9f62824f vim-enhanced-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm 8d8904d0cfc336cdae98bec074a279265118561e vim-minimal-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm 1233133be11291c22d6b7b21b819c153e7257193 vim-X11-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm 8c025a9ae3723b40bdf715096cc9cbb77210d667 vim-filesystem-7.4.629-5.2.el6.tuxcare.els5.x86_64.rpm ffa115c8ebd0dbaab239cb884c001a673e8e08e5 CLSA-2022:1642429303 TuxCare License Agreement 0 - CVE-2021-4104: Fix remote code execution vulnerability Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-4104: Fix remote code execution vulnerability

0 cloudlinux-x86_64-server-6 log4j-manual-1.2.14-6.4.el6.tuxcare.els1.x86_64.rpm 6d23bdd648870891da70636cfb15223c82108ef0 log4j-javadoc-1.2.14-6.4.el6.tuxcare.els1.x86_64.rpm 045d6fcf7b831d49e84f372b90bceba2e4c6a9b8 log4j-1.2.14-6.4.el6.tuxcare.els1.x86_64.rpm 683ffcb6da778924e383645e3c984dfbfb0a42fa CLSA-2022:1643113123 TuxCare License Agreement 0 - CVE-2021-44038: low privilege escalation during package installation/update due to insecure chmod in spec file. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-44038: low privilege escalation during package installation/update due to insecure chmod in spec file.

0 cloudlinux-x86_64-server-6 quagga-devel-0.99.15-14.0.2.el6.tuxcare.ol.els1.i686.rpm b1695f2d19c66035b631276332fcdf292208a18c quagga-devel-0.99.15-14.0.2.el6.tuxcare.ol.els1.x86_64.rpm 2d812d88c21b8a77b6ac17a85e49b5ef01110d08 quagga-contrib-0.99.15-14.0.2.el6.tuxcare.ol.els1.x86_64.rpm 5b93bcd9b712c1c65be8a0682bddc6ad98136dd2 quagga-0.99.15-14.0.2.el6.tuxcare.ol.els1.x86_64.rpm 2fff42a27b305a937baeb59fc7efa66de938d965 CLSA-2022:1643115104 TuxCare License Agreement 0 - CVE-2021-21703: fix incorrect shared memory management, which led to priv escalation - CVE-2021-21705: fix integer overflow and subsequent incorrect buffer allocation Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-21703: fix incorrect shared memory management, which led to priv escalation - CVE-2021-21705: fix integer overflow and subsequent incorrect buffer allocation

0 cloudlinux-x86_64-server-6 php-gd-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 64c332e7a3b3464aa8dd0da416dbc9aaf1a0b8a8 php-soap-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm b039629fa875f49a1f7c1981a3ee9d9ecd2b2f45 php-imap-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm d88e57daa27b77722f14691c056e41fa83720013 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 05927f5dcf03901f212eebe02693a0c8bcf5519b php-process-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 0b1824415c6361274457ea4ea50e015580318a98 php-recode-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm d7c2efd92289791c453c91652c8048d760bde9cd php-zts-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm a87b7d0001f594dca75fb4980625d67b83bae358 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm e85064be3f525a0e9ac3d6b218d72857b45c106b php-mysql-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm e592edab6727939b42e65435dac1aefa68c34525 php-cli-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 3bcce11a8e9ce910442b27bc92172bc254a07808 php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 625153ce150ae467d83995ed2daf3f27a0b2c132 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm cd5ca1f4be942a6ab8ba04f292cda683078f9fba php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 5d3e5cae6851e5d72c21fc1f037f15827cd2db42 php-xml-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm df1dbb87cdf507179e757b260a3394d3281a3cda php-embedded-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm cf096a0e040eeb66a12a33e2f51477a5f27fe690 php-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm d145f8e94f84d77064753b852ce3674b36ea80c8 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm e959f043309827dd1d799ba839736b17651f98a8 php-intl-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 954fd04d3732aa228a76871bf615f6081110bf25 php-dba-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 68991f939b99cfd1ed81f0db9bf0bc36851c9c6e php-pdo-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm e6e90a79e754eb2375d38cd01e43b479e7c96a78 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 16630738f2d45e26354ff68b81f8b2d7defba683 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 4bd502f3a52347ab7532a149f5d8758e7c6900e0 php-common-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 4a3e5a564f25af8914e6cc04e32956688933c409 php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm 5e7b0fc02863a71a63e3267b673476276afaaf35 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm f4838a33d2193a2e22adf10eecb3215909284dac php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm a15f9cbbb53a83836f8144c66afe6f38cba464d9 php-devel-5.3.3-50.el6_10.tuxcare.ol.els1.x86_64.rpm d1c45a5b13c4fd61ba622784cb49d128a0a5b0be CLSA-2022:1643211885 TuxCare License Agreement 0 - CVE-2021-4034: pkexec: argv overflow results in local privilege esc. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-4034: pkexec: argv overflow results in local privilege esc.

0 cloudlinux-x86_64-server-6 polkit-desktop-policy-0.96-11.el6_10.1.tuxcare.els1.noarch.rpm 80342c65628012b2480e531f040508b9c1df2244 polkit-0.96-11.el6_10.1.tuxcare.els1.i686.rpm 2fd4915b859922a18b774f47eab7e75a7b074561 polkit-devel-0.96-11.el6_10.1.tuxcare.els1.x86_64.rpm 06ddd2bc7a2808951c64be8d9e900fb560266ab0 polkit-docs-0.96-11.el6_10.1.tuxcare.els1.x86_64.rpm a3f3e78cac7663110d2a12f285d7184ad291793a polkit-devel-0.96-11.el6_10.1.tuxcare.els1.i686.rpm e48929af7661b18332a03e52d7d8cafeeb94dabe polkit-0.96-11.el6_10.1.tuxcare.els1.x86_64.rpm 66e2c6ce2df4c48cc3e1733f62e557922d13b642 CLSA-2022:1643640747 TuxCare License Agreement 0 - CVE-2022-0213: fix going over the end of status line buffer - CVE-2022-0261: fix block insert goes over the end of the line Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0213: fix going over the end of status line buffer - CVE-2022-0261: fix block insert goes over the end of the line

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm db243db19477f0bbb3f5e1a6f6d30f539bf8f734 vim-X11-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm 99e0c55bd2917d9c42f5f5c5eda07710c71fd46e vim-filesystem-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm 7ae02a64acd26d135157129f51f5f9c270aaede5 vim-minimal-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm 03c45d76c6569c3a72e6bf319eb05178dad63baa vim-common-7.4.629-5.2.el6.tuxcare.els6.x86_64.rpm 39c69a6f5e642b0b94154c69b07b165362ac0e0a CLSA-2022:1643819053 TuxCare License Agreement 0 - CVE-2022-23218: fix possible buffer overflow in svcunix_create - CVE-2022-23219: fix possible buffer overflow in clnt_create Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-23218: fix possible buffer overflow in svcunix_create - CVE-2022-23219: fix possible buffer overflow in clnt_create

0 cloudlinux-x86_64-server-6 glibc-2.12-2.215.el6.tuxcare.els6.i686.rpm d35beed2175cfd57eb8d4922312a74d01e97f801 glibc-2.12-2.215.el6.tuxcare.els6.x86_64.rpm bcdb7bd0789e6cb6c5cdea66d00e7931f6505e94 glibc-devel-2.12-2.215.el6.tuxcare.els6.x86_64.rpm b2631f9517ab36348566ee488cd7f3f6044dde90 nscd-2.12-2.215.el6.tuxcare.els6.x86_64.rpm 5b5fea9f16d41c957fb7490441b4a90e3b955766 glibc-static-2.12-2.215.el6.tuxcare.els6.x86_64.rpm 718cc377b92fc01c5245b2f51623743f5cac9937 glibc-static-2.12-2.215.el6.tuxcare.els6.i686.rpm 102a6f075e33b784264df385fbd1375873f71016 glibc-devel-2.12-2.215.el6.tuxcare.els6.i686.rpm f41195512d46a87a9765ebce454158409457becb glibc-headers-2.12-2.215.el6.tuxcare.els6.x86_64.rpm fecd09fc617c048520831c14b7152c6f2098e347 glibc-utils-2.12-2.215.el6.tuxcare.els6.x86_64.rpm 931ae86ca1693a661fe169a2006b4a519cb553b3 glibc-common-2.12-2.215.el6.tuxcare.els6.x86_64.rpm f591c6466bcf5c972ae168f41c20aaca95cec91d CLSA-2022:1643918279 TuxCare License Agreement 0 - CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it. Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it.

0 cloudlinux-x86_64-server-6 log4j-manual-1.2.14-6.4.el6.tuxcare.els2.x86_64.rpm f42b947f8a11b7d75c9a5f9c01286afbfbcd910f log4j-javadoc-1.2.14-6.4.el6.tuxcare.els2.x86_64.rpm a3d5a1210f8ad7a1d6bbc6fe92dc26f7305a2cfc log4j-1.2.14-6.4.el6.tuxcare.els2.x86_64.rpm e7164ee87e3d34b80105bdcad1fe539f2228a1b3 CLSA-2022:1644501061 TuxCare License Agreement 0 - CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer - CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer - CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink

0 cloudlinux-x86_64-server-6 log4j-1.2.14-6.4.el6.tuxcare.els3.x86_64.rpm 283dd7556888e2977556c49e5ee92c85cbf75600 log4j-javadoc-1.2.14-6.4.el6.tuxcare.els3.x86_64.rpm 432340d8982fefa907e91b8baf5ce373019b2dd2 log4j-manual-1.2.14-6.4.el6.tuxcare.els3.x86_64.rpm 7994110a98ff6ceb5d6bfa3cb4f73295f25952cb CLSA-2022:1644855795 TuxCare License Agreement 0 - CVE-2022-0351: fix crash caused by too depth recursion - CVE-2022-0359: fix illegal memory access with large tabstop in ex mode - CVE-2022-0361: fix illegal memory access when copying lines in visual mode - CVE-2022-0368: fix illegal memory access when undo makes visual area invalid Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0351: fix crash caused by too depth recursion - CVE-2022-0359: fix illegal memory access with large tabstop in ex mode - CVE-2022-0361: fix illegal memory access when copying lines in visual mode - CVE-2022-0368: fix illegal memory access when undo makes visual area invalid

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm dc36c8c8013b617f52a36aec147d977fa370ac1b vim-common-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm 4ec1af2260c88193740a1dd19dcc0fb155a0d4bc vim-filesystem-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm a516f23370081dd085066a341da63c026155928f vim-minimal-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm 086a6ccb1eb482bd443d667a9daabb119cee4423 vim-X11-7.4.629-5.2.el6.tuxcare.els7.x86_64.rpm 226a44918911847e28025c966361d5ff6457d9ae CLSA-2022:1645465659 TuxCare License Agreement 0 - CVE-2022-0408: fix stack corruption when looking for spell suggestions - CVE-2022-0413: fix using freed memory when substitute with function call - CVE-2022-0417: fix illegal memory access caused by ':retab 0' - CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe' Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0408: fix stack corruption when looking for spell suggestions - CVE-2022-0413: fix using freed memory when substitute with function call - CVE-2022-0417: fix illegal memory access caused by ':retab 0' - CVE-2022-0443: fix using freed memory with ':lopen' and ':bwipe'

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm d9c646435ff62db743e8028221a11c07dd9fe205 vim-minimal-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm 7378ba466950e146d241a9cdc960336e94555df7 vim-X11-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm c87da53f7b39a7e2069c03a6445b7f61f412722b vim-filesystem-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm 79168ad359f38db2e0cbc570d498c33ec8981cc9 vim-common-7.4.629-5.2.el6.tuxcare.els8.x86_64.rpm 2b43243f6b539decab925de3e84c3c6eafe1ab12 CLSA-2022:1646061219 TuxCare License Agreement 0 - CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

0 cloudlinux-x86_64-server-6 cyrus-sasl-lib-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm a4a70df9afe9ef35ef80dadf20a9da8e892eb9f4 cyrus-sasl-devel-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm 9256b1ceec0277e7381fa98a9a1a9ad8d05c9a57 cyrus-sasl-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm 2656023bae8f3ed5f23aaecdfea069630d6c6599 cyrus-sasl-devel-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm 93579f561181b391ffd083ee0c5df1873d73172a cyrus-sasl-md5-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm 562ffdab125e9f539e1aff4dc3be2893a5257151 cyrus-sasl-gssapi-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm 611691eeb4753abe9db956bbe770828050a4452b cyrus-sasl-sql-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm 549a31788c8e86ffea38f5cf588e0ed6dbd07f19 cyrus-sasl-ntlm-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm b7932d05a8612b635a445e426c4223217b15d6e5 cyrus-sasl-plain-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm 7d36d808ebad277f45f90a63ca9923bab880199e cyrus-sasl-ntlm-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm 7094aa8028287ca9e2dbd52423cb49908631b1a1 cyrus-sasl-sql-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm 0adb5944f2c8539e156638326aeed118524c8ed6 cyrus-sasl-plain-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm 29eb3ea8fa03f21481ea3b3f443c15d0df630cba cyrus-sasl-ldap-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm dc1bd14490f2f99052c5de637d7e9ce7722c3461 cyrus-sasl-ldap-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm dc55e39b8b9297858e41ec1003899f635d67fdd2 cyrus-sasl-md5-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm ef01209653a317190b1d2142b47172a1808d9aa3 cyrus-sasl-gssapi-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm d5fa2cdffd6e290a83fb740cde154ce8906c9177 cyrus-sasl-lib-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm b19e27790015216c8dd4d4806c6a95bdaa97933b CLSA-2022:1646666442 TuxCare License Agreement 0 - CVE-2022-0391: Add stripping ASCII newline and tabs from the url by urllib.parse Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0391: Add stripping ASCII newline and tabs from the url by urllib.parse

0 cloudlinux-x86_64-server-6 python-2.6.6-70.el6.tuxcare.els5.i686.rpm 97ea0841d6b876aa5eb6e78be3f88892b47d20a0 python-tools-2.6.6-70.el6.tuxcare.els5.x86_64.rpm 6826fc2d133a4e2af15267c27d20015a53d8097d python-devel-2.6.6-70.el6.tuxcare.els5.x86_64.rpm 9f5fa99aeb5df4e8d9cdfa612acd9900259bf433 python-libs-2.6.6-70.el6.tuxcare.els5.i686.rpm 8af4a760d1ab15aa491343a9ae245d78be56d9f3 python-libs-2.6.6-70.el6.tuxcare.els5.x86_64.rpm 520f8ed7708d061f3eb4cc86b4909d5d4abdb505 python-test-2.6.6-70.el6.tuxcare.els5.x86_64.rpm 7b6071deeab11875e11ddbd46db20cae949ba229 tkinter-2.6.6-70.el6.tuxcare.els5.x86_64.rpm b7c188ee008a29d2993d9789080b0cdf6c78673d python-2.6.6-70.el6.tuxcare.els5.x86_64.rpm 7b7ab67283e0446a8f8e696b9810639f52e60dac python-devel-2.6.6-70.el6.tuxcare.els5.i686.rpm 0e8b1af706ae67633e002d993ce845c171f5aef9 CLSA-2022:1646915634 TuxCare License Agreement 0 - CVE-2022-0554: fix ending up with no current buffer - CVE-2022-0572: fix crashing when repeatedly using :retab - CVE-2022-0685: fix crashing when using special multi-byte character - CVE-2022-0729: fix crashing with specific regexp pattern and string Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0554: fix ending up with no current buffer - CVE-2022-0572: fix crashing when repeatedly using :retab - CVE-2022-0685: fix crashing when using special multi-byte character - CVE-2022-0729: fix crashing with specific regexp pattern and string

0 cloudlinux-x86_64-server-6 vim-minimal-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm 4177e3173bf45421e813e42c9cc3f4b6cab5f3ab vim-X11-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm dde51fcc27fa95cebf0bba5402fd23c96efa8fb7 vim-common-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm d801467938186ee7c69b360c86f3c8060a45db66 vim-filesystem-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm 8975d385efd8c6bc5aced0ead33542cba25cb354 vim-enhanced-7.4.629-5.2.el6.tuxcare.els9.x86_64.rpm 38d92d6a1c334e505e71eddd4186c3961290b469 CLSA-2022:1646935759 TuxCare License Agreement 0 - remove old certificate - Removing: - # Certificate "DST Root CA X3" - Update to CKBI 2.50 from NSS 3.67 - Update to CKBI 2.48 from NSS 3.66 - Removing: - # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - # Certificate "GeoTrust Global CA" - # Certificate "GeoTrust Universal CA" - # Certificate "GeoTrust Universal CA 2" - # Certificate "QuoVadis Root CA" - # Certificate "Sonera Class 2 Root CA" - # Certificate "Taiwan GRCA" - # Certificate "GeoTrust Primary Certification Authority" - # Certificate "thawte Primary Root CA" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" - # Certificate "GeoTrust Primary Certification Authority - G3" - # Certificate "thawte Primary Root CA - G2" - # Certificate "thawte Primary Root CA - G3" - # Certificate "GeoTrust Primary Certification Authority - G2" - # Certificate "VeriSign Universal Root Certification Authority" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" - # Certificate "Trustis FPS Root CA" - # Certificate "EE Certification Centre Root CA" - # Certificate "LuxTrust Global Root 2" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" - Adding: - # Certificate "Microsoft ECC Root Certificate Authority 2017" - # Certificate "Microsoft RSA Root Certificate Authority 2017" - # Certificate "e-Szigno Root CA 2017" - # Certificate "certSIGN Root CA G2" - # Certificate "Trustwave Global Certification Authority" - # Certificate "Trustwave Global ECC P256 Certification Authority" - # Certificate "Trustwave Global ECC P384 Certification Authority" - # Certificate "NAVER Global Root Certification Authority" - # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" - # Certificate "GlobalSign Secure Mail Root R45" - # Certificate "GlobalSign Secure Mail Root E45" - # Certificate "GlobalSign Root R46" - # Certificate "GlobalSign Root E46" - # Certificate "GLOBALTRUST 2020" - # Certificate "ANF Secure Server Root CA" - # Certificate "Certum EC-384 CA" - # Certificate "Certum Trusted Root CA" Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- remove old certificate - Removing: - # Certificate "DST Root CA X3" - Update to CKBI 2.50 from NSS 3.67 - Update to CKBI 2.48 from NSS 3.66 - Removing: - # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - # Certificate "GeoTrust Global CA" - # Certificate "GeoTrust Universal CA" - # Certificate "GeoTrust Universal CA 2" - # Certificate "QuoVadis Root CA" - # Certificate "Sonera Class 2 Root CA" - # Certificate "Taiwan GRCA" - # Certificate "GeoTrust Primary Certification Authority" - # Certificate "thawte Primary Root CA" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" - # Certificate "GeoTrust Primary Certification Authority - G3" - # Certificate "thawte Primary Root CA - G2" - # Certificate "thawte Primary Root CA - G3" - # Certificate "GeoTrust Primary Certification Authority - G2" - # Certificate "VeriSign Universal Root Certification Authority" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" - # Certificate "Trustis FPS Root CA" - # Certificate "EE Certification Centre Root CA" - # Certificate "LuxTrust Global Root 2" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" - Adding: - # Certificate "Microsoft ECC Root Certificate Authority 2017" - # Certificate "Microsoft RSA Root Certificate Authority 2017" - # Certificate "e-Szigno Root CA 2017" - # Certificate "certSIGN Root CA G2" - # Certificate "Trustwave Global Certification Authority" - # Certificate "Trustwave Global ECC P256 Certification Authority" - # Certificate "Trustwave Global ECC P384 Certification Authority" - # Certificate "NAVER Global Root Certification Authority" - # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" - # Certificate "GlobalSign Secure Mail Root R45" - # Certificate "GlobalSign Secure Mail Root E45" - # Certificate "GlobalSign Root R46" - # Certificate "GlobalSign Root E46" - # Certificate "GLOBALTRUST 2020" - # Certificate "ANF Secure Server Root CA" - # Certificate "Certum EC-384 CA" - # Certificate "Certum Trusted Root CA"

0 cloudlinux-x86_64-server-6 ca-certificates-2021.2.50-60.1.el6.tuxcare.els1.noarch.rpm 8638460e816f6971632c62b995bb1799cbff6210 CLSA-2022:1647255690 TuxCare License Agreement 0 - CVE-2022-23308: fix use-after-free of ID and IDREF attributes Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-23308: fix use-after-free of ID and IDREF attributes

0 cloudlinux-x86_64-server-6 libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els2.x86_64.rpm b969e6eb72bfa2f22f7ee788bc81713a542c45eb libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els2.x86_64.rpm 673abe1bf80ac5e54cb426100d4d34699ccb1191 libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els2.i686.rpm 90eda766c9d5674c3ec6bf0825f17ac574f149af libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els2.i686.rpm b4ba41f16d20447e122957189c7cf48349458f87 libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els2.x86_64.rpm a2f07bc01686ec36f967a9e472b94806b21411a7 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els2.x86_64.rpm ff46d54bf494b3d5334678f5e7c5d96d8e02596d CLSA-2022:1647550569 TuxCare License Agreement 0 - CVE-2022-0778: Fix possible infinite loop in BN_mod_sqrt() Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0778: Fix possible infinite loop in BN_mod_sqrt()

0 cloudlinux-x86_64-server-6 openssl-static-1.0.1e-63.el6.tuxcare.els6.x86_64.rpm e47a8bffc79305ce7b2e636380b6901e7e6fffb2 openssl-devel-1.0.1e-63.el6.tuxcare.els6.i686.rpm 242fd9249f68efc87a5059567f2cb3fc33453f81 openssl-1.0.1e-63.el6.tuxcare.els6.x86_64.rpm 7e713f8a6004ff3f489711841fa977382b0b06a9 openssl-perl-1.0.1e-63.el6.tuxcare.els6.x86_64.rpm 2609d6eb252ebd98ad69055b2792c05c72d9ba69 openssl-1.0.1e-63.el6.tuxcare.els6.i686.rpm ee206f6f021d2d5a368b0030200f1e0f418b6a52 openssl-devel-1.0.1e-63.el6.tuxcare.els6.x86_64.rpm 0c7301eb578825440bb53019e55e3c57ee6702c1 CLSA-2022:1647958678 TuxCare License Agreement 0 - CVE-2021-3737: Fix HTTP client infinite line reading (DoS) after receiving a '100 Continue' HTTP response Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3737: Fix HTTP client infinite line reading (DoS) after receiving a '100 Continue' HTTP response

0 cloudlinux-x86_64-server-6 python-libs-2.6.6-70.el6.tuxcare.els6.x86_64.rpm 76756cc2b2d1b6161e6b10dc51d9377d9a124fb7 python-2.6.6-70.el6.tuxcare.els6.x86_64.rpm 4ef3be941bc9774ad395b68d24aea2dd05306bf3 python-tools-2.6.6-70.el6.tuxcare.els6.x86_64.rpm 2a52d993ccae7029e2eb78b2569594e532c1a6aa python-devel-2.6.6-70.el6.tuxcare.els6.x86_64.rpm 6dee94853e571eaf22e1cbdb64dd78dea12c08fb python-test-2.6.6-70.el6.tuxcare.els6.x86_64.rpm aabe0c3a6589393162694a693a779001c3ee36f3 tkinter-2.6.6-70.el6.tuxcare.els6.x86_64.rpm 8bc2f90a2888f8c24fbb1dd0d2404419fc631216 python-libs-2.6.6-70.el6.tuxcare.els6.i686.rpm cc7372c0b9bc6264affacc2c8f13e60b75ff96c7 python-2.6.6-70.el6.tuxcare.els6.i686.rpm 2d1a31c1d12f08ee0334dee92d9e280c8fabcdbf python-devel-2.6.6-70.el6.tuxcare.els6.i686.rpm b4a4c934230e17bcbdd452e85a21a81ccf8d5692 CLSA-2022:1648136281 TuxCare License Agreement 0 - CVE-2022-22720: simpler connection close logic if discarding the request body fails - CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-22720: simpler connection close logic if discarding the request body fails - CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory

0 cloudlinux-x86_64-server-6 mod_ssl-2.2.15-72.el6.tuxcare.els4.x86_64.rpm 2de7b00679874ad1b21693c94424f3d40fc04394 httpd-2.2.15-72.el6.tuxcare.els4.x86_64.rpm 94daa2a59bfd376d1c5ce2d0587006ff114a4e08 httpd-manual-2.2.15-72.el6.tuxcare.els4.noarch.rpm 3da5e8af5f97c28496e2970f4bb2a290fe266f15 httpd-devel-2.2.15-72.el6.tuxcare.els4.i686.rpm c3bdd73bb51697b39ef05084cbd919d711a4e3bd httpd-tools-2.2.15-72.el6.tuxcare.els4.x86_64.rpm a112d37f7e8fd01335cce19bc3161c6e7479e6c2 httpd-devel-2.2.15-72.el6.tuxcare.els4.x86_64.rpm 31e0ecfd9474718852903f4772c82fc89daf30b1 CLSA-2022:1648138064 TuxCare License Agreement 0 - CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd

0 cloudlinux-x86_64-server-6 glibc-utils-2.12-2.215.el6.tuxcare.els7.x86_64.rpm 59aaa233f5618f6432c9d80eccb03ff5863cef7f nscd-2.12-2.215.el6.tuxcare.els7.x86_64.rpm 19272454a2ba7976b5666a832ff4cb0f335c78cb glibc-common-2.12-2.215.el6.tuxcare.els7.x86_64.rpm 6271ebec345d956b84783cb0c2ebbbc0b559a0d1 glibc-devel-2.12-2.215.el6.tuxcare.els7.i686.rpm 1af335856fe442b9069e3c07a437d62677b25920 glibc-static-2.12-2.215.el6.tuxcare.els7.x86_64.rpm a83171743966e97482ebc9ef252f33065350d43a glibc-devel-2.12-2.215.el6.tuxcare.els7.x86_64.rpm 434ef633493af63a57d101befe4150e21261c2de glibc-2.12-2.215.el6.tuxcare.els7.x86_64.rpm 4e76084e49f6147228cbcb99b6fdefb39700db4b glibc-headers-2.12-2.215.el6.tuxcare.els7.x86_64.rpm ae1c0c09f5e970a2391bba20b4be944164507c34 glibc-2.12-2.215.el6.tuxcare.els7.i686.rpm 2ce0465d5141d38f4b7e8a65674b11e8cf96fceb glibc-static-2.12-2.215.el6.tuxcare.els7.i686.rpm 55b428a9d7cf194a65f692ff77112d74474133a8 CLSA-2022:1649170853 TuxCare License Agreement 0 - CVE-2022-0943: fix heap-based buffer overflow Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0943: fix heap-based buffer overflow

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm 2870bd0e6b9a169e404247f7a36c81216d4f3a22 vim-common-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm d0f1cf71a803c780699a9bcf3cf33a9c50bd1e16 vim-X11-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm b673621fcb843a263859004f5eb5e61bb5c67e54 vim-minimal-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm 8a81b9eac7e146e43a42f33cb29065291bca260f vim-filesystem-7.4.629-5.2.el6.tuxcare.els10.x86_64.rpm 6b11e87ad3be5383abb99e5fe03bea2109cb74d3 CLSA-2022:1649170882 TuxCare License Agreement 0 - CVE-2022-0547: Fix authentication bypass via multiple deferred authentication plug-ins Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0547: Fix authentication bypass via multiple deferred authentication plug-ins

0 cloudlinux-x86_64-server-6 openvpn-2.4.9-1.el6.tuxcare.els1.x86_64.rpm 8379bb8455f815277299a417ade8b84286ceb7c3 openvpn-devel-2.4.9-1.el6.tuxcare.els1.x86_64.rpm 605fb99dbf103af835fda1705ced25b5a31fc615 CLSA-2022:1649331387 TuxCare License Agreement 0 - CVE-2021-25220: fix possible cache poisoning from forwarder responses Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-25220: fix possible cache poisoning from forwarder responses

0 cloudlinux-x86_64-server-6 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm 6aacfc0976eff863e1831ab7c600454be17aec05 bind-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm c6cb52632a2f72efa57f0be24e1f42d4ace46975 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els4.i686.rpm f78ddf87c018f5da90e0729303bca9fe0e0db450 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els4.i686.rpm ffa2e184e8a8e9c5c575d2e0734d26a062c098c2 bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm f7be630328af95fb77d1ebfff7f8b8d1bcb83fee bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm c25342cc219eff5c6d64c4829d0f3f464f196311 bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm 3cd17ee8c33a8784380463c344979b19a4681c5d bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els4.x86_64.rpm aca61941b7ec73098597bd7c73cb74da59c9cfe1 CLSA-2022:1649695783 TuxCare License Agreement 0 - CVE-2021-3618: drop the connection after reaching the specified number of invalid protocol commmands Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-3618: drop the connection after reaching the specified number of invalid protocol commmands

0 cloudlinux-x86_64-server-6 nginx-all-modules-1.10.3-4.el6.tuxcare.els4.noarch.rpm a1c3561f680cd3732f7d2f93fed37ead8b464e33 nginx-mod-http-xslt-filter-1.10.3-4.el6.tuxcare.els4.x86_64.rpm bccba03ea5d59cd07b4b43a07ef674e8301d272e nginx-1.10.3-4.el6.tuxcare.els4.x86_64.rpm 149635c155b32b840c2bddd3296e6ade776b8303 nginx-mod-http-geoip-1.10.3-4.el6.tuxcare.els4.x86_64.rpm 77998f1b4dba5041d1af8eaa1a869bfe8a6c7bbe nginx-mod-http-perl-1.10.3-4.el6.tuxcare.els4.x86_64.rpm 12ff616abc6e6702c308f2d1bb82ea445327cef5 nginx-mod-stream-1.10.3-4.el6.tuxcare.els4.x86_64.rpm 4027f133c1db8f0da88f0a5c5725d772fea433da nginx-mod-mail-1.10.3-4.el6.tuxcare.els4.x86_64.rpm 19a7ce71686f7feaefc6fc0473c537b108d17213 nginx-filesystem-1.10.3-4.el6.tuxcare.els4.noarch.rpm 7601d4d2f4316c083164d3c0d0df3558f570b30c nginx-mod-http-image-filter-1.10.3-4.el6.tuxcare.els4.x86_64.rpm dc228f6eb4e0ce6148ce8d0a48714a6f05844a17 CLSA-2022:1649869286 TuxCare License Agreement 0 - CVE-2022-1154: fix buffer usage after free Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-1154: fix buffer usage after free

0 cloudlinux-x86_64-server-6 vim-common-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm 94935dda79f3ce171dcaf7b50502c58e2690e3c9 vim-enhanced-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm 54e2ff2273c674d4d02ac420258d682149854d0b vim-minimal-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm 9caf33d5c84e5304ccd33efd808d871187f061dd vim-filesystem-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm 95fa0999e6f98e053d8bbdd7c0562cafc300ac44 vim-X11-7.4.629-5.2.el6.tuxcare.els11.x86_64.rpm 6003e0dc1beb7ca779c8eca72b21a4a5635651c4 CLSA-2022:1650377094 TuxCare License Agreement 0 - CVE-2022-28391: fix possible terminal injection attacks from DNS query results Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-28391: fix possible terminal injection attacks from DNS query results

0 cloudlinux-x86_64-server-6 busybox-petitboot-1.15.1-21.el6_6.tuxcare.els1.x86_64.rpm 91535e9b830dfb5b1afec8393347e7b3ab73b942 busybox-1.15.1-21.el6_6.tuxcare.els1.x86_64.rpm 6f5bdae9c4c2b44749441d4f092f6c1ccece22cf CLSA-2022:1650909007 TuxCare License Agreement 0 - CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2019-18276: Fix priviledge dropping when running with effective UID not equal to real UID

0 cloudlinux-x86_64-server-6 bash-doc-4.1.2-48.el6.tuxcare.els1.x86_64.rpm b6ce9a7fafa7e91c082c7820ee925c0827cc7cde bash-4.1.2-48.el6.tuxcare.els1.x86_64.rpm 6ce43941ee4126ff71ffd42fc2522cb5a5cbc8b4 CLSA-2022:1652706098 TuxCare License Agreement 0 - CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches

0 cloudlinux-x86_64-server-6 minizip-devel-1.2.3-29.el6.tuxcare.els1.i686.rpm 79016d24ea055873438c8a82008262489c76776c minizip-1.2.3-29.el6.tuxcare.els1.x86_64.rpm 6b8d401774584e05de7fd1a3bb3205a1467e338e zlib-static-1.2.3-29.el6.tuxcare.els1.x86_64.rpm f5baac20abd576851b1de4cb952b543566c7399f minizip-1.2.3-29.el6.tuxcare.els1.i686.rpm 3989ad76dc615c0872b14f81f07c5453b1c7124d minizip-devel-1.2.3-29.el6.tuxcare.els1.x86_64.rpm 76b5ec9b1794c0d5ddac073a03303c4cff509950 zlib-1.2.3-29.el6.tuxcare.els1.x86_64.rpm 160dae7c79fa2c97bdc8342b922481086b2cab3f zlib-devel-1.2.3-29.el6.tuxcare.els1.x86_64.rpm 8329583e97738b03b7ecf6a32bf92eae5817bca7 zlib-1.2.3-29.el6.tuxcare.els1.i686.rpm 70156f4180d346b8c47f979bf8989c5721a6db4e zlib-devel-1.2.3-29.el6.tuxcare.els1.i686.rpm d2a9e4b1f2febfcdb79a824acdad4df961a4cb2c CLSA-2022:1652986513 TuxCare License Agreement 0 - CVE-2022-29155: fix SQL injection vulnerability caused by LDAP search operation None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-29155: fix SQL injection vulnerability caused by LDAP search operation

0 cloudlinux-x86_64-server-6 openldap-clients-2.4.40-16.el6.tuxcare.els2.x86_64.rpm 04089bdd0582e45c0ba270fe41649f6f14d49b21 openldap-devel-2.4.40-16.el6.tuxcare.els2.x86_64.rpm 40c94a4694cdbd0eddd833178358913d04994ba4 openldap-servers-2.4.40-16.el6.tuxcare.els2.x86_64.rpm 270cc8cf25ba426f9af09898de2e11d33874f389 openldap-2.4.40-16.el6.tuxcare.els2.i686.rpm 176f2a4895a14d1ec0011f7bd764f643db3f4341 openldap-devel-2.4.40-16.el6.tuxcare.els2.i686.rpm b35bfb3c3e4367cc997ff81b4a58176bb43a51f2 openldap-servers-sql-2.4.40-16.el6.tuxcare.els2.x86_64.rpm e3c4e83ce7c9ea71b3080df31da3d897e7559053 openldap-2.4.40-16.el6.tuxcare.els2.x86_64.rpm 349108ccda5db0c2291f3f23a5e03aff4578a5d1 CLSA-2022:1652986558 TuxCare License Agreement 0 - CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches

0 cloudlinux-x86_64-server-6 rsync-3.0.6-12.el6.tuxcare.els1.x86_64.rpm d4dc0cc7f21a3f0b8a6500c4527bd4ff57dfc95a CLSA-2022:1652986585 TuxCare License Agreement 0 - CVE-2022-1271: Fix arbitrary file override with crafted file names Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-1271: Fix arbitrary file override with crafted file names

0 cloudlinux-x86_64-server-6 gzip-1.3.12-24.el6.tuxcare.els1.x86_64.rpm 61034fe8e8a3d69432661744d0fa6dcb2cab06bd CLSA-2022:1653328424 TuxCare License Agreement 0 - CVE-2022-1619: fix going before the command line start with latin1 encoding - CVE-2022-1620: fix NULL pointer dereference when using invalig regexp - CVE-2022-1621: fix to avoid adding invalid bytes with :spellgood - CVE-2022-1629: fix reading past end of line if ended with trailing backslash - CVE-2022-1616: fix buffer overflow with invalid command with composing chars None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-1619: fix going before the command line start with latin1 encoding - CVE-2022-1620: fix NULL pointer dereference when using invalig regexp - CVE-2022-1621: fix to avoid adding invalid bytes with :spellgood - CVE-2022-1629: fix reading past end of line if ended with trailing backslash - CVE-2022-1616: fix buffer overflow with invalid command with composing chars

0 cloudlinux-x86_64-server-6 vim-minimal-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm 09d25b98a2eb583519666a2217e4d4977abdac7c vim-common-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm a76dace302c19e829c39f8d839145f92e3957e52 vim-filesystem-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm 404e61189aa40b715f65fbe334b69a4d9d63fe5e vim-enhanced-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm 0e49d26bce284f001024d40158cf8e6f532d54cc vim-X11-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm 7a1d05280498e9c5a95ee746f27dcf48160b84f3 CLSA-2022:1653932706 TuxCare License Agreement 0 - CVE-2022-1733: fix reading past end of the line when C-indenting - CVE-2022-1735: fix invalid memory access caused by changing text in Visual mode Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-1733: fix reading past end of the line when C-indenting - CVE-2022-1735: fix invalid memory access caused by changing text in Visual mode

0 cloudlinux-x86_64-server-6 vim-common-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm 2833ef2a805fe25523f4eff57f0ace23fb52954c vim-filesystem-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm b2b47a8de6467fe85fc79040fba1f5c193a510e2 vim-X11-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm fdeab97411d9fa494c18a07e158f5500345ed90f vim-minimal-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm 496b7b01ea09c36f96bef77560a57dd5eed866ed vim-enhanced-7.4.629-5.2.el6.tuxcare.els13.x86_64.rpm 59e763696bd5750928e5fdc48cf0d09902e4d58e CLSA-2022:1654106950 TuxCare License Agreement 0 - CVE-2021-33582: Fix a bad string hashing algorithm which could lead to collisions and cause a CPU denial of service Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-33582: Fix a bad string hashing algorithm which could lead to collisions and cause a CPU denial of service

0 cloudlinux-x86_64-server-6 cyrus-imapd-devel-2.3.16-15.el6.tuxcare.els1.i686.rpm 7228616429b42023a41d627202f1e49087c3b148 cyrus-imapd-utils-2.3.16-15.el6.tuxcare.els1.x86_64.rpm 88ee7cee47f25f41fa6cb3e47e8661367ae3f29f cyrus-imapd-devel-2.3.16-15.el6.tuxcare.els1.x86_64.rpm 6a32ae08be08c8abbfdac14605bc923eceffd084 cyrus-imapd-2.3.16-15.el6.tuxcare.els1.x86_64.rpm e9e73de4fdb0a94eedc1ebe5a44456e325679906 CLSA-2022:1654174568 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler - CVE-2022-21426: Unbounded memory allocation when compiling crafted XPath expressions - CVE-2022-21443: Missing check for negative ObjectIdentifier - Remove patch files from previous change due to their presence in newer versions Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler - CVE-2022-21426: Unbounded memory allocation when compiling crafted XPath expressions - CVE-2022-21443: Missing check for negative ObjectIdentifier - Remove patch files from previous change due to their presence in newer versions

0 cloudlinux-x86_64-server-6 java-1.8.0-openjdk-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm 1e535711d2f91e99a267a60997f7cbbf40595ad0 java-1.8.0-openjdk-src-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm b8f88c555b2d0c1603bd8991de7e491f115dd847 java-1.8.0-openjdk-javadoc-debug-1.8.0.332.b09-1.el6.tuxcare.els1.noarch.rpm 1c625cc5121ae560207810df716c43a422c170d2 java-1.8.0-openjdk-src-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm fdd3f80e49c5e98ef5e5b86c56e98c06d9b4fdac java-1.8.0-openjdk-headless-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm 533a38c388a06826aa786662db2a83d7b7b6b498 java-1.8.0-openjdk-demo-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm dd0b14a22a26ed4b6e451f8420f5a818acb39157 java-1.8.0-openjdk-devel-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm b11b0cd84dbee3e93c3013881301aa791d5d1d60 java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el6.tuxcare.els1.noarch.rpm f3ba30157e53a63145594080a0903e48a81b3f81 java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm 3957953a47514c8eb8f0e7011bd53c20e79bfc4c java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm 58b9652bc66bec40bf591dc0e82e2c231cc419a4 java-1.8.0-openjdk-debug-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm 3fb2bfbb7d2d7cde178abe5fdb251ae8ba98a659 java-1.8.0-openjdk-demo-1.8.0.332.b09-1.el6.tuxcare.els1.x86_64.rpm c9a513eef7bc9b601f2f52bdff2cbab1edd36111 CLSA-2022:1654525460 TuxCare License Agreement 0 - CVE-2022-1785: fix out-of-bounds write by disallowing changing window in substitute expression - CVE-2022-1796: fix use after free by making a copy of a line Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-1785: fix out-of-bounds write by disallowing changing window in substitute expression - CVE-2022-1796: fix use after free by making a copy of a line

0 cloudlinux-x86_64-server-6 vim-filesystem-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm 5beec830d3ae7287d41f29102c76bee164a66ddd vim-X11-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm 88f7374d8e5bd5fe95ffe29f9e0fedb1448c4d37 vim-minimal-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm 7800b513905b2970aacb47e7442bbf70bc08e773 vim-enhanced-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm 29b218f3e9184fa240c3e679946b00b2bc3b7620 vim-common-7.4.629-5.2.el6.tuxcare.els14.x86_64.rpm 953719bb418dc9fe9e7f1a0f4f60556292624408 CLSA-2022:1654710004 TuxCare License Agreement 0 - CVE-2022-24903: fix heap-based overflow in TCP syslog server Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-24903: fix heap-based overflow in TCP syslog server

0 cloudlinux-x86_64-server-6 rsyslog-mysql-5.8.10-12.0.1.el6.tuxcare.els1.x86_64.rpm 7b15ede607c0a9311589fa434b415b971df8c2a1 rsyslog-snmp-5.8.10-12.0.1.el6.tuxcare.els1.x86_64.rpm 072dbfb3acf65d7731f4d39f5aa2b63830420bd3 rsyslog-pgsql-5.8.10-12.0.1.el6.tuxcare.els1.x86_64.rpm 05e8fd15486dcbf9470853402da5f3e6e6353e81 rsyslog-gnutls-5.8.10-12.0.1.el6.tuxcare.els1.x86_64.rpm 0d560cf85635145d6e6ae48f222f663e9e0bb80f rsyslog-relp-5.8.10-12.0.1.el6.tuxcare.els1.x86_64.rpm 0b50e80dadeb04c6e093a60d1738705a27791d8b rsyslog-gssapi-5.8.10-12.0.1.el6.tuxcare.els1.x86_64.rpm c2ac1eced05ca050327306a14484c843f44e9ae8 rsyslog-5.8.10-12.0.1.el6.tuxcare.els1.x86_64.rpm 3f735666b8d57b89363ae8fe692120df5ac9f0d4 CLSA-2022:1654804240 TuxCare License Agreement 0 - CVE-2022-0319: correct end of Visual area when entering another buffer - CVE-2022-1851: fix invalid cursor position after text formatting - CVE-2022-1886: fix access before start of text with a put command - CVE-2022-1898: fix using freed memory with ']d' Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-0319: correct end of Visual area when entering another buffer - CVE-2022-1851: fix invalid cursor position after text formatting - CVE-2022-1886: fix access before start of text with a put command - CVE-2022-1898: fix using freed memory with ']d'

0 cloudlinux-x86_64-server-6 vim-minimal-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm 4fc886f0b36c62205facdf12430a4ab68d0e17f8 vim-common-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm ea834b210e76e0ead5533d7ddd5b8b47aa0a503e vim-filesystem-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm 95e75b9e8499e9279b7d31db166163e8a74cc65b vim-X11-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm 27c8267dde2e3e72214ec73de8aff3c51d9d1216 vim-enhanced-7.4.629-5.2.el6.tuxcare.els15.x86_64.rpm c403d3259ec6ac15670bdf6942d1c679a65a4cda CLSA-2022:1655317609 TuxCare License Agreement 0 - CVE-2022-1897: fix substitution which overwrites an allocated buffer - CVE-2022-1927: fix invalid cursor position after '0;' range Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-1897: fix substitution which overwrites an allocated buffer - CVE-2022-1927: fix invalid cursor position after '0;' range

0 cloudlinux-x86_64-server-6 vim-minimal-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm bb86cbfb3f933caf6b424aece5862eb4a50e4617 vim-common-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm f52cc3cf62a263058c4f1233e18deee5eef52f45 vim-enhanced-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm a7a236fcdd4bde2695f9c2800c2c70b1bd63508d vim-filesystem-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm 41ed77403446600d035accfc20ed86ca9fa9e9bc vim-X11-7.4.629-5.2.el6.tuxcare.els16.x86_64.rpm 41d69fd617d85bf883522d15f6f83b9fa7ef9fa9 CLSA-2022:1655842760 TuxCare License Agreement 0 - CVE-2019-17571: Fix the deserialization of untrusted data in SocketServer that allows an attacker to remotely execute arbitrary code Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2019-17571: Fix the deserialization of untrusted data in SocketServer that allows an attacker to remotely execute arbitrary code

0 cloudlinux-x86_64-server-6 log4j-manual-1.2.14-6.4.el6.tuxcare.els4.x86_64.rpm eaeb6d2c3fc5b72d2650094019bd9a7ea311a156 log4j-1.2.14-6.4.el6.tuxcare.els4.x86_64.rpm 33dae167454319b8b9ca84466a2943997a972345 log4j-javadoc-1.2.14-6.4.el6.tuxcare.els4.x86_64.rpm bc6445ec0dd01afab0f8fa41f37fe64aea41c8e6 CLSA-2022:1655901379 TuxCare License Agreement 0 - CVE-2022-2042: fix using uninitialized value and freed memory in spell command Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2042: fix using uninitialized value and freed memory in spell command

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm 4b5c7e99bafacbd5346107c377b96cf4b3e64e63 vim-X11-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm 60174459ade22f54906e965a2414a77eaf4556ac vim-filesystem-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm 6dbbb66b49b830333fff924d41b2ac28ed3746be vim-common-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm 8f81934f647d12bc097f47d8e56534c3d4928703 vim-minimal-7.4.629-5.2.el6.tuxcare.els18.x86_64.rpm 12be30b39c09b9ed648b089d4942cf25f1dbd318 CLSA-2022:1656430723 TuxCare License Agreement 0 - CVE-2022-26377: mod_proxy_ajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in ap_strcmp_match() - CVE-2022-31813: mod_proxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded-* headers correctly Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-26377: mod_proxy_ajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in ap_strcmp_match() - CVE-2022-31813: mod_proxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded-* headers correctly

0 cloudlinux-x86_64-server-6 httpd-devel-2.2.15-72.el6.tuxcare.els5.i686.rpm c257d1b5bc7d8fafd6c32b53347658196e3c19a3 httpd-manual-2.2.15-72.el6.tuxcare.els5.noarch.rpm 8d0e9902c2c4b0318dd0fbb61f145dbe5503284d httpd-tools-2.2.15-72.el6.tuxcare.els5.x86_64.rpm dc736ed2cdbbd77549751c07a4bfcac139c943d2 httpd-devel-2.2.15-72.el6.tuxcare.els5.x86_64.rpm 1c9334cd72eae5abc6e99f0a822a56c84a185aa1 mod_ssl-2.2.15-72.el6.tuxcare.els5.x86_64.rpm 4b7f5721b6095900de27b45ae9bddec864ec713a httpd-2.2.15-72.el6.tuxcare.els5.x86_64.rpm c1947ce43bb49c2cde0a74f239ae6feea2cc37f4 CLSA-2022:1656959440 TuxCare License Agreement 0 - CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs#11 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs#11

0 cloudlinux-x86_64-server-6 pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els1.x86_64.rpm 60ce7e232d04b7944e48ccb9ba617ff94ff36ece pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els1.i686.rpm 70e2879020a1c3986e13e6bb2778294f7710b38e openssh-ldap-5.3p1-125.el6.tuxcare.els1.x86_64.rpm 2811096bca4b47cd59866818ab2f907468e65f37 openssh-clients-5.3p1-125.el6.tuxcare.els1.x86_64.rpm e8b2d41f85cfb68c9be0b0c590a1594c7d8f26d9 openssh-askpass-5.3p1-125.el6.tuxcare.els1.x86_64.rpm c71fcd8d4aeef2071df109dc6f1225b6eb39130e openssh-5.3p1-125.el6.tuxcare.els1.x86_64.rpm b4b815e576cf4b1383117132e56c1ac7eba4b0c4 openssh-server-5.3p1-125.el6.tuxcare.els1.x86_64.rpm 94ae763b491ca99102a9b9d7f41eeb5469703eff CLSA-2022:1656961578 TuxCare License Agreement 0 - CVE-2022-27782: add missing checks of ssl and ssh options during matching a connection for reuse Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-27782: add missing checks of ssl and ssh options during matching a connection for reuse

0 cloudlinux-x86_64-server-6 curl-7.19.7-59.el6.tuxcare.els6.x86_64.rpm 0fd288db7046973b11c5a1c92808fb63487e4162 libcurl-devel-7.19.7-59.el6.tuxcare.els6.x86_64.rpm b6ba6321290c4fd94d971cac68c85ae394a05bae libcurl-devel-7.19.7-59.el6.tuxcare.els6.i686.rpm 8a2f2e849ab5bb15787cff91fdb3f739a4cfa768 libcurl-7.19.7-59.el6.tuxcare.els6.i686.rpm ba91e5d8ff464adb8d71b8d552e3a264f1032779 libcurl-7.19.7-59.el6.tuxcare.els6.x86_64.rpm d2525e4b193866b35285f4d5dff94f8cb20c2ae9 CLSA-2022:1657182377 TuxCare License Agreement 0 - CVE-2022-2125: add checking for NUL to avoid running over the end of line - CVE-2022-1720: do not include the NUL in the length to avoid reading past end of line with "gf" in Visual block mode - CVE-2022-2124: add checking for NUL to avoid running over the end of line - CVE-2022-2129: disallow switching buffers in a substitute expression to avoid overruning destination buffer - CVE-2022-2126: do not decrement the index when it is zero Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2125: add checking for NUL to avoid running over the end of line - CVE-2022-1720: do not include the NUL in the length to avoid reading past end of line with "gf" in Visual block mode - CVE-2022-2124: add checking for NUL to avoid running over the end of line - CVE-2022-2129: disallow switching buffers in a substitute expression to avoid overruning destination buffer - CVE-2022-2126: do not decrement the index when it is zero

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm 5f542806d690e9d473c98766a0eb8f4d5e69912c vim-filesystem-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm 5d77302dedce483fc041ac04fcea365a0a6bba55 vim-common-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm 6a8e79cc2fd3ee0bd076365e7afb8f9a285d50b2 vim-X11-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm c3225aa5246e9f59549a9a9d7c04ffa609177c49 vim-minimal-7.4.629-5.2.el6.tuxcare.els19.x86_64.rpm 66cc353ce78751ad97f7541bd1240c5724fbd6f9 CLSA-2022:1657559570 TuxCare License Agreement 0 - CVE-2020-12723: fix a buffer overflow caused by a crafted regular expression because of recursive S_study_chunk calls Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-12723: fix a buffer overflow caused by a crafted regular expression because of recursive S_study_chunk calls

0 cloudlinux-x86_64-server-6 perl-version-0.77-146.el6.tuxcare.els3.x86_64.rpm 2ff5a11678c196903599bd2c95147c4244095dd3 perl-Log-Message-Simple-0.04-146.el6.tuxcare.els3.x86_64.rpm 0b95c5ad657c45f2e54f003c4337590ea4df23c5 perl-libs-5.10.1-146.el6.tuxcare.els3.i686.rpm 7afd269271b7ec86345b4659c450779da370a1f8 perl-Pod-Escapes-1.04-146.el6.tuxcare.els3.x86_64.rpm 8097821e3bf8704cd635c0c2ed18026d5be1a005 perl-Package-Constants-0.02-146.el6.tuxcare.els3.x86_64.rpm b49e8287cbb87daeb419692a3b789526e23c7971 perl-Test-Simple-0.92-146.el6.tuxcare.els3.x86_64.rpm 3134795b909bcf96d176dcf9042061b5e10156ff perl-parent-0.221-146.el6.tuxcare.els3.x86_64.rpm 401a8bc4d745028bf2aa7571817547bd064c07a5 perl-Term-UI-0.20-146.el6.tuxcare.els3.x86_64.rpm d73e5ade3bb056afae91b74f6921c83eefd511bf perl-Module-Load-Conditional-0.30-146.el6.tuxcare.els3.x86_64.rpm 247ea0a6fb41798fdbe37ae4e62428ffbb54e9ab perl-Time-HiRes-1.9721-146.el6.tuxcare.els3.x86_64.rpm 2a8aa47b5833e3d30e90eeb0961a69ae13953497 perl-Module-Pluggable-3.90-146.el6.tuxcare.els3.x86_64.rpm 2311c5fe86439752e8d72b8754595fda81fd8a05 perl-suidperl-5.10.1-146.el6.tuxcare.els3.x86_64.rpm 879b91d5239b57c915a7ffc41e9f037cdd56b888 perl-devel-5.10.1-146.el6.tuxcare.els3.i686.rpm c7bd58e48d9321a3bf4961d68d37bcc82e8b43bb perl-Test-Harness-3.17-146.el6.tuxcare.els3.x86_64.rpm d295f9c0b7dfe19b7cee6079c9a5c574b41bd9e7 perl-ExtUtils-Embed-1.28-146.el6.tuxcare.els3.x86_64.rpm 1617559382d64a5c011a18c1c3f0c6c772b78181 perl-devel-5.10.1-146.el6.tuxcare.els3.x86_64.rpm 96483ecbca00bd8a4272281705c46e305b1cd80d perl-Parse-CPAN-Meta-1.40-146.el6.tuxcare.els3.x86_64.rpm 4ab77673d345e77746f3a4380396e0b054fb5742 perl-ExtUtils-CBuilder-0.27-146.el6.tuxcare.els3.x86_64.rpm ec790a4622653a4ec3e7e9a65afbb27279dfb327 perl-CPANPLUS-0.88-146.el6.tuxcare.els3.x86_64.rpm 20b21454d6c758f8a632b899fe027167aed14863 perl-Pod-Simple-3.13-146.el6.tuxcare.els3.x86_64.rpm 06c364c5bc0392bdc48871de23bd0a895b7f5420 perl-Module-Loaded-0.02-146.el6.tuxcare.els3.x86_64.rpm 2e6803ce1a1847f1af4df3675f180d21cae06193 perl-Compress-Raw-Zlib-2.021-146.el6.tuxcare.els3.x86_64.rpm 6805e112e84d2bd66644ed5b29c04325a72308d3 perl-Compress-Raw-Bzip2-2.021-146.el6.tuxcare.els3.x86_64.rpm f69a7109d8f3d5e816026ca5d180e9d7883ea192 perl-IO-Zlib-1.09-146.el6.tuxcare.els3.x86_64.rpm 2ccab2a0074dcad0e7f0badf88401083fba76c50 perl-Locale-Maketext-Simple-0.18-146.el6.tuxcare.els3.x86_64.rpm c53d5f115f75f23ba84d5dd5b11c5a4f0fb444af perl-Archive-Tar-1.58-146.el6.tuxcare.els3.x86_64.rpm 417fe7495f6198336531a80427752bfb1c42163d perl-Module-Load-0.16-146.el6.tuxcare.els3.x86_64.rpm 63dd94b768a243029005ddbe09a879c0b76f247c perl-Params-Check-0.26-146.el6.tuxcare.els3.x86_64.rpm 6e577b1667305fdcf4b3fb0c45956a4d3514fcff perl-IO-Compress-Zlib-2.021-146.el6.tuxcare.els3.x86_64.rpm 17b9fcbaaac53958237f982cdae7d65293b2e748 perl-Compress-Zlib-2.021-146.el6.tuxcare.els3.x86_64.rpm 13a4d61765c4c0dac4d8ea104b965008b9dabf77 perl-Log-Message-0.02-146.el6.tuxcare.els3.x86_64.rpm 6ec7bd3d6783d6ae1d2c8b1586b24aebe0f8881a perl-IO-Compress-Bzip2-2.021-146.el6.tuxcare.els3.x86_64.rpm 2bbb8a6336f55d14bb223d373c62a20591c7aad6 perl-IO-Compress-Base-2.021-146.el6.tuxcare.els3.x86_64.rpm 72caa8ec9474afcfef653e436cb710b9b42c59d8 perl-ExtUtils-MakeMaker-6.55-146.el6.tuxcare.els3.x86_64.rpm d31394264041d86c955b6580a58a97eeb253ec9b perl-CGI-3.51-146.el6.tuxcare.els3.x86_64.rpm 2faaca7613873e3eb8b9d80b318e977ef93676fc perl-core-5.10.1-146.el6.tuxcare.els3.x86_64.rpm e72c2e5dd9b2f412a835c35fd88b5f475e206638 perl-libs-5.10.1-146.el6.tuxcare.els3.x86_64.rpm d54d4e1dfa2bc0d60b02a0f5ae0ccce3a9e3cfd0 perl-Module-CoreList-2.18-146.el6.tuxcare.els3.x86_64.rpm 24a0463a53feeaf69ccdf45cba9d9d44fd4e0df8 perl-Module-Build-0.3500-146.el6.tuxcare.els3.x86_64.rpm 51b62a84826ae76b16a43137dea60232359f81d3 perl-IPC-Cmd-0.56-146.el6.tuxcare.els3.x86_64.rpm f4699d1e557d69d256255d0bfbcaa25ea2920c11 perl-Archive-Extract-0.38-146.el6.tuxcare.els3.x86_64.rpm 8ee863d3b913b502c412b5cb96538efd72ae1f08 perl-File-Fetch-0.26-146.el6.tuxcare.els3.x86_64.rpm 7a759e0d9d85beb38a4ce8292aa511b1f8e4d6d6 perl-Object-Accessor-0.34-146.el6.tuxcare.els3.x86_64.rpm 047ed184dd42da86812d10af0c0b5b235d079e0b perl-Digest-SHA-5.47-146.el6.tuxcare.els3.x86_64.rpm 1f1639b2b22ceb40f40d514892ba6cca2358b112 perl-CPAN-1.9402-146.el6.tuxcare.els3.x86_64.rpm 917c4828046b78c475908d971f135f3ec7a5b04f perl-5.10.1-146.el6.tuxcare.els3.x86_64.rpm 9a555da3d26d87f8858b2d476a04604041d96914 perl-ExtUtils-ParseXS-2.2003.0-146.el6.tuxcare.els3.x86_64.rpm 3c372b4456434056771192e5c176c257f12d876a perl-Time-Piece-1.15-146.el6.tuxcare.els3.x86_64.rpm 65b480c7a8f7b94d13563a366f5d8c67b9c5e924 CLSA-2022:1657560108 TuxCare License Agreement 0 - CVE-2016-10708: fix crash in packet handling code by moving inbound NEWKEYS handling to kex layer - CVE-2016-10012: abandon the fix due to compression mode issues Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2016-10708: fix crash in packet handling code by moving inbound NEWKEYS handling to kex layer - CVE-2016-10012: abandon the fix due to compression mode issues

0 cloudlinux-x86_64-server-6 openssh-5.3p1-125.el6.tuxcare.els2.x86_64.rpm 794e0e71d02c541fb5bba456db736dd6ba436079 openssh-server-5.3p1-125.el6.tuxcare.els2.x86_64.rpm 6d2a30cd89e1ea98016c750b21ea22075f32d398 pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els2.i686.rpm 8ef80009d0b97df6a4be4019d9e29c50a1e3f1ce openssh-askpass-5.3p1-125.el6.tuxcare.els2.x86_64.rpm b232c2c760a8b9e4f46e4a025a74b3066e99a93b pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els2.x86_64.rpm 698ecef5a7ca1885605b9752804d6af150358e1a openssh-ldap-5.3p1-125.el6.tuxcare.els2.x86_64.rpm 3671fecce63dccb5a7458ac200bacd1e0a560c69 openssh-clients-5.3p1-125.el6.tuxcare.els2.x86_64.rpm edb47ca81fa111cd98d6559df1fa17c3237046c7 CLSA-2022:1657560205 TuxCare License Agreement 0 - CVE-2018-5741: update {krb5,ms}-{self,subdomain} descriptions Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-5741: update {krb5,ms}-{self,subdomain} descriptions

0 cloudlinux-x86_64-server-6 bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm 694b08dabedde31f829d1cdf8d44a4d7b9eb058c bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els5.i686.rpm 2ed4afe121a3f6b9643fa40ea0b3b8be110375fa bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm ec6caa8eb4da3eace064061652c341927594ed76 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm 3a757e36efcb664637b6ef754ab477890ca27773 bind-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm 6f065141d6e273957c1ef5ba9c585a3895b5bebc bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm 1ba6790a73f93c75165b26c00ce39ab2b3a64404 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els5.x86_64.rpm 1e5cb730c7e8cae50fb07a9a5b63351fb46a557e bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els5.i686.rpm 9ccc0a01e7093fc69a31724b6cb7d1558fcdecbc CLSA-2022:1657816156 TuxCare License Agreement 0 - CVE-2022-2182: when on line zero check the column is valid for line one - CVE-2022-2183: avoid going over the NUL at the end of the line - CVE-2022-2207: check the cursor column is more than zero - CVE-2022-2210: use zero offset when change removes all lines in a diff block. Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2182: when on line zero check the column is valid for line one - CVE-2022-2183: avoid going over the NUL at the end of the line - CVE-2022-2207: check the cursor column is more than zero - CVE-2022-2210: use zero offset when change removes all lines in a diff block.

0 cloudlinux-x86_64-server-6 vim-filesystem-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm 532f2cc178da7ce323ebc6c87faff2a0d6340d45 vim-X11-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm 5953b8b537e980026e611933f4989e2f909c7f16 vim-common-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm de04cef47264d787abbe45a98b43089c9c4cf923 vim-enhanced-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm 6b55eb3c77138bf51f36bfbc7bb3896336c58f26 vim-minimal-7.4.629-5.2.el6.tuxcare.els21.x86_64.rpm 48567a3598f1a4cd21750864b732924e3fd269bf CLSA-2022:1657816312 TuxCare License Agreement 0 - CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent command injection - CVE-2022-2068: c_rehash: Fix file operations to prevent command injection Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-1292: c_rehash: Do not use shell to invoke openssl to prevent command injection - CVE-2022-2068: c_rehash: Fix file operations to prevent command injection

0 cloudlinux-x86_64-server-6 openssl-perl-1.0.1e-63.el6.tuxcare.els7.x86_64.rpm dd836313d1ee36d8a9ad5d9778504489be6fba5f openssl-devel-1.0.1e-63.el6.tuxcare.els7.x86_64.rpm a4b962dd575e8877de1984eb4d3185732e9cb511 openssl-static-1.0.1e-63.el6.tuxcare.els7.x86_64.rpm 14358d3d3229d11e31d4625ef7eca7743a0e0c03 openssl-1.0.1e-63.el6.tuxcare.els7.x86_64.rpm 3369f47688b224ec785f2dc1e57d674d2ad3eb2c openssl-devel-1.0.1e-63.el6.tuxcare.els7.i686.rpm e72be4e4f75b6e1641014b9a65d6a415470aacde openssl-1.0.1e-63.el6.tuxcare.els7.i686.rpm d2bc19d12345dd83a72b77b19365359bdfa109d9 CLSA-2022:1658171690 TuxCare License Agreement 0 - CVE-2016-10012: re-remove pre-authentication compression and potentially unsecure shared memory manager used by zlib - Move not yet valid timestamps for certs to 2030-2040 range, make sure all tests are passed and add %check unset DISPLAY section Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2016-10012: re-remove pre-authentication compression and potentially unsecure shared memory manager used by zlib - Move not yet valid timestamps for certs to 2030-2040 range, make sure all tests are passed and add %check unset DISPLAY section

0 cloudlinux-x86_64-server-6 openssh-5.3p1-125.el6.tuxcare.els3.x86_64.rpm 789d6b0ee486af92069073b0232ec6941d4fd31e openssh-clients-5.3p1-125.el6.tuxcare.els3.x86_64.rpm 3f16484a0fc30d48173c0715d0c65b21ff09cb5e pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els3.i686.rpm 51457b235b8eedcb4409bd5f44cc13832027f035 openssh-server-5.3p1-125.el6.tuxcare.els3.x86_64.rpm 0b570355ccf5456028649877d31b346591b34724 pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els3.x86_64.rpm 82bc94886988b5df3408f16c6abd3b67106d2cca openssh-askpass-5.3p1-125.el6.tuxcare.els3.x86_64.rpm caa3dda9b11a11325aa2ca6d6ab2fffc280e74f6 openssh-ldap-5.3p1-125.el6.tuxcare.els3.x86_64.rpm f9c03328a1977bcb64eec9323051d0d91cda6dc5 CLSA-2022:1658171795 TuxCare License Agreement 0 - CVE-2022-31625: fix free of uninitialized memory leading to RCE Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-31625: fix free of uninitialized memory leading to RCE

0 cloudlinux-x86_64-server-6 php-dba-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 807d397d0cd6d00b248ced96fccd77cb9f0b134e php-zts-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 558b8ab61650c205a5c60a6b897917b60b5cd4fc php-enchant-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 5119bddf233c635be45b8c9742d0883e7e9c969f php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm b79c64477d1db649ef2df456872c0cbf5a9ee003 php-imap-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm d3f87e8a630ddf8b7a7191e682f60ab63a302ae9 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm a6392398ba01ea3ef9f7bc108c363986ba88e73d php-fpm-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 5836535dd1c2331fe7dbfdd153f85b35cac7fb48 php-soap-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm bc15eafded2c82a20450187dbfdba6fb75975fd5 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 083d21cf2c09a3559fe7637287461c3e9860867b php-pdo-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm cfb93d9fcbf75ac8dc4898bba3510bd9b429ba3b php-ldap-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm e1977252ca7a6feaa5b5dbbb9fb7e86ee3e597a8 php-process-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 669983cd782dc787adaaa854e18d0181abb5f743 php-intl-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm f97bf8ad1b4f73018d411d99636cd06f7e2820bd php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 2628d63a835f03870a7d3d31ad2df9bccfcb9f6b php-common-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm f55bf9c85c1ead930686125f4d156145c2ec7d13 php-mysql-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm d808ba623b420de60223010765accc1135ef64fe php-xml-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 4d117d7ef42ce7ddbc7845a63f081ac54dff1fc5 php-gd-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm ab63236cecb34671bf9727e9564773326ce99ca1 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 9d0f132cb2a336035026e5a6ea505aca55c36b47 php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 1cc88f12c79177be89b54560e722113d114f7bd0 php-cli-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm db68015f0192185c16dc3ae9a4788cf049586a09 php-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm d6ec87070ab764643b566d2c82609fc65a3d58c7 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm eead1c1eb7a0e5e44d57acda04cd55c5a7c7e6c8 php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 34c707eae18d210bed4dbe73140be2ecd8923a65 php-devel-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm ab1e1bca58610b4413e48bc61753141fdb196638 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 6db289b8db5b9ccd9b909e774e8ea4a954e49386 php-recode-5.3.3-50.el6_10.tuxcare.ol.els2.x86_64.rpm 1d9def0e0e1b9bfd76e1ecd3c3cfd5b6c6864279 CLSA-2022:1658171898 TuxCare License Agreement 0 - CVE-2022-2206: adjust cmdline_row and msg_row to the value of Rows - CVE-2022-2284: stop visual mode when closing a window - CVE-2022-2285: put a NUL after the typeahead - CVE-2022-2286: check the length of the string - CVE-2022-2287: disallow adding a word with control characters or a trailing slash - CVE-2022-2264: adjust the end mark position - CVE-2022-2257: check for NUL on string special values parsing Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2206: adjust cmdline_row and msg_row to the value of Rows - CVE-2022-2284: stop visual mode when closing a window - CVE-2022-2285: put a NUL after the typeahead - CVE-2022-2286: check the length of the string - CVE-2022-2287: disallow adding a word with control characters or a trailing slash - CVE-2022-2264: adjust the end mark position - CVE-2022-2257: check for NUL on string special values parsing

0 cloudlinux-x86_64-server-6 vim-filesystem-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm 5ee475fe8db1623dba86ffbe44788005462ceb08 vim-enhanced-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm 98c09a3d066c51bf485744c48b2d56b7412159da vim-minimal-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm ebfee3831fd350a7a89d55b62873e79d4ca1810e vim-common-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm cfce263115cab72eaa8d57d9e2a90f7472922eaa vim-X11-7.4.629-5.2.el6.tuxcare.els22.x86_64.rpm 6ffc0866c0063dfe48aa78a10ad751a6353ea716 CLSA-2022:1658346878 TuxCare License Agreement 0 - CVE-2015-20170: mailcap: findmatch() function does not sanitise the second argument allowing to inject shell commands Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2015-20170: mailcap: findmatch() function does not sanitise the second argument allowing to inject shell commands

0 cloudlinux-x86_64-server-6 python-2.6.6-70.el6.tuxcare.els7.x86_64.rpm 56654f2927addef95910e03a3e1596166fdb488d python-test-2.6.6-70.el6.tuxcare.els7.x86_64.rpm 0c2977fdcc48aa362bc720bb62a0c10a2bebcc6c python-devel-2.6.6-70.el6.tuxcare.els7.x86_64.rpm 0db2491d08921ba3b052b74328db626ab62513e9 python-2.6.6-70.el6.tuxcare.els7.i686.rpm 447006655adc3fc1eeead71400ce4a0250ce67fa tkinter-2.6.6-70.el6.tuxcare.els7.x86_64.rpm 629cbe49ed3e83377b5bdb8b77fb083c07460fab python-libs-2.6.6-70.el6.tuxcare.els7.i686.rpm 47085df115d8fe7c861cd6fce0489ab68b49be7d python-devel-2.6.6-70.el6.tuxcare.els7.i686.rpm 97fc8327095d5174f90a9b248986072954875100 python-tools-2.6.6-70.el6.tuxcare.els7.x86_64.rpm b9085f4d1704b0665ba5c3c0734a5d1ad63b0cb4 python-libs-2.6.6-70.el6.tuxcare.els7.x86_64.rpm c3f99e19130432126ed0836d45003d6b12f59d29 CLSA-2022:1658854080 TuxCare License Agreement 0 - CVE-2022-2289: bail out when diff pointer is no longer valid to avoid accessing freed memory with diff put - CVE-2022-2304: limit the word length to avoid out of bound accesing Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2289: bail out when diff pointer is no longer valid to avoid accessing freed memory with diff put - CVE-2022-2304: limit the word length to avoid out of bound accesing

0 cloudlinux-x86_64-server-6 vim-common-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm a84eb1bca3789faac5cbf3b5e2ee174984941aaa vim-filesystem-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm 2695dde4c86ec96cef1ef8ed84c1422bce895288 vim-minimal-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm af7dc1c29b401f3956021715bd5ff4527d950ecb vim-enhanced-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm c01bb4a4585fa40b650b54ec807c4badb31672cc vim-X11-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm b363d476d06f13ee1a373510047261be72b5a8bd CLSA-2022:1659636917 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic() - Update tzdata requirement to 2022a to match JDK-8283350 - Remove patch for MakeBase.gmk cause issue was fixed in sources - Correct parameters passing to CheckVendor test Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u342-b07. That fixes following CVEs: - CVE-2022-34169: Integer truncation issue in Xalan-J - CVE-2022-21540: Class compilation issue - CVE-2022-21541: Improper restriction of MethodHandle.invokeBasic() - Update tzdata requirement to 2022a to match JDK-8283350 - Remove patch for MakeBase.gmk cause issue was fixed in sources - Correct parameters passing to CheckVendor test

0 cloudlinux-x86_64-server-6 java-1.8.0-openjdk-devel-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm 6b5317ca6a92adb5195a9de4bce9658cc7c0eea0 java-1.8.0-openjdk-demo-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm 751183b2c6ac6dc3acf151a80ca2c7e2c0cc8cf4 java-1.8.0-openjdk-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm 88f543bd6be1efa26baf7a8b080accc8997da32b java-1.8.0-openjdk-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm 9e5f15fca0fa6338dd31a1b35e5c3621b101ff09 java-1.8.0-openjdk-headless-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm f36bbedde477f1d5bbf88edc67639343fdd8209c java-1.8.0-openjdk-src-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm 483d04c2094056eeae6ecf6c66f658f3fba8a8d8 java-1.8.0-openjdk-headless-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm 99ce65f59d30993d6610d4d73bdf0928d438c3ee java-1.8.0-openjdk-javadoc-1.8.0.342.b07-1.el6.tuxcare.els1.noarch.rpm 2e96d5e616e93a46659561195a4a78f73f4ce296 java-1.8.0-openjdk-devel-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm ad91f33399d6c0176024ae85d7858e1fe0bcb33e java-1.8.0-openjdk-javadoc-debug-1.8.0.342.b07-1.el6.tuxcare.els1.noarch.rpm d598e670cd69b49c1b764a58665c00f032df16b3 java-1.8.0-openjdk-src-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm 1807d3a6b614fa2b23fefe564f724fd7747254ae java-1.8.0-openjdk-demo-debug-1.8.0.342.b07-1.el6.tuxcare.els1.x86_64.rpm b1963cb3b37e6fbbd6fe70b40eafd4418634f332 CLSA-2022:1659637689 TuxCare License Agreement 0 - CVE-2021-21702: fix null pointer dereference in Soap Client Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-21702: fix null pointer dereference in Soap Client

0 cloudlinux-x86_64-server-6 php-xml-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 18caee2c943812bb00ca51c0dad3a997c0b4266e php-process-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm ae136c5d47be05cb46f0d31548e403ae78907982 php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 4a19a125f2133aff52d390760f07c64637144c36 php-soap-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm a9ba9dd16d8ecbd7958286c20c698cd3d161d2c6 php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 292adf96e1ff5c079c372e0066c697a06b812cf8 php-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm aaa1aeae666672bd3ba698f189da2245fec882a7 php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 04103f07388a25bb4ba2105d11b179ac80b88815 php-pdo-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 7f111561e6853b76cc82b35265004c4760e8c602 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 2783e5c779d84355e58f1ce0d80d7c7db954b4a2 php-imap-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm c97f3a7fdddfe9fea22ce1d9f97c37651ea702b4 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 140544718dea3f0cd6793afd2051bb0c5a645ebf php-ldap-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm ad036ae56074c1d11abd06e3240d5680b79bad7d php-pspell-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 452c8f14d321cf359fdef8dc363579304521b5f4 php-intl-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 3d500b5ffba9578a5dcfaff6fcc2eceac356d1e2 php-gd-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm f4bc12ceafb2614b127b9f06cc285b47904317e1 php-cli-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 418d2e7bb30572dfa5a7b8bfaa8d5abe0028bdbb php-fpm-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 8ba9d3c7342b1b1aee5cbd67a55f8387be800583 php-mysql-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm ec473cf46f8177a2463b3d8c9c478716b5f21216 php-recode-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 3b79b3b5157b70ef465724f418333186245129ec php-embedded-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm ad1351660d26c32ebf17ef416c143c94a70a4ba1 php-common-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 056faf6cc1a1390493cb5ba11988f6b44d7ee8c0 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm c45c7cd69c5472f760cf35bc8751733d6a906438 php-dba-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 361e168c475f9ee5bc4114b55e198626d6c54a8d php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 853b6589d298d2b55fc9e1aeb9ffc4bb01e28fcd php-snmp-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm 194487d48113058830220c082fa373bb1cfd1dd4 php-zts-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm c6af711bc1f08af45d3dbfa3bcefd3571f352bc8 php-devel-5.3.3-50.el6_10.tuxcare.ol.els3.x86_64.rpm e9d7a8e31149455c48844a2377736eca8ab21f2f CLSA-2022:1659637855 TuxCare License Agreement 0 - CVE-2022-2345: fix using freed memory with recursive substitute - CVE-2022-2344: fix reading past end of completion with duplicate match - CVE-2022-2343: fix reading past end of completion with a long line and 'infercase' set - CVE-2022-2522: fix accessing uninitialized memory when completing long line Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2345: fix using freed memory with recursive substitute - CVE-2022-2344: fix reading past end of completion with duplicate match - CVE-2022-2343: fix reading past end of completion with a long line and 'infercase' set - CVE-2022-2522: fix accessing uninitialized memory when completing long line

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm 4ee5ecaad39164a35fac1747686d5f26e97ab93f vim-minimal-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm 0e1c80df64450c811e826180d8530a83d393ef2a vim-filesystem-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm 59e28aad4cfe20ec1bda4b10ebb85cc70149464c vim-common-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm 8e3ea322cb6fd135e1d7adca829a7d35ee5dc681 vim-X11-7.4.629-5.2.el6.tuxcare.els24.x86_64.rpm 2b055bfcb72e6d01374c633471317f9df02c99c3 CLSA-2022:1660759162 TuxCare License Agreement 0 - CVE-2022-29154: fix arbitrary file write vulnerability via malicious rysnc server (MITM attack) - Add '%check unset DISPLAY ' section but disable broken 'daemon' and 'hardlinks' tests Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-29154: fix arbitrary file write vulnerability via malicious rysnc server (MITM attack) - Add '%check unset DISPLAY ' section but disable broken 'daemon' and 'hardlinks' tests

0 cloudlinux-x86_64-server-6 rsync-3.0.6-12.el6.tuxcare.els2.x86_64.rpm 3ce85c383b7447b76709847dfbafe7049a8bae4e CLSA-2022:1660759272 TuxCare License Agreement 0 - CVE-2022-37452: fix heap-based buffer overflow for the alias list in host_name_lookup() - CVE-2022-37451: fix invalid free in pam_converse() Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-37452: fix heap-based buffer overflow for the alias list in host_name_lookup() - CVE-2022-37451: fix invalid free in pam_converse()

0 cloudlinux-x86_64-server-6 exim-4.92.3-3.el6.tuxcare.els2.x86_64.rpm 956a47c7704e273434927b52372b00e3bffb0346 exim-mysql-4.92.3-3.el6.tuxcare.els2.x86_64.rpm 4e82763d24e8fc2396cd7218ab4ba0860c4e5151 exim-greylist-4.92.3-3.el6.tuxcare.els2.x86_64.rpm 206bc48a6c7910c49dfded913f483018cd033fd4 exim-mon-4.92.3-3.el6.tuxcare.els2.x86_64.rpm 00e839fc19404761f345caab39d30cf6de3e9fc1 exim-pgsql-4.92.3-3.el6.tuxcare.els2.x86_64.rpm 1fd326bd1492b36c292b95759123ee20b12fcdb4 CLSA-2022:1660759457 TuxCare License Agreement 0 - CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field with inflate() Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field with inflate()

0 cloudlinux-x86_64-server-6 zlib-1.2.3-29.el6.tuxcare.els2.i686.rpm f4720a3f0488830beaa6b3adf056859b06f7dc67 minizip-devel-1.2.3-29.el6.tuxcare.els2.i686.rpm 57bf74c84a2ac4088ac2173d66ed9fba47f86b10 zlib-devel-1.2.3-29.el6.tuxcare.els2.x86_64.rpm bcff7ccbd23a50895476fba0ea5aae2a910be95b zlib-devel-1.2.3-29.el6.tuxcare.els2.i686.rpm 4064f3ebe05ef1ee5739146ae8c2ea8336e0030f zlib-static-1.2.3-29.el6.tuxcare.els2.x86_64.rpm 1ddf2706b30364a7319441c92c316e60a72089cc minizip-1.2.3-29.el6.tuxcare.els2.x86_64.rpm ca75f36ac441ac12ba2722b43f7d30eed6108218 zlib-1.2.3-29.el6.tuxcare.els2.x86_64.rpm fda5e61d4e3f3eb0b9c63bce8400d8e13a9e946e minizip-1.2.3-29.el6.tuxcare.els2.i686.rpm 1ab5da2f3afb6fb2eca4583a0d5f2c724c610433 minizip-devel-1.2.3-29.el6.tuxcare.els2.x86_64.rpm 58835dacaaa6083f50f27cccb5f1f7e3b4276738 CLSA-2022:1660759632 TuxCare License Agreement 0 - CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames() - CVE-2022-22822: Fix integer overflow in addBinding() - CVE-2022-22823: Fix integer overflow in build_model() - CVE-2022-22824: Fix integer overflow in defineAttribute() - CVE-2022-22825: Fix integer overflow in lookup() - CVE-2022-22826: Fix integer overflow in nextScaffoldPart() - CVE-2022-22827: Fix integer overflow in storeAtts() - CVE-2022-23852: Fix integer overflow in XML_GetBuffer() - CVE-2021-46143: Fix integer overflow on m_groupSize in doProlog() - CVE-2021-45960: Fix troublesome left shifts in storeAtts() - CVE-2022-23990: Fix integer overflow in doProlog() Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames() - CVE-2022-22822: Fix integer overflow in addBinding() - CVE-2022-22823: Fix integer overflow in build_model() - CVE-2022-22824: Fix integer overflow in defineAttribute() - CVE-2022-22825: Fix integer overflow in lookup() - CVE-2022-22826: Fix integer overflow in nextScaffoldPart() - CVE-2022-22827: Fix integer overflow in storeAtts() - CVE-2022-23852: Fix integer overflow in XML_GetBuffer() - CVE-2021-46143: Fix integer overflow on m_groupSize in doProlog() - CVE-2021-45960: Fix troublesome left shifts in storeAtts() - CVE-2022-23990: Fix integer overflow in doProlog()

0 cloudlinux-x86_64-server-6 expat-devel-2.0.1-13.el6_8.tuxcare.els1.x86_64.rpm 02c92a67031790b94ffe1c87f68c24141b3bc948 expat-2.0.1-13.el6_8.tuxcare.els1.x86_64.rpm 9cdefb9fe388783ea99f8cf05f8e1b3e11a4b8c9 expat-2.0.1-13.el6_8.tuxcare.els1.i686.rpm 3a282d0b6febb6eb7d8167c529fced61716ad8d8 expat-devel-2.0.1-13.el6_8.tuxcare.els1.i686.rpm b612b76f4d644660bcfe7c215d4dd62b4b6c52c3 CLSA-2022:1661173656 TuxCare License Agreement 0 - Bump to 2.6.28 and OpenJDK 7u351-b01. - Security fixes in 7u351: - CVE-2022-21540: Improve class compilation (JDK-8281859) - CVE-2022-21541: Enhance MethodHandle invocations (JDK-8281866) - CVE-2022-34169: Improve Xalan supports (JDK-8285407) - Security fixes in 7u341: - CVE-2022-21426: Better XPath expression handling (JDK-8270504) - CVE-2022-21434: Better invocation handler handling (JDK-8277672) - CVE-2022-21443: Improved Object Identification (JDK-8275151) - CVE-2022-21476: Improve Santuario processing (JDK-8278008) - CVE-2022-21496: Improve URL supports (JDK-8278972) - Security fixes in 7u331: - CVE-2022-21248: Enhance cross VM serialization (JDK-8264934) - CVE-2022-21282: Better resolution of URIs (JDK-8270492) - CVE-2022-21283: Better String matching (JDK-8268813) - CVE-2022-21293: Improve String constructions (JDK-8270392) - CVE-2022-21294: Enhance construction of Identity maps (JDK-8270416) - CVE-2022-21296: Improve SAX Parser configuration management (JDK-8270498) - CVE-2022-21299: Improved scanning of XML entities (JDK-8270646) - CVE-2022-21305: Better array indexing (JDK-8272014) - CVE-2022-21340: Verify Jar Verification (JDK-8272026) - CVE-2022-21341: Improve serial forms for transport (JDK-8272236) - CVE-2022-21349: Improve Solaris font rendering (JDK-8273748) - CVE-2022-21360: Enhance BMP image support (JDK-8273756) - CVE-2022-21365: Enhanced BMP processing (JDK-8273838) - Security fixes in 7u321: - CVE-2021-35550: Update the default enabled cipher suites preference (JDK-8163326) - CVE-2021-35556: Richer Text Editors (JDK-8265167) - CVE-2021-35559: Enhanced style for RTF kit (JDK-8265580) - CVE-2021-35561: Better hashing support (JDK-8266097) - CVE-2021-35564: Improve Keystore integrity (JDK-8266137) - CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close (JDK-8254967) - CVE-2021-35586: Better BMP support (JDK-8267735) - CVE-2021-35588: InnerClasses: VM permits wrong Throw ClassFormatError if InnerClasses attribute's inner_class_info_index is 0 (JDK-8130183) - CVE-2021-35603: Better session identification (JDK-8269618) - Security fixes in 7u311: - CVE-2021-2341: Improve file transfers (JDK-8258432) - CVE-2021-2369: Better jar file validation (JDK-8260967) - CVE-2021-2432: Provide better LDAP provider support (JDK-8267412) - Security fixes in 7u301: - CVE-2021-2161: Less ambiguous processing (JDK-8250568) - CVE-2021-2163: Enhance opening JARs (JDK-8249906) - Security fixes in 7u281: - CVE-2020-14779: Enhance support of Proxy class (JDK-8236862) - CVE-2020-14781: Enhanced LDAP contexts (JDK-8237990) - CVE-2020-14782: Enhance certificate processing (JDK-8237995) - CVE-2020-14792: Better range handling (JDK-8241114) - CVE-2020-14796: Improved URI Support (JDK-8242680) - CVE-2020-14797: Better Path Validation (JDK-8242685) - CVE-2020-14798: Enhanced buffer support (JDK-8242695) - CVE-2020-14803: Improved Buffer supports (JDK-8244136) - Security fixes in 7u271: - CVE-2020-14577: Enhance certificate verification (JDK-8237592) - CVE-2020-14578: NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString() (JDK-8028591) - CVE-2020-14579: NullPointerException in DerValue.equals(DerValue) (JDK-8028431) - CVE-2020-14581: Better matrix operations (JDK-8238002) - CVE-2020-14583: Better Buffer support (JDK-8238920) - CVE-2020-14593: Less Affine Transformations (JDK-8240119) - CVE-2020-14621: Better XML namespace handling (JDK-8242136) - Update tzdata requirement to 2022a to match JDK-8283350 - Update NEWS from IcedTea - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after bump OpenJDK version Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Bump to 2.6.28 and OpenJDK 7u351-b01. - Security fixes in 7u351: - CVE-2022-21540: Improve class compilation (JDK-8281859) - CVE-2022-21541: Enhance MethodHandle invocations (JDK-8281866) - CVE-2022-34169: Improve Xalan supports (JDK-8285407) - Security fixes in 7u341: - CVE-2022-21426: Better XPath expression handling (JDK-8270504) - CVE-2022-21434: Better invocation handler handling (JDK-8277672) - CVE-2022-21443: Improved Object Identification (JDK-8275151) - CVE-2022-21476: Improve Santuario processing (JDK-8278008) - CVE-2022-21496: Improve URL supports (JDK-8278972) - Security fixes in 7u331: - CVE-2022-21248: Enhance cross VM serialization (JDK-8264934) - CVE-2022-21282: Better resolution of URIs (JDK-8270492) - CVE-2022-21283: Better String matching (JDK-8268813) - CVE-2022-21293: Improve String constructions (JDK-8270392) - CVE-2022-21294: Enhance construction of Identity maps (JDK-8270416) - CVE-2022-21296: Improve SAX Parser configuration management (JDK-8270498) - CVE-2022-21299: Improved scanning of XML entities (JDK-8270646) - CVE-2022-21305: Better array indexing (JDK-8272014) - CVE-2022-21340: Verify Jar Verification (JDK-8272026) - CVE-2022-21341: Improve serial forms for transport (JDK-8272236) - CVE-2022-21349: Improve Solaris font rendering (JDK-8273748) - CVE-2022-21360: Enhance BMP image support (JDK-8273756) - CVE-2022-21365: Enhanced BMP processing (JDK-8273838) - Security fixes in 7u321: - CVE-2021-35550: Update the default enabled cipher suites preference (JDK-8163326) - CVE-2021-35556: Richer Text Editors (JDK-8265167) - CVE-2021-35559: Enhanced style for RTF kit (JDK-8265580) - CVE-2021-35561: Better hashing support (JDK-8266097) - CVE-2021-35564: Improve Keystore integrity (JDK-8266137) - CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close (JDK-8254967) - CVE-2021-35586: Better BMP support (JDK-8267735) - CVE-2021-35588: InnerClasses: VM permits wrong Throw ClassFormatError if InnerClasses attribute's inner_class_info_index is 0 (JDK-8130183) - CVE-2021-35603: Better session identification (JDK-8269618) - Security fixes in 7u311: - CVE-2021-2341: Improve file transfers (JDK-8258432) - CVE-2021-2369: Better jar file validation (JDK-8260967) - CVE-2021-2432: Provide better LDAP provider support (JDK-8267412) - Security fixes in 7u301: - CVE-2021-2161: Less ambiguous processing (JDK-8250568) - CVE-2021-2163: Enhance opening JARs (JDK-8249906) - Security fixes in 7u281: - CVE-2020-14779: Enhance support of Proxy class (JDK-8236862) - CVE-2020-14781: Enhanced LDAP contexts (JDK-8237990) - CVE-2020-14782: Enhance certificate processing (JDK-8237995) - CVE-2020-14792: Better range handling (JDK-8241114) - CVE-2020-14796: Improved URI Support (JDK-8242680) - CVE-2020-14797: Better Path Validation (JDK-8242685) - CVE-2020-14798: Enhanced buffer support (JDK-8242695) - CVE-2020-14803: Improved Buffer supports (JDK-8244136) - Security fixes in 7u271: - CVE-2020-14577: Enhance certificate verification (JDK-8237592) - CVE-2020-14578: NegativeArraySizeException in sun.security.util.DerInputStream.getUnalignedBitString() (JDK-8028591) - CVE-2020-14579: NullPointerException in DerValue.equals(DerValue) (JDK-8028431) - CVE-2020-14581: Better matrix operations (JDK-8238002) - CVE-2020-14583: Better Buffer support (JDK-8238920) - CVE-2020-14593: Less Affine Transformations (JDK-8240119) - CVE-2020-14621: Better XML namespace handling (JDK-8242136) - Update tzdata requirement to 2022a to match JDK-8283350 - Update NEWS from IcedTea - Adjust jdk8076221-pr2809-disable_rc4_cipher_suites.patch to apply after bump OpenJDK version

0 cloudlinux-x86_64-server-6 java-1.7.0-openjdk-devel-1.7.0.351-2.6.28.0.el6.tuxcare.els1.x86_64.rpm d64fa3ca6815f4b2f36923f30d36e2740c010891 java-1.7.0-openjdk-src-1.7.0.351-2.6.28.0.el6.tuxcare.els1.x86_64.rpm 1d7ec87842ffd2d4ab70697974cae357b09c691a java-1.7.0-openjdk-demo-1.7.0.351-2.6.28.0.el6.tuxcare.els1.x86_64.rpm 2b35523b1cc12ed6f5566f4a2b693a731fb9bc8b java-1.7.0-openjdk-1.7.0.351-2.6.28.0.el6.tuxcare.els1.x86_64.rpm 77a2a3f900b9cf4d9116c7638e4782e3b4e0c9f7 java-1.7.0-openjdk-javadoc-1.7.0.351-2.6.28.0.el6.tuxcare.els1.noarch.rpm a1847bb2c3878e235589798fadf238f00928248c CLSA-2022:1661174726 TuxCare License Agreement 0 - CVE-2022-2581: fix illegal memory access when pattern starts with illegal byte Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2581: fix illegal memory access when pattern starts with illegal byte

0 cloudlinux-x86_64-server-6 vim-X11-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm c6385f44a617f4fadc53026af5b38e553a5caca6 vim-minimal-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm 33d2ecc6bb9f2f8e4bbaf5ade416674622742a31 vim-enhanced-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm d7be4b6104b13aa32b1462893177e3e0e8c5e441 vim-common-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm cc2a05b349fe6da24763851520d24446c7717531 vim-filesystem-7.4.629-5.2.el6.tuxcare.els25.x86_64.rpm 185fff53e31248d57d0af2e7931710ae2053e48d CLSA-2022:1661441989 TuxCare License Agreement 0 - CVE-2022-2849: fix invalid memory access with for loop over NULL string - CVE-2022-2845: fix reading before the start of the line Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2849: fix invalid memory access with for loop over NULL string - CVE-2022-2845: fix reading before the start of the line

0 cloudlinux-x86_64-server-6 vim-X11-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm defab0a6f010c676ef39ef61d733d0c46f7aee42 vim-minimal-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm fd00be2299ac5a53a853a66c6273c4908231f815 vim-filesystem-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm 9311b295f65e48695662bc3735935f459e68b690 vim-enhanced-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm d32d0e651231a2acbf6e1d8cf5e8f3bad2b8a700 vim-common-7.4.629-5.2.el6.tuxcare.els26.x86_64.rpm 34db21893d8cd87355396d082bc4015a2e3c8503 CLSA-2022:1661442133 TuxCare License Agreement 0 - CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field with inflate() Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field with inflate()

0 cloudlinux-x86_64-server-6 rsync-3.0.6-12.el6.tuxcare.els3.x86_64.rpm 337d6991b5034dee7cb03183740f1de05cec787e CLSA-2022:1662658181 TuxCare License Agreement 0 - CVE-2022-29154: fix arbitrary file write vulnerability via malicious rsync server (MITM attack), refactoring - fix test-system components, enable 'daemon' and 'hardlinks' tests Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-29154: fix arbitrary file write vulnerability via malicious rsync server (MITM attack), refactoring - fix test-system components, enable 'daemon' and 'hardlinks' tests

0 cloudlinux-x86_64-server-6 rsync-3.0.6-12.el6.tuxcare.els4.x86_64.rpm ed8c9c230dee9d852d1f2849adc803d3ecc45ea2 CLSA-2022:1663184687 TuxCare License Agreement 0 - CVE-2022-28614: fix out-of-bounds read via ap_rwrite() Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-28614: fix out-of-bounds read via ap_rwrite()

0 cloudlinux-x86_64-server-6 httpd-2.2.15-72.el6.tuxcare.els6.x86_64.rpm 89573a0a8f1a81efba70deb2e08f2905a4c558d4 mod_ssl-2.2.15-72.el6.tuxcare.els6.x86_64.rpm 7efd485d71993322986c38356e239c66bec5593c httpd-tools-2.2.15-72.el6.tuxcare.els6.x86_64.rpm ce10ed6e23359e29046552207b21f90ab4e37709 httpd-devel-2.2.15-72.el6.tuxcare.els6.i686.rpm be3111f22c05b1273d4c190a28297106c9b2ef93 httpd-devel-2.2.15-72.el6.tuxcare.els6.x86_64.rpm b6b954bb5d3525ed70c341d83147ad0be1cdfb47 httpd-manual-2.2.15-72.el6.tuxcare.els6.noarch.rpm 8e56fba8bb13fd22ce524a26278be142d4cb4ca3 CLSA-2022:1663592078 TuxCare License Agreement 0 - CVE-2022-28614: fix out-of-bounds read via ap_rwrite(), refactoring Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-28614: fix out-of-bounds read via ap_rwrite(), refactoring

0 cloudlinux-x86_64-server-6 httpd-manual-2.2.15-72.el6.tuxcare.els7.noarch.rpm 169f85f9dbad6feb4c9b2f8088a48ff75512a821 httpd-tools-2.2.15-72.el6.tuxcare.els7.x86_64.rpm e4e7e73223c0470852bb429decaa04aa2039eb15 httpd-devel-2.2.15-72.el6.tuxcare.els7.x86_64.rpm 758f6ee115bb54f1644f37da5d24e45394ead405 httpd-devel-2.2.15-72.el6.tuxcare.els7.i686.rpm e6201c30b35e27315e9fb2394d4c3204b375a26a httpd-2.2.15-72.el6.tuxcare.els7.x86_64.rpm d79ab1d65a24148ad3f90e44bfa0ab4a32234770 mod_ssl-2.2.15-72.el6.tuxcare.els7.x86_64.rpm 4df54b6a6fa683993220c714303c973fef32508e CLSA-2022:1664192692 TuxCare License Agreement 0 - CVE-2022-40674: Ensure raw tagnames are safe exiting internalEntityParser - fix tests leak - fix xmlparse leak Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-40674: Ensure raw tagnames are safe exiting internalEntityParser - fix tests leak - fix xmlparse leak

0 cloudlinux-x86_64-server-6 expat-devel-2.0.1-13.el6_8.tuxcare.els2.i686.rpm 4b6024090d9222e364f9aff388e2f3179e5df35e expat-devel-2.0.1-13.el6_8.tuxcare.els2.x86_64.rpm 4ea5bcebda1ecea64a2728f6dd6d803169cdb023 expat-2.0.1-13.el6_8.tuxcare.els2.i686.rpm b90e4af74118eb4a54b61d3b351020dc28a94d98 expat-2.0.1-13.el6_8.tuxcare.els2.x86_64.rpm a38f1bb7128eb58431ce7b9e282f7b09aabdc425 CLSA-2022:1664475636 TuxCare License Agreement 0 - CVE-2022-3256: copy the mark before editing another buffer Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-3256: copy the mark before editing another buffer

0 cloudlinux-x86_64-server-6 vim-filesystem-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm ac04f417491297ba138ea6d0a856b6e14539f1b2 vim-X11-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm 72f94a6336080f914fe1cd882cb5e2466ffa811a vim-enhanced-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm 33c828d04181349794282efbfb9e9af48898b60f vim-common-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm 9912a62134b34fdd256b20bb2eabf6c5b9be17a6 vim-minimal-7.4.629-5.2.el6.tuxcare.els30.x86_64.rpm 7bf201e083e9f76b7353484c75ac40a2843168a8 CLSA-2022:1664475836 TuxCare License Agreement 0 - CVE-2022-2795: fix possible resolver performance degradation when processing large delegations Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2795: fix possible resolver performance degradation when processing large delegations

0 cloudlinux-x86_64-server-6 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els6.i686.rpm 45619a4a954fbcda172fa380cc3ced75555be765 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm be0af86b0a74f2e26bd894817e063946e6bbd591 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els6.i686.rpm c2e593681253137442492e8460256bf5a76fb641 bind-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm aa7bb40b6fb53986b8f7bdaf54b3c6b01747b151 bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm 1ede3ed7a328913ba16d0ddc1e6d498077bd1905 bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm c90da676328530e20fd4287e22b90818916fdc5a bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm b7c6b1e47445e076635b989abf07ffe68d41a355 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els6.x86_64.rpm c5eee8ef8c02a7cacbeef02d70035293bf4f1a32 CLSA-2022:1665428326 TuxCare License Agreement 0 - CVE-2020-13435: add a code that tries to prevent a recurrence of problems - CVE-2020-35525: a potential null pointer dereference was fixed Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-13435: add a code that tries to prevent a recurrence of problems - CVE-2020-35525: a potential null pointer dereference was fixed

0 cloudlinux-x86_64-server-6 sqlite-doc-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm 2b7893212f88b2fe93a63647d24f2c645939c7c6 sqlite-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm 443d97d68d52ab280ec07af900f3bd0677ec0d86 sqlite-tcl-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm f63365ba3cb527cd6fcba5744fbe3c27ef39e34a lemon-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm 7eebd030c0d6265bf2fdba3b78159779f54e8e67 sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els1.i686.rpm 6d8e84b7651e2bab64daabecb6b3ac0de521f3c5 sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els1.x86_64.rpm 2ec868809b7f65f344c7008eb8065cbfe628e2e8 sqlite-3.6.20-1.el6_7.2.tuxcare.els1.i686.rpm fdbc618fb4522003ae821d4533f8b55364846446 CLSA-2022:1665501668 TuxCare License Agreement 0 - CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication

0 cloudlinux-x86_64-server-6 squid34-3.4.14-16.el6.tuxcare.els2.x86_64.rpm 26ae0278ac0bfe298713bfd9f4c93177b58ba2a1 CLSA-2022:1665501958 TuxCare License Agreement 0 - CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication

0 cloudlinux-x86_64-server-6 squid-3.1.23-30.el6.tuxcare.els7.x86_64.rpm cdf0d7141a51f4cbdf8fcf961c455b3abc9480f8 CLSA-2022:1665680763 TuxCare License Agreement 0 - CVE-2022-3296: check CSF_TRY can be found - CVE-2022-3324: make sure the window width does not become negative Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-3296: check CSF_TRY can be found - CVE-2022-3324: make sure the window width does not become negative

0 cloudlinux-x86_64-server-6 vim-enhanced-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm b718f9d4a26f865fc9ecf0df03fb473177a9c7f5 vim-common-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm 9cc207211b79ab8268007150377f60b6711291c9 vim-minimal-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm 140f113a62573ea20e79ff785b7f4362cec32963 vim-X11-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm aa0da8125a25fcfeb81a7cdc3907d8a17d8094c0 vim-filesystem-7.4.629-5.2.el6.tuxcare.els31.x86_64.rpm 7f09919d71c2ea93d42d88d467dcc117ec742773 CLSA-2022:1667412057 TuxCare License Agreement 0 - CVE-2022-43680: Fix overeager DTD destruction Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-43680: Fix overeager DTD destruction

0 tuxcare-oraclelinux6-els expat-2.0.1-13.el6_8.tuxcare.els3.i686.rpm 76c58af1e2f84431e1e4521d49dbf028bae19fd6 expat-2.0.1-13.el6_8.tuxcare.els3.x86_64.rpm ecdc5c9493a60492ba52dfac06fdf032245eed42 expat-devel-2.0.1-13.el6_8.tuxcare.els3.i686.rpm 61e7dcf59bcd52e074951ee80892131413873fec expat-devel-2.0.1-13.el6_8.tuxcare.els3.x86_64.rpm b1b1325f140e41182904d2df75bda6bb6504bff8 CLSA-2022:1668032518 TuxCare License Agreement 0 - CVE-2020-16156: recognize CANNOT_VERIFY signature verification type Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-16156: recognize CANNOT_VERIFY signature verification type

0 tuxcare-oraclelinux6-els perl-5.10.1-146.el6.tuxcare.els4.x86_64.rpm ccd7ffb3e07b49b11bdb7e035f4c81f17a7780ca perl-Archive-Extract-0.38-146.el6.tuxcare.els4.x86_64.rpm 32e312ce98d4968fa87af55bd365e0c40438c782 perl-Archive-Tar-1.58-146.el6.tuxcare.els4.x86_64.rpm 2d6b1022f5f664dc861514cb737fd68de6596b47 perl-CGI-3.51-146.el6.tuxcare.els4.x86_64.rpm eba775ec1d74cc979970e07daf57557b2dfdd4f1 perl-CPAN-1.9402-146.el6.tuxcare.els4.x86_64.rpm 0e6670c73e19d0bf61b90f4fa41c593a8bc6d41a perl-CPANPLUS-0.88-146.el6.tuxcare.els4.x86_64.rpm 83bd8c4797f8ec43885a14df93a7edf34be81626 perl-Compress-Raw-Bzip2-2.021-146.el6.tuxcare.els4.x86_64.rpm 54ab4204662559c1702ea482a7e6f7779a62f625 perl-Compress-Raw-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm c44509889857937841bb446d19bd20562be3be9d perl-Compress-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm 5222af0d645000260e56555f63ca8cc6cbe1709d perl-Digest-SHA-5.47-146.el6.tuxcare.els4.x86_64.rpm bab49c06879192cb9c43c8a145ed39c3807b55ea perl-ExtUtils-CBuilder-0.27-146.el6.tuxcare.els4.x86_64.rpm 33fdf3ddf733e17d783da4b2e7ee0a253134e3ab perl-ExtUtils-Embed-1.28-146.el6.tuxcare.els4.x86_64.rpm a71f74145eaf8268d501580bf232ab0a07025f78 perl-ExtUtils-MakeMaker-6.55-146.el6.tuxcare.els4.x86_64.rpm 9cbb5504629a5937ecb1b7acf0efae2ad56de135 perl-ExtUtils-ParseXS-2.2003.0-146.el6.tuxcare.els4.x86_64.rpm b9ffa2352d830d4371764bc032e9ad07931830c7 perl-File-Fetch-0.26-146.el6.tuxcare.els4.x86_64.rpm 359f47c0e64dc29b084ac0d1c6a07ee92fad20e2 perl-IO-Compress-Base-2.021-146.el6.tuxcare.els4.x86_64.rpm 1ed3a3b12d0879d2b9fd352b9b2e227b345060b6 perl-IO-Compress-Bzip2-2.021-146.el6.tuxcare.els4.x86_64.rpm 211f401174c64d8b13e02299282b65b246a60526 perl-IO-Compress-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm 840d0ab3ee27ad26a9ae227109724740be0182dc perl-IO-Zlib-1.09-146.el6.tuxcare.els4.x86_64.rpm e88c1ea5d614359b1eb09a9814c0b88ff3e1054f perl-IPC-Cmd-0.56-146.el6.tuxcare.els4.x86_64.rpm e788f76cdc7636997521eca8ddc4c21a447503c0 perl-Locale-Maketext-Simple-0.18-146.el6.tuxcare.els4.x86_64.rpm 97398bd5e575a9f9d764c48fbc37b884ec973325 perl-Log-Message-0.02-146.el6.tuxcare.els4.x86_64.rpm f43798e5eabce91532a700960646ff95e18a20da perl-Log-Message-Simple-0.04-146.el6.tuxcare.els4.x86_64.rpm d5cec64dd2d4fa538bd836a00d30b8a13820fd1f perl-Module-Build-0.3500-146.el6.tuxcare.els4.x86_64.rpm 6b855cbcb7ae962a1d353ed871b5ed26e7bd8eda perl-Module-CoreList-2.18-146.el6.tuxcare.els4.x86_64.rpm 20df45544e087febea0118722a0a04bb05c60a69 perl-Module-Load-0.16-146.el6.tuxcare.els4.x86_64.rpm 799c66ac1cae6b2e782835124c3d13cc1e5a8ff4 perl-Module-Load-Conditional-0.30-146.el6.tuxcare.els4.x86_64.rpm fc95d90105ad3498d7344d1b5b5361e98d9ec922 perl-Module-Loaded-0.02-146.el6.tuxcare.els4.x86_64.rpm c9c171d72304118e8e3ea9dd36005026e8e22435 perl-Module-Pluggable-3.90-146.el6.tuxcare.els4.x86_64.rpm e52c1f5db8f3a330f5572b383deb7adfcffe1509 perl-Object-Accessor-0.34-146.el6.tuxcare.els4.x86_64.rpm 13f3315f125aca4b74326e201cd0ee2db74b6909 perl-Package-Constants-0.02-146.el6.tuxcare.els4.x86_64.rpm de421d20feaad0f995c56dd5427302eec915df89 perl-Params-Check-0.26-146.el6.tuxcare.els4.x86_64.rpm 45a69b0b8dd36ebe47ede1d0090e2c951c747acc perl-Parse-CPAN-Meta-1.40-146.el6.tuxcare.els4.x86_64.rpm 28e28ef9ad6aee6c0f56ef8bbab25f00a454ce80 perl-Pod-Escapes-1.04-146.el6.tuxcare.els4.x86_64.rpm f21131ffb42b850f30a52ea20570059d59c65469 perl-Pod-Simple-3.13-146.el6.tuxcare.els4.x86_64.rpm e8d1b6349cf5c5ae06b09516973320bb6a030bb4 perl-Term-UI-0.20-146.el6.tuxcare.els4.x86_64.rpm b06505624a1adda089b0fcafa621a644aa328979 perl-Test-Harness-3.17-146.el6.tuxcare.els4.x86_64.rpm 623a5a1968b5d83e0a907e97e7f5fd7cf2f62ad3 perl-Test-Simple-0.92-146.el6.tuxcare.els4.x86_64.rpm 993ebea9b593057f056dbfa4cbefce165dba368a perl-Time-HiRes-1.9721-146.el6.tuxcare.els4.x86_64.rpm 68da9cf2eea78e20329d648a702c86094a8284a1 perl-Time-Piece-1.15-146.el6.tuxcare.els4.x86_64.rpm 49e0a833ef0ef2a1479c89982ccfac01dc5638ed perl-core-5.10.1-146.el6.tuxcare.els4.x86_64.rpm a9d1074899ed83da147b883a2b9e6f46e5207899 perl-devel-5.10.1-146.el6.tuxcare.els4.i686.rpm 1ade2f12fd997a2edc9f3f58dffe0ffe79856c82 perl-devel-5.10.1-146.el6.tuxcare.els4.x86_64.rpm 19c20c4dfd59aa79193a0d7b07fa22dcb247a596 perl-libs-5.10.1-146.el6.tuxcare.els4.i686.rpm 68be4147485cb2dc2a49cd42a94638a91d904246 perl-libs-5.10.1-146.el6.tuxcare.els4.x86_64.rpm 0981bb05c6379e72f6f9b634a2457c089b1f3d69 perl-parent-0.221-146.el6.tuxcare.els4.x86_64.rpm 535a389e4526a9105e2cf69eea011377cb47ff5d perl-suidperl-5.10.1-146.el6.tuxcare.els4.x86_64.rpm ccfcbc18ddfaa8f0f7c4673ab588da63e5329622 perl-version-0.77-146.el6.tuxcare.els4.x86_64.rpm 38dd345eb6cd88c0e5f6651daebe0caa98f37f94 CLSA-2022:1668032518 TuxCare License Agreement 0 - CVE-2020-16156: recognize CANNOT_VERIFY signature verification type Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-16156: recognize CANNOT_VERIFY signature verification type

0 tuxcare-oraclelinux6-els perl-5.10.1-146.el6.tuxcare.els4.x86_64.rpm ccd7ffb3e07b49b11bdb7e035f4c81f17a7780ca perl-Archive-Extract-0.38-146.el6.tuxcare.els4.x86_64.rpm 32e312ce98d4968fa87af55bd365e0c40438c782 perl-Archive-Tar-1.58-146.el6.tuxcare.els4.x86_64.rpm 2d6b1022f5f664dc861514cb737fd68de6596b47 perl-CGI-3.51-146.el6.tuxcare.els4.x86_64.rpm eba775ec1d74cc979970e07daf57557b2dfdd4f1 perl-CPAN-1.9402-146.el6.tuxcare.els4.x86_64.rpm 0e6670c73e19d0bf61b90f4fa41c593a8bc6d41a perl-CPANPLUS-0.88-146.el6.tuxcare.els4.x86_64.rpm 83bd8c4797f8ec43885a14df93a7edf34be81626 perl-Compress-Raw-Bzip2-2.021-146.el6.tuxcare.els4.x86_64.rpm 54ab4204662559c1702ea482a7e6f7779a62f625 perl-Compress-Raw-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm c44509889857937841bb446d19bd20562be3be9d perl-Compress-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm 5222af0d645000260e56555f63ca8cc6cbe1709d perl-Digest-SHA-5.47-146.el6.tuxcare.els4.x86_64.rpm bab49c06879192cb9c43c8a145ed39c3807b55ea perl-ExtUtils-CBuilder-0.27-146.el6.tuxcare.els4.x86_64.rpm 33fdf3ddf733e17d783da4b2e7ee0a253134e3ab perl-ExtUtils-Embed-1.28-146.el6.tuxcare.els4.x86_64.rpm a71f74145eaf8268d501580bf232ab0a07025f78 perl-ExtUtils-MakeMaker-6.55-146.el6.tuxcare.els4.x86_64.rpm 9cbb5504629a5937ecb1b7acf0efae2ad56de135 perl-ExtUtils-ParseXS-2.2003.0-146.el6.tuxcare.els4.x86_64.rpm b9ffa2352d830d4371764bc032e9ad07931830c7 perl-File-Fetch-0.26-146.el6.tuxcare.els4.x86_64.rpm 359f47c0e64dc29b084ac0d1c6a07ee92fad20e2 perl-IO-Compress-Base-2.021-146.el6.tuxcare.els4.x86_64.rpm 1ed3a3b12d0879d2b9fd352b9b2e227b345060b6 perl-IO-Compress-Bzip2-2.021-146.el6.tuxcare.els4.x86_64.rpm 211f401174c64d8b13e02299282b65b246a60526 perl-IO-Compress-Zlib-2.021-146.el6.tuxcare.els4.x86_64.rpm 840d0ab3ee27ad26a9ae227109724740be0182dc perl-IO-Zlib-1.09-146.el6.tuxcare.els4.x86_64.rpm e88c1ea5d614359b1eb09a9814c0b88ff3e1054f perl-IPC-Cmd-0.56-146.el6.tuxcare.els4.x86_64.rpm e788f76cdc7636997521eca8ddc4c21a447503c0 perl-Locale-Maketext-Simple-0.18-146.el6.tuxcare.els4.x86_64.rpm 97398bd5e575a9f9d764c48fbc37b884ec973325 perl-Log-Message-0.02-146.el6.tuxcare.els4.x86_64.rpm f43798e5eabce91532a700960646ff95e18a20da perl-Log-Message-Simple-0.04-146.el6.tuxcare.els4.x86_64.rpm d5cec64dd2d4fa538bd836a00d30b8a13820fd1f perl-Module-Build-0.3500-146.el6.tuxcare.els4.x86_64.rpm 6b855cbcb7ae962a1d353ed871b5ed26e7bd8eda perl-Module-CoreList-2.18-146.el6.tuxcare.els4.x86_64.rpm 20df45544e087febea0118722a0a04bb05c60a69 perl-Module-Load-0.16-146.el6.tuxcare.els4.x86_64.rpm 799c66ac1cae6b2e782835124c3d13cc1e5a8ff4 perl-Module-Load-Conditional-0.30-146.el6.tuxcare.els4.x86_64.rpm fc95d90105ad3498d7344d1b5b5361e98d9ec922 perl-Module-Loaded-0.02-146.el6.tuxcare.els4.x86_64.rpm c9c171d72304118e8e3ea9dd36005026e8e22435 perl-Module-Pluggable-3.90-146.el6.tuxcare.els4.x86_64.rpm e52c1f5db8f3a330f5572b383deb7adfcffe1509 perl-Object-Accessor-0.34-146.el6.tuxcare.els4.x86_64.rpm 13f3315f125aca4b74326e201cd0ee2db74b6909 perl-Package-Constants-0.02-146.el6.tuxcare.els4.x86_64.rpm de421d20feaad0f995c56dd5427302eec915df89 perl-Params-Check-0.26-146.el6.tuxcare.els4.x86_64.rpm 45a69b0b8dd36ebe47ede1d0090e2c951c747acc perl-Parse-CPAN-Meta-1.40-146.el6.tuxcare.els4.x86_64.rpm 28e28ef9ad6aee6c0f56ef8bbab25f00a454ce80 perl-Pod-Escapes-1.04-146.el6.tuxcare.els4.x86_64.rpm f21131ffb42b850f30a52ea20570059d59c65469 perl-Pod-Simple-3.13-146.el6.tuxcare.els4.x86_64.rpm e8d1b6349cf5c5ae06b09516973320bb6a030bb4 perl-Term-UI-0.20-146.el6.tuxcare.els4.x86_64.rpm b06505624a1adda089b0fcafa621a644aa328979 perl-Test-Harness-3.17-146.el6.tuxcare.els4.x86_64.rpm 623a5a1968b5d83e0a907e97e7f5fd7cf2f62ad3 perl-Test-Simple-0.92-146.el6.tuxcare.els4.x86_64.rpm 993ebea9b593057f056dbfa4cbefce165dba368a perl-Time-HiRes-1.9721-146.el6.tuxcare.els4.x86_64.rpm 68da9cf2eea78e20329d648a702c86094a8284a1 perl-Time-Piece-1.15-146.el6.tuxcare.els4.x86_64.rpm 49e0a833ef0ef2a1479c89982ccfac01dc5638ed perl-core-5.10.1-146.el6.tuxcare.els4.x86_64.rpm a9d1074899ed83da147b883a2b9e6f46e5207899 perl-devel-5.10.1-146.el6.tuxcare.els4.i686.rpm 1ade2f12fd997a2edc9f3f58dffe0ffe79856c82 perl-devel-5.10.1-146.el6.tuxcare.els4.x86_64.rpm 19c20c4dfd59aa79193a0d7b07fa22dcb247a596 perl-libs-5.10.1-146.el6.tuxcare.els4.i686.rpm 68be4147485cb2dc2a49cd42a94638a91d904246 perl-libs-5.10.1-146.el6.tuxcare.els4.x86_64.rpm 0981bb05c6379e72f6f9b634a2457c089b1f3d69 perl-parent-0.221-146.el6.tuxcare.els4.x86_64.rpm 535a389e4526a9105e2cf69eea011377cb47ff5d perl-suidperl-5.10.1-146.el6.tuxcare.els4.x86_64.rpm ccfcbc18ddfaa8f0f7c4673ab588da63e5329622 perl-version-0.77-146.el6.tuxcare.els4.x86_64.rpm 38dd345eb6cd88c0e5f6651daebe0caa98f37f94 CLSA-2022:1668116271 TuxCare License Agreement 0 - CVE-2022-35737: fix a buffer overflow Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-35737: fix a buffer overflow

0 tuxcare-oraclelinux6-els lemon-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm 0092f59415f9de446eda29abf1f806ea255966d3 sqlite-3.6.20-1.el6_7.2.tuxcare.els2.i686.rpm a0694bee1b03281feda993939aac7b81cefc63a8 sqlite-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm d53ac6c113a15720a5da9171884ee54cc90be98d sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els2.i686.rpm bc4468e882bf51b219d42e7d50a1efd073ea8fd4 sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm 1b3fe628ee7dd05f1ea5b3c593f009bb7365fb2a sqlite-doc-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm d53e6bfc7704c0da6c06405c53ba10ffdc7d0ea2 sqlite-tcl-3.6.20-1.el6_7.2.tuxcare.els2.x86_64.rpm 0c7ababafa6b6a874922dee128d1f7592af9446a CLSA-2022:1669065718 TuxCare License Agreement 0 - CVE-2022-41741: fix memory corruption in the ngx_http_mp4_module - CVE-2022-41742: fix memory disclosure in the ngx_http_mp4_module Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-41741: fix memory corruption in the ngx_http_mp4_module - CVE-2022-41742: fix memory disclosure in the ngx_http_mp4_module

0 tuxcare-oraclelinux6-els nginx-1.10.3-4.el6.tuxcare.els5.x86_64.rpm 930b15cb0fd60172a862268b6b6a90e72701a285 nginx-all-modules-1.10.3-4.el6.tuxcare.els5.noarch.rpm 092288e3c1dd608ae7b162cbeb012f05fef1c092 nginx-filesystem-1.10.3-4.el6.tuxcare.els5.noarch.rpm 0bf6a4ded0d5d7370efb3cb2dae3e15742466cd6 nginx-mod-http-geoip-1.10.3-4.el6.tuxcare.els5.x86_64.rpm 7b749b459888f4e5887f72e17ba73377b9b5a3f4 nginx-mod-http-image-filter-1.10.3-4.el6.tuxcare.els5.x86_64.rpm e2349e14163929825969747bfd7930519e72bcf2 nginx-mod-http-perl-1.10.3-4.el6.tuxcare.els5.x86_64.rpm cb65f18a19a3dd6a442ec8507b9f56c03e3650ab nginx-mod-http-xslt-filter-1.10.3-4.el6.tuxcare.els5.x86_64.rpm 96d99df6eeb56c696dc22c72be6a9829e1b58efa nginx-mod-mail-1.10.3-4.el6.tuxcare.els5.x86_64.rpm a4260ea4e4ac53810cb52bda29add59784e75bd7 nginx-mod-stream-1.10.3-4.el6.tuxcare.els5.x86_64.rpm 67266d178fc3a6d6d962740c481a2c8bb697c5d5 CLSA-2022:1669239895 TuxCare License Agreement 0 - CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window - Add NULL pointer checks in x_strcasecmp() and x_strncasecmp() to help with error recovery for a missing font Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window - Add NULL pointer checks in x_strcasecmp() and x_strncasecmp() to help with error recovery for a missing font

0 tuxcare-oraclelinux6-els xterm-253-2.el6.tuxcare.els2.x86_64.rpm 081245da10cac5885f7b56f5d71bab45994f1168 CLSA-2022:1669240259 TuxCare License Agreement 0 - CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm a485e3d9766a95111be693d2f918384f487b5b86 vim-common-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm d48878035cf263cbb0067c8726865979a98f7d34 vim-enhanced-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm f547ab3604f46483f71d38cac08c7594febbd877 vim-filesystem-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm 687fdaf9d833367ba2dc1b0f23a8cb37f1bbf82b vim-minimal-7.4.629-5.2.el6.tuxcare.els32.x86_64.rpm d31e25af8bb29a0bdc44631bdd294c9ea384c788 CLSA-2022:1669240479 TuxCare License Agreement 0 - CVE-2022-45061: Fix quadratic time idna decoding - fix tests to be compatible with expat 2.0.1-tuxcare.els Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-45061: Fix quadratic time idna decoding - fix tests to be compatible with expat 2.0.1-tuxcare.els

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els8.i686.rpm 7babdb906bc4796c02a0967db58cf7c3750e9309 python-2.6.6-70.el6.tuxcare.els8.x86_64.rpm 5ff6b6e672d15687d8bf458907f88150f379b211 python-devel-2.6.6-70.el6.tuxcare.els8.i686.rpm ce38b0219c8a4c7c063877df782aaa9d98c8c2d9 python-devel-2.6.6-70.el6.tuxcare.els8.x86_64.rpm f334752d16e48d11cb8ad410924b824f4e407612 python-libs-2.6.6-70.el6.tuxcare.els8.i686.rpm c3af882ac446f3af1c1dd22cefe1af4feab576bc python-libs-2.6.6-70.el6.tuxcare.els8.x86_64.rpm ff7fd45c7fad9ae8757c8c43a70aefc53b738e94 python-test-2.6.6-70.el6.tuxcare.els8.x86_64.rpm d23f7ce2b30bdca099ccf947a8e77b5fa51f4025 python-tools-2.6.6-70.el6.tuxcare.els8.x86_64.rpm c4cd589a39bf35c6e9cea6b9192c0e0fa92d2f85 tkinter-2.6.6-70.el6.tuxcare.els8.x86_64.rpm 0a7abcdd13dab12697c6edd343f9f8c96fb61771 CLSA-2022:1669850228 TuxCare License Agreement 0 - KVM: do not allow mapping valid but non-reference-counted pages {CVE-2021-22543} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- KVM: do not allow mapping valid but non-reference-counted pages {CVE-2021-22543}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm 576125145ae0ecdbe093239c435d659d7aba806f kernel-debug-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm 9e0bfff9b82533565fb9ec802fa620834b7deaf2 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm 594c583dc9b28062f4d58f471e6ef255d5a9de3f kernel-devel-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm d7d8b1b4464e1242a324c96e83380b61728d4c17 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm 1c430c5c2f42f5d836da41693605dbe2a3e4feb8 perf-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm 1160d73592acc292054237a5e2eddd1c9f5bce47 python-perf-2.6.32-754.35.8.el6.tuxcare.els11.x86_64.rpm 546743883a7131e61a2933c543a4aa01ffaf1e3d CLSA-2022:1669919330 TuxCare License Agreement 0 - KVM: do not allow mapping valid but non-reference-counted pages {CVE-2021-22543} None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- KVM: do not allow mapping valid but non-reference-counted pages {CVE-2021-22543}

0 tuxcare-oraclelinux6-els kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els11.noarch.rpm b382128dd6d201ea810b26134414b1c7bef4bdb2 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els11.noarch.rpm ebdd3acb22e537f11f645685982df1f98b287210 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els11.noarch.rpm d69bf91200fca85968722f7b18ae195ed7cd18fc CLSA-2022:1670522857 TuxCare License Agreement 0 - CVE-2022-40303: fix integer overflows with XML_PARSE_HUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-40303: fix integer overflows with XML_PARSE_HUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els3.i686.rpm 068a2baa71b994726901394426252b26e60cc596 libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els3.x86_64.rpm f12759c823197e4f3c0f570b45ba31a276e77022 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els3.i686.rpm f8a8dd928e5710c74f2b5ee30699adc2eaa4e030 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els3.x86_64.rpm a4485f3084cba4006c71e69f2b95a6068df606d8 libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els3.x86_64.rpm bd46e316482727da6f4c26bb7f5c3ee40684814a libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els3.x86_64.rpm 403c0f62fd098d11d5a8675d60411a2bc5859e7a CLSA-2022:1670874138 TuxCare License Agreement 0 - CVE-2022-42898: Fix integer overflows in PAC parsing - A test-suite was activated Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-42898: Fix integer overflows in PAC parsing - A test-suite was activated

0 tuxcare-oraclelinux6-els krb5-devel-1.10.3-65.el6.tuxcare.els1.i686.rpm 787e77f916b7da8294d8a9df981d96e43b957c64 krb5-devel-1.10.3-65.el6.tuxcare.els1.x86_64.rpm 18816e42970e5be42a44a844ca2e59f310859965 krb5-libs-1.10.3-65.el6.tuxcare.els1.i686.rpm 0d0dd7cf0dff83eb9693a98373da3114c8b31ac4 krb5-libs-1.10.3-65.el6.tuxcare.els1.x86_64.rpm 0374598e4a6c325e971b32e68dfab7e56280abaa krb5-pkinit-openssl-1.10.3-65.el6.tuxcare.els1.x86_64.rpm 23c1ba87763d4ea33ebdcc0d8a197f0a18704a3d krb5-server-1.10.3-65.el6.tuxcare.els1.x86_64.rpm fee2f14b4a96268986861c634eb792358c739f30 krb5-server-ldap-1.10.3-65.el6.tuxcare.els1.i686.rpm 86fb4b95c6e67192aa36862c9b25cc45b8873943 krb5-server-ldap-1.10.3-65.el6.tuxcare.els1.x86_64.rpm 97a492a970e0f77ac7a09e91dcbeb69ece47704e krb5-workstation-1.10.3-65.el6.tuxcare.els1.x86_64.rpm 6452edad0669d6b60289fbf0b5d669566f431a37 libkadm5-1.10.3-65.el6.tuxcare.els1.i686.rpm fc1a9809d3dffa5c6fc756fcee9a73f093c08b69 libkadm5-1.10.3-65.el6.tuxcare.els1.x86_64.rpm 7ffcd8cf48853c191222019531a3247a90ed6657 CLSA-2022:1670874212 TuxCare License Agreement 0 - CVE-2022-4141: check for text locked in CTRL-W gf - CVE-2022-3520: check that the column does not become negative Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-4141: check for text locked in CTRL-W gf - CVE-2022-3520: check that the column does not become negative

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm 94275e0c4323f2f6e8de3bed17cdc5d3948cf016 vim-common-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm 84559950517339c852ee1a063aeaa15ccccd61c7 vim-enhanced-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm b7fed1b664395fe0c20ae31d3d45ca1ddd499edd vim-filesystem-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm 74faa740b824da864c635011b17db2bfa6d15e6b vim-minimal-7.4.629-5.2.el6.tuxcare.els33.x86_64.rpm 654cce3da9ed5b55125d72ed55b952d577acc8eb CLSA-2022:1671032897 TuxCare License Agreement 0 - CVE-2022-4292: bail out if the window no longer exists Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-4292: bail out if the window no longer exists

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm a2b26f37f588a7df12208b41e1a01e9051141de7 vim-common-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm f93cfb68c3d107ad247bf8e8779abbd4420afef1 vim-enhanced-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm b23b60ae43d11b563d04a9632459867c6f9ca880 vim-filesystem-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm 9daf15b5007415bf678c1ff5ef1707ba43ea7fc5 vim-minimal-7.4.629-5.2.el6.tuxcare.els34.x86_64.rpm 508cf2a35c1fa47f007814f630354618bf8ba2ae CLSA-2022:1671124217 TuxCare License Agreement 0 - CVE-2022-32221: fix issue when POST following PUT confusion Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-32221: fix issue when POST following PUT confusion

0 tuxcare-oraclelinux6-els curl-7.19.7-59.el6.tuxcare.els7.x86_64.rpm 5871a6943a661329ca0f23d3a1f6e2b7e98c6383 libcurl-7.19.7-59.el6.tuxcare.els7.i686.rpm de7acd70942e12394e00ab4cfb5a4478ebf7ac62 libcurl-7.19.7-59.el6.tuxcare.els7.x86_64.rpm 346dc00023b9406c22642fb0681e3486097f376c libcurl-devel-7.19.7-59.el6.tuxcare.els7.i686.rpm 48b40239aa90731a33e3973db175bc6d1b2a5fa7 libcurl-devel-7.19.7-59.el6.tuxcare.els7.x86_64.rpm bd046ffbff211c241366547547ae4b7d13429b2a CLSA-2022:1671124332 TuxCare License Agreement 0 - CVE-2022-3591: disallow navigating to a dummy buffer Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-3591: disallow navigating to a dummy buffer

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm 85f5c107504343ba07cc89be53b2ab5a2f7f982b vim-common-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm 0c82a9e7ae1a3b2918377db1c68f8692c1c0b2dd vim-enhanced-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm 80104743d5d943ae538937a66fe1c0c599b736be vim-filesystem-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm 420feef2f4b520498f7643824b74f8a8002cb8ac vim-minimal-7.4.629-5.2.el6.tuxcare.els35.x86_64.rpm 739a1f19a61f43d4e1a5acb31dbc64bf02659f61 CLSA-2022:1671481111 TuxCare License Agreement 0 - CVE-2019-6109: verify character encoding in progress display to avoid spoofing of scp client output - CVE-2016-10012: updated to fix server-side protocol errors observed during rekeying with compression enabled Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2019-6109: verify character encoding in progress display to avoid spoofing of scp client output - CVE-2016-10012: updated to fix server-side protocol errors observed during rekeying with compression enabled

0 tuxcare-oraclelinux6-els openssh-5.3p1-125.el6.tuxcare.els4.x86_64.rpm 6ae858aa36c81bfbdd254f1393cdbe0e8b47ca98 openssh-askpass-5.3p1-125.el6.tuxcare.els4.x86_64.rpm fee10975f0d5ae53fbb83e39076c87f0a3c204af openssh-clients-5.3p1-125.el6.tuxcare.els4.x86_64.rpm f107df3439d31baf5a8c6914098b4016a442c73a openssh-ldap-5.3p1-125.el6.tuxcare.els4.x86_64.rpm bcbfc95014f66b4e383ffa5390415445fa28c89c openssh-server-5.3p1-125.el6.tuxcare.els4.x86_64.rpm c7b74278c539c19a3dd0e212f524ec5eee013fe6 pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els4.i686.rpm 0abde281eb5f29ef3e350a4ca2dddb3d5229611b pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els4.x86_64.rpm 353ca2df88d5e2588e489a013d5217f893352a4f CLSA-2022:1671656460 TuxCare License Agreement 0 - update to CKBI 2.58 from NSS 3.67 - removed old certificates: - # Certificate "Camerfirma Global Chambersign Root" - # Certificate "Cybertrust Global Root" - # Certificate "Equifax Secure eBusiness CA 1" - # Certificate "Equifax Secure Global eBusiness CA" - # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - # Certificate "GlobalSign Root CA - R2" - # Certificate "Hellenic Academic and Research Institutions RootCA 2011" - # Certificate "Staat der Nederlanden EV Root CA" - # Certificate "Thawte Premium Server CA" - # Certificate "Thawte Premium Server CA, with pkcs1-sha1-rsa signature" - # Certificate "Thawte Server CA" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G2" - # Certificate "Verisign Class 3 Public Primary Certification Authority" - # Certificate "Verisign Class 3 Public Primary Certification Authority - G2" - added new certificates: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - # Certificate "Certainly Root E1" - # Certificate "Certainly Root R1" - # Certificate "DigiCert SMIME ECC P384 Root G5" - # Certificate "DigiCert SMIME RSA4096 Root G5" - # Certificate "DigiCert TLS ECC P384 Root G5" - # Certificate "DigiCert TLS RSA4096 Root G5" - # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" - # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" - # Certificate "D-TRUST BR Root CA 1 2020" - # Certificate "D-TRUST EV Root CA 1 2020" - # Certificate "E-Tugra Global Root CA ECC v3" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "GlobalSign ECC Root CA - R4" - # Certificate "GTS Root R1" - # Certificate "GTS Root R2" - # Certificate "GTS Root R3" - # Certificate "GTS Root R4" - # Certificate "HARICA Client ECC Root CA 2021" - # Certificate "HARICA Client RSA Root CA 2021" - # Certificate "HARICA TLS ECC Root CA 2021" - # Certificate "HARICA TLS RSA Root CA 2021" - # Certificate "HiPKI Root CA - G1" - # Certificate "ISRG Root X2" - # Certificate "Security Communication ECC RootCA1" - # Certificate "Security Communication RootCA3" - # Certificate "Telia Root CA v2" - # Certificate "TunTrust Root CA" - # Certificate "vTrus ECC Root CA" - # Certificate "vTrus Root CA" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.58 from NSS 3.67 - removed old certificates: - # Certificate "Camerfirma Global Chambersign Root" - # Certificate "Cybertrust Global Root" - # Certificate "Equifax Secure eBusiness CA 1" - # Certificate "Equifax Secure Global eBusiness CA" - # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - # Certificate "GlobalSign Root CA - R2" - # Certificate "Hellenic Academic and Research Institutions RootCA 2011" - # Certificate "Staat der Nederlanden EV Root CA" - # Certificate "Thawte Premium Server CA" - # Certificate "Thawte Premium Server CA, with pkcs1-sha1-rsa signature" - # Certificate "Thawte Server CA" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G2" - # Certificate "Verisign Class 3 Public Primary Certification Authority" - # Certificate "Verisign Class 3 Public Primary Certification Authority - G2" - added new certificates: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - # Certificate "Certainly Root E1" - # Certificate "Certainly Root R1" - # Certificate "DigiCert SMIME ECC P384 Root G5" - # Certificate "DigiCert SMIME RSA4096 Root G5" - # Certificate "DigiCert TLS ECC P384 Root G5" - # Certificate "DigiCert TLS RSA4096 Root G5" - # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" - # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" - # Certificate "D-TRUST BR Root CA 1 2020" - # Certificate "D-TRUST EV Root CA 1 2020" - # Certificate "E-Tugra Global Root CA ECC v3" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "GlobalSign ECC Root CA - R4" - # Certificate "GTS Root R1" - # Certificate "GTS Root R2" - # Certificate "GTS Root R3" - # Certificate "GTS Root R4" - # Certificate "HARICA Client ECC Root CA 2021" - # Certificate "HARICA Client RSA Root CA 2021" - # Certificate "HARICA TLS ECC Root CA 2021" - # Certificate "HARICA TLS RSA Root CA 2021" - # Certificate "HiPKI Root CA - G1" - # Certificate "ISRG Root X2" - # Certificate "Security Communication ECC RootCA1" - # Certificate "Security Communication RootCA3" - # Certificate "Telia Root CA v2" - # Certificate "TunTrust Root CA" - # Certificate "vTrus ECC Root CA" - # Certificate "vTrus Root CA"

0 tuxcare-oraclelinux6-els ca-certificates-2022.2.58-60.1.el6.tuxcare.els1.noarch.rpm 79319dc6064af55b516441b186fb54b3a12ad77b CLSA-2023:1674814108 TuxCare License Agreement 0 - CVE-2023-0049: fix out-of-bounds read Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-0049: fix out-of-bounds read

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm 692007a6d6e78abb875f96654020b94b036f22e0 vim-common-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm 1ddfc3d0a3fc007e97a9b6ffde0812d7c426bb38 vim-enhanced-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm 503143d9ce61090fe0e437b04ecff691df99534c vim-filesystem-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm 14a44bd719180269ec5e3a4237c2035646e7d259 vim-minimal-7.4.629-5.2.el6.tuxcare.els36.x86_64.rpm 7d1379aae8676d6cfd3da43f4dd4f55dd39919c9 CLSA-2023:1675111450 TuxCare License Agreement 0 - CVE-2022-36760: mod_proxy_ajp: fix possible HTTP request smuggling Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-36760: mod_proxy_ajp: fix possible HTTP request smuggling

0 tuxcare-oraclelinux6-els httpd-2.2.15-72.el6.tuxcare.els8.x86_64.rpm 29bc3e66a5c7d9fa1ed42c868a44c5056adc3bb6 httpd-devel-2.2.15-72.el6.tuxcare.els8.i686.rpm 5d633e003d47b253855df739a0b27cc03f414459 httpd-devel-2.2.15-72.el6.tuxcare.els8.x86_64.rpm 5d83c1cef3e8cfff150fa13ad03c72823a6e9a3f httpd-manual-2.2.15-72.el6.tuxcare.els8.noarch.rpm 45d8d6a604f39d2225aa309daa805ba2f89ec091 httpd-tools-2.2.15-72.el6.tuxcare.els8.x86_64.rpm b55e2a0811e07cf8e5d3802ce19fc34e3ea59abd mod_ssl-2.2.15-72.el6.tuxcare.els8.x86_64.rpm e6fd70a8bf95503eb735a838855fedc4182f5694 CLSA-2023:1675373517 TuxCare License Agreement 0 - CVE-2023-0433: check for not going over the end of the line Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-0433: check for not going over the end of the line

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm 5eb2b9d4b29bd0697671c1ae29b049573fa54be2 vim-common-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm d6a408826898e309f71dff33f33079c7f026a306 vim-enhanced-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm e88fdcaf7f245c713c321277a13a72878829df6b vim-filesystem-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm b418955cc1e98af29bc0e6a466114a7acf09756b vim-minimal-7.4.629-5.2.el6.tuxcare.els37.x86_64.rpm c5c28a56e39a0519a408fd79b7690fc43b63476d CLSA-2023:1675986271 TuxCare License Agreement 0 - CVE-2023-22809: do not permit editor arguments to include "--" for sudoedit - build tests have been enabled Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-22809: do not permit editor arguments to include "--" for sudoedit - build tests have been enabled

0 tuxcare-oraclelinux6-els sudo-1.8.6p3-32.el6.tuxcare.els1.x86_64.rpm 5c6c7d9e5d5cc3e7651cc0093e5443f4f745d03d sudo-devel-1.8.6p3-32.el6.tuxcare.els1.i686.rpm 62ef48c13a417ec77949bded8327adc542eb87aa sudo-devel-1.8.6p3-32.el6.tuxcare.els1.x86_64.rpm b8bd43188e493e3edba4191e88d8ebe67ab66544 CLSA-2023:1675986396 TuxCare License Agreement 0 - Upgrade to tzdata-2022g - The northern edge of the Mexican state of Chihuahua will change time zone to agree with nearby US locations on 2022-11-30. - Added a new Zone America/Ciudad_Juarez that splits from America/Ojinaga. - Mexico will stop observing DST except near the US border. - Chihuahua moved to -06 year round starting on 2022-10-30. - Fiji no longer observes DST. - Add a work-around for an awk bug in FreeBSD, macOS, etc. - Improve tzselect with respect to intercontinental Zones. - Chile transitions to DST on 2022-09-11, not 2022-09-04 - 'make install' now defaults LOCALTIME to Factory rather than GMT - More zones that are the same since 1970 have been moved to backzone. - Include patch for awk workaround. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to tzdata-2022g - The northern edge of the Mexican state of Chihuahua will change time zone to agree with nearby US locations on 2022-11-30. - Added a new Zone America/Ciudad_Juarez that splits from America/Ojinaga. - Mexico will stop observing DST except near the US border. - Chihuahua moved to -06 year round starting on 2022-10-30. - Fiji no longer observes DST. - Add a work-around for an awk bug in FreeBSD, macOS, etc. - Improve tzselect with respect to intercontinental Zones. - Chile transitions to DST on 2022-09-11, not 2022-09-04 - 'make install' now defaults LOCALTIME to Factory rather than GMT - More zones that are the same since 1970 have been moved to backzone. - Include patch for awk workaround.

0 tuxcare-oraclelinux6-els tzdata-2022g-1.el6.noarch.rpm e2590bd529860869802219cd233c6d0533b7a94d tzdata-java-2022g-1.el6.noarch.rpm cb1d9f21259319107a4cab0467218ee692abfce2 CLSA-2023:1675986440 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs: - CVE-2023-21830: Improper restrictions in CORBA deserialization (Serialization, 8285021) - CVE-2023-21843: Soundbank URL remote loading (Sound, 8293742) - Update tzdata requirement to 2022g to match JDK-8297804 - Remove patches which are in upstream now - Remove the obsolete rh1163501 patch Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs: - CVE-2023-21830: Improper restrictions in CORBA deserialization (Serialization, 8285021) - CVE-2023-21843: Soundbank URL remote loading (Sound, 8293742) - Update tzdata requirement to 2022g to match JDK-8297804 - Remove patches which are in upstream now - Remove the obsolete rh1163501 patch

0 tuxcare-oraclelinux6-els java-1.8.0-openjdk-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm 94925eda80891da5b8e29e97917201fd62a764e5 java-1.8.0-openjdk-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm 420a2f65a9f6a77cee09cbb346b53f7ee552f0fa java-1.8.0-openjdk-demo-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm ec2363d4a73ac4db85e26a652522fd22d8895032 java-1.8.0-openjdk-demo-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm b978f3d4c46b1e8f43c0141e9b1d091c6a2b8305 java-1.8.0-openjdk-devel-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm 2e6c867bc0a8e06d769d8b050f93e77606a31da7 java-1.8.0-openjdk-devel-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm 859e0cf10c85694571ee3cfaf7f8026efa579f8f java-1.8.0-openjdk-headless-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm 8b3cc39733c9c44e7fa6fb895046c1a70dd9e810 java-1.8.0-openjdk-headless-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm 73202891c91a481c62a27c5eb4285a52b461f9e3 java-1.8.0-openjdk-javadoc-1.8.0.362.b09-1.el6.tuxcare.els1.noarch.rpm ea610234a9b62b604c8c81417ad5bdd2741ad309 java-1.8.0-openjdk-javadoc-debug-1.8.0.362.b09-1.el6.tuxcare.els1.noarch.rpm da1002989f6fa4199cbde54d4e8e0edc92f8ee8e java-1.8.0-openjdk-src-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm 94ab3df2103b1acd178a46127756b92a7281671d java-1.8.0-openjdk-src-debug-1.8.0.362.b09-1.el6.tuxcare.els1.x86_64.rpm 6e073720519db2f27b3645f035fba134fe46d251 CLSA-2023:1676025915 TuxCare License Agreement 0 - CVE-2023-0215: Fix a UAF resulting from a bug in BIO_new_NDEF - CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-0215: Fix a UAF resulting from a bug in BIO_new_NDEF - CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address

0 tuxcare-oraclelinux6-els openssl-1.0.1e-63.el6.tuxcare.els8.i686.rpm 41d4286ce767c16c532ded9ba585c5c0031c0236 openssl-1.0.1e-63.el6.tuxcare.els8.x86_64.rpm 7df7d223175571152b537b45bad2e952ff35bfa0 openssl-devel-1.0.1e-63.el6.tuxcare.els8.i686.rpm 9d352d863fc67cd3503c72deac0f90929abc5270 openssl-devel-1.0.1e-63.el6.tuxcare.els8.x86_64.rpm fefa6ecc5a9734d0487d7b7cfb06b07d061b23c5 openssl-perl-1.0.1e-63.el6.tuxcare.els8.x86_64.rpm 3897d0484110963e47432f20ffed8a89a2771669 openssl-static-1.0.1e-63.el6.tuxcare.els8.x86_64.rpm 0eac953944eb3ff5f524e172e5f154e899a628a6 CLSA-2023:1676571549 TuxCare License Agreement 0 - Update to CKBI 2.60 from NSS 3.86 - Removed: - # Certificate "Camerfirma Global Chambersign Root" - # Certificate "Cybertrust Global Root" - # Certificate "DST Root CA X3" - # Certificate "EC-ACC" - # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - # Certificate "GlobalSign Root CA - R2" - # Certificate "Hellenic Academic and Research Institutions RootCA 2011" - # Certificate "Network Solutions Certificate Authority" - # Certificate "Staat der Nederlanden EV Root CA" - # Certificate "SwissSign Platinum CA - G2" - # Certificate "GlobalSign ECC Root CA - R4" - # Certificate "GTS Root R4" - # Certificate "GTS Root R3" - # Certificate "GTS Root R2" - # Certificate "GTS Root R1" - Added: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - # Certificate "Certainly Root E1" - # Certificate "Certainly Root R1" - # Certificate "DigiCert SMIME ECC P384 Root G5" - # Certificate "DigiCert SMIME RSA4096 Root G5" - # Certificate "DigiCert TLS ECC P384 Root G5" - # Certificate "DigiCert TLS RSA4096 Root G5" - # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" - # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" - # Certificate "D-TRUST BR Root CA 1 2020" - # Certificate "D-TRUST EV Root CA 1 2020" - # Certificate "E-Tugra Global Root CA ECC v3" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "HARICA Client ECC Root CA 2021" - # Certificate "HARICA Client RSA Root CA 2021" - # Certificate "HARICA TLS ECC Root CA 2021" - # Certificate "HARICA TLS RSA Root CA 2021" - # Certificate "HiPKI Root CA - G1" - # Certificate "ISRG Root X2" - # Certificate "Security Communication ECC RootCA1" - # Certificate "Security Communication RootCA3" - # Certificate "Telia Root CA v2" - # Certificate "TunTrust Root CA" - # Certificate "vTrus ECC Root CA" - # Certificate "vTrus Root CA" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update to CKBI 2.60 from NSS 3.86 - Removed: - # Certificate "Camerfirma Global Chambersign Root" - # Certificate "Cybertrust Global Root" - # Certificate "DST Root CA X3" - # Certificate "EC-ACC" - # Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - # Certificate "GlobalSign Root CA - R2" - # Certificate "Hellenic Academic and Research Institutions RootCA 2011" - # Certificate "Network Solutions Certificate Authority" - # Certificate "Staat der Nederlanden EV Root CA" - # Certificate "SwissSign Platinum CA - G2" - # Certificate "GlobalSign ECC Root CA - R4" - # Certificate "GTS Root R4" - # Certificate "GTS Root R3" - # Certificate "GTS Root R2" - # Certificate "GTS Root R1" - Added: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - # Certificate "Certainly Root E1" - # Certificate "Certainly Root R1" - # Certificate "DigiCert SMIME ECC P384 Root G5" - # Certificate "DigiCert SMIME RSA4096 Root G5" - # Certificate "DigiCert TLS ECC P384 Root G5" - # Certificate "DigiCert TLS RSA4096 Root G5" - # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" - # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" - # Certificate "D-TRUST BR Root CA 1 2020" - # Certificate "D-TRUST EV Root CA 1 2020" - # Certificate "E-Tugra Global Root CA ECC v3" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "HARICA Client ECC Root CA 2021" - # Certificate "HARICA Client RSA Root CA 2021" - # Certificate "HARICA TLS ECC Root CA 2021" - # Certificate "HARICA TLS RSA Root CA 2021" - # Certificate "HiPKI Root CA - G1" - # Certificate "ISRG Root X2" - # Certificate "Security Communication ECC RootCA1" - # Certificate "Security Communication RootCA3" - # Certificate "Telia Root CA v2" - # Certificate "TunTrust Root CA" - # Certificate "vTrus ECC Root CA" - # Certificate "vTrus Root CA"

0 tuxcare-oraclelinux6-els nss-3.44.0-12.el6.tuxcare.els2.i686.rpm 5c18c063502494ad55b64529a5c84cd607ff422a nss-3.44.0-12.el6.tuxcare.els2.x86_64.rpm d6f5eaa0595ba77ef4ca18f90065fa8b9610fd46 nss-devel-3.44.0-12.el6.tuxcare.els2.i686.rpm 7fc17b53cbe82fd78bc0def3ff887b0150afb97a nss-devel-3.44.0-12.el6.tuxcare.els2.x86_64.rpm 44af1f886f60d16008a46332a58c4fd4feb57f12 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els2.i686.rpm 1817495f470c86e03da90497bd28f76d372d8d9b nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els2.x86_64.rpm 91774991f18fcb0572cd07788ae27583c37ca570 nss-sysinit-3.44.0-12.el6.tuxcare.els2.x86_64.rpm 43a78bbf0e9c81cf858a8363c2a545e7003e2ab1 nss-tools-3.44.0-12.el6.tuxcare.els2.x86_64.rpm c7cccde64b99fc851cb6f86773f3721e2134b1bf CLSA-2023:1676571644 TuxCare License Agreement 0 - update to CKBI 2.60 from NSS 3.86 - removed old certificates: - # Certificate "EC-ACC" - # Certificate "GlobalSign ECC Root CA - R4" - # Certificate "GTS Root R1" - # Certificate "GTS Root R2" - # Certificate "GTS Root R3" - # Certificate "GTS Root R4" - # Certificate "Hellenic Academic and Research Institutions RootCA 2011" - # Certificate "Network Solutions Certificate Authority" - # Certificate "SwissSign Platinum CA - G2" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.60 from NSS 3.86 - removed old certificates: - # Certificate "EC-ACC" - # Certificate "GlobalSign ECC Root CA - R4" - # Certificate "GTS Root R1" - # Certificate "GTS Root R2" - # Certificate "GTS Root R3" - # Certificate "GTS Root R4" - # Certificate "Hellenic Academic and Research Institutions RootCA 2011" - # Certificate "Network Solutions Certificate Authority" - # Certificate "SwissSign Platinum CA - G2"

0 tuxcare-oraclelinux6-els ca-certificates-2022.2.60-60.1.el6.tuxcare.els1.noarch.rpm 24bbcd7451224ae163e5047a12643a035110c71e CLSA-2023:1677096181 TuxCare License Agreement 0 - CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links

0 tuxcare-oraclelinux6-els emacs-git-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm c6aa54a0deff49423e8ca838dbf47270b5036272 emacs-git-el-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm 41b49d8f4610fd73e9270fb47191d2773763c86f git-1.7.1-10.el6_10.tuxcare.els1.x86_64.rpm f4c5f338d80ee296ad82002e8ac9d1742dba3ac3 git-all-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm bc021e1b063d5df69528ea4668168d35220e483b git-cvs-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm 354cee630d1a533fd80cd7240878d49b20d321c5 git-daemon-1.7.1-10.el6_10.tuxcare.els1.x86_64.rpm c8cc94348810c0033d92100500d312e6bbd01b67 git-email-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm 9193b9f661f60d4a1c7f20e5e9dbf0898c034e4f git-gui-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm 630fe9c9dc88d80c701ef9d4e2c83a13adfb1884 git-svn-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm c62fbce98274b83812c44a5a83ccd55f898696ae gitk-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm 7db2398038f5b1ed2373020b9043574831e671ba gitweb-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm 208ab7486d69426aa836adc1e6e967326404504f perl-Git-1.7.1-10.el6_10.tuxcare.els1.noarch.rpm 48ae3c4dc1d5a0d27f10d490b14320b3eaed254d CLSA-2023:1677783967 TuxCare License Agreement 0 - CVE-2022-48303: check for the end of field after leading byte (0x80 or 0xff) of base-256 encoded header value Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-48303: check for the end of field after leading byte (0x80 or 0xff) of base-256 encoded header value

0 tuxcare-oraclelinux6-els tar-1.23-15.el6_8.tuxcare.els1.x86_64.rpm d9609744ed91bc1f01ffbbdacaa4c92980117ef7 CLSA-2023:1678136537 TuxCare License Agreement 0 - CVE-2006-20001: mod_dav: out-of-bounds read/write Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2006-20001: mod_dav: out-of-bounds read/write

0 tuxcare-oraclelinux6-els httpd-2.2.15-72.el6.tuxcare.els9.x86_64.rpm 9add99317f4c4e1f63a9b3ee5e1b9d5f29b50f37 httpd-devel-2.2.15-72.el6.tuxcare.els9.i686.rpm 21113a06fbf37b460e2f9689affe2d28f741acba httpd-devel-2.2.15-72.el6.tuxcare.els9.x86_64.rpm 6285eb58b70050b8a76f65b62e8a7c37bbf77988 httpd-manual-2.2.15-72.el6.tuxcare.els9.noarch.rpm 5a007b15d85cd406e1269513671cc1a5e926b333 httpd-tools-2.2.15-72.el6.tuxcare.els9.x86_64.rpm 1e9f5864381b33d019ff1e7e6568025241458fa6 mod_ssl-2.2.15-72.el6.tuxcare.els9.x86_64.rpm 3518efda9d401e1089b5f32054cb66fceb310907 CLSA-2023:1678136626 TuxCare License Agreement 0 - CVE-2023-24329: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-24329: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els9.i686.rpm e2abed86550701d32c937296015c7e655d853878 python-2.6.6-70.el6.tuxcare.els9.x86_64.rpm 79cef272040a6066023d063a0a3fd6e03e61a27f python-devel-2.6.6-70.el6.tuxcare.els9.i686.rpm 3d760245ff22e507f7bc00d3466b098355f76540 python-devel-2.6.6-70.el6.tuxcare.els9.x86_64.rpm 8ff110961cced62452829f73f891c2d576904cfb python-libs-2.6.6-70.el6.tuxcare.els9.i686.rpm 992f8b19a1951e58a56760df81b2676200263055 python-libs-2.6.6-70.el6.tuxcare.els9.x86_64.rpm 691540a1eb695078dddd57812c0b1c8872d0e35f python-test-2.6.6-70.el6.tuxcare.els9.x86_64.rpm c753dcc145231fc15d3b56919768d377f75da539 python-tools-2.6.6-70.el6.tuxcare.els9.x86_64.rpm b6eeb884e70e84a5d29ace73eb451c22f2d8f942 tkinter-2.6.6-70.el6.tuxcare.els9.x86_64.rpm 72242f0b8c6368b2772631686542e5a053a1d5ac CLSA-2023:1678396156 TuxCare License Agreement 0 - CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm f15a184fa0b2181382e200625ab47aa7e5db8859 php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 9ec3a78647e8282f3e88acb3203260012743edff php-cli-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 05b83756a3500206c11fff387d85cd5a91dcbd27 php-common-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 82b65cc25d38012beb884c121b86fdf25edf6446 php-dba-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 3e71f3a22ca44bb167f83cb40106b892c1c7b3d6 php-devel-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 1b2dca86fdee2dbaff57741866b64f7923fe8b3c php-embedded-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 6d5d24886e96684acc95ee0735ab9a52167aa671 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 93d9adaa20ae03d79676c11f356b172428ef7822 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 107642e5b90f85a47b501371885685c8beabe141 php-gd-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 3b1c5fbc21a9d4beaa1a04f22dab7b3a3ecde453 php-imap-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm a371e53c18a08ffe225cfef946263c62d17901f2 php-intl-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm a112251bd1529cc91b24a22c05d6f64b89675d51 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 102febf376bb92383455b22bfba733c730908817 php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm cd12b8be1b938355e4ba5476d78d0912ec6c034a php-mysql-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm c9d7ae627d97600746a287710bdab922ae1726c6 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 0791f3063fe2a17a7c45ad9c71cc465272c57b8d php-pdo-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 980b82111de48cbb16f2fe92b48f6d5ddc87f87c php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 04d17e6056fa289c7ddb684bd8f6dc96beaea9aa php-process-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 3ab41e461501ce04df1082aee8e7e6dd75e5915c php-pspell-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 427773743446cf0f95d7db9a6f65c390ef091f54 php-recode-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 4be9277befa709f01e7bcdaa1526047272b991d3 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 7d807bb98c79855ac8ed0c34d80c92432c041f4d php-soap-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm f3afde178109a10d120c7f6a0a32c61d76125eac php-tidy-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 6157a45430c9b04cafc7cb90afcfa37dc017699f php-xml-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 18bd0571aa5d301a06b3556280166d512775090a php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 779bb8fffaf53e5f761b210e4b1e6523699cde6b php-zts-5.3.3-50.el6_10.tuxcare.ol.els4.x86_64.rpm 3eaf3bff8ffdb8dacb0a99468c29077c761fe83c CLSA-2023:1678820270 TuxCare License Agreement 0 - CVE-2023-1175: make sure "startspaces" is not negative Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-1175: make sure "startspaces" is not negative

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm 1460dcb834dbd4342983280fd2970183addfb8ab vim-common-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm 59dde7f8065f2d703051378ad9963db09cca56eb vim-enhanced-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm 26d3af0bebe58d598b86c4a7b95a8fbac7f29671 vim-filesystem-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm f987c881ba849ec0f06b3b074ff3bc62747b964d vim-minimal-7.4.629-5.2.el6.tuxcare.els38.x86_64.rpm d9515eaad612d236badcfc8ba7c826fdbb5a65b3 CLSA-2023:1679925093 TuxCare License Agreement 0 - CVE-2023-1170: adjust the cursor column if needed Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-1170: adjust the cursor column if needed

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm 08a4dc39626cd57ca0b06df36bbfb4779b7217f9 vim-common-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm ec8749e5d15214ee70f93b6f48a347f78de9c10f vim-enhanced-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm 3bd51f1905972e11b57e6b27741b3478ae12bdc8 vim-filesystem-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm e7f75fdcc5d87b0132e1ec0e701d37ce4869d121 vim-minimal-7.4.629-5.2.el6.tuxcare.els39.x86_64.rpm 26f20b8e32584d88c3dad2f7c1d57fcd8d9c29c9 CLSA-2023:1681162921 TuxCare License Agreement 0 - Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode (in microcode.dat) at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-04/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-04/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-b7-01/0x32 microcode (in microcode.dat) at revision 0x112; - Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-37-09/0x0f (VLV D0) microcode (in microcode.dat) from revision 0x90c up to 0x90d; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat) from revision 0x100015c up to 0x1000161; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in microcode.dat) from revision 0x2006c0a up to 0x2006e05; - Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat) from revision 0x400320a up to 0x4003303; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x500320a up to 0x5003303; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002402 up to 0x7002503; - Update of 06-5c-09/0x03 (APL D0) microcode (in microcode.dat) from revision 0x46 up to 0x48; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode (in microcode.dat) from revision 0x24 up to 0x28; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-5f-01/0x01 (DNV B0) microcode (in microcode.dat) from revision 0x36 up to 0x38; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd000331 up to 0xd000389; - Update of 06-7a-01/0x01 (GLK B0) microcode (in microcode.dat) from revision 0x38 up to 0x3e; - Update of 06-7a-08/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x1c up to 0x22; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xa8 up to 0xb8; - Update of 06-8a-01/0x10 (LKF B2/B3) microcode (in microcode.dat) from revision 0x2d up to 0x32; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0x9a up to 0xa6; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x22 up to 0x28; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x3c up to 0x42; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-96-01/0x01 (EHL B1) microcode (in microcode.dat) from revision 0x15 up to 0x17; - Update of 06-9c-00/0x01 (JSL A0/A1) microcode (in microcode.dat) from revision 0x2400001f up to 0x24000024; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xee up to 0xf4; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xea up to 0xf4; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-a7-01/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x50 up to 0x57; - Fixes in releasenote.md file. - Improving of the auxilary script gen_updates2.py. - Increase a number of the epoch. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode (in microcode.dat) at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-04/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-05/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-06/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-06/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-07/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000170; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000181; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-04/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-9a-04/0x80 microcode (in microcode.dat) at revision 0x429; - Addition of 06-b7-01/0x32 microcode (in microcode.dat) at revision 0x112; - Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x410e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-97-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Addition of 06-bf-05/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-37-09/0x0f (VLV D0) microcode (in microcode.dat) from revision 0x90c up to 0x90d; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat) from revision 0x100015c up to 0x1000161; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in microcode.dat) from revision 0x2006c0a up to 0x2006e05; - Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat) from revision 0x400320a up to 0x4003303; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x500320a up to 0x5003303; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002402 up to 0x7002503; - Update of 06-5c-09/0x03 (APL D0) microcode (in microcode.dat) from revision 0x46 up to 0x48; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode (in microcode.dat) from revision 0x24 up to 0x28; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-5f-01/0x01 (DNV B0) microcode (in microcode.dat) from revision 0x36 up to 0x38; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd000331 up to 0xd000389; - Update of 06-7a-01/0x01 (GLK B0) microcode (in microcode.dat) from revision 0x38 up to 0x3e; - Update of 06-7a-08/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x1c up to 0x22; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xa8 up to 0xb8; - Update of 06-8a-01/0x10 (LKF B2/B3) microcode (in microcode.dat) from revision 0x2d up to 0x32; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0x9a up to 0xa6; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x22 up to 0x28; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x3c up to 0x42; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-96-01/0x01 (EHL B1) microcode (in microcode.dat) from revision 0x15 up to 0x17; - Update of 06-9c-00/0x01 (JSL A0/A1) microcode (in microcode.dat) from revision 0x2400001f up to 0x24000024; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat) from revision 0xec up to 0xf0; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xee up to 0xf4; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xea up to 0xf4; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xec up to 0xf4; - Update of 06-a7-01/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x50 up to 0x57; - Fixes in releasenote.md file. - Improving of the auxilary script gen_updates2.py. - Increase a number of the epoch.

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.38.el6_10.tuxcare.els1.x86_64.rpm d69b5fda3fb7bf054ca0b3653cdd5ed0de896207 CLSA-2023:1681327693 TuxCare License Agreement 0 - CVE-2023-0767: nss: improve handling of unknown PKCS#12 safe bag types Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-0767: nss: improve handling of unknown PKCS#12 safe bag types

0 tuxcare-oraclelinux6-els nss-3.44.0-12.el6.tuxcare.els3.i686.rpm c61bd34bef8c1814fafc6749bd453037da03b28a nss-3.44.0-12.el6.tuxcare.els3.x86_64.rpm a40689944d86974b3d2a506556a805fb7467ed0f nss-devel-3.44.0-12.el6.tuxcare.els3.i686.rpm 4a17b233dbfd91999cdd99f0ebc101a15b1b81ee nss-devel-3.44.0-12.el6.tuxcare.els3.x86_64.rpm e54ef22defa007ec34319c65201ba6dcb5310d44 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els3.i686.rpm b14a026a8737230f839406fed2e7627313de364d nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els3.x86_64.rpm 3b7bd1570e25cf0266a716ae6b8c3a2d0b57a20d nss-sysinit-3.44.0-12.el6.tuxcare.els3.x86_64.rpm cd36ed1002de1bc0f89fca2d104c09c93c98ee65 nss-tools-3.44.0-12.el6.tuxcare.els3.x86_64.rpm 7d41bc34858c6547459a3bd7b8bad7e5c4391bba CLSA-2023:1681491163 TuxCare License Agreement 0 - CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27535: fix behavior when FTP too eager connection reuse - CVE-2023-27536: do not reuse connections with different GSS delegations Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27535: fix behavior when FTP too eager connection reuse - CVE-2023-27536: do not reuse connections with different GSS delegations

0 tuxcare-oraclelinux6-els curl-7.19.7-59.el6.tuxcare.els8.x86_64.rpm 6871aea244271d11f462dd749327260f0974330a libcurl-7.19.7-59.el6.tuxcare.els8.i686.rpm 6185e85d6b599447970802e933bf0e4c4519fedb libcurl-7.19.7-59.el6.tuxcare.els8.x86_64.rpm 2c2942cd094af1de7d92b9337f538dd96c0c8556 libcurl-devel-7.19.7-59.el6.tuxcare.els8.i686.rpm 1bed229f22e50adb232f23d1ba90de47c29140d5 libcurl-devel-7.19.7-59.el6.tuxcare.els8.x86_64.rpm 7d32f876bf87897ae7ec6c73359476fd62f3a100 CLSA-2023:1682348435 TuxCare License Agreement 0 - CVE-2023-27534: fix SFTP path '~' resolving discrepancy - fix resolving SCP relative path Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-27534: fix SFTP path '~' resolving discrepancy - fix resolving SCP relative path

0 tuxcare-oraclelinux6-els curl-7.19.7-59.el6.tuxcare.els9.x86_64.rpm 64674c47bf15419bbee5ef00646238ae2f494d4f libcurl-7.19.7-59.el6.tuxcare.els9.i686.rpm 68ea73755f0a6b69dbb67abb4233b43f91e4632d libcurl-7.19.7-59.el6.tuxcare.els9.x86_64.rpm 151e781dec0ef40d4826bf456c8f021757b4f928 libcurl-devel-7.19.7-59.el6.tuxcare.els9.i686.rpm 070fef598631487045e1d77368378b8574b038fd libcurl-devel-7.19.7-59.el6.tuxcare.els9.x86_64.rpm 74f1793d98ba468bf3e51e6d0d8e1bbd18d7d137 CLSA-2023:1682711913 TuxCare License Agreement 0 - mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565} - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989} - proc: proc_skip_spaces() shouldn't think it is working on C strings {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long {CVE-2022-4378} - floppy: use a statically allocated error counter {CVE-2022-1652} - af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353} - usb: mon: make mmapped memory read only {CVE-2022-43750} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565} - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989} - proc: proc_skip_spaces() shouldn't think it is working on C strings {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long {CVE-2022-4378} - floppy: use a statically allocated error counter {CVE-2022-1652} - af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353} - usb: mon: make mmapped memory read only {CVE-2022-43750}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm 2f29d00f66a5283e9187e223b95a2b8b8ca7b462 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm 034ec6f2ead10bed90d874e315e31fa06fd34184 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm d1d8d863551ca158c1e4b7c55078eebcab7f71db kernel-devel-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm 74d9db7f558c9ec5bf9218ba03017f99750a4f2e kernel-headers-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm 9f213ff64a8d832416c0de8a09de7c6d26a13155 perf-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm 1bf432b39fb95954998ef672560440364e605156 python-perf-2.6.32-754.35.8.el6.tuxcare.els12.x86_64.rpm 3c8c2d66dd2fcb142a0fbbbd471c286aed77a693 CLSA-2023:1682712108 TuxCare License Agreement 0 - mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565} - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989} - proc: proc_skip_spaces() shouldn't think it is working on C strings {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long {CVE-2022-4378} - floppy: use a statically allocated error counter {CVE-2022-1652} - af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353} - usb: mon: make mmapped memory read only {CVE-2022-43750} None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- mISDN: fix use-after-free bugs in l1oip timer handlers {CVE-2022-3565} - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() {CVE-2023-1118} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work {CVE-2023-1989} - proc: proc_skip_spaces() shouldn't think it is working on C strings {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long {CVE-2022-4378} - floppy: use a statically allocated error counter {CVE-2022-1652} - af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register {CVE-2022-1353} - usb: mon: make mmapped memory read only {CVE-2022-43750}

0 tuxcare-oraclelinux6-els kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els12.noarch.rpm 1715980000f7c66b679d43c62528178be9d9d6a0 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els12.noarch.rpm 7db2551149696753970cceeafd9b47e2e5e16f4e kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els12.noarch.rpm e6da93f59ba57372487febac921a04d272560123 CLSA-2023:1683235565 TuxCare License Agreement 0 - CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints - CVE-2023-0466: Fix documentation of X509_VERIFY_PARAM_add0_policy() - CVE-2022-3996: Drop redundant flag setting in policy_cache_set_mapping() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints - CVE-2023-0466: Fix documentation of X509_VERIFY_PARAM_add0_policy() - CVE-2022-3996: Drop redundant flag setting in policy_cache_set_mapping()

0 tuxcare-oraclelinux6-els openssl-1.0.1e-63.el6.tuxcare.els9.i686.rpm 42d848e3638e024d64a5980f0df81cf35973fd38 openssl-1.0.1e-63.el6.tuxcare.els9.x86_64.rpm 950b4b3edb4d14bc2591f443002fb277c275ba1c openssl-devel-1.0.1e-63.el6.tuxcare.els9.i686.rpm 090b7a3270d2d29a231bcca0dfecc4dc607d334f openssl-devel-1.0.1e-63.el6.tuxcare.els9.x86_64.rpm d08004f5b7f0592c96d63e95450dc2a8e943f8c8 openssl-perl-1.0.1e-63.el6.tuxcare.els9.x86_64.rpm 93392bd979ac74908ab650ab4251c88676f76320 openssl-static-1.0.1e-63.el6.tuxcare.els9.x86_64.rpm 594f9523a5e80bb33b954bedf094280d6d6bcd94 CLSA-2023:1683814846 TuxCare License Agreement 0 - CVE-2023-25652: removing a link instead of writing into - CVE-2023-29007: restrict the config file line length to parse it whole - tests were activated - a buffer overflow during reading of configuration's enormous value has been fixed Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-25652: removing a link instead of writing into - CVE-2023-29007: restrict the config file line length to parse it whole - tests were activated - a buffer overflow during reading of configuration's enormous value has been fixed

0 tuxcare-oraclelinux6-els emacs-git-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm cad1db1d030e1dae111825c73dd6c3d8aa0bafab emacs-git-el-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm 13e15782b42a2416e500468f1a3e1ef32bc9917f git-1.7.1-10.el6_10.tuxcare.els2.x86_64.rpm f44dbd2087def3cb8c199b0fa347ec2c18b5246e git-all-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm ad2ca8cc38b8c254b53fd24f1987a3d04076f182 git-cvs-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm 5ea844020e5dc900d669a36d680a3f6430309eba git-daemon-1.7.1-10.el6_10.tuxcare.els2.x86_64.rpm d846d96a58ac23f4567d8e250f9c76fde25846eb git-email-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm 0645fd5bf9586437214523ea2d9033e067f77f25 git-gui-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm 5ee933cc5391d0af247aeac853fe19ca0daeb5d4 git-svn-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm c7f5ed1cf8d1027cf9ab6c25a8cc937c30e292d7 gitk-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm 7d1e0e7cb889716bae36bc7c6729367f6e481b4b gitweb-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm d81ebcba0861a49350c4cd18a8ee7c1d4bd3c5a5 perl-Git-1.7.1-10.el6_10.tuxcare.els2.noarch.rpm 1f97d13e37790e317e49a2df8c32d27604a9f0ab CLSA-2023:1685377804 TuxCare License Agreement 0 - CVE-2022-39377: fix possible buffer overflow - CVE-2023-33204: fix possible buffer overflow in an incomplete fix for CVE-2022-39377 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-39377: fix possible buffer overflow - CVE-2023-33204: fix possible buffer overflow in an incomplete fix for CVE-2022-39377

0 tuxcare-oraclelinux6-els sysstat-9.0.4-33.0.1.el6_9.1.tuxcare.ol.els1.x86_64.rpm ee91a28d1f9e8169bc58f9116d6962721ba9a3b0 CLSA-2023:1685377940 TuxCare License Agreement 0 - CVE-2023-2610: limit the text length to MAXCOL Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-2610: limit the text length to MAXCOL

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm 69c7c64d8a458552bde9e70482eebe0532a28b72 vim-common-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm 5f524fe2ee29ca387b8b3194428360a3a7364350 vim-enhanced-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm babf8645086d7b43dc558c1ee3fa8c2c7c33303c vim-filesystem-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm f9ef5358356de0ba60c26340c316052927023e4a vim-minimal-7.4.629-5.2.el6.tuxcare.els40.x86_64.rpm a97e0713d72d651a52f848fcdaf7b6b983e3170a CLSA-2023:1685633907 TuxCare License Agreement 0 - CVE-2023-2609: check "y_array" is not NULL Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-2609: check "y_array" is not NULL

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm 9a28c257fb76fda855c43517c512228dd1fc1954 vim-common-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm 2bdf62c806556a40654bdffa3ccf326b08b57ba4 vim-enhanced-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm a1bdb83200803aa94025ba0d4f2e851561a3ab43 vim-filesystem-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm 06205aaeebd317662e6874e92ae20757bdaf1b51 vim-minimal-7.4.629-5.2.el6.tuxcare.els41.x86_64.rpm 8eb801a8bbec0f8e922222acf1d6061442ad1132 CLSA-2023:1687269849 TuxCare License Agreement 0 - CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will translate - Update expired smime/SM2 certificates that affect tests. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will translate - Update expired smime/SM2 certificates that affect tests.

0 tuxcare-oraclelinux6-els openssl-1.0.1e-63.el6.tuxcare.els10.i686.rpm 1d1698e669adeaf1d2565f912e1b5c5f275875ba openssl-1.0.1e-63.el6.tuxcare.els10.x86_64.rpm d9d80b03b2705e5922ac474f16bd4f4c0ba609ca openssl-devel-1.0.1e-63.el6.tuxcare.els10.i686.rpm 1daf3370eea0751ade99ccea5195d69a949e5f7d openssl-devel-1.0.1e-63.el6.tuxcare.els10.x86_64.rpm bbaef14cfc9ec93d3c3c65ad585cd2557b0833cc openssl-perl-1.0.1e-63.el6.tuxcare.els10.x86_64.rpm 64f9227f1dc070d2bd993aebc4d9878cbeab0368 openssl-static-1.0.1e-63.el6.tuxcare.els10.x86_64.rpm 36ab207d2cddcd9def0fab4037cf40bb7e45c07a CLSA-2023:1687795205 TuxCare License Agreement 0 - CVE-2021-38371: Enforce STARTTLS sync point, client side in src/transports/smtp.c Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2021-38371: Enforce STARTTLS sync point, client side in src/transports/smtp.c

0 tuxcare-oraclelinux6-els exim-4.92.3-3.el6.tuxcare.els3.x86_64.rpm df4b7af77051883e16adb1c554b089f3e0453ffb exim-greylist-4.92.3-3.el6.tuxcare.els3.x86_64.rpm 4d4c9439cfca2635a783392b454cdfc35c60f137 exim-mon-4.92.3-3.el6.tuxcare.els3.x86_64.rpm eb47a31d8e38a7536a2e767358681d5b09ab38a1 exim-mysql-4.92.3-3.el6.tuxcare.els3.x86_64.rpm 718c118b665ebb51a7047e3f55af157a9a1b949d exim-pgsql-4.92.3-3.el6.tuxcare.els3.x86_64.rpm 4c0cb9ca163c8f98494c74ad20ac20a05fed4767 CLSA-2023:1688677210 TuxCare License Agreement 0 - Upgrade to tzdata-2023c (code and data are identical to 2023a) - Egypt now uses DST again, from April through October. - This year Morocco springs forward April 23, not April 30. - Palestine delays the start of DST this year. - Much of Greenland still uses DST from 2024 on. - America/Yellowknife now links to America/Edmonton. - tzselect can now use current time to help infer timezone. - Adapt 0003-continue-to-ship-posixrules.patch to the new source code. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to tzdata-2023c (code and data are identical to 2023a) - Egypt now uses DST again, from April through October. - This year Morocco springs forward April 23, not April 30. - Palestine delays the start of DST this year. - Much of Greenland still uses DST from 2024 on. - America/Yellowknife now links to America/Edmonton. - tzselect can now use current time to help infer timezone. - Adapt 0003-continue-to-ship-posixrules.patch to the new source code.

0 tuxcare-oraclelinux6-els tzdata-2023c-1.el6.tuxcare.els1.noarch.rpm 4670a43385dfd7ad2b5206881939663756e8907e tzdata-java-2023c-1.el6.tuxcare.els1.noarch.rpm da42fe03b8d466922f1096ee100f04622c6f69d1 CLSA-2023:1688677355 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs: - CVE-2023-21930: Improper connection handling during TLS handshake (8294474) - CVE-2023-21937: Missing string checks for NULL characters (8296622) - CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder (8295304) - CVE-2023-21939: Swing HTML parsing issue (8296832) - CVE-2023-21954: Incorrect enqueue of references in garbage collector (8298191) - CVE-2023-21967: Certificate validation issue in TLS session negotiation (8298310) - CVE-2023-21968: Missing check for slash characters in URI-to-path conversion (8298667) - Update tzdata requirement to 2023c to match JDK-8305113 - Include JDK-8271199 fix from the upcoming jdk8u382 in advance - Remove patches which are not used Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs: - CVE-2023-21930: Improper connection handling during TLS handshake (8294474) - CVE-2023-21937: Missing string checks for NULL characters (8296622) - CVE-2023-21938: Incorrect handling of NULL characters in ProcessBuilder (8295304) - CVE-2023-21939: Swing HTML parsing issue (8296832) - CVE-2023-21954: Incorrect enqueue of references in garbage collector (8298191) - CVE-2023-21967: Certificate validation issue in TLS session negotiation (8298310) - CVE-2023-21968: Missing check for slash characters in URI-to-path conversion (8298667) - Update tzdata requirement to 2023c to match JDK-8305113 - Include JDK-8271199 fix from the upcoming jdk8u382 in advance - Remove patches which are not used

0 tuxcare-oraclelinux6-els java-1.8.0-openjdk-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm 15b1d3141c5aa8ff62f468058e92ab0ced7f13cc java-1.8.0-openjdk-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm fb8dae170ddf7595ba7f3265a59de9ca84f31efe java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm a03d30f6518a426376968aac397883ed9e5863e2 java-1.8.0-openjdk-demo-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm 7233a3b7f8467d97f455142ab33bd890b8b2b0bb java-1.8.0-openjdk-devel-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm 6a7c0462c334352e5f742247ed6902f4dde9ac15 java-1.8.0-openjdk-devel-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm aa2c777c8304b70db167a9270570d443c69169a2 java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm 1a6ca53fd0be5271920c91299d5690a6db2c5f8d java-1.8.0-openjdk-headless-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm fb50b1cb76adec6f1d59a76b7c9a5cb8c30df13a java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el6.tuxcare.els1.noarch.rpm 3b922fd6bce0277924910154a2a65a63a69fbc70 java-1.8.0-openjdk-javadoc-debug-1.8.0.372.b07-1.el6.tuxcare.els1.noarch.rpm b3dd326da1677a0c21981dee741f24dc5719549e java-1.8.0-openjdk-src-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm 4c3a9a110d5faf20fd36cd84c0d2fa5f6a1b62ee java-1.8.0-openjdk-src-debug-1.8.0.372.b07-1.el6.tuxcare.els1.x86_64.rpm 618479074c9d39663054b3ca3951b7d5a93ca2df CLSA-2023:1689702307 TuxCare License Agreement 0 - CVE-2023-2953: added check for strdup failure, to avoid null pointer dereference Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-2953: added check for strdup failure, to avoid null pointer dereference

0 tuxcare-oraclelinux6-els openldap-2.4.40-16.el6.tuxcare.els3.i686.rpm 2caaadbdbe672eb9fe8d342cc071f86967b2aa1c openldap-2.4.40-16.el6.tuxcare.els3.x86_64.rpm ea1b043f8dc4e6d4aed82fedf6932ae80d7ce7a6 openldap-clients-2.4.40-16.el6.tuxcare.els3.x86_64.rpm 45296c4029e1fd7d0936ff083bdd7391f7e65d1a openldap-devel-2.4.40-16.el6.tuxcare.els3.i686.rpm b706dd30e307e95800daf2fc1ba4ef9c65a2013d openldap-devel-2.4.40-16.el6.tuxcare.els3.x86_64.rpm c48e11f3bdda38d5c49ec2e9cd7da3f731143122 openldap-servers-2.4.40-16.el6.tuxcare.els3.x86_64.rpm 7f05d77fd4e96aa117712605a1053d1e6aa365df openldap-servers-sql-2.4.40-16.el6.tuxcare.els3.x86_64.rpm b8085ab8ff400b2bbf629e97b09a61fa22202ff1 CLSA-2023:1689886120 TuxCare License Agreement 0 - CVE-2023-24329: part2: Start stripping C0 control and space chars in `urlsplit` - Also correct the first CVE-2023-24329 patch: Fix test_attributes_bad_scheme to check for non-ascii symbol as first character of url Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-24329: part2: Start stripping C0 control and space chars in `urlsplit` - Also correct the first CVE-2023-24329 patch: Fix test_attributes_bad_scheme to check for non-ascii symbol as first character of url

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els10.i686.rpm dd95e115feab80500504109c4c0eea7c40fe3881 python-2.6.6-70.el6.tuxcare.els10.x86_64.rpm 91449128cf9d9b773a90ddc94e8a445e95c568aa python-devel-2.6.6-70.el6.tuxcare.els10.i686.rpm 6a21927c26f4854c3d31668b4cde9be36d8713e6 python-devel-2.6.6-70.el6.tuxcare.els10.x86_64.rpm 703093a8ac5cacc3139bea0eae51b58fc3d193f9 python-libs-2.6.6-70.el6.tuxcare.els10.i686.rpm f37d06ebefd9794e7c856adb92732e649a12d2ce python-libs-2.6.6-70.el6.tuxcare.els10.x86_64.rpm dbd897577b229d6f9a775b27ad069648f29db726 python-test-2.6.6-70.el6.tuxcare.els10.x86_64.rpm 3e987c044bb32544f7da0a9350527e2ea37868cc python-tools-2.6.6-70.el6.tuxcare.els10.x86_64.rpm 5a18f05ad568a1c10ae76d414ca5d3c9153eb509 tkinter-2.6.6-70.el6.tuxcare.els10.x86_64.rpm e75daf076ae50137a4856ad89e46a965d859ef1b CLSA-2023:1691073510 TuxCare License Agreement 0 - update to CKBI 2.62 from NSS 3.91 - added new certificates: - # Certificate "BJCA Global Root CA1" - # Certificate "BJCA Global Root CA2" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.62 from NSS 3.91 - added new certificates: - # Certificate "BJCA Global Root CA1" - # Certificate "BJCA Global Root CA2"

0 tuxcare-oraclelinux6-els ca-certificates-2023.2.62-60.1.el6.tuxcare.els1.noarch.rpm 2c243d45536891772a163abe1dbdd221c7626ea5 CLSA-2023:1691073610 TuxCare License Agreement 0 - Update to CKBI 2.62 from NSS 3.91 - Added: - # Certificate "BJCA Global Root CA1" - # Certificate "BJCA Global Root CA2" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update to CKBI 2.62 from NSS 3.91 - Added: - # Certificate "BJCA Global Root CA1" - # Certificate "BJCA Global Root CA2"

0 tuxcare-oraclelinux6-els nss-3.44.0-12.el6.tuxcare.els4.i686.rpm d6048d45a2fd0f14af20a78eeabca70e8f1fe7db nss-3.44.0-12.el6.tuxcare.els4.x86_64.rpm 8002e53d838f477ba209575dc62c9b66ac96dbc5 nss-devel-3.44.0-12.el6.tuxcare.els4.i686.rpm 0180d13de221a36295597c7ca7b96053cf031c42 nss-devel-3.44.0-12.el6.tuxcare.els4.x86_64.rpm 26ab522b3bc5e0575ec7a46310d3fbe010b20880 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els4.i686.rpm 4f76a04741291706ce9f5749ba0a9ba09a46bbd8 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els4.x86_64.rpm 662b113d100280768a02db5e6a47d16436dcbe4c nss-sysinit-3.44.0-12.el6.tuxcare.els4.x86_64.rpm 8e39f72c53de2b97c08b2bd15c30f9430a3a72b3 nss-tools-3.44.0-12.el6.tuxcare.els4.x86_64.rpm 055ff2c87c8f0182a0785db65f88f5b967c47966 CLSA-2023:1691081639 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u382-b05. That fixes following CVEs: - CVE-2023-22045: Array indexing integer overflow issue. (8304468) - CVE-2023-22049: Improper handling of slash characters in URI-to-path conversion (8305312) - Remove patch for pkcs11 cause issue was fixed in sources Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u382-b05. That fixes following CVEs: - CVE-2023-22045: Array indexing integer overflow issue. (8304468) - CVE-2023-22049: Improper handling of slash characters in URI-to-path conversion (8305312) - Remove patch for pkcs11 cause issue was fixed in sources

0 tuxcare-oraclelinux6-els java-1.8.0-openjdk-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm 4e4a9ebee3016eedd73512f1a63916ab0ca2a88c java-1.8.0-openjdk-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm 0a033bf3be9ef7bd6237c3c562d8f48a12b1ccd6 java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm c10226a8a78ba78329ace7dc37d4958ba1747781 java-1.8.0-openjdk-demo-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm f6b4a45db65fe6f5a2d9e2d0a3d8dccc96cba2eb java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm c96dafdff2315c80857bc832177d58652c085e31 java-1.8.0-openjdk-devel-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm 8d0f601a2f2691a5e636d40257c5805ab68c68ae java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm 160c7e190cf6b9affcfd5719c2a4d518e44a7508 java-1.8.0-openjdk-headless-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm 4f5b813f51617cd29a7e0d2dec6e99ab3dd6c590 java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.el6.tuxcare.els1.noarch.rpm 352c0f8c7914105e61d4137fc58da7897ff9548a java-1.8.0-openjdk-javadoc-debug-1.8.0.382.b05-1.el6.tuxcare.els1.noarch.rpm 063ef25e2be71a7935b6908f953fa67bfb2cb38a java-1.8.0-openjdk-src-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm fc67efe74411307bc282c9b16632aade5a778797 java-1.8.0-openjdk-src-debug-1.8.0.382.b05-1.el6.tuxcare.els1.x86_64.rpm 55dab3bc3a16fd81679d9119e2a621696eb1f6bc CLSA-2023:1691576785 TuxCare License Agreement 0 - CVE-2023-38408: checks libraries before dlopen Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-38408: checks libraries before dlopen

0 tuxcare-oraclelinux6-els openssh-5.3p1-125.el6.tuxcare.els5.x86_64.rpm 2a414f9fddad376efe0c37df8ef3565ece2db90f openssh-askpass-5.3p1-125.el6.tuxcare.els5.x86_64.rpm 8daf9f4c87ebe7b0ae7e4181b9eee77d9ff8cb00 openssh-clients-5.3p1-125.el6.tuxcare.els5.x86_64.rpm 0fdf31e83cc8006f072f5c155c82f2a024637bf5 openssh-ldap-5.3p1-125.el6.tuxcare.els5.x86_64.rpm c1bebd66f4ff6a1d7109019232071eb242b21f71 openssh-server-5.3p1-125.el6.tuxcare.els5.x86_64.rpm 14d4d02cc392302e4d01a27842234a23cac97ce5 pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els5.i686.rpm ff6c90a7f3888ffe5a0df66f12d7cfe6a51aae13 pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els5.x86_64.rpm bf1745bb52c9f8d0c17a872db2c2244f3c94a2bc CLSA-2023:1692110278 TuxCare License Agreement 0 - Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593: - Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00; - Update AMD CPU microcode for processor family 19h: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10; Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593: - Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00; - Update AMD CPU microcode for processor family 19h: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10;

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.39.el6_10.tuxcare.els2.x86_64.rpm 36a57685827326deb1254480e7aff5115f1fda0d CLSA-2023:1692293738 TuxCare License Agreement 0 - CVE-2022-37705: fix tar option filtering - CVE-2023-30577: introduce tar option allow list Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-37705: fix tar option filtering - CVE-2023-30577: introduce tar option allow list

0 tuxcare-oraclelinux6-els amanda-2.6.1p2-9.el6_6.tuxcare.els1.i686.rpm 30c5a1b32562f84abbac2c75b0087b80173df10a amanda-2.6.1p2-9.el6_6.tuxcare.els1.x86_64.rpm b73d4c8bfcd41e46d741670821e11e2676e4480f amanda-client-2.6.1p2-9.el6_6.tuxcare.els1.x86_64.rpm 716bb5725db4423a167e6f981859a836e4bd455c amanda-devel-2.6.1p2-9.el6_6.tuxcare.els1.i686.rpm 542282f3d9ad3496536aea387224ec6beb35ed0a amanda-devel-2.6.1p2-9.el6_6.tuxcare.els1.x86_64.rpm fc7197788cece22951ac828fb9238f310e8fa4f6 amanda-server-2.6.1p2-9.el6_6.tuxcare.els1.x86_64.rpm 32e5e6e15309c394fe4683b1f89fe8cfb8a47bb0 CLSA-2023:1692293872 TuxCare License Agreement 0 - CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request

0 tuxcare-oraclelinux6-els libsmbclient-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.i686.rpm f959c5639981343245abab995846bb0af075a425 libsmbclient-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm 8e8f4f1fd24f759c68b6bff3de1856d99572463d libsmbclient-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.i686.rpm 985f2a6c68230703435cede248a320e6f56192b0 libsmbclient-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm c9752dfa9de2e939ca149e74735c621d2b76f088 samba-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm 339398bd9b4cd464ed0830abb6218557c88aa44a samba-client-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm 480404e04fa37a55ca86566d8e0828dc7b6fd18d samba-common-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.i686.rpm 320dbd166b62bff82da217fd2ff0be3761ef805b samba-common-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm ada07170649f7d26226128a9d56af4db972f0e6c samba-doc-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm b13e4b3f41248d3718cc7b8107addeda6d6ed990 samba-domainjoin-gui-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm 9bf56c727065eea9a8d1954dc98db9bc871645bc samba-glusterfs-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm 96c0912b75efb4949245e94676b97fd7a56b0eec samba-swat-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm dc0782b51e312d2835b6c20065932d9ab6c94f58 samba-winbind-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm 1ee21bfe16041a14e2ead49a3efe202ee3730c88 samba-winbind-clients-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.i686.rpm c69f2a0082b205f9d71ba9d1c739142c2fb8985b samba-winbind-clients-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm 22f9a8a9666a39443778fb5311abca1424aa9dee samba-winbind-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.i686.rpm 5c5f8a6b909e3e9b078efee0e60367eaf81f11cf samba-winbind-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm a346d7baa9b2f98224b53e301d280b52c230089c samba-winbind-krb5-locator-3.6.23-53.0.1.el6_10.tuxcare.ol.els1.x86_64.rpm 63aaba977a71ee06eb220b546892fb0501f43f74 CLSA-2023:1692817120 TuxCare License Agreement 0 - CVE-2023-3823: Fix external entity loading in XML without enabling by1 sanitizing libxml2 globals before parsing - CVE-2023-3824: Fix buffer mismanagement in phar_dir_read() Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-3823: Fix external entity loading in XML without enabling by1 sanitizing libxml2 globals before parsing - CVE-2023-3824: Fix buffer mismanagement in phar_dir_read()

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 0aa2f51c00c9a495621172c04ffb379c481a73db php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm bb52ba0aae090832d950c36f1059260c1ca4f3d8 php-cli-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm de8a1fe67dba6d9c0f654c1252b98638cf905e40 php-common-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 91d97d9b34477b89e1b628f9283404c56d74fc1a php-dba-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 411846fbd9ea35acb54929a437d33e94274ab00b php-devel-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 10f85ffecb0ee2d23fdce704313d6b344b0a0911 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 49663c9950467aa5ffb08a2f7f6098bb25435833 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 4c769cbc9e848c3aa656529ba2c464ce216528c0 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 9d4b239cd7543c024d0ffea8f12f322a5aa09b6f php-gd-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 30cfbd51383afb0d97be2308d2fb9b9c6231a0fa php-imap-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 58d7c7198ab2c3cd34ab5ce80f22037b943759a7 php-intl-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 84026e78d8f8579a8266a12a03aa712f27df1683 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 78d396fb8246cb63e914eb886537f62e66edb57f php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm f5f08a540188d13698db0b474ae904ff51719ec1 php-mysql-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm aad0aa0b4e95b371bd3fb2726e57024eafa949bc php-odbc-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm fec0f16100209ba3a34ce6851cc9c21db046373a php-pdo-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 6a6be20a4d8a51ed71836607c660861fe64f2619 php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 6ab89ddc5c190ced1f4175a82be6ff185fd3f1fc php-process-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm fe9a712450d43ed0036368f7cafd06646f3ff7d7 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 099a42e5b5d38eb6fa76d8da56b67cc98385ba75 php-recode-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 4b9c8fe0cf5ad52b02c8d0ab492cffd3718b13b3 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 9ec795f17c3125c059f0f22a4e2c1e2a438a6cdc php-soap-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm dbe4dd02a394f823d9337be5f9b0cf3a5fcf3fa7 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 441e66f3de6872a18c9fb0c7be913714faf26f82 php-xml-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm 6f7e01a3dcec5ffc3ac4ee90e6565fe18cd99d45 php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm bee3e2ebb561785191a392c2fdc8d69d870a131f php-zts-5.3.3-50.el6_10.tuxcare.ol.els6.x86_64.rpm c27ee0ddecacbf412e10c4046814bef0dbabf26b CLSA-2023:1693417671 TuxCare License Agreement 0 - Update Intel CPU microcode to microcode-20230808 release addresses CVE-2022-40982: - Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-03/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-03/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-be-00/0x11 microcode (in microcode.dat) at revision 0x11; - Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-be-00/0x01 microcode (in microcode.dat) at revision 0x10; - Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat) from revision 0x1000171 up to 0x1000181; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in microcode.dat) from revision 0x2006f05 up to 0x2007006; - Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat) from revision 0x4003501 up to 0x4003604; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003501 up to 0x5003604; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002601 up to 0x7002703; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd000390 up to 0xd0003a5; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xba up to 0xbc; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xaa up to 0xac; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x2a up to 0x2c; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x44 up to 0x46; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c; - Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a; - Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a; - Update of 06-9a-04/0x80 microcode (in microcode.dat) from revision 0x42a up to 0x42c; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c; - Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a; - Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a; - Update of 06-9a-04/0x80 microcode (in microcode.dat) from revision 0x42a up to 0x42c; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0xf8 up to 0xfa; - Update of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a7-01/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x58 up to 0x59; - Update of 06-b7-01/0x32 microcode (in microcode.dat) from revision 0x113 up to 0x119; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update Intel CPU microcode to microcode-20230808 release addresses CVE-2022-40982: - Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-03/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-02/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-ba-03/0xe0 microcode (in microcode.dat) at revision 0x4119; - Addition of 06-be-00/0x11 microcode (in microcode.dat) at revision 0x11; - Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-02/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-ba-03/0xc0 microcode (in microcode.dat) at revision 0x4112; - Removal of 06-be-00/0x01 microcode (in microcode.dat) at revision 0x10; - Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat) from revision 0x1000171 up to 0x1000181; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in microcode.dat) from revision 0x2006f05 up to 0x2007006; - Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat) from revision 0x4003501 up to 0x4003604; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003501 up to 0x5003604; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002601 up to 0x7002703; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd000390 up to 0xd0003a5; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xba up to 0xbc; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xaa up to 0xac; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x2a up to 0x2c; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x44 up to 0x46; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Update of 06-8f-04/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-04/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-05/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-05/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-06/0x10 microcode (in microcode.dat) from revision 0x2c0001d1 up to 0x2c000271; - Update of 06-8f-06/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Update of 06-8f-07/0x87 microcode (in microcode.dat) from revision 0x2b000461 up to 0x2b0004b1; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Addition of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c000271; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Removal of 06-8f-08/0x10 microcode (in microcode.dat) at revision 0x2c0001d1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Addition of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Removal of 06-8f-08/0x87 microcode (in microcode.dat) at revision 0x2b000461; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c; - Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a; - Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a; - Update of 06-9a-04/0x80 microcode (in microcode.dat) from revision 0x42a up to 0x42c; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c; - Addition of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42c; - Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a; - Removal of 06-9a-03/0x80 microcode (in microcode.dat) at revision 0x42a; - Update of 06-9a-04/0x80 microcode (in microcode.dat) from revision 0x42a up to 0x42c; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat) from revision 0xf2 up to 0xf4; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0xf8 up to 0xfa; - Update of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xf6 up to 0xf8; - Update of 06-a7-01/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x58 up to 0x59; - Update of 06-b7-01/0x32 microcode (in microcode.dat) from revision 0x113 up to 0x119; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Addition of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2e; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Removal of 06-97-02/0x07 microcode (in microcode.dat) at revision 0x2c; - Update of 06-97-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-02/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e; - Update of 06-bf-05/0x07 microcode (in microcode.dat) from revision 0x2c up to 0x2e;

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.40.el6_10.tuxcare.els1.x86_64.rpm 73513453e3a24c266e9fd3cddc64355f76e9cc79 CLSA-2023:1693417888 TuxCare License Agreement 0 - Fix bug that leads to amdump and runtar problem due to options recognized as invalid falsely None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fix bug that leads to amdump and runtar problem due to options recognized as invalid falsely

0 tuxcare-oraclelinux6-els amanda-2.6.1p2-9.el6_6.tuxcare.els2.i686.rpm 1a22ac1506965b58cfe234caa77d259ae8fd63c2 amanda-2.6.1p2-9.el6_6.tuxcare.els2.x86_64.rpm 862dedd38e49fc963241b465d0000c557820bd32 amanda-client-2.6.1p2-9.el6_6.tuxcare.els2.x86_64.rpm b66b155b9db551c276746eced1d95785139edb9b amanda-devel-2.6.1p2-9.el6_6.tuxcare.els2.i686.rpm d126c509825627e520b3d8609f9c74679088afb1 amanda-devel-2.6.1p2-9.el6_6.tuxcare.els2.x86_64.rpm bc83662023830609d9916deb3cf1a637b5f3209e amanda-server-2.6.1p2-9.el6_6.tuxcare.els2.x86_64.rpm 9e5e6e89c51ff956ac06459eb7b07b609da11f32 CLSA-2023:1693905084 TuxCare License Agreement 0 - CVE-2022-48174: fix unlikely stack overflow - testsuite was enabled Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-48174: fix unlikely stack overflow - testsuite was enabled

0 tuxcare-oraclelinux6-els busybox-1.15.1-21.el6_6.tuxcare.els2.x86_64.rpm a22960e2bdedbc53c7dcfd3159da1c572654e1d2 busybox-petitboot-1.15.1-21.el6_6.tuxcare.els2.x86_64.rpm f8ddcad1513e9915ae67c94c15b06878358c9f03 CLSA-2023:1694537251 TuxCare License Agreement 0 - CVE-2022-47673: Fix multiple out of bound reads which may cause a DoS - CVE-2022-47695: Fix NULL pointer segmentation fault which may cause a DoS - CVE-2022-47696: Fix read of unitialized field which may cause a DoS Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-47673: Fix multiple out of bound reads which may cause a DoS - CVE-2022-47695: Fix NULL pointer segmentation fault which may cause a DoS - CVE-2022-47696: Fix read of unitialized field which may cause a DoS

0 tuxcare-oraclelinux6-els binutils-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els6.x86_64.rpm 1017ff8563238ec303cbc46ef3f8f32c966aa8e0 binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els6.i686.rpm 2e526f70207670ebc7d670170e24829dea0297af binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els6.x86_64.rpm 30b615b8e0d724f00d6990ba219513c8fa68b004 CLSA-2023:1695063445 TuxCare License Agreement 0 - CVE-2023-4733: verify oldwin pointer after reset_VIsual() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-4733: verify oldwin pointer after reset_VIsual()

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm 75352031984c74a235640d3733f48f0bbc5cc7d6 vim-common-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm 0fd15b6ab4c04f8e8a12c70d4a894d8c3ac2929f vim-enhanced-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm cfa6c2b4645d2bcce6d9b3507d5c53bc223958fc vim-filesystem-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm f259a0e89ac88e679c2039e4fd4cdcd34b1abd9c vim-minimal-7.4.629-5.2.el6.tuxcare.els42.x86_64.rpm e504705df79b97d6194e3f601aa19ba96bc269e6 CLSA-2023:1695319769 TuxCare License Agreement 0 - CVE-2023-4736: improve search path to avoid run an executable in untrusted dir Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-4736: improve search path to avoid run an executable in untrusted dir

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm 060f761be62cbf8048f2d78b1b8437f631bfd61f vim-common-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm 5b0acb2d43f3220c860fc18b9e90c131c63c6a4b vim-enhanced-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm 71b6816692249063ffbacfdfa825bd7c47f445dd vim-filesystem-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm 93b6c9d5af41e452adef54895fea1f7196c4c7d8 vim-minimal-7.4.629-5.2.el6.tuxcare.els44.x86_64.rpm 8cbda3db4a0c1584322ff42d36e0ff5c55793054 CLSA-2023:1695835793 TuxCare License Agreement 0 - CVE-2020-22218: doing total_num zero length check Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-22218: doing total_num zero length check

0 tuxcare-oraclelinux6-els libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els1.i686.rpm 729d344c03608f48b2f9205724f7f04b52f2d226 libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els1.x86_64.rpm a4de4766f0aee5637789e14b093b8d6b47e320e6 libssh2-devel-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els1.i686.rpm df82c1013132d624c678f267b32fef9713dc64c2 libssh2-devel-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els1.x86_64.rpm 4a99feb77727be9a80020598ce023eb30393b8a7 libssh2-docs-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els1.x86_64.rpm c908a6007e2342580fcde85b1dfdd323ac426c7e CLSA-2023:1696878020 TuxCare License Agreement 0 - CVE-2022-48565: Reject XML entity declarations in plist files Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-48565: Reject XML entity declarations in plist files

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els11.i686.rpm 69c9950b0229dc70369693794b04ae3a7cecb994 python-2.6.6-70.el6.tuxcare.els11.x86_64.rpm 026de7b4184626cec5b5c9837a6277fd4faf9adf python-devel-2.6.6-70.el6.tuxcare.els11.i686.rpm 2e3cf6aa88f8def572459f03796d9e9ace4199aa python-devel-2.6.6-70.el6.tuxcare.els11.x86_64.rpm e0355741296d204212a017581f280554cabb38a9 python-libs-2.6.6-70.el6.tuxcare.els11.i686.rpm 449d5e89a71f7ce166ce06a39e8b06c37a25ae0a python-libs-2.6.6-70.el6.tuxcare.els11.x86_64.rpm 5b2ffeaed0fb00c82011f2e3a88587af172a89b5 python-test-2.6.6-70.el6.tuxcare.els11.x86_64.rpm ba1c57928e491092f3b71f07d1f9fe4835ee6ef9 python-tools-2.6.6-70.el6.tuxcare.els11.x86_64.rpm 873a425455972b0943f9415bd5dd44a011d08840 tkinter-2.6.6-70.el6.tuxcare.els11.x86_64.rpm c04c74d31c7c35e0203f074dd5b1cfadea4be142 CLSA-2023:1696970948 TuxCare License Agreement 0 - CVE-2020-19726: Fix an illegal memory access in the BFD library which can be triggered by attempting to parse a corrupt PE format file Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-19726: Fix an illegal memory access in the BFD library which can be triggered by attempting to parse a corrupt PE format file

0 tuxcare-oraclelinux6-els binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els7.x86_64.rpm 7d1840a18e231a7859bad71265043b0f7bd45c51 binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els7.i686.rpm ac99eacc1837290d214208e9fb7ff51c74aa364d binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els7.x86_64.rpm e27e449085c04c4d4c6dcea9070e852cff6096d0 CLSA-2023:1697135462 TuxCare License Agreement 0 - CVE-2023-1999: avoids a double free Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-1999: avoids a double free

0 tuxcare-oraclelinux6-els libwebp-0.4.3-3.el6.tuxcare.els1.i686.rpm fdf1529c1f4beffbe30edbc7be00b25b9de28b41 libwebp-0.4.3-3.el6.tuxcare.els1.x86_64.rpm 631305acf2fce6f46763f2f6b2dc6b14e98753ee libwebp-devel-0.4.3-3.el6.tuxcare.els1.i686.rpm 6071953969dff2d5de3b15b267279f79f25a6c82 libwebp-devel-0.4.3-3.el6.tuxcare.els1.x86_64.rpm 155a869e803a0d4f90e81a31e5cd041eade7057f libwebp-java-0.4.3-3.el6.tuxcare.els1.x86_64.rpm b67b2eb9bd634a18fed3125c100d0de75331fa4c libwebp-tools-0.4.3-3.el6.tuxcare.els1.x86_64.rpm 20898cbf82a09a9b5b2743780eb4fd3b6b12f7ad CLSA-2023:1697135570 TuxCare License Agreement 0 - CVE-2023-3341: Limit isccc_cc_fromwire recursion depth Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-3341: Limit isccc_cc_fromwire recursion depth

0 tuxcare-oraclelinux6-els bind-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm b8e995d935cecc35331bc09f4ac2f874155845ee bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm d141efc20dd3e2fb9468542f0a3e3e5219d04246 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els7.i686.rpm 3842078430ea88b025020bb04301a3fdb6e15eb4 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm 8cb37665b3c8d286e3911a4ce01d9156b85e9b7c bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els7.i686.rpm f6802170a3bf090194a946fb4e66a9462a427c01 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm e388790949038e75258a19ff64ae510997217645 bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm ba95578c649319a03e96073878015eee8f784d10 bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els7.x86_64.rpm ca06bedfab84c66d91830e0e7c7188471d00f7ec CLSA-2023:1697464394 TuxCare License Agreement 0 - CVE-2023-38546: cookie: remove unnecessary struct fields - Rebuild expired test certificates Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-38546: cookie: remove unnecessary struct fields - Rebuild expired test certificates

0 tuxcare-oraclelinux6-els curl-7.19.7-59.el6.tuxcare.els10.x86_64.rpm 516910b3b380657e5bbeaac9b9b9f65658b6c32f libcurl-7.19.7-59.el6.tuxcare.els10.i686.rpm 9191537daea245221362378b9707e453f3bffb41 libcurl-7.19.7-59.el6.tuxcare.els10.x86_64.rpm d7e2a714a3cdc53b1c19fd83ec48e78b31ae7721 libcurl-devel-7.19.7-59.el6.tuxcare.els10.i686.rpm 1a3e3f0e16590a48cd0a7dde92bad97cec74f997 libcurl-devel-7.19.7-59.el6.tuxcare.els10.x86_64.rpm 5cd4b00a053a34ba4bc933dcc7f308491a075f5f CLSA-2023:1697481196 TuxCare License Agreement 0 - CVE-2023-42114: fix possible OOB read in SPA authenticator - CVE-2023-42116: fix possible OOB write in SPA authenticator Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-42114: fix possible OOB read in SPA authenticator - CVE-2023-42116: fix possible OOB write in SPA authenticator

0 tuxcare-oraclelinux6-els exim-4.92.3-3.el6.tuxcare.els4.x86_64.rpm 9566cb87476a461f0baa8ad2b4ae75546e4e80c6 exim-greylist-4.92.3-3.el6.tuxcare.els4.x86_64.rpm f2301b774f4ab29e1d928a258459a85451a43ec1 exim-mon-4.92.3-3.el6.tuxcare.els4.x86_64.rpm d55ff4e12eef09795121a8767e601fb6d5c45bd2 exim-mysql-4.92.3-3.el6.tuxcare.els4.x86_64.rpm 3381e734e9a397e25a103675d07b64c7bffca8d8 exim-pgsql-4.92.3-3.el6.tuxcare.els4.x86_64.rpm e9e2c043b23453194ca2f85a3c17941dd1649310 CLSA-2023:1697817547 TuxCare License Agreement 0 - CVE-2023-44487: HTTP/2 - per-iteration stream handling limit Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-44487: HTTP/2 - per-iteration stream handling limit

0 tuxcare-oraclelinux6-els nginx-1.10.3-4.el6.tuxcare.els6.x86_64.rpm e5dea05a8bc2f96888f67ea4a5e442efad26d2ae nginx-all-modules-1.10.3-4.el6.tuxcare.els6.noarch.rpm eba6b6f5556f18c416eb47bacf58d8dabb4d8438 nginx-filesystem-1.10.3-4.el6.tuxcare.els6.noarch.rpm f156a04287445a52c3d8480d359b5ef8645d7878 nginx-mod-http-geoip-1.10.3-4.el6.tuxcare.els6.x86_64.rpm 3963a54585c380f4d7114042d68f76f2c1d738f0 nginx-mod-http-image-filter-1.10.3-4.el6.tuxcare.els6.x86_64.rpm 50632ce3632bbaf92c77e4a60b261b801475111c nginx-mod-http-perl-1.10.3-4.el6.tuxcare.els6.x86_64.rpm 341d7cfa76814d550178218658f4a3de085b4276 nginx-mod-http-xslt-filter-1.10.3-4.el6.tuxcare.els6.x86_64.rpm b2c07898e4226c14bd7a8cf9a659615ad5f81b1a nginx-mod-mail-1.10.3-4.el6.tuxcare.els6.x86_64.rpm 85f7a0ca1f30a88afaff93fbf3297bd0a29d910f nginx-mod-stream-1.10.3-4.el6.tuxcare.els6.x86_64.rpm 2abe49384bcdcd88fc1147db2f62bad24119f8d5 CLSA-2023:1697817694 TuxCare License Agreement 0 - CVE-2023-41360: don't read the first byte of ORF header if we are ahead of stream - CVE-2023-41358: do not process NLRIs if the attribute length is zero Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-41360: don't read the first byte of ORF header if we are ahead of stream - CVE-2023-41358: do not process NLRIs if the attribute length is zero

0 tuxcare-oraclelinux6-els quagga-0.99.15-14.0.2.el6.tuxcare.ol.els2.x86_64.rpm 12328a9dc8e8f2865679d8dd4add1cc7463d0ce2 quagga-contrib-0.99.15-14.0.2.el6.tuxcare.ol.els2.x86_64.rpm 9444a76d4ddb55f5a997ef16bb620b34c9b529db quagga-devel-0.99.15-14.0.2.el6.tuxcare.ol.els2.i686.rpm 898257ef06f4fdef01e2f43c3ab9ced24049828d quagga-devel-0.99.15-14.0.2.el6.tuxcare.ol.els2.x86_64.rpm ff84ae905c9eb1c5af63c4dc82bd0f292796c816 CLSA-2023:1698101835 TuxCare License Agreement 0 - CVE-2022-48560: Fix SIGSEGV in Python via heappushpop in heapq Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-48560: Fix SIGSEGV in Python via heappushpop in heapq

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els12.i686.rpm 316f35c203ed5174bff8c495adc50bb646f20b42 python-2.6.6-70.el6.tuxcare.els12.x86_64.rpm 10656a57094c2dc85b2adf25943cd6777bc8c074 python-devel-2.6.6-70.el6.tuxcare.els12.i686.rpm d237717f27ddccfbb927bba20fed542246706f52 python-devel-2.6.6-70.el6.tuxcare.els12.x86_64.rpm 57123396cac5076a5e1e8cfc4a0bd8beb335e05f python-libs-2.6.6-70.el6.tuxcare.els12.i686.rpm 78dc9b16453e993e6646a4a72f3a26be66cf8b98 python-libs-2.6.6-70.el6.tuxcare.els12.x86_64.rpm 0112bc1382256fdaa83dcb1be6bacb737e4b131a python-test-2.6.6-70.el6.tuxcare.els12.x86_64.rpm 4ab6d967f4928186e59270d4467a92a010150035 python-tools-2.6.6-70.el6.tuxcare.els12.x86_64.rpm 963497e56b7abf46286853008aef08c2245d69e5 tkinter-2.6.6-70.el6.tuxcare.els12.x86_64.rpm 056c78fa48c64da19ab320dc4c4e8fc17d3a75c6 CLSA-2023:1698179730 TuxCare License Agreement 0 - CVE-2023-45853: Reject overflows of zip header fields in minizip Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-45853: Reject overflows of zip header fields in minizip

0 tuxcare-oraclelinux6-els minizip-1.2.3-29.el6.tuxcare.els3.i686.rpm f0cc0f9271931f591109c42b4c839f966639bc51 minizip-1.2.3-29.el6.tuxcare.els3.x86_64.rpm 82c2089282d3650c44cf2b24d530b08a4f247661 minizip-devel-1.2.3-29.el6.tuxcare.els3.i686.rpm f6357adb1ae41bda732bce30c635e39270f8eecf minizip-devel-1.2.3-29.el6.tuxcare.els3.x86_64.rpm 9eb14527afc0a89cf3a63b7a8ccdafe2ea7af904 zlib-1.2.3-29.el6.tuxcare.els3.i686.rpm a6a0b3ba7bb462e80427824d17adb15c1875bb7e zlib-1.2.3-29.el6.tuxcare.els3.x86_64.rpm 208496e8dd1c9b89ee44370effa83fb445ab9423 zlib-devel-1.2.3-29.el6.tuxcare.els3.i686.rpm ffaba258bc9dcc7313dda9c9d9c738265f529fc0 zlib-devel-1.2.3-29.el6.tuxcare.els3.x86_64.rpm f7c9d40f8326cc6174558a9fd021b207cc1f055c zlib-static-1.2.3-29.el6.tuxcare.els3.x86_64.rpm ac62abc459b4fea2b0d1963a4de01b72c9c4ab9d CLSA-2023:1698351940 TuxCare License Agreement 0 - CVE-2023-5441: segfault in exmode - CVE-2023-5344: buffer overflow in trunc_string() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-5441: segfault in exmode - CVE-2023-5344: buffer overflow in trunc_string()

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm 7bb357872ea7ab19094b469ef772289e5a567af3 vim-common-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm 542b155c05537a6ebd42860a415f4ad5d81a1654 vim-enhanced-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm ccc4b2e79323f21d782446b3631ba85334ed235f vim-filesystem-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm d2a4bc045016aef5e40fb1ad21b4d747143d8e0f vim-minimal-7.4.629-5.2.el6.tuxcare.els45.x86_64.rpm ba57e6acac1cd023514ce5c0a3abaee9cb7819bb CLSA-2023:1699393971 TuxCare License Agreement 0 - CVE-2016-4658: disallow namespace nodes in XPointer ranges Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2016-4658: disallow namespace nodes in XPointer ranges

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els4.i686.rpm 9a497bbe50966e5df6fdd8ceeacbf7adaf72fce1 libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els4.x86_64.rpm 0a6fadfe0c9525e82761f36b99d4793c5474ce20 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els4.i686.rpm 14dd30e704ba81194ae015f1c4ecdc1ddf29ef5a libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els4.x86_64.rpm 2c63fcfe9b4ba996daa9f0df8a6a950c87a5b754 libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els4.x86_64.rpm 5e143c6df49e98883b777c16b54d20b4ccea182f libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els4.x86_64.rpm 3d2d24ff77f828e3798427723116e05a5fd7a74f CLSA-2023:1699908687 TuxCare License Agreement 0 - CVE-2022-3559: Fix $regex<n> use-after-free Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-3559: Fix $regex<n> use-after-free

0 tuxcare-oraclelinux6-els exim-4.92.3-3.el6.tuxcare.els5.x86_64.rpm 2ffb7262c5c12cea5da0b06ef19e9bdb75e2e9ab exim-greylist-4.92.3-3.el6.tuxcare.els5.x86_64.rpm 05447e690e5537508d16e2919f15d973dc791cbf exim-mon-4.92.3-3.el6.tuxcare.els5.x86_64.rpm d283a2be7d9e474a9ebfad2a59967bf1f9475371 exim-mysql-4.92.3-3.el6.tuxcare.els5.x86_64.rpm f90b9e4fa59bf5653a4e77b9ae016261dff25b93 exim-pgsql-4.92.3-3.el6.tuxcare.els5.x86_64.rpm 072c3619b1afc0edff1baedd86fc3325b7208cef CLSA-2023:1700164647 TuxCare License Agreement 0 - CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els8.x86_64.rpm 87e5523389e647f88153b874d375ea8118e5da22 CLSA-2023:1700590262 TuxCare License Agreement 0 - openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639} - xen/blkfront: fix leaking data in shared pages {CVE-2022-26365} - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386} - btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448} - filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220} - Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220} - ath9k: release allocated buffer if timed out {CVE-2019-19074} - net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436} - memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141} - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559} - ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639} - xen/blkfront: fix leaking data in shared pages {CVE-2022-26365} - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386} - btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448} - filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220} - Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220} - ath9k: release allocated buffer if timed out {CVE-2019-19074} - net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436} - memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141} - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559} - ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm a65ee5c154838296c70c0110121b8674314544f9 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm 2f8bb3c13570f1e52619806906e4c55339495cfb kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els13.i686.rpm 6d0c918cbe6952db963ac188d54749a706c2c80e kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm d39ce333b7f8d05f3da73d300a5a15397cef38ad kernel-devel-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm c0915b295561bd3daab0fd93710f3249c521c9d4 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm c7ebd311c1ff6633fd4585d065d3cfb7c43f1778 perf-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm 7b4071eacf95023040c1c819fe5d822301028383 python-perf-2.6.32-754.35.8.el6.tuxcare.els13.x86_64.rpm 23bfa4f2f745b095326222327faeb11cd9dc5ee5 CLSA-2023:1700590886 TuxCare License Agreement 0 - openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639} - xen/blkfront: fix leaking data in shared pages {CVE-2022-26365} - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386} - btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448} - filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220} - Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220} - ath9k: release allocated buffer if timed out {CVE-2019-19074} - net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436} - memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141} - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559} - ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850} None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- openvswitch: fix OOB access in reserve_sfa_size() {CVE-2022-2639} - xen/blkfront: fix leaking data in shared pages {CVE-2022-26365} - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() {CVE-2020-36386} - btrfs: only search for left_info if there is no right_info in try_merge_free_space {CVE-2019-19448} - filldir[64]: remove WARN_ON_ONCE() for bad directory entries {CVE-2019-10220} - Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220} - ath9k: release allocated buffer if timed out {CVE-2019-19074} - net: sched: sch_qfq: prevent slab-out-of-bounds in {CVE-2023-31436} - memstick: r592: Fix UAF bug in r592_remove due to race {CVE-2023-3141} - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid {CVE-2023-23559} - ext4: fix kernel infoleak via ext4_extent_header {CVE-2022-0850}

0 tuxcare-oraclelinux6-els kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els13.noarch.rpm c2f7b9b2599d8d821035b968b733b47908472024 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els13.noarch.rpm 33d02032ef49225e77aed33b07e23dfcb2ce4493 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els13.noarch.rpm 1c56564bf087e41b6b10bccbf151b7f4225e4cdf CLSA-2023:1700686509 TuxCare License Agreement 0 - Fix silent microcode rejection in some cases - Loading to /dev/null is enabled on VM None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fix silent microcode rejection in some cases - Loading to /dev/null is enabled on VM

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.40.el6_10.tuxcare.els2.x86_64.rpm fb03f1d78e4165ca0e394dc00008b90f4f5ca181 CLSA-2023:1700834882 TuxCare License Agreement 0 - CVE-2023-3961: Fix a path traversal out of the socket directory Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-3961: Fix a path traversal out of the socket directory

0 tuxcare-oraclelinux6-els libsmbclient-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.i686.rpm f679361e87e2f73a32898cb16291e83ee837f120 libsmbclient-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm 3329f1e5aeee2df14c8e012f23f808dc47daba5c libsmbclient-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.i686.rpm 353dbca896c061ddd465764557322f0ac5f08417 libsmbclient-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm 95dce2a43d0b8d084a43ecd2ca9b5f3185cad190 samba-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm 1cfbab0bbe731d3d3d93ea802bb195165426c24d samba-client-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm 7ce050d03e8f2e874ab50d0fb3ac1e3fc81376d4 samba-common-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.i686.rpm c8fddb05da06190777c5d0569c0ff11f5cbdb7da samba-common-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm bb1866223db41f5078f8dabf9f59e978c510ad1b samba-doc-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm cd639e7fd887944738f2eee28c900421ac8f53ff samba-domainjoin-gui-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm 683aadc90aec83f7ff972b6ccc3cfef0b0df1191 samba-glusterfs-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm a5566e940e2dd5d617514132a53dd840dcbd6421 samba-swat-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm a2361bd58b498d8800cfbe242ffd144d76e3e55a samba-winbind-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm 3cd547297de629958eba5d8e381d254807438718 samba-winbind-clients-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.i686.rpm 6712247388eeb0374f3845abcd43933bdd638564 samba-winbind-clients-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm 13c259cc2f5ee5554fa317639538d5a53cc7557c samba-winbind-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.i686.rpm 97fbf888d0ff151d1180a7667777fe85adcbfaf1 samba-winbind-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm d1f4d73103410a5d31ef195cebd15cf2ada5278c samba-winbind-krb5-locator-3.6.23-53.0.1.el6_10.tuxcare.ol.els2.x86_64.rpm 25f04b09f2d88025da4b53d90376c7785f1a7649 CLSA-2023:1701284898 TuxCare License Agreement 0 - CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-46847: Fix stack buffer overflow when parsing Digest Authorization

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els4.x86_64.rpm 8eac8be568dbd72b21907335f8d679c81993961d CLSA-2023:1701285122 TuxCare License Agreement 0 - CVE-2023-46724: Fix validation of certificates with CN=* Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-46724: Fix validation of certificates with CN=*

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els3.x86_64.rpm 913c6215746122afb8f60906a83ae5cb6f9f832d CLSA-2023:1701285323 TuxCare License Agreement 0 - CVE-2023-42117: fix string_is_ip_address() Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-42117: fix string_is_ip_address()

0 tuxcare-oraclelinux6-els exim-4.92.3-3.el6.tuxcare.els6.x86_64.rpm a1c23476228b6d170591233a4844f570cb3e6133 exim-greylist-4.92.3-3.el6.tuxcare.els6.x86_64.rpm 0406395ac97e7205851fee903fdb301662878235 exim-mon-4.92.3-3.el6.tuxcare.els6.x86_64.rpm 6f4f2cb1fd931422e5cef7ca18423f175fc250e9 exim-mysql-4.92.3-3.el6.tuxcare.els6.x86_64.rpm b4d376b025a80c02b52623193384754dee705fcb exim-pgsql-4.92.3-3.el6.tuxcare.els6.x86_64.rpm 3bc1ce2edb7c81044ff5e2282d457be0f4e6c625 CLSA-2023:1701446356 TuxCare License Agreement 0 - CVE-2022-3515: detect a possible overflow directly in the TLV parser - CVE-2022-47629: fix an integer overflow in the CRL signature parser Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-3515: detect a possible overflow directly in the TLV parser - CVE-2022-47629: fix an integer overflow in the CRL signature parser

0 tuxcare-oraclelinux6-els libksba-1.0.7-4.el6.tuxcare.els1.i686.rpm 2988499b838193741d2b5aee227e57f8a1d15169 libksba-1.0.7-4.el6.tuxcare.els1.x86_64.rpm e041e97da8484b0852805f7bf29f5fa4079d8dea libksba-devel-1.0.7-4.el6.tuxcare.els1.i686.rpm 3e3c9b8b05e27cd56080c906c65a1fcc105beb34 libksba-devel-1.0.7-4.el6.tuxcare.els1.x86_64.rpm ada686db7fdefa63ab2c9f50a689f0512277b7c2 CLSA-2023:1702420529 TuxCare License Agreement 0 - Update Intel CPU microcode to microcode-20231114 release, addresses CVE-2023-23583 (INTEL-SA-00950): - Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in 06-6a-06) from revision 0xd0003a5 up to 0xd0003b9; - Update of 06-6c-01/0x10 (ICL-D B0) microcode (in 06-6c-01) from revision 0x1000230 up to 0x1000268; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in 06-7e-05) from revision 0xbc up to 0xc2; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in 06-8c-01) from revision 0xac up to 0xb4; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in 06-8c-02) from revision 0x2c up to 0x34; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in 06-8d-01) from revision 0x46 up to 0x4e; - Update of 06-8f-04/0x10 microcode (in 06-8f-04) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-04) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-04) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000271; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000271; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004b1; - Update of 06-8f-04/0x10 microcode (in 06-8f-05) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-05) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-05) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000271; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000271; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004b1; - Update of 06-8f-04/0x10 microcode (in 06-8f-06) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-06) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-06) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000271; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000271; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004b1; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004b1; - Update of 06-8f-04/0x10 microcode (in 06-8f-08) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-08) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-08) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000271; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000271; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004b1; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x2e; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x2e; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-02) from revision 0x2e up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2e up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2e up to 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x2e; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x2e; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-05) from revision 0x2e up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2e up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2e up to 0x32; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x430; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x42c; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x42c; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-03) from revision 0x42c up to 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x430; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x42c; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x42c; - Update of 06-9a-04/0x40 (AZB A0) microcode (in 06-9a-04) from revision 0x4 up to 0x5; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-04) from revision 0x42c up to 0x430; - Update of 06-a7-01/0x02 (RKL-S B0) microcode (in 06-a7-01) from revision 0x59 up to 0x5d; - Update of 06-b7-01/0x32 (RPL-S B0) microcode (in 06-b7-01) from revision 0x119 up to 0x11d; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at revision 0x411c; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at revision 0x411c; - Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at revision 0x4119; - Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at revision 0x4119; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in 06-ba-02) from revision 0x4119 up to 0x411c; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at revision 0x411c; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at revision 0x411c; - Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at revision 0x4119; - Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at revision 0x4119; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in 06-ba-03) from revision 0x4119 up to 0x411c; - Update of 06-be-00/0x11 (ADL-N A0) microcode (in 06-be-00) from revision 0x11 up to 0x12; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x2e; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x2e; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-02) from revision 0x2e up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2e up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2e up to 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x2e; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x2e; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-05) from revision 0x2e up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2e up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2e up to 0x32. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update Intel CPU microcode to microcode-20231114 release, addresses CVE-2023-23583 (INTEL-SA-00950): - Update of 06-6a-06/0x87 (ICX-SP D0) microcode (in 06-6a-06) from revision 0xd0003a5 up to 0xd0003b9; - Update of 06-6c-01/0x10 (ICL-D B0) microcode (in 06-6c-01) from revision 0x1000230 up to 0x1000268; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in 06-7e-05) from revision 0xbc up to 0xc2; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in 06-8c-01) from revision 0xac up to 0xb4; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode (in 06-8c-02) from revision 0x2c up to 0x34; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode (in 06-8d-01) from revision 0x46 up to 0x4e; - Update of 06-8f-04/0x10 microcode (in 06-8f-04) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-04) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-04) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000271; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-04) at revision 0x2c000271; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-04) at revision 0x2b0004b1; - Update of 06-8f-04/0x10 microcode (in 06-8f-05) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-05) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-05) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000271; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-05) at revision 0x2c000271; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-05) at revision 0x2b0004b1; - Update of 06-8f-04/0x10 microcode (in 06-8f-06) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-06) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-06) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000271; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-06) at revision 0x2c000271; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-06) at revision 0x2b0004b1; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-07) at revision 0x2b0004b1; - Update of 06-8f-04/0x10 microcode (in 06-8f-08) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in 06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in 06-8f-08) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in 06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-06/0x10 microcode (in 06-8f-08) from revision 0x2c000271 up to 0x2c000290; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in 06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in 06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000290; - Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000290; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000271; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in 06-8f-08) at revision 0x2c000271; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004d0; - Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004d0; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004b1; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in 06-8f-08) at revision 0x2b0004b1; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x2e; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-02) at revision 0x2e; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-02) from revision 0x2e up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2e up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-02) from revision 0x2e up to 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x2e; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-97-05) at revision 0x2e; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-97-05) from revision 0x2e up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2e up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-97-05) from revision 0x2e up to 0x32; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x430; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x42c; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-03) at revision 0x42c; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-03) from revision 0x42c up to 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x430; - Addition of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x430; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x42c; - Removal of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in 06-9a-04) at revision 0x42c; - Update of 06-9a-04/0x40 (AZB A0) microcode (in 06-9a-04) from revision 0x4 up to 0x5; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in 06-9a-04) from revision 0x42c up to 0x430; - Update of 06-a7-01/0x02 (RKL-S B0) microcode (in 06-a7-01) from revision 0x59 up to 0x5d; - Update of 06-b7-01/0x32 (RPL-S B0) microcode (in 06-b7-01) from revision 0x119 up to 0x11d; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at revision 0x411c; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at revision 0x411c; - Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at revision 0x4119; - Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-02) at revision 0x4119; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in 06-ba-02) from revision 0x4119 up to 0x411c; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at revision 0x411c; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at revision 0x411c; - Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at revision 0x4119; - Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in 06-ba-03) at revision 0x4119; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in 06-ba-03) from revision 0x4119 up to 0x411c; - Update of 06-be-00/0x11 (ADL-N A0) microcode (in 06-be-00) from revision 0x11 up to 0x12; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x2e; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-02) at revision 0x2e; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-02) from revision 0x2e up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2e up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-02) from revision 0x2e up to 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x32; - Addition of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x32; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x2e; - Removal of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in 06-bf-05) at revision 0x2e; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in 06-bf-05) from revision 0x2e up to 0x32; - Update of 06-bf-02/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2e up to 0x32; - Update of 06-bf-05/0x07 (ADL C0) microcode (in 06-bf-05) from revision 0x2e up to 0x32.

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.41.el6_10.tuxcare.els1.x86_64.rpm 9652ab8323ac2c75d245509034145a03ce13ab1b CLSA-2023:1702495796 TuxCare License Agreement 0 - CVE-2023-46728: Remove support for Gopher protocol - Enable test-suite Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-46728: Remove support for Gopher protocol - Enable test-suite

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els9.x86_64.rpm 639d0d760bb6534ef4e30b7db5da41836c112eff CLSA-2023:1702495907 TuxCare License Agreement 0 - CVE-2023-46728: Remove support for Gopher protocol Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-46728: Remove support for Gopher protocol

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els5.x86_64.rpm f98be8ca063cbc336d3869497024818528b6bc51 CLSA-2023:1703183930 TuxCare License Agreement 0 - CVE-2023-45539: do not accept '#' as part of the URI component Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-45539: do not accept '#' as part of the URI component

0 tuxcare-oraclelinux6-els haproxy-1.5.18-1.el6.tuxcare.els1.x86_64.rpm 15c6af7f43c7efbf71448932a22c22a5cbeb3ea5 CLSA-2023:1703184036 TuxCare License Agreement 0 - CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead - CVE-2023-49286: Fix DoS attack against Helper process management Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead - CVE-2023-49286: Fix DoS attack against Helper process management

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els6.x86_64.rpm 9013cd75df5e447fe13eed04dd34d886ee821067 CLSA-2023:1703184171 TuxCare License Agreement 0 - CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead - CVE-2023-49286: Fix DoS attack against Helper process management Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-49285: Fix date parsing in RFC 1123 to prevent Buffer OverRead - CVE-2023-49286: Fix DoS attack against Helper process management

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els10.x86_64.rpm 2a040896be7c816663c51f6765602626f5eff8f9 CLSA-2023:1703784959 TuxCare License Agreement 0 - CVE-2023-51385: ban user/hostnames with most shell metacharacters in command line Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-51385: ban user/hostnames with most shell metacharacters in command line

0 tuxcare-oraclelinux6-els openssh-5.3p1-125.el6.tuxcare.els6.x86_64.rpm e15126351d83b0c84ed939a08e19693b94881895 openssh-askpass-5.3p1-125.el6.tuxcare.els6.x86_64.rpm 6abb65d5459636604228294c6e9cf1e7fb622512 openssh-clients-5.3p1-125.el6.tuxcare.els6.x86_64.rpm 79c4410579f7878a6c57853640037b55286d4d40 openssh-ldap-5.3p1-125.el6.tuxcare.els6.x86_64.rpm de4f7193da9354e6f59efaee9e721bf81bdc2ca4 openssh-server-5.3p1-125.el6.tuxcare.els6.x86_64.rpm e7f6c77130ca432a46df8f3457e1b3e2b9377e00 pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els6.i686.rpm 38346d0b9bad0dbc2a7b23411bb6c12ae28a596e pam_ssh_agent_auth-0.9.3-125.el6.tuxcare.els6.x86_64.rpm a6ccf86d2b98f6383369db6fc5619c89f06a5fc7 CLSA-2024:1705080095 TuxCare License Agreement 0 - CVE-2023-40217: Fix TLS handshake bypass Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-40217: Fix TLS handshake bypass

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els13.i686.rpm b6d50e222a36d00dd42673c885998e42aa168532 python-2.6.6-70.el6.tuxcare.els13.x86_64.rpm c4d18db7675a36421b97f1dbaae397326d31cc6c python-devel-2.6.6-70.el6.tuxcare.els13.i686.rpm 2b5bee97a71b36b6333a8d9a41e1549f9ebbe25d python-devel-2.6.6-70.el6.tuxcare.els13.x86_64.rpm 794f5e3e6915b184b888774900236f11a016bb86 python-libs-2.6.6-70.el6.tuxcare.els13.i686.rpm 9e94b7aea752de4b417b9118a93ad16381b7a170 python-libs-2.6.6-70.el6.tuxcare.els13.x86_64.rpm 1b958f0c80652afed88a5b8da29a9c77bf8f772b python-test-2.6.6-70.el6.tuxcare.els13.x86_64.rpm 9ab9580625b0156860e6010c94938d9662627f4f python-tools-2.6.6-70.el6.tuxcare.els13.x86_64.rpm ff5201514d4a8ad0c1602ea43913d1fd16f8747f tkinter-2.6.6-70.el6.tuxcare.els13.x86_64.rpm 71e3da118df0504205f1b5b8275a959d49d2f152 CLSA-2024:1705496067 TuxCare License Agreement 0 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283} - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932} - smb: client: fix OOB in smbCalcSize() {CVE-2023-6606} - net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567} - relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268} - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111} - xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670} - Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934} - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896} - tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566} - ipv6: use prandom_u32() for ID generation {CVE-2021-45485} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283} - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932} - smb: client: fix OOB in smbCalcSize() {CVE-2023-6606} - net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567} - relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268} - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111} - xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670} - Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934} - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896} - tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566} - ipv6: use prandom_u32() for ID generation {CVE-2021-45485}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm 993cd2680069b6d7acd6bf5683b34d8ab1ec1c1c kernel-debug-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm 7222c86b98d5399cad2be1abac665030579de876 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els14.i686.rpm 0706195e979c9fa29746981fa9a3c320755a6261 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm 21ef655a9b6ed744b6a04df82b0a94bf9948a09a kernel-devel-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm 9cb2e6adec0dfde673f2a34732f1175cc4069e3d kernel-headers-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm 16f1268d73656703a2f0283e1fcc34c9b9e1d357 perf-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm f781b38161b3e42b35796fa3d6c398b00da73f26 python-perf-2.6.32-754.35.8.el6.tuxcare.els14.x86_64.rpm b7274f2f79e64a5000635bb4a3df0805351b731f CLSA-2024:1705496273 TuxCare License Agreement 0 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283} - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932} - smb: client: fix OOB in smbCalcSize() {CVE-2023-6606} - net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567} - relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268} - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111} - xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670} - Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934} - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896} - tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566} - ipv6: use prandom_u32() for ID generation {CVE-2021-45485} None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283} - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932} - smb: client: fix OOB in smbCalcSize() {CVE-2023-6606} - net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567} - relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268} - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111} - xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670} - Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934} - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896} - tcp: Fix data races around icsk->icsk_af_ops. {CVE-2022-3566} - ipv6: use prandom_u32() for ID generation {CVE-2021-45485}

0 tuxcare-oraclelinux6-els kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els14.noarch.rpm 526b2f5c0b2a1aa9491c75d0433b344569ab1271 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els14.noarch.rpm 328a3e85d7ddbc4a7987223bbe1514e325459125 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els14.noarch.rpm b60d7ac5e1f8f183ec825ffbea65756535098e63 CLSA-2024:1705941268 TuxCare License Agreement 0 - update to CKBI 2.64 from NSS 3.95 - updated: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - # Certificate "E-Tugra Certification Authority" - # Certificate "Hongkong Post Root CA 1" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" - # Certificate "TrustCor ECA-1" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" - added new certificates: - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.64 from NSS 3.95 - updated: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - # Certificate "E-Tugra Certification Authority" - # Certificate "Hongkong Post Root CA 1" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" - # Certificate "TrustCor ECA-1" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" - added new certificates: - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4"

0 tuxcare-oraclelinux6-els ca-certificates-2023.2.64-60.1.el6.tuxcare.els1.noarch.rpm bbeb7409eb366e1007ebfade95a964a86ecd2688 CLSA-2024:1706026402 TuxCare License Agreement 0 - CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els7.x86_64.rpm 0e92446e2fd46dcfc18d00fa28c928609df163a0 CLSA-2024:1706026564 TuxCare License Agreement 0 - CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-50269: Limit the number of allowed X-Forwarded-For hops to prevent DoS

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els11.x86_64.rpm d527e49704ee5fca528266e2aaa47d91357fcfdf CLSA-2024:1706697909 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop optimization issue - CVE-2024-20926: Arbitrary Java code execution in Nashorn - CVE-2024-20945: Logging of digital signature private keys - CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS - CVE-2023-22067: IOR deserialization issue in CORBA (fixed in jdk8u392) - CVE-2023-22081: Certificate path validation issue during client authentication (fixed in jdk8u392) - Adapt pr2462 patch to the new sources Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u402-b06. That fixes following CVEs: - CVE-2024-20918: Array out-of-bounds access due to missing range check in C1 compiler - CVE-2024-20919: JVM class file verifier flaw allows unverified bytecode execution - CVE-2024-20921: Range check loop optimization issue - CVE-2024-20926: Arbitrary Java code execution in Nashorn - CVE-2024-20945: Logging of digital signature private keys - CVE-2024-20952: RSA padding issue and timing side-channel attack against TLS - CVE-2023-22067: IOR deserialization issue in CORBA (fixed in jdk8u392) - CVE-2023-22081: Certificate path validation issue during client authentication (fixed in jdk8u392) - Adapt pr2462 patch to the new sources

0 tuxcare-oraclelinux6-els java-1.8.0-openjdk-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm 85913ca770c2a4bd762ab598de87d8a35024c2b0 java-1.8.0-openjdk-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm 06eea02a61a8eec347bd873db92934654d8037d5 java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm d40b0c31750e8ae5337fee586d1996e85be4d38c java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm 01fa2bf195f829d6ba09aa7643504338ec51c405 java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm cdadceaf7bf8f3278717d169ce0003c2d57d0f1c java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm 37ea9da58caff81b2a8475f4b28d9cb48cea1b95 java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm 12b31184a25f2082aa58ea55f4d32041bdc7beb2 java-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm 8dc5e3696732f0241b0825a1700e88a383aa4e4e java-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el6.tuxcare.els1.noarch.rpm cad7ce4d962969cbf26f4603b6d3bf870eb131b6 java-1.8.0-openjdk-javadoc-debug-1.8.0.402.b06-1.el6.tuxcare.els1.noarch.rpm c64105712268e6333641cdcb1a2624b65e899795 java-1.8.0-openjdk-src-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm 5dee3368c8289316b1a3cc998524c51dbaffee9e java-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el6.tuxcare.els1.x86_64.rpm 9dae1d92cb9b966879e4d9c4a8ea4215e8003f72 CLSA-2024:1708026016 TuxCare License Agreement 0 - Update AMD CPU microcode to 2023-10-19: - Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update AMD CPU microcode to 2023-10-19: - Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10.

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.41.el6_10.tuxcare.els2.x86_64.rpm f4235357418196e969fa1766b2b60e3c2683b1b1 CLSA-2024:1708027734 TuxCare License Agreement 0 - Update to CKBI 2.64 from NSS 3.95 - Removed: - # Certificate "E-Tugra Certification Authority" - # Certificate "Hongkong Post Root CA 1" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" - # Certificate "TrustCor ECA-1" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" - Added: - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4" - Update test certificates None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update to CKBI 2.64 from NSS 3.95 - Removed: - # Certificate "E-Tugra Certification Authority" - # Certificate "Hongkong Post Root CA 1" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G6" - # Certificate "TrustCor ECA-1" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "Verisign Class 1 Public Primary Certification Authority - G3" - # Certificate "Verisign Class 2 Public Primary Certification Authority - G3" - Added: - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4" - Update test certificates

0 tuxcare-oraclelinux6-els nss-3.44.0-12.el6.tuxcare.els5.i686.rpm abac0e71f0749f09ac6dc46e53ef911fa74b0f18 nss-3.44.0-12.el6.tuxcare.els5.x86_64.rpm c1115335362864f3f0a6b702f40897b82a1a9761 nss-devel-3.44.0-12.el6.tuxcare.els5.i686.rpm 248ef002d4cf3a2e7a353390f0af2868d86d46fa nss-devel-3.44.0-12.el6.tuxcare.els5.x86_64.rpm 1efe6b8cec4466b157cadb06fe76981f25a62dca nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els5.i686.rpm 3b9441406b173db68030fb3828bb02bfa42861ee nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els5.x86_64.rpm 9bcabf7e8ffafaa4981064ce6dd99d9bde0bc690 nss-sysinit-3.44.0-12.el6.tuxcare.els5.x86_64.rpm 44c61237cd9025d699303624a1987e066ec718f7 nss-tools-3.44.0-12.el6.tuxcare.els5.x86_64.rpm 39809ab0f695b1884425541018328f0387bc9705 CLSA-2024:1708428112 TuxCare License Agreement 0 - CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks

0 tuxcare-oraclelinux6-els sudo-1.8.6p3-32.el6.tuxcare.els2.x86_64.rpm a9a4a6027b05ea783595d5d54864d0063b1467a3 sudo-devel-1.8.6p3-32.el6.tuxcare.els2.i686.rpm 9fe5d713fc1b8117c69770def895773d34bf6bfe sudo-devel-1.8.6p3-32.el6.tuxcare.els2.x86_64.rpm c63c9cbfbbbb38d2246f0338e96fe4892e49298f CLSA-2024:1708639015 TuxCare License Agreement 0 - CVE-2024-25062: Fix xmlValidatePopElement use-after-free when processing crafted XML documents with DTD validation and XInclude expansion enabled - test suite was partially enabled Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-25062: Fix xmlValidatePopElement use-after-free when processing crafted XML documents with DTD validation and XInclude expansion enabled - test suite was partially enabled

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els5.i686.rpm 269abf92bfe5fb2daa160f95698b6de547f726c9 libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els5.x86_64.rpm 425244ac2bfbdc63719823408e841ee7df79dea3 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els5.i686.rpm 06ac5e5739f763f915522ad14a5098ce485e2eff libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els5.x86_64.rpm d0c38c4209c019646b3253589c484dc892d09483 libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els5.x86_64.rpm f01bfb44a817906611f642d0255defaf0007ec51 libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els5.x86_64.rpm 046e9b52f0f9444b6e6dc72363e6a23a341deacd CLSA-2024:1708639566 TuxCare License Agreement 0 - Remove sudo-1.9.15-CVE-2023-42465.patch due to bug None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Remove sudo-1.9.15-CVE-2023-42465.patch due to bug

0 tuxcare-oraclelinux6-els sudo-1.8.6p3-32.el6.tuxcare.els3.x86_64.rpm e6180657c40bcba0ee99ce48b4fcacbc1f64f4e7 sudo-devel-1.8.6p3-32.el6.tuxcare.els3.i686.rpm 5a73baab0a5e1fdf287df9d52bc91f7319de81bf sudo-devel-1.8.6p3-32.el6.tuxcare.els3.x86_64.rpm 8c6b040ff14ce49b80dc176126051a7027cd575a CLSA-2024:1709203226 TuxCare License Agreement 0 - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) {CVE-2021-3653} - xen/netfront: fix leaking data in shared pages {CVE-2022-33740} - xfs: fix up non-directory creation in SGID directories {CVE-2021-4037} - net_sched: cls_route: remove from list when handle is 0 {CVE-2022-2588} - atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780} - ida: Fix crash in ida_free when the bitmap is empty {CVE-2023-6915} - drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-51043} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) {CVE-2021-3653} - xen/netfront: fix leaking data in shared pages {CVE-2022-33740} - xfs: fix up non-directory creation in SGID directories {CVE-2021-4037} - net_sched: cls_route: remove from list when handle is 0 {CVE-2022-2588} - atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780} - ida: Fix crash in ida_free when the bitmap is empty {CVE-2023-6915} - drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-51043}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm 88246f23de4894f660daea0c66829a1ac0df52a7 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm 12bc42a5808bad0617852bc421ebde34204310d5 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els15.i686.rpm 38a59f0fa6bb30ded0877cfbda3f286c8215cbd7 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm 2d399853ffbfe230d189109f27805a91eeabcaa8 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm d7c347258ec0a35e293bbc65a99bf4aa6bf3629f kernel-headers-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm 62a6dbb5f4e7c04f214580128132d399ce490528 perf-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm bcf9e9db0fc64870d963b3395657298ddccd7386 python-perf-2.6.32-754.35.8.el6.tuxcare.els15.x86_64.rpm b31bd00e0f60beb2a082336a945495781a36ca8a CLSA-2024:1709203515 TuxCare License Agreement 0 - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) {CVE-2021-3653} - xen/netfront: fix leaking data in shared pages {CVE-2022-33740} - xfs: fix up non-directory creation in SGID directories {CVE-2021-4037} - net_sched: cls_route: remove from list when handle is 0 {CVE-2022-2588} - atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780} - ida: Fix crash in ida_free when the bitmap is empty {CVE-2023-6915} - drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-51043} None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) {CVE-2021-3653} - xen/netfront: fix leaking data in shared pages {CVE-2022-33740} - xfs: fix up non-directory creation in SGID directories {CVE-2021-4037} - net_sched: cls_route: remove from list when handle is 0 {CVE-2022-2588} - atm: Fix Use-After-Free in do_vcc_ioctl {CVE-2023-51780} - ida: Fix crash in ida_free when the bitmap is empty {CVE-2023-6915} - drm/atomic: Fix potential use-after-free in nonblocking commits {CVE-2023-51043}

0 tuxcare-oraclelinux6-els kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els15.noarch.rpm e2806f13baf1b9b81335bd6a8acbb900407598ea kernel-doc-2.6.32-754.35.8.el6.tuxcare.els15.noarch.rpm 4c6e62a3d82d3da0f60da562578c30acfbdf5e4d kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els15.noarch.rpm ebd33a8f9978f2e36f926d8d6114615392ce0236 CLSA-2024:1709564274 TuxCare License Agreement 0 - CVE-2024-22667: addressing a potential stack-buffer-overflow in option processing functions Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-22667: addressing a potential stack-buffer-overflow in option processing functions

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm c0923ae5b37613fcdba117373dd1d3e266e88544 vim-common-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm abe3c6aded1bd7ca45be3a840cd58d6985c38c0b vim-enhanced-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm 28ec0dc459eb6deaf88b489964c98cd9cc5c8ad2 vim-filesystem-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm eb8a9935fcd2f6416bde024238a194257e712305 vim-minimal-7.4.629-5.2.el6.tuxcare.els46.x86_64.rpm cf3d22a250d8bb2e25fa49633ac56dcceba7601d CLSA-2024:1710437080 TuxCare License Agreement 0 - CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3 - Enable internal tests by default Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3 - Enable internal tests by default

0 tuxcare-oraclelinux6-els bind-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm 86241103c95e3b20db50aff455d491a28a09466c bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm 9f6c9f4663564ac94ff670fdae5d86efd5ee0ee2 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els8.i686.rpm f7370c65e660e9fba319bd66f6583e58ac85d6fc bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm 7cb6499f5c669b0ac33de17016808c98f1de5ce0 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els8.i686.rpm a9ff736d0925f72c10e756b6af0c0693c694ac6a bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm 20c35f2252cc869f10b9a2903c7e00d5dae2f26f bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm f42685993637bd46e1e16c3852d3fa86867da2e8 bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els8.x86_64.rpm adac082acba79b4ae1e985a5e05588ad1818074a CLSA-2024:1711492242 TuxCare License Agreement 0 - CVE-2024-25617: Fix denial of service in HTTP header parser Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-25617: Fix denial of service in HTTP header parser

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els12.x86_64.rpm 1e13fb5aaccc89eea8abc6940c3b2723bfb8eff5 CLSA-2024:1711563754 TuxCare License Agreement 0 - Upgrade to tzdata-2024a - Kazakhstan unifies on UTC+5 beginning 2024-03-01. - Palestine springs forward a week later after Ramadan. - localtime no longer mishandles Ciudad Juárez in 2422. - zic no longer pretends to support indefinite-past DST. - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31. - Vostok, Antarctica changed time zones on 2023-12-18. - Casey, Antarctica changed time zones five times since 2020. - Code and data fixes for Palestine timestamps starting in 2072. - A new data file zonenow.tab for timestamps starting now. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to tzdata-2024a - Kazakhstan unifies on UTC+5 beginning 2024-03-01. - Palestine springs forward a week later after Ramadan. - localtime no longer mishandles Ciudad Juárez in 2422. - zic no longer pretends to support indefinite-past DST. - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31. - Vostok, Antarctica changed time zones on 2023-12-18. - Casey, Antarctica changed time zones five times since 2020. - Code and data fixes for Palestine timestamps starting in 2072. - A new data file zonenow.tab for timestamps starting now.

0 tuxcare-oraclelinux6-els tzdata-2024a-1.el6.tuxcare.els1.noarch.rpm 11e6d0af352032c79dcf5029b8c5d14bc7e8f78d tzdata-java-2024a-1.el6.tuxcare.els1.noarch.rpm e004c8e5f5a21fb3f5b149761a470414f35e0a89 CLSA-2024:1712263690 TuxCare License Agreement 0 - CVE-2024-1013: Fix out-of-bounds stack write issue by adjusting callee write size from 8 to 4 bytes Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-1013: Fix out-of-bounds stack write issue by adjusting callee write size from 8 to 4 bytes

0 tuxcare-oraclelinux6-els unixODBC-2.2.14-14.el6.tuxcare.els1.i686.rpm 49d74857ff83fee7354e7ab66d1943bf3d6a6dac unixODBC-2.2.14-14.el6.tuxcare.els1.x86_64.rpm a6bfeb32ab3163e878a3409496bc652885a0fecf unixODBC-devel-2.2.14-14.el6.tuxcare.els1.i686.rpm bf6ab3462f3f547b00232735aa94e9eeacbb38e7 unixODBC-devel-2.2.14-14.el6.tuxcare.els1.x86_64.rpm 264222a117e9dd72e6011fc528272eb8b40febf1 unixODBC-kde-2.2.14-14.el6.tuxcare.els1.i686.rpm ba03d89251744ddcf3ab8906a3387f76c14d297a unixODBC-kde-2.2.14-14.el6.tuxcare.els1.x86_64.rpm 197cf8a7fa0a6717f0cff06add8cfd0b2597d78e CLSA-2024:1713523598 TuxCare License Agreement 0 - CVE-2022-48624: shell-quote filenames when invoking LESSCLOSE Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-48624: shell-quote filenames when invoking LESSCLOSE

0 tuxcare-oraclelinux6-els less-436-13.el6.tuxcare.els1.x86_64.rpm 5724393524ed58c52352d2b41aeda74ce27f8e52 CLSA-2024:1715281321 TuxCare License Agreement 0 - CVE-2022-31629: Add cookie integrity validation - CVE-2024-2756: Move cookie integrity validation downwards Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-31629: Add cookie integrity validation - CVE-2024-2756: Move cookie integrity validation downwards

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 6fd19e3387a5aeaeacb304e613864e4302263b92 php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 7951a66eac626148d159832985bcdc243371e912 php-cli-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm d489d905a12eb4107f59bdc2625a95901ebb24b1 php-common-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 1971fe8ff3a082025b003634db6d74ff014ac4dc php-dba-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 5d51d074f34645a8d7a626682d309ae55047a6a4 php-devel-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 653886fa47a831bb18a18a05d276cfdc8663f225 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm ae558525be9beb4ab55840aa86b72db252a7ffe9 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 6d9e2012bdb4144616cbf48c65f0a05fcadf96aa php-fpm-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 09dc73edaa7894108ddb0c034596565eb4c8d22e php-gd-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm a019863ec77d16b0fce55144fc6bcaf6989982b3 php-imap-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 077c16cb3e22bef9ca4a4e656674e4c9f59a296e php-intl-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm b20b32d6f6e7f0af4d8f0b7ad14147e60c9f4940 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 02d67017e5b20528c80273c38f3373eab8848dc3 php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 617153b89702c139312a9cff658199b2c51a1086 php-mysql-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 3bae7dcfdc605b7701daf4968652446138d8cef0 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 295a2f1ce9b77437ab265dc810a2322cf5c374b0 php-pdo-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm f7deb206474fd189e09080c632b7e3b682607fa0 php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 480b948d22a5eb5c21fd6e9d5f829d0c448dae83 php-process-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 060b8863c8818590a7423c07bb7ee93d21664912 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm b02b48b7a64695651c5549b360e5d5f323320064 php-recode-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm c2ee505bbc99c49b76d31bcdbcf4410e2a9813fd php-snmp-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 9fc85fdcfcec43e268fd701e34936b344b0b9e08 php-soap-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 6d886c4de2e25f76be68ee64ae42c6955c52ec43 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 8a4f7d590162d9eb417fa936e14962ac99a2088e php-xml-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 67592d3a0be7594b4447ac20dc1657031e605fee php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm 35ed5fa152b402055b64210f79004d0e17d23e90 php-zts-5.3.3-50.el6_10.tuxcare.ol.els7.x86_64.rpm b887eccda5ea9fd138374bc07d42746423f5aba4 CLSA-2024:1715946971 TuxCare License Agreement 0 - CVE-2024-32487: filename.c: quoting mishandling Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-32487: filename.c: quoting mishandling

0 tuxcare-oraclelinux6-els less-436-13.el6.tuxcare.els2.x86_64.rpm e9fdd2e1753319958301b9e4412d48c1588c17d0 CLSA-2024:1716272658 TuxCare License Agreement 0 - CVE-2023-5764: avoid evaluate unsafe conditions Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-5764: avoid evaluate unsafe conditions

0 tuxcare-oraclelinux6-els ansible-2.6.20-1.el6.tuxcare.els1.noarch.rpm 8e913544f763ef4139d2ab090b8bbf3658753a68 ansible-doc-2.6.20-1.el6.tuxcare.els1.noarch.rpm 2c5eccc3a6c55c04a854e076305a6975fddee912 CLSA-2024:1717694198 TuxCare License Agreement 0 - CVE-2018-11236: fix stack buffer overflow when realpath() input length is close to SSIZE_MAX. - CVE-2024-2961: fix out-of-bound writes in ISO-2022-CN-EXT escape sequences Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-11236: fix stack buffer overflow when realpath() input length is close to SSIZE_MAX. - CVE-2024-2961: fix out-of-bound writes in ISO-2022-CN-EXT escape sequences

0 tuxcare-oraclelinux6-els glibc-2.12-2.215.el6.tuxcare.els8.i686.rpm 0f7f33ae5d9313336e015aae8f41f362758f3774 glibc-2.12-2.215.el6.tuxcare.els8.x86_64.rpm 59b732345645d1462ceff111aebfd68bf5e5f26b glibc-common-2.12-2.215.el6.tuxcare.els8.x86_64.rpm aa628e86259a0b1ba23bcacb31acb4f3c4bd9022 glibc-devel-2.12-2.215.el6.tuxcare.els8.i686.rpm 7915314a3c5fa0aa157c29762bfc5768d1d792ca glibc-devel-2.12-2.215.el6.tuxcare.els8.x86_64.rpm 9b22e8ecf45e64de7cbfa65ba7135302207db582 glibc-headers-2.12-2.215.el6.tuxcare.els8.x86_64.rpm 47cd4e4136fca708a3f676565cc750a0b759410d glibc-static-2.12-2.215.el6.tuxcare.els8.i686.rpm baaaced37009a6ff6ec3fb9bbf9c657356ea17d7 glibc-static-2.12-2.215.el6.tuxcare.els8.x86_64.rpm 2c8eee875b85afa6cb698bec3a81db860a994d7f glibc-utils-2.12-2.215.el6.tuxcare.els8.x86_64.rpm 9b25ae485c9379716f48d2dee811f21678eb25c6 nscd-2.12-2.215.el6.tuxcare.els8.x86_64.rpm ce8d937a59fa1d671024d922ef6f0d67b661505d CLSA-2024:1718900760 TuxCare License Agreement 0 - CVE-2024-33599: Fix buffer overflow in netgroup cache Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-33599: Fix buffer overflow in netgroup cache

0 tuxcare-oraclelinux6-els glibc-2.12-2.215.el6.tuxcare.els9.i686.rpm 5f41b09282af3e41d8fc975753ebc334a703adfe glibc-2.12-2.215.el6.tuxcare.els9.x86_64.rpm d3981f82eeb27da2db50b85d69d9430e5a960e37 glibc-common-2.12-2.215.el6.tuxcare.els9.x86_64.rpm bada6cbb6b9d54a2d18c0cba04fd6d9644e0c7e3 glibc-devel-2.12-2.215.el6.tuxcare.els9.i686.rpm eb43ee97655f138967a44cbd34b981340f6157f9 glibc-devel-2.12-2.215.el6.tuxcare.els9.x86_64.rpm 1206fc575aaa474762881915753bcce85e8888f2 glibc-headers-2.12-2.215.el6.tuxcare.els9.x86_64.rpm c42f400b459fbed369f82fa294336cf2a2a67fc6 glibc-static-2.12-2.215.el6.tuxcare.els9.i686.rpm 9c3c413f0e3eabcd87aeb4a4a3b303184b2b93f1 glibc-static-2.12-2.215.el6.tuxcare.els9.x86_64.rpm a626ca40847902a1430a075f18b9ffaf9f07c6bd glibc-utils-2.12-2.215.el6.tuxcare.els9.x86_64.rpm be9b315f283fcb037575e20f5cbca62e30a61198 nscd-2.12-2.215.el6.tuxcare.els9.x86_64.rpm 0845b7145e709071ee9d945cedde240ddd16701f CLSA-2024:1724704960 TuxCare License Agreement 0 - CVE-2024-1975: Remove support for SIG(0) message verification - Fix tsiggss test Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-1975: Remove support for SIG(0) message verification - Fix tsiggss test

0 tuxcare-oraclelinux6-els bind-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm 6d746bd80f8134709cba556101158124277530acba0c7a34617952c481bac01e bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm 652f7360a044d889bdca0157e40fda65e4f17f89e25d483284c950c760e310c4 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els9.i686.rpm 4de78c06cbc75d532fc68a4cdf1dd21847880499c97aa838865fd46cb8efa03a bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm ae0c8e0d330b5cce2859ffb1eaec505dea86c2b9b4e4c876f9dcc1f1f81eb5a0 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els9.i686.rpm cab883e24d0c1f71d1ff7235d4e29a74500c4918f49fd50653ec95c323212116 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm 719e25e21262cdd6f1d21f57cc6570957144d50898ab1f72e67930bfb83a0f0a bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm e427374c1a35f203db0b7a19da12ac68233677f54306630644c4c7fae95dff59 bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els9.x86_64.rpm 51dec6047f290ea133626622befa6b7e072cca98d7e9beaec270bb33b1059a93 CLSA-2024:1725187614 TuxCare License Agreement 0 - drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960} - af_unix: Fix garbage collector racing against connect() {CVE-2024-26923} - ipv6: remove max_size check inline with ipv4 {CVE-2023-52340} - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts {CVE-2023-6270} - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() {CVE-2023-52752} - hdlc_ppp: add range checks in ppp_cp_parse_cr() {CVE-2020-25643} - perf/core: Fix race in the perf_mmap_close() function {CVE-2020-14351} - media: xirlink_cit: add missing descriptor sanity checks {CVE-2020-11668} - vt: selection, close sel_buffer race {CVE-2020-8648} - net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921} - media: pvrusb2: fix use after free on context disconnection {CVE-2023-52445} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- drm/vmwgfx: Fix invalid reads in fence signaled events {CVE-2024-36960} - af_unix: Fix garbage collector racing against connect() {CVE-2024-26923} - ipv6: remove max_size check inline with ipv4 {CVE-2023-52340} - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts {CVE-2023-6270} - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() {CVE-2023-52752} - hdlc_ppp: add range checks in ppp_cp_parse_cr() {CVE-2020-25643} - perf/core: Fix race in the perf_mmap_close() function {CVE-2020-14351} - media: xirlink_cit: add missing descriptor sanity checks {CVE-2020-11668} - vt: selection, close sel_buffer race {CVE-2020-8648} - net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921} - media: pvrusb2: fix use after free on context disconnection {CVE-2023-52445}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm b9ecbf75b53e5848f0bbda3f4dccef1c42b95d6d88fbbff32b30f9c2e7125f59 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els16.noarch.rpm cd7234404a56abaf8d1028b3eb9cf1169dba72e978bc6fdb45a344daadcaf858 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm 5d9e75b3b02701077b94246459bb0a1f40933fc02c0548e5bdf412d3ca6e8eaa kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els16.i686.rpm 4d8dff8f250c27bf1464ab31e5e16726671363199731541ead352d4fb1a8b646 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm 33ca3fa1d61552601a978f0ea549b4bc6afcb9a8350363e28c3607f2ac4310cf kernel-devel-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm 6ad7ccb3cfd6833eb4e4a5c7619a7b5c63fd0823c7d2129679732d966adb3dc1 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els16.noarch.rpm 2d7afe1403824e81e099ff5af6c90a4b1d061f04bf39b3e01765adc47051c5ec kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els16.noarch.rpm effd246576916bf2fdd0affc8a9415aea0d81e6700d4ad718778661eec408f69 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm 817640b12d1ebaaee5fe38bb28be7e5e8b5f4b83b5f8d077465107dfacd55cff perf-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm 9aec8abe425c66461bda402f3ab69aaa3f5f3c057e2ab402f1d9520e6a39221e python-perf-2.6.32-754.35.8.el6.tuxcare.els16.x86_64.rpm 5273836e7402676e28dfb9df1bf637b29516850f0cb76504c58bffa6e11ef48f CLSA-2024:1725652305 TuxCare License Agreement 0 - CVE-2024-32004: integrating ownership checking to detect dubious local repositories during cloning Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-32004: integrating ownership checking to detect dubious local repositories during cloning

0 tuxcare-oraclelinux6-els emacs-git-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm 61b699c0ac62df2c4638766f7f0311eb2884a351577838ca5f7394f8945bfb04 emacs-git-el-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm dd3a245b8700d5449c232995d3c71ab9bf23723efe75a67d93829fecef301107 git-1.7.1-10.el6_10.tuxcare.els3.x86_64.rpm 206193bd85e66497c642b3acd08ae51dffd2b28aefb507a73d43fbc5034c67da git-all-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm 19c5fb98f759a94966bdd3c3033ac9ac8d6aa52f08bac6e47b07c881fa7f1fe0 git-cvs-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm cd09f8f313b5ffff12651248b13bd568b73ab38caf41a94f60f6d32a888f6961 git-daemon-1.7.1-10.el6_10.tuxcare.els3.x86_64.rpm af291ea6a6583363d8f7163ba471357e79318314fe10d5e24079e5175f3f0672 git-email-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm 1b0a4f9703e5f76544350c01ca8c0223334d3952696c80f3f1883e0bfef55d48 git-gui-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm 9b3763c313ffc67129d92c0c9aaca54d205fae10ebac768a8143c2b7385c1a17 git-svn-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm 189268155052a2232ed542803f4b1230ca8d23d1b0de108976cd490d38eaf268 gitk-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm 5a2c7ccc3edfae66a571ff139fc7d29bfee8a8fa1ca42bd5e9b352eed8be2692 gitweb-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm 79643b429290de9ca81c6e9e50cb1fb2411fcd7e7644d464f701cf96ffef546e perl-Git-1.7.1-10.el6_10.tuxcare.els3.noarch.rpm 2a434f9544d1ed4d53b85f94975bef060b6feb14acaefdd2e5bce1f221c1e4ed CLSA-2024:1725993841 TuxCare License Agreement 0 - CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms - CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms - CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms

0 tuxcare-oraclelinux6-els expat-2.0.1-13.el6_8.tuxcare.els5.i686.rpm 3a6fad5787115149cd4c5f9d7cbb4154484e70244b692f9dcab0a1547d68cd0d expat-2.0.1-13.el6_8.tuxcare.els5.x86_64.rpm d4a198d906ac866de2d2e79df167676e6cb1fcc19125520f1b4559dd020d5ccc expat-devel-2.0.1-13.el6_8.tuxcare.els5.i686.rpm 06f2fb7ff293adb2772293adafe15781afa01ee1f75d53847ffd0aaa53de755d expat-devel-2.0.1-13.el6_8.tuxcare.els5.x86_64.rpm 212c07a69f5391b9dd9c94d848aaf4ddd314435a1d47fb0f1204eaa568eb59a1 CLSA-2024:1726058957 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs: - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: Infinite loop vunlerability in SymbolTable - CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE) - CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: Out-of-bounds access in MaskFill - CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE) Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs: - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: Infinite loop vunlerability in SymbolTable - CVE-2024-21140: Int overflow/underflow in Range Check Elimination (RCE) - CVE-2024-21144: Invalid header validation leads to Pack200 excessive loading time - CVE-2024-21145: Out-of-bounds access in MaskFill - CVE-2024-21147: Out-of-bounds array index in Range Check Elimination (RCE)

0 tuxcare-oraclelinux6-els java-1.8.0-openjdk-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm 1c3410b4d7f908629a46ff0f71bff58937b265cc5f4005f4be65c08a64bd9ea1 java-1.8.0-openjdk-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm 8c5112f443c25b8a172831ac783baa53df35b40f2f897af4d7ede5af73f26a6c java-1.8.0-openjdk-demo-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm 7295896b878501e4e5af848e4df155892319f23708551ba6df5e03bc0a894416 java-1.8.0-openjdk-demo-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm d0eb0d2f1d5132901d44035c85e673820a528086b15074a05bcbe636410f4886 java-1.8.0-openjdk-devel-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm 7ec4d4abd27b399f72bba69ae767ae1451a2fb338b030172e031b33b156bbce5 java-1.8.0-openjdk-devel-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm 865e8d0ac3af0098314e9d46b3d5b4e2b416e7a3593fb5916847d3786293f178 java-1.8.0-openjdk-headless-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm dc74ce32c15844a96b688469f161c478824295723eda621ad83fe5b07d36408e java-1.8.0-openjdk-headless-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm 276b65fd2ad0399c7102c2a6f761964e5f13c97f95ff9b457a296bfe94999d5e java-1.8.0-openjdk-javadoc-1.8.0.422.b05-1.el6.tuxcare.els1.noarch.rpm 06453e77d21700aa3f477622a0c34b078860f45c2f6e5bdd655d28a838204b15 java-1.8.0-openjdk-javadoc-debug-1.8.0.422.b05-1.el6.tuxcare.els1.noarch.rpm 9c466c6ed27e17a43745fc0142ed7753f5c7c04bbabe58f0233401542e2b9d70 java-1.8.0-openjdk-src-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm d6f6a8e6e59aa90fe37f813a17b24794425c09af0e5eeb840f17f09794dc2227 java-1.8.0-openjdk-src-debug-1.8.0.422.b05-1.el6.tuxcare.els1.x86_64.rpm debaa1c3a34213d8611593c7fe6c3b672d74c8873c3682c3708f5711dbda63b7 CLSA-2024:1726609578 TuxCare License Agreement 0 - blktrace: fix dereference after null check {CVE-2019-19768} - blktrace: Protect q->blk_trace with RCU {CVE-2019-19768} - blktrace: fix unlocked access to init/start-stop/teardown - blktrace: Fix potential deadlock between delete & sysfs ops - net: fix out-of-bounds access in ops_init {CVE-2024-36883} - net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611} - scsi: pm8001: Fix use-after-free for aborted TMF sas_task {CVE-2022-48791} - net: fix use-after-free in tw_timer_handler {CVE-2021-46936} - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses {CVE-2020-27786} - ALSA: rawmidi: Fix race at copying & updating the position {CVE-2020-27786} - tty: make FONTX ioctl use the tty pointer they were actually passed {CVE-2020-25668} - vt: keyboard: avoid signed integer overflow in k_ascii {CVE-2020-13974} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- blktrace: fix dereference after null check {CVE-2019-19768} - blktrace: Protect q->blk_trace with RCU {CVE-2019-19768} - blktrace: fix unlocked access to init/start-stop/teardown - blktrace: Fix potential deadlock between delete & sysfs ops - net: fix out-of-bounds access in ops_init {CVE-2024-36883} - net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611} - scsi: pm8001: Fix use-after-free for aborted TMF sas_task {CVE-2022-48791} - net: fix use-after-free in tw_timer_handler {CVE-2021-46936} - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses {CVE-2020-27786} - ALSA: rawmidi: Fix race at copying & updating the position {CVE-2020-27786} - tty: make FONTX ioctl use the tty pointer they were actually passed {CVE-2020-25668} - vt: keyboard: avoid signed integer overflow in k_ascii {CVE-2020-13974}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm 41acca1c4187d2ad1d6b8dff81b0773962657d199cde52e252ef8721971c34bc kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els17.noarch.rpm ad15c02270b66f5eab97989c4afd03e4a8e4181ea03674940d397a6073ce6554 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm 7a6b2c08685dfe04a5fcd78000bfba65c67f83ca98f5fdde44d5be8b5a40d05b kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els17.i686.rpm bceb1f949aa600bb80ae3822e3521ce04e8cb7687601cffaed8150e9f79d7be6 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm fe43a03d65b3eb35300e0be531bf964a2c6a7991cb9c78f37790ccc644613de1 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm 8d2e4bbfcd4be3916eeb9c86bf01587be8b201511aeaa47618bdff4b4a3d1c34 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els17.noarch.rpm f56286a04f90cfcb9443bc5a8cbef6d2e5c15090decb6b30b25023792261c3f7 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els17.noarch.rpm 9b0b39e8ddc94f643c0df704d6d959fea2ef17545cccaabd3c0c33b5d9efe62e kernel-headers-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm 288d730643f6914938d41ac41faa44ddfb0f6f7e9144ab33d09b5be5a155d766 perf-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm e918cace8d97e0bb9b86ea5f2d56e91303e73d653f638962edc4891e7f1fbd5b python-perf-2.6.32-754.35.8.el6.tuxcare.els17.x86_64.rpm 9972234f8b48c06583a45d5d1620b0a24e8664af8b42fcf183950ce3cae465ef CLSA-2024:1728071284 TuxCare License Agreement 0 - CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value - CVE-2024-6232: fix regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing and was vulnerable to ReDoS via specifically-crafted tar archives Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value - CVE-2024-6232: fix regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing and was vulnerable to ReDoS via specifically-crafted tar archives

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els14.i686.rpm 5018f7f5f83ae218eb941056df0193697e02c82ffe443f3f28c41abb9399c500 python-2.6.6-70.el6.tuxcare.els14.x86_64.rpm 152ebb5422880fd8c51a3bd539fc38d3b030ea1c693dd5a6660fd640969f7006 python-devel-2.6.6-70.el6.tuxcare.els14.i686.rpm cf33a84a71c48137f266b43f1a722d0d5d1bec7bce62ed78afea66b47573b416 python-devel-2.6.6-70.el6.tuxcare.els14.x86_64.rpm 183edae82bb563386df686ee98fa44a18faf84b717bb526e70d47fb1a2caa4fe python-libs-2.6.6-70.el6.tuxcare.els14.i686.rpm 48a87e2205fcda40aa3cad72add38709d91adcc9c1e9ae874e54b5415615c0c0 python-libs-2.6.6-70.el6.tuxcare.els14.x86_64.rpm e75efcd9bc8e7cbf70ad50ca78ffb0f7f0b6a2437f5a77b8ff14aeb895a9a32f python-test-2.6.6-70.el6.tuxcare.els14.x86_64.rpm ec2216d8af31f66b457e57df807fd4643bb83332c054a0e4134d4cb42a8e90c6 python-tools-2.6.6-70.el6.tuxcare.els14.x86_64.rpm badadc4155879d8acd84ea735eb887d7b5926dac7bdc28ce22f48f528fd8d454 tkinter-2.6.6-70.el6.tuxcare.els14.x86_64.rpm ca5b164ab9fc623e1d7c324de026fc4eb2c2a30e5cdc8b35744ba7dddab7e6bb CLSA-2024:1728298943 TuxCare License Agreement 0 - btrfs: fix use-after-free after failure to create a snapshot {CVE-2022-48733} - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757} - wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197} - ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - dm btree remove: fix use after free in rebalance_children() {CVE-2021-47600} - isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-4439} - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() {CVE-2021-47576} - igbvf: fix double free in `igbvf_probe` {CVE-2021-47589} - mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280} - dev/parport: fix the array out-of-bounds risk {CVE-2024-42301} - scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- btrfs: fix use-after-free after failure to create a snapshot {CVE-2022-48733} - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes {CVE-2024-46757} - wifi: mac80211: Avoid address calculations via out of bounds array indexing {CVE-2024-41071} - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one {CVE-2023-39197} - ipv6: prevent UAF in ip6_send_skb() {CVE-2024-44987} - exec: Fix ToCToU between perm check and set-uid/gid usage {CVE-2024-43882} - dm btree remove: fix use after free in rebalance_children() {CVE-2021-47600} - isdn: cpai: check ctr->cnr to avoid array index out of bound {CVE-2021-4439} - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() {CVE-2021-47576} - igbvf: fix double free in `igbvf_probe` {CVE-2021-47589} - mISDN: Fix a use after free in hfcmulti_tx() {CVE-2024-42280} - dev/parport: fix the array out-of-bounds risk {CVE-2024-42301} - scsi: aacraid: Fix double-free on probe failure {CVE-2024-46673}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm b9fd8e803aa4b1ce15bcdac099097f64b4fc5f086a71946e6438fb43285c7336 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm ce368c3d8a8025900e3fa89a83be32392a2c3584d9e18ac84b81347d1eea8e9f kernel-debug-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm f737a913789e211ec50cb4dc0a9c1ea50669f7d64f965dd84851f279abe0a4d8 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els18.i686.rpm 66e828021ee5ec13072c21102972502417bdd72aa15de0c0a5d49f6747ab997f kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm b8a54b24f3d51e94b144135159892a771c137090814ad09af896c2d01b49fb6d kernel-devel-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm a57f6780fa0f28c07d1c1e90721aa678e48312d1733fe8be4cf545ca305807a6 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm f98a43be03634a61134b97af83cbf44e71c79ffb5ab9723c9370406dcf2cfcfe kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els18.noarch.rpm cdec0719fab881bac4a1b5919adf9d2d085a0f0e44ddee272fe084b414616269 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm 9ef1712d8f61f3ddbb45a19f1226204899e16517eb8cd6a9c851a7e376de1480 perf-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm 8c16c0d8cfe78fc7ab7163456524d625c7abc718c4c42d0f8f7461b6beb0ea8b python-perf-2.6.32-754.35.8.el6.tuxcare.els18.x86_64.rpm 47469a7845c74a5753544f6f30c48d3439b41175aac90ea99a0ffc9b3125dd79 CLSA-2024:1728579854 TuxCare License Agreement 0 - Update Intel CPU microcode to 20240813: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000390; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0005c0; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x35; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x433; - Addition of cpuid:A06A4/0xe6 microcode (in microcode.dat) at revision 0x1e; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:C06F1/0x87 microcode (in microcode.dat) at revision 0x21000230; - Addition of cpuid:C06F2/0x87 microcode (in microcode.dat) at revision 0x21000230; - Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x32; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x430; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x411c; - Update of cpuid:50653/0x97 (SKX-SP B1) microcode (in microcode.dat) from revision 0x1000181 up to 0x1000191; - Update of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) from revision 0x4003604 up to 0x4003605; - Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003604 up to 0x5003707; - Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002703 up to 0x7002904; - Update of cpuid:50665/0x10 (BDX-NS A0/A1, HWL A1) microcode (in microcode.dat) from revision 0xe000014 up to 0xe000015; - Update of cpuid:506F1/0x01 (DNV B0) microcode (in microcode.dat) from revision 0x38 up to 0x3e; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003b9 up to 0xd0003e7; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x1000268 up to 0x10002b0; - Update of cpuid:706A1/0x01 (GLK B0) microcode (in microcode.dat) from revision 0x3e up to 0x42; - Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x22 up to 0x24; - Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xc2 up to 0xc6; - Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xb4 up to 0xb8; - Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x34 up to 0x38; - Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x4e up to 0x52; - Update of cpuid:806E9/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806E9/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EA/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EB/0xd0 (WHL-U W0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:90661/0x01 (EHL B1) microcode (in microcode.dat) from revision 0x17 up to 0x1a; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x5 up to 0x7; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x430 up to 0x433; - Update of cpuid:906C0/0x01 (JSL A0/A1) microcode (in microcode.dat) from revision 0x24000024 up to 0x24000026; - Update of cpuid:906E9/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906EB/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:906EC/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0xfa up to 0x100; - Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xf8 up to 0xfa; - Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xf8 up to 0xfe; - Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x5d up to 0x62; - Update of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) from revision 0x11d up to 0x123; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x411c up to 0x4121; - Update of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) from revision 0x12 up to 0x17; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update AMD CPU microcode to 2024-08-11 addresses CVE-2023-31315 (AMD-SB-7014): - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C); Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update Intel CPU microcode to 20240813: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000390; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0005c0; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x35; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x433; - Addition of cpuid:A06A4/0xe6 microcode (in microcode.dat) at revision 0x1e; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision 0x4121; - Addition of cpuid:C06F1/0x87 microcode (in microcode.dat) at revision 0x21000230; - Addition of cpuid:C06F2/0x87 microcode (in microcode.dat) at revision 0x21000230; - Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x32; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x430; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x411c; - Update of cpuid:50653/0x97 (SKX-SP B1) microcode (in microcode.dat) from revision 0x1000181 up to 0x1000191; - Update of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) from revision 0x4003604 up to 0x4003605; - Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003604 up to 0x5003707; - Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002703 up to 0x7002904; - Update of cpuid:50665/0x10 (BDX-NS A0/A1, HWL A1) microcode (in microcode.dat) from revision 0xe000014 up to 0xe000015; - Update of cpuid:506F1/0x01 (DNV B0) microcode (in microcode.dat) from revision 0x38 up to 0x3e; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003b9 up to 0xd0003e7; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x1000268 up to 0x10002b0; - Update of cpuid:706A1/0x01 (GLK B0) microcode (in microcode.dat) from revision 0x3e up to 0x42; - Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x22 up to 0x24; - Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xc2 up to 0xc6; - Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xb4 up to 0xb8; - Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x34 up to 0x38; - Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x4e up to 0x52; - Update of cpuid:806E9/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806E9/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EA/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EB/0xd0 (WHL-U W0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c000290 up to 0x2c000390; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of cpuid:90661/0x01 (EHL B1) microcode (in microcode.dat) from revision 0x17 up to 0x1a; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x5 up to 0x7; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x430 up to 0x433; - Update of cpuid:906C0/0x01 (JSL A0/A1) microcode (in microcode.dat) from revision 0x24000024 up to 0x24000026; - Update of cpuid:906E9/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906EB/0x02 (CFL-E/H/S B0) microcode (in microcode.dat) from revision 0xf4 up to 0xf6; - Update of cpuid:906EC/0x22 (CFL-H/S/Xeon E P0) microcode (in microcode.dat) from revision 0xf4 up to 0xf8; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0xfa up to 0x100; - Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xf8 up to 0xfa; - Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xf8 up to 0xfe; - Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xf8 up to 0xfc; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x5d up to 0x62; - Update of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) from revision 0x11d up to 0x123; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x411c up to 0x4121; - Update of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) from revision 0x12 up to 0x17; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x32 up to 0x35; - Update AMD CPU microcode to 2024-08-11 addresses CVE-2023-31315 (AMD-SB-7014): - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A00F11(ver:0x0A0011D5); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00830F10(ver:0x0830107C);

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.42.el6_10.tuxcare.els1.x86_64.rpm b4dbb0f38a1b5675000272c768360d7c71a0e30b273e0e7fdfd3149e118ff83c CLSA-2024:1729626489 TuxCare License Agreement 0 - CVE-2024-8927: Fix bypass of cgi.force_redirect configuration Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-8927: Fix bypass of cgi.force_redirect configuration

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 36cfbfcd5fe426d86fa8618d859347656e2c1242d842a62e4c1e5147690dac14 php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm ad2b61ddecfd767c5b72a1055f6478ca21eb33de09af83fdf998ad3658e80ea0 php-cli-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 98db5f483abb8b1cd2e6120a86cedfa982a832ef3dfd35d1d910684c3ac92566 php-common-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm af75eea509a9990767a5e002cb493e94a5386fd94983e3df3a9ce1ba582f0eb5 php-dba-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm eee52f61e28b9bee9d9ac553ac7acef26fd4f0689cba3951f0d54350509f0c67 php-devel-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm cb534c99fdeec37c28326254d1e15959aefeaf1cd7e09815e674ad4d3dd67eda php-embedded-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm bd6b45d7a0fae052bc7f3fccbe05890aa71d922d1fbfe49b5ccb8b6edfb8d01e php-enchant-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm a2799d68a161601dec8439506c4d62c15604d97bce8adb992b09d1c357640591 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 902388c3daf4c3f95ea2358dc8b948c6817eb9728fb3b7339581528963516f1b php-gd-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm a29e354bf1d09925ee75b28e5c1205ae1931f9d70d31194820c4102316881d67 php-imap-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm c9bc8154a7890202c0673a638bb7f1dcfe4b658fcf4556c0c4d29c926f22f99d php-intl-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm e6c0c319c4e0cb4d972fcbe5f370a8e2037b712855fc7735c6f12a4c0cfe10f5 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm aa8ea10c1c90b1bbe3055d666ecc706fc387b2b159d6718af60e51485897d162 php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 3a1bbbeaae7f075c27eb1ea80c4a60bc874f13058180bed33ae857e7c44c298e php-mysql-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 53c300e7ef628b2869a6185c24170c51b2e36c2db0a6808f9764fb3df8944768 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm a81c3617b0e09be077b16c3e5c717ede627e04ee3c8f061837a900b7592b4216 php-pdo-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm e0f2ffa9b1d8903ec9987496a8f84468d3484ab47557ca5b340f5af75bb0800b php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm dfd6b9b60346fe1e68f87f5d5a9579f48dc47160009c2ac2e27eb38e10a9f534 php-process-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 79ccaee69477b495e98dbb3f7e720eff1a08fecb59eba432913c0b410ca593e6 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm fc8cff0d814cb130b23d7e9782a119b4fd8d3dd4ba171cb13ebf460755d83352 php-recode-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 954193334bc7ea39c7da66a7dd1ab6f9b96dd0d46e0fd4f843b1f2ae997a8fd4 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm f843edd3367b2627bde1a4bf42b7b69c959b424ec96ef5174ae3b0d7ec117d5c php-soap-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm ed6bf3657ebfd30df5dac9e87dc649ecd393092ed8e27924669173ee5bb03ee3 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm dd20b9b9cd8caa8120da3b78540f6fd6e168ab9c4f306ad55dbf04404d48e83d php-xml-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 03d98cdc6882b22e076669a777dfe31b691b44edd6532c5af5e0b362366da848 php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm 5551e36ce000abad92e5e865b84f9aae92f183605b5e3b93d72a1634f1e559e3 php-zts-5.3.3-50.el6_10.tuxcare.ol.els8.x86_64.rpm eedf63498731c7b7adfadf4aa0228467ed54344df30b8478ef5574a56c98499f CLSA-2024:1730369378 TuxCare License Agreement 0 - CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 082e2bacee62868fb61a1899066fae0a636d74be927e8f61cbbe94b90fe9e0b4 php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm cd37873be42a000587bdd0aca75fceda0486963633e45474769613ea4a5c6bb0 php-cli-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 1b677ebb4fa4f35dcf9e6f9972077c3071b7ec26a7dab30e841d34046ba3bba3 php-common-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 33c63b4455ea7be70f60e2b5029e440e00af02e589e47a02f5ccc0ff892f6873 php-dba-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 60ba4872a6855921d07bd21fb00746bd28372bf4853ba03e5c9ad4201f2912fd php-devel-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 3b6205a2ce023f619f39ae6a7233c120d9c27ef0a22a7edc734f455330fa1478 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 03919851053adbaa633c0c16cdd57cd69dfa8bb150295e6ad0c88806f613b65e php-enchant-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 2a2abbe280ae738e5c1fd1518145dd31c86c76b3b285480405f89ca4ce95b22f php-fpm-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 48802bcee2b2700d04cb1319dd2995318512610e0d2d0f88d06164bd69287d36 php-gd-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm b50815d725e4a82fcdb90484c8273c73bfeba1edcb340105e3bdd4399339df71 php-imap-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 74ea51922bcebe638fc0a5e43f9863b523a90d05757a462042d24b0633c91758 php-intl-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm a67028268acbc9a5ddc545685b6be9a36fde326327b58618f70568b8320b2890 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm d0e2f2b481c94cb76e4969b40a36c02d68bf84f9cfabc0b432d62ce1805cb91a php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 56daa9d5565f307ac88d823dd311f475790fb016069bdad0a24f2d3438ebad42 php-mysql-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm d5320a9766e4f9e2c93d4dbf07fc448a9586c19f718967f615d683749645ed95 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 37d549a32f141ddf7141b781a127fbcee078772ded2d88095b6f460a820d0477 php-pdo-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 4929e3688363ec40483d35ff474be8b120b03ff0c586b40338dbbca8381fa4ac php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 919e4a250cd8ce10f6598fcec5911598c252141c1f542770b13fb65be40cd921 php-process-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 2db026aedf94f91e3a9061d0c03998e59eb948b349e9b2064e58b440b4fabe6c php-pspell-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 07aa79ec5f3b1c6cd7fd512c5a7a77e456fc8206e2ca9fce61d7c331943a5630 php-recode-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 1b390122ee6377fdc49e56e41992525fb68f49d0be855421bf04240b40437c08 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 67852fe0c29fcee90c7e2d5266bbd0917f6860b77939c5c62ff19d8c9911ead4 php-soap-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm ccb716389f7baf417e0d090720944a082c9cc7c90b2f686921202ba738382eaa php-tidy-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 93c54788e9c168282123964d799b75774c80f4f4153e9073a3c49802bbe91e33 php-xml-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm ad58285573731e48be0da8dc6a0ec1a1613d669e35297906c662a27caa5da0d1 php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm 9b8ca0c02803f76c16be1bfea2c9888dfa6e156e03d93e5f9387d883ad366bbc php-zts-5.3.3-50.el6_10.tuxcare.ol.els9.x86_64.rpm e5c7b98e8e8d9af74421084dc948f7f5e46a84eab32fbcccb6eea65a1ab9a98a CLSA-2024:1730915558 TuxCare License Agreement 0 - update to CKBI 2.69 from NSS 3.103 - updated certificates: - # Certificate "GLOBALTRUST 2020" - # Certificate "OISTE WISeKey Global Root GC CA" - removed certificates: - # Certificate "Security Communication Root CA" - # Certificate "Camerfirma Chambers of Commerce Root" - # Certificate "Chambers of Commerce Root - 2008" - # Certificate "Global Chambersign Root - 2008" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - added certificates: - # Certificate "D-Trust SBR Root CA 1 2022" - # Certificate "D-Trust SBR Root CA 2 2022" - # Certificate "Telekom Security SMIME ECC Root 2021" - # Certificate "Telekom Security TLS ECC Root 2020" - # Certificate "Telekom Security SMIME RSA Root 2023" - # Certificate "Telekom Security TLS RSA Root 2023" - # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - remove duplicated certificate record: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.69 from NSS 3.103 - updated certificates: - # Certificate "GLOBALTRUST 2020" - # Certificate "OISTE WISeKey Global Root GC CA" - removed certificates: - # Certificate "Security Communication Root CA" - # Certificate "Camerfirma Chambers of Commerce Root" - # Certificate "Chambers of Commerce Root - 2008" - # Certificate "Global Chambersign Root - 2008" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - added certificates: - # Certificate "D-Trust SBR Root CA 1 2022" - # Certificate "D-Trust SBR Root CA 2 2022" - # Certificate "Telekom Security SMIME ECC Root 2021" - # Certificate "Telekom Security TLS ECC Root 2020" - # Certificate "Telekom Security SMIME RSA Root 2023" - # Certificate "Telekom Security TLS RSA Root 2023" - # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - remove duplicated certificate record: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"

0 tuxcare-oraclelinux6-els ca-certificates-2024.2.69-60.1.el6.tuxcare.els1.noarch.rpm 22d3f54a7266e44a169b9747caa68ab174fa0fae4e08b470b5fc114bbdf31fe0 CLSA-2024:1730915716 TuxCare License Agreement 0 - update to CKBI 2.69 from NSS 3.103 - updated certificates: - # Certificate "OISTE WISeKey Global Root GC CA" - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed certificates: - # Certificate "Security Communication Root CA" - # Certificate "Camerfirma Chambers of Commerce Root" - # Certificate "Hongkong Post Root CA 1" - # Certificate "Chambers of Commerce Root - 2008" - # Certificate "Global Chambersign Root - 2008" - # Certificate "E-Tugra Certification Authority" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "TrustCor ECA-1" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - added certificates: - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "D-Trust SBR Root CA 1 2022" - # Certificate "D-Trust SBR Root CA 2 2022" - # Certificate "Telekom Security SMIME ECC Root 2021" - # Certificate "Telekom Security TLS ECC Root 2020" - # Certificate "Telekom Security SMIME RSA Root 2023" - # Certificate "Telekom Security TLS RSA Root 2023" - # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - remove duplicated certificate record: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.69 from NSS 3.103 - updated certificates: - # Certificate "OISTE WISeKey Global Root GC CA" - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed certificates: - # Certificate "Security Communication Root CA" - # Certificate "Camerfirma Chambers of Commerce Root" - # Certificate "Hongkong Post Root CA 1" - # Certificate "Chambers of Commerce Root - 2008" - # Certificate "Global Chambersign Root - 2008" - # Certificate "E-Tugra Certification Authority" - # Certificate "TrustCor RootCert CA-1" - # Certificate "TrustCor RootCert CA-2" - # Certificate "TrustCor ECA-1" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - added certificates: - # Certificate "LAWtrust Root CA2 (4096)" - # Certificate "Sectigo Public Email Protection Root E46" - # Certificate "Sectigo Public Email Protection Root R46" - # Certificate "Sectigo Public Server Authentication Root E46" - # Certificate "Sectigo Public Server Authentication Root R46" - # Certificate "SSL.com TLS RSA Root CA 2022" - # Certificate "SSL.com TLS ECC Root CA 2022" - # Certificate "SSL.com Client ECC Root CA 2022" - # Certificate "SSL.com Client RSA Root CA 2022" - # Certificate "Atos TrustedRoot Root CA ECC G2 2020" - # Certificate "Atos TrustedRoot Root CA RSA G2 2020" - # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" - # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" - # Certificate "TrustAsia Global Root CA G3" - # Certificate "TrustAsia Global Root CA G4" - # Certificate "CommScope Public Trust ECC Root-01" - # Certificate "CommScope Public Trust ECC Root-02" - # Certificate "CommScope Public Trust RSA Root-01" - # Certificate "CommScope Public Trust RSA Root-02" - # Certificate "D-Trust SBR Root CA 1 2022" - # Certificate "D-Trust SBR Root CA 2 2022" - # Certificate "Telekom Security SMIME ECC Root 2021" - # Certificate "Telekom Security TLS ECC Root 2020" - # Certificate "Telekom Security SMIME RSA Root 2023" - # Certificate "Telekom Security TLS RSA Root 2023" - # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" - remove duplicated certificate record: - # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"

0 tuxcare-oraclelinux6-els nss-3.44.0-12.el6.tuxcare.els6.i686.rpm 2cbc0f9213fdfd61024387fcb475d04e7b576bb2652ee9d56385c7729e600e08 nss-3.44.0-12.el6.tuxcare.els6.x86_64.rpm 93cfd3f8a9fe0f5ceb9f3d346d9f638dfbbc34607caab4d0333a517e7c649240 nss-devel-3.44.0-12.el6.tuxcare.els6.i686.rpm d4cc0ca8f1a0418fc92411766176221630449b9bf4048d4e357445c8b78b8a64 nss-devel-3.44.0-12.el6.tuxcare.els6.x86_64.rpm 22f996c198610b1640c38059ef159462a71328122086759a8f59636f3d8d29f7 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els6.i686.rpm 0b7093d5d9e4ce0a53cbf775e05f8448fd83619fa533bdabde69a210c0b1426f nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els6.x86_64.rpm 3a4569e4b805b08468f20e7b8ae424b3023ee95eb5b28a02dc1a0036fed992cf nss-sysinit-3.44.0-12.el6.tuxcare.els6.x86_64.rpm 15d4a060ffea627b92af1e7b9dd086e4eb3eac43b253792d08622e6487a98dc3 nss-tools-3.44.0-12.el6.tuxcare.els6.x86_64.rpm e82c2f9dfcea71bb6f079a45d9f52ec8dfcdde21ad01531c104ac29565c04e39 CLSA-2024:1732703448 TuxCare License Agreement 0 - CVE-2024-45802: disable ESI Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-45802: disable ESI

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els8.x86_64.rpm e99fed8463a5dcf1b7de599c9e5099c94ddb8d830531de99f25d7a902cf0e27e CLSA-2024:1732704094 TuxCare License Agreement 0 - CVE-2024-45802: disable ESI Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-45802: disable ESI

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els13.x86_64.rpm 5c98ed9b456365849932ffeb7be6c92cec26873d158864f5a778462b73e36c3d CLSA-2024:1733142398 TuxCare License Agreement 0 - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails {CVE-2022-49029} - ppp: fix ppp_async_encode() illegal access {CVE-2024-50035} - ext4: no need to continue when the number of entries is 1 {CVE-2024-49967} - net/packet: fix slab-out-of-bounds access in packet_recvmsg() {CVE-2022-20368} - packet: in recvmsg msg_name return at least sizeof sockaddr_ll {CVE-2022-20368} - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb {CVE-2022-1679} - Squashfs: sanity check symbolic link size {CVE-2024-46744} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails {CVE-2022-49029} - ppp: fix ppp_async_encode() illegal access {CVE-2024-50035} - ext4: no need to continue when the number of entries is 1 {CVE-2024-49967} - net/packet: fix slab-out-of-bounds access in packet_recvmsg() {CVE-2022-20368} - packet: in recvmsg msg_name return at least sizeof sockaddr_ll {CVE-2022-20368} - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb {CVE-2022-1679} - Squashfs: sanity check symbolic link size {CVE-2024-46744}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm bad3acbf8a2382e465f1925e2e18a676defd8ced08598461c29fda5eaf158110 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els19.noarch.rpm 27cfe0481423024dbdf55fd7f4502e03f9f30a01feb0c73a536985cbb748d3b2 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm 38796dc97d3c5f135be6f88269e5864abc7b4b89a7e2d498f504a9a3784f2003 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els19.i686.rpm e79dc9836e931e64ffee884bd4a84b0ae288dfe67cc3adaf6b6be1b466fa5bb8 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm d549424dc291680e0a8b3bd5a7be9ed43d728c6c8bd7805e07187662a9b35c97 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm bb4bf5dcbd414220a4040eaeef20be335ca0d123a5fbdb80e0a057548b84a67c kernel-doc-2.6.32-754.35.8.el6.tuxcare.els19.noarch.rpm 4949d6706bf4b439c7d05e62b2f4ff391d87f40d21a063d5a916524f20cad75f kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els19.noarch.rpm 8b7591e0cb19b835177895827376e1a933e9549b651d287353947bf3f40957bc kernel-headers-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm b00fb21fde6572f2d4444bfbdcb4ab825abe52a19121abf20abfec885096ce20 perf-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm 64b55e74760cdda622f8662e97644f7cca904f79bb8b9e5bcbee3bb10905f83c python-perf-2.6.32-754.35.8.el6.tuxcare.els19.x86_64.rpm d0e9d34533a5975c5c4f26cef3e175f0f0db1d5bdfc08f6700af15916ea4754b CLSA-2024:1734543983 TuxCare License Agreement 0 - CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm a85597b4658c1a4f429b9131edb6256c48894d95e9018619a3078b7f0d6f002a php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 51df4f668c5426a543b2ff2d58c9821360bc343f224d24bd5050529fe488cc17 php-cli-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm e803f608beaefe06d67cfafb9cc0514473ae68a4b8fab24aa0a850f88b21887c php-common-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm ee02c27834523fc19a088ada08bb5ea2cd8c6dfa14855c54c6cffbdd16c403dc php-dba-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 368b368449a0e757dd81e695caa581da6802d3ef1c3eba301f735ff4e9fb4917 php-devel-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm d9d34a244e39c7fc205c827b80516e8a6860c6d831ebe2a663df4d8955b7f1fe php-embedded-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 4aa0db7f6cb881625c8f21c1199caf61f02c9cdd10b768b10479a4c6f35403b5 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 14fa375b58264610a2e42c95508ff3f3e218e32d3d4c154e8de03948e12bab2f php-fpm-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 1eeb75216516752b2665357ff102f4aa0edffde8e8cce349a88687baad96a6f3 php-gd-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 9d32af96f36024758096d7f4c33c1734426f17a990db572d9b9d266b952d82d0 php-imap-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 3beb53f2db8daeed8259ac772491ca37c6a21fb846f1383fe45311ab1e2eb3f8 php-intl-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm b7abd2ed3f34dc653605144c26bd4e571130499965f098b0e21011a2c180b332 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm ac498fd44be4c52b359d19926865a6d8f920fed2cb9b2e2a671bf793f0abaacc php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 54a221a1e1f30fca62bf881a53ef8754c0dcd03e145f2909077e9dbc3293639e php-mysql-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 6f6b6997629fc4c0a792720577e588168764675ee4b3b8b71fab01669bc9168f php-odbc-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm fbe1e90b2cfad1856248c8ee3da3dea587f808e43eb8f802a759b04bb0046616 php-pdo-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm d73644825c36911218710445341043a91d3b47af5c0c62ef6ea6d26db5436d51 php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm fadcc3384681e28509499154e870be30ad9ec7648b86946272a0396d662e84b1 php-process-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm d3e1a94401bb505af24ae707a1e67fa4410194133c48fbb76718e127fc311edc php-pspell-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm b873d8c7d489bbbfc9eed42003a48a518d94a79a9e600532a87809e5df7ddf70 php-recode-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm bac39d3519b535f316daf5157d1cae7110997821dc76f9bb34cc93e33d14d67d php-snmp-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm f1f5a6ad407e9c6af9252cf70a41ee40a7209c64c8cca39b05ba6a73ff2f4915 php-soap-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 2e640e0e6f24f275502af5cb69e575d0385a6dc49fefdbf5f9cf1d226da436e3 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm c884cf1b4a2f41046254c5e59df5c74bbc3b9df1b83424308c21d9f0a0129084 php-xml-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 8b1b1d79def30c392335118440059792e92a3be8d1e7cebe1487c63ca6fec61e php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 96d8cccaf86ffb1665247a6f5375a3668f8aeca9acb2dd248f16f78d434337d3 php-zts-5.3.3-50.el6_10.tuxcare.ol.els10.x86_64.rpm 690814348fe321f3ab3cf4d668fc77d249c8c0f1da49d5dcb0057d06ff2ff519 CLSA-2024:1735128099 TuxCare License Agreement 0 - CVE-2020-13817: randomize transmit timestamp in client requests Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-13817: randomize transmit timestamp in client requests

0 tuxcare-oraclelinux6-els ntp-4.2.6p5-16.el6.tuxcare.els1.x86_64.rpm 7b535a6019f306b9d2e6feefb00c207adde94ae6f37d87c07e788acd53f76b16 ntp-doc-4.2.6p5-16.el6.tuxcare.els1.noarch.rpm 9e957c082e07991020ea46fa8910dcae672e6517d0bc952662bb576db4cc02d8 ntp-perl-4.2.6p5-16.el6.tuxcare.els1.x86_64.rpm e76103d9db60448c51a213480c201237724299af04b5e3670f5cb86710fca902 ntpdate-4.2.6p5-16.el6.tuxcare.els1.x86_64.rpm cb6e69a32012758c9bba8750e98f65dfccca50a489ac152b77fa6d6e0c160b9f CLSA-2024:1735132237 TuxCare License Agreement 0 - CVE-2024-11234: fix stream HTTP fulluri CRLF injection Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-11234: fix stream HTTP fulluri CRLF injection

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm ef4bfb316a436e61d149ea38fff8e5ba81a0fd07e4971e97572bd7b8e239af1c php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 86681588d2a365f8e5753e34f053276fbe6c43824884924eeb32cf13c5b755a2 php-cli-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 4396d00941d7be4db20b9293437496ceb2b5a5632014dd4e8e22b187207173a5 php-common-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm cef3b6ee66d3946c6e828ff905afa73efb1dd72cd2ec04943e83a2cf12c9fc13 php-dba-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm a32ebbb994a3e4545b7780b0f31b48c831225428e11abfaa96bc8480d09ed085 php-devel-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 485e5b9e54fd1f9039b59507dd2e1e41dd5a70bf939d21a35c5bb76d1006db51 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 1363e21a0bf652b1da722ec31bf5079b7f7f3391232f43cd24597a914f1f6e8e php-enchant-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm a0f3b8e4628c57d8b7bea00c3c00d3a6cc9c8d0dfe93da889465ffbe029b4fa1 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 7397ddea681a80980434d68784a6885712a140641a02baf9337095286703954d php-gd-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm b815e9e9c109da0624eb21377a4994b675f34aa15938069fbbfd9e6d6f4c4a4b php-imap-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 8b1599cb4a96f7d0c0a7f5531c174619e2b8e0d6ee4d7cf3fe2288edc1c3e261 php-intl-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 79d557c86b42e4b611d726e892d6114bbf08db0a5413172d77837c5a467205ad php-ldap-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm bb75385ee9c2cbbce533db0fda3468948dee2352b9b3af9efd2062fafac0f685 php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 76a818df09abed71de2e48edcda94759928b276b7603c4f86408b3a7c2d3f0aa php-mysql-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 011f89869353a868b2509c98a9d17177273d8ee473fcda7e7a560c10395e77d9 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 675c7590821b20f52afca34b888d637cb9cc06e8867f4b909272a5e1ece35b01 php-pdo-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 2432c0e5aa8b9aab6a6dcef1b74c132cebe5491542e1341c5b2ade89cdc67f4a php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 61a675367bb8545c5826c5892ef2c6decae47dbed6786caad049581abf84ef44 php-process-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm c05cd69a8cbb34cba0ae70a82ed1fcd663b7c333764ce55563adc9c906c97e6d php-pspell-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 24be3042f0dfed71f452c4f3d862895d784f66e32a5ba42c03c3a9870bd32b8a php-recode-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 78ffabbf74537d6cfe3dff3774a5acad7f5050f1e1af9a6c18e7765115570f6d php-snmp-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm e3bc188b945dd91ed6d29e7a374cdd34cbe34f260883665b28dc4fda4e41eeb8 php-soap-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 906747bd30b093d49186ade6a6c11b036b8385702f38c49b5e6365bdb874f19e php-tidy-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 299625fd0c208a2a1e9b826e2eb95137d0fe0e78bcd762292c4ce81ab72c8e25 php-xml-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 42314307d65907e2fcb0fac2e38d35c6d8f384a95381fe4d9b955ca961483cda php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 7604c8cdc58b5f76663b1eb60a7fb7f0a556a0fcaa9610d3888e0c01719e64b4 php-zts-5.3.3-50.el6_10.tuxcare.ol.els11.x86_64.rpm 3990c8f667facb8a4d19f5bfcb2429f1f5ed85e39ced5335f181d233e43f19bf CLSA-2025:1737153705 TuxCare License Agreement 0 - CVE-2024-25617: Improve handling of expanding HTTP header values to prevent DoS Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-25617: Improve handling of expanding HTTP header values to prevent DoS

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els9.x86_64.rpm 3c62122725f07ea64b703d007bda76cebfbab5b24c01f8f2808a582ecf1f9145 CLSA-2025:1739352814 TuxCare License Agreement 0 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format {CVE-2024-53104} - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() {CVE-2024-35849} - net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603} - netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650} - scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227} - ALSA: seq: Fix race of snd_seq_timer_open() {CVE-2021-47281} - btrfs: fix use-after-free when COWing tree bock and tracing is enabled {CVE-2024-56759} - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604} - initramfs: avoid filename buffer overrun {CVE-2024-53142} - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() {CVE-2021-47191} - media: edia: dvbdev: fix a use-after-free {CVE-2024-27043} - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT {CVE-2024-53057} - Input: powermate - fix use-after-free in powermate_config_complete {CVE-2023-52475} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format {CVE-2024-53104} - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() {CVE-2024-35849} - net: af_can: do not leave a dangling sk pointer in can_create() {CVE-2024-56603} - netfilter: x_tables: fix LED ID check in led_tg_check() {CVE-2024-56650} - scsi: bfa: Fix use-after-free in bfad_im_module_exit() {CVE-2024-53227} - ALSA: seq: Fix race of snd_seq_timer_open() {CVE-2021-47281} - btrfs: fix use-after-free when COWing tree bock and tracing is enabled {CVE-2024-56759} - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() {CVE-2024-56604} - initramfs: avoid filename buffer overrun {CVE-2024-53142} - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() {CVE-2021-47191} - media: edia: dvbdev: fix a use-after-free {CVE-2024-27043} - net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT {CVE-2024-53057} - Input: powermate - fix use-after-free in powermate_config_complete {CVE-2023-52475}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm a2b0d02cbc605fddbc19a86713f216785849c6d5980df299dbea3a887178bd6b kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els20.noarch.rpm 2154ef3c9d8bd0bf91683419be9fc1e9b72b26741d84b01938785e75a85be9af kernel-debug-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm de3ddbe79a7e4ca8a0dc2d09450bbca322a1cb3c95e673ac3a026db00fcec742 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els20.i686.rpm 6217bf234af408a5005a9bb259bbc805ad3c4aeb2ad0e08da788cf53a60e41fa kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm c514264118c0ce656c6732587d6f1f635589ff9896d80b48415ed1f351783788 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm a0eedb1c794f2a700ff6b8c49df75aa2170aa7ae1b3f9986bfaef8f797cdc268 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els20.noarch.rpm f99266c1d828f794a9bb9f0179441aea8e8037699a51c693ba0668ed9860218c kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els20.noarch.rpm ab098674b96987f1f331f08701b257ebdb46bf2a084cb9ab6eb4d81ab60c8e72 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm 25a7bda4938f5694702ef9c0ba7b2e1695e38e2bcc986c3098aaf0e8267266e5 perf-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm bc42eb38d857b2e6a87bd932e037b359f78b568edabe33ea52be27ef39f01da0 python-perf-2.6.32-754.35.8.el6.tuxcare.els20.x86_64.rpm 80d3b8b7b6d83b1245a1708408cfc3c47fe43eca3c446c1f92299d4c7538917f CLSA-2025:1740598467 TuxCare License Agreement 0 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173} - ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150} - misc/libmasm/module: Fix two use after free in ibmasm_init_one {CVE-2021-47334} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173} - ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150} - misc/libmasm/module: Fix two use after free in ibmasm_init_one {CVE-2021-47334}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm 51a341a79555da6c9389921be97fd561a8c567c30dc06c2f196fbb9c6f3c5499 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els21.noarch.rpm 8de7ac96ec8d61f8bcbbdb08e3cb49a4a02ff90358d5a0ed777b88d385037481 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm b0286f8be3129ec44c837841b401927e16e607b01489f0ca5e42c1f92a2deff4 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els21.i686.rpm f51e1f018ffa1ebd377eca60945fd94c6147a9182e66ec3eeebffbabb49b7803 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm 4f99f52737d4dfcc8463c60fdff1de41e70cd235b07af8a141af7032de7644c2 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm 34795a8561337b2e9970c5063690ca6308d63a24ed84cdc8276b2f878a8b7d0d kernel-doc-2.6.32-754.35.8.el6.tuxcare.els21.noarch.rpm 6a5929620ee29f42bfcb81dd1f4b02374fcba349d676b62ee6c7551f1903dc50 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els21.noarch.rpm 47acf7d2851fd75a7711a895181a04a66fbca3a05f26b38a17e81247777a43ef kernel-headers-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm 58d5f3344f05c20482ba101cccc97b771f46ff4030052b4e5671ac92c1ba45c2 perf-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm ef89379666b169d2dfa10f1f1ed2c5f95a2b367044a6244f51d8ea31dd47ba76 python-perf-2.6.32-754.35.8.el6.tuxcare.els21.x86_64.rpm 3231ec2ed855cd293054a6471a709d11ea365cf213acaa38ce2709b388001e90 CLSA-2025:1740823520 TuxCare License Agreement 0 - CVE-2024-11187: Limit the additional processing for large RDATA sets Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-11187: Limit the additional processing for large RDATA sets

0 tuxcare-oraclelinux6-els bind-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm 81095b11918b78ef3cf08b5fe8559f7be7e28d9d93bb85652d2bcf8c8ad78d05 bind-chroot-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm 1b512d3f810be7f6f1f7c5a64c1bfd40378d15fefaf5627bac90a9203142aec2 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els10.i686.rpm f351c95a897b731f3a47e7aa44e9dfe66043bad5279f550d505c0724c8bdfed5 bind-devel-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm dc7213f31d784daed94b1795ec551a3efef985d1fea054ddf4f6bb0b0bf526bc bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els10.i686.rpm 095939b2d64bdad02d13e13f012d9ae8c9141c8f6391c811088c188d8cbbd473 bind-libs-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm fae9b96bb4027f3ab16ccf179e5f6298a671901e418ada55cc5f56a9bfd66824 bind-sdb-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm 479b4c3b45be208fcbfd6eae911f0c2f4475492326d2b1e9b0dd0292d5157fac bind-utils-9.8.2-0.68.rc1.el6.11.tuxcare.els10.x86_64.rpm 3794e551612d5543086e4485895e0e0c57ec57a24fbbc82188d90b3fd86d4b18 CLSA-2025:1741629091 TuxCare License Agreement 0 - CVE-2025-27113: fix compilation of explicit child axis Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-27113: fix compilation of explicit child axis

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els6.i686.rpm 663fbfe93bb55038b3c98bbb10b1bd1d447c8f3d91800cdda896c42b55be1ff9 libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els6.x86_64.rpm 620ea896cbbbfbf161ed89060705a91004a198f52788411ebde48be894997465 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els6.i686.rpm f9d1ce6b25dec8d578c240501232e3182b1dc0cb0f03a236270cd678cadf5ea9 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els6.x86_64.rpm 480548ce0406a8861edcd63671d3320a4be8ca9c1810e70b8d0a39334a5f2319 libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els6.x86_64.rpm d9687ad071478836d9822b4ab64b128cf9e802b6d67bae33c2143631648fef5c libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els6.x86_64.rpm 7f0fcb358a9e7683c17b5313e3d49284b5c03459d0c470d7be978011f7cdf4e9 CLSA-2025:1741964468 TuxCare License Agreement 0 - CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-0840: fix stack-buffer-overflow at objdump disassemble_bytes

0 tuxcare-oraclelinux6-els binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els8.x86_64.rpm 5ceac0801de8ebbfb002f64392241942a174782cf5b87c2190661cb543605e03 binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els8.i686.rpm 6d453acc45efa6dcb4fdddc5a69802c07b0c2a62ffb99e0ffa5bac49cddf7974 binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els8.x86_64.rpm eb53517e062e9e3d1f2e77989561f390e091572ad7f546f3ca4fd8440a39bc19 CLSA-2025:1747058711 TuxCare License Agreement 0 - CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els8.i686.rpm b5900fe065339bd5814b6957f470ecc65ddb121cba1644937279b9342fdd34d1 libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els8.x86_64.rpm a1b1002a6f95c2dd733022a495e6ff309c8d874e33cb23e7415b17251d5422a3 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els8.i686.rpm e366dddb8a03a79f19a1255e6b141c0fd45594d628ed1b61dd30e36b40d19974 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els8.x86_64.rpm 213b08ffb19c035daecb892e472faa018f488d7af02bc322cf964d9dccb8645f libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els8.x86_64.rpm 19b365c32fbb286879dbb3248e9231242638026ca2f311a017ebcb31c1813811 libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els8.x86_64.rpm 12f79a20a5013e91a3c8ddeeed840d85f30230abc7fe9142d73520c5bf7a81e2 CLSA-2025:1747691270 TuxCare License Agreement 0 - Update Intel CPU microcode to 20250211: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c0003e0; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b000620; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x38; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x436; - Addition of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) at revision 0x3000330; - Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x12c; - Addition of cpuid:B0674/0x32 microcode (in microcode.dat) at revision 0x12c; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4124; - Addition of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) at revision 0x1c; - Addition of cpuid:B06F6/0x07 microcode (in microcode.dat) at revision 0x38; - Addition of cpuid:B06F7/0x07 microcode (in microcode.dat) at revision 0x38; - Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x21000291; - Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision 0x2c000390; - Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at revision 0x2c000390; - Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision 0x2c000390; - Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000390; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x35; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x433; - Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x123; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4121; - Removal of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at revision 0x4121; - Removal of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision 0x4121; - Removal of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) at revision 0x17; - Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x21000230; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003e7 up to 0xd0003f5; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x10002b0 up to 0x10002c0; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c000390 up to 0x2c0003e0; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b0005c0 up to 0x2b000620; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c000390 up to 0x2c0003e0; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b0005c0 up to 0x2b000620; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c000390 up to 0x2c0003e0; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b0005c0 up to 0x2b000620; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b0005c0 up to 0x2b000620; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x35 up to 0x38; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x7 up to 0x9; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x433 up to 0x436; - Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xf8 up to 0xfa; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0x100 up to 0x102; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x62 up to 0x63; - Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from revision 0x1e up to 0x20; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x4121 up to 0x4124; - Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision 0x4121 up to 0x4124; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x35 up to 0x38; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x35 up to 0x38; - Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from revision 0x21000230 up to 0x21000291; - Remove old firmware versions: 06-8f-04, 06-8f-05, 06-8f-06, 06-ba-08; - Update AMD CPU microcode to 2025-04-10: - Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A70FC0(ver:0x0A70C005), cpuid:0x00A70F52(ver:0x0A705206), cpuid:0x00A00F82(ver:0x0A00820C), cpuid:0x00A40F41(ver:0x0A404107), cpuid:0x00A70F80(ver:0x0A708007), cpuid:0x00A20F10(ver:0x0A20102D), cpuid:0x00A70F41(ver:0x0A704107), cpuid:0x00A60F12(ver:0x0A601209), cpuid:0x00A10F81(ver:0x0A108108), cpuid:0x00A50F00(ver:0x0A500011), cpuid:0x00A20F12(ver:0x0A201210); - Addition AMD CPU microcode for processor family 0x17: cpuid:0x00870F10(ver:0x08701034), cpuid:0x00860F01(ver:0x0860010D), cpuid:0x00860F81(ver:0x08608108); - Update AMD CPU microcode for processor family 0x17: cpuid:0x008A0F00(ver:0x08A0000A); None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update Intel CPU microcode to 20250211: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c0003e0; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b000620; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x38; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x436; - Addition of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) at revision 0x3000330; - Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x12c; - Addition of cpuid:B0674/0x32 microcode (in microcode.dat) at revision 0x12c; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4124; - Addition of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) at revision 0x1c; - Addition of cpuid:B06F6/0x07 microcode (in microcode.dat) at revision 0x38; - Addition of cpuid:B06F7/0x07 microcode (in microcode.dat) at revision 0x38; - Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x21000291; - Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F4/0x10 microcode (in microcode.dat) at revision 0x2c000390; - Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) at revision 0x2c000390; - Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F6/0x10 microcode (in microcode.dat) at revision 0x2c000390; - Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000290; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000390; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0004d0; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b0005c0; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x35; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x433; - Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x123; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4121; - Removal of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) at revision 0x4121; - Removal of cpuid:B06A8/0xe0 microcode (in microcode.dat) at revision 0x4121; - Removal of cpuid:B06E0/0x11 (ADL-N A0) microcode (in microcode.dat) at revision 0x17; - Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x21000230; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003e7 up to 0xd0003f5; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x10002b0 up to 0x10002c0; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c000390 up to 0x2c0003e0; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b0005c0 up to 0x2b000620; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c000390 up to 0x2c0003e0; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b0005c0 up to 0x2b000620; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c000390 up to 0x2c0003e0; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b0005c0 up to 0x2b000620; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b0005c0 up to 0x2b000620; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x35 up to 0x38; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x7 up to 0x9; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x433 up to 0x436; - Update of cpuid:906EA/0x22 (CFL-H/S/Xeon E U0) microcode (in microcode.dat) from revision 0xf8 up to 0xfa; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0x100 up to 0x102; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x62 up to 0x63; - Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from revision 0x1e up to 0x20; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x4121 up to 0x4124; - Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision 0x4121 up to 0x4124; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x35 up to 0x38; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x35 up to 0x38; - Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from revision 0x21000230 up to 0x21000291; - Remove old firmware versions: 06-8f-04, 06-8f-05, 06-8f-06, 06-ba-08; - Update AMD CPU microcode to 2025-04-10: - Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A70FC0(ver:0x0A70C005), cpuid:0x00A70F52(ver:0x0A705206), cpuid:0x00A00F82(ver:0x0A00820C), cpuid:0x00A40F41(ver:0x0A404107), cpuid:0x00A70F80(ver:0x0A708007), cpuid:0x00A20F10(ver:0x0A20102D), cpuid:0x00A70F41(ver:0x0A704107), cpuid:0x00A60F12(ver:0x0A601209), cpuid:0x00A10F81(ver:0x0A108108), cpuid:0x00A50F00(ver:0x0A500011), cpuid:0x00A20F12(ver:0x0A201210); - Addition AMD CPU microcode for processor family 0x17: cpuid:0x00870F10(ver:0x08701034), cpuid:0x00860F01(ver:0x0860010D), cpuid:0x00860F81(ver:0x08608108); - Update AMD CPU microcode for processor family 0x17: cpuid:0x008A0F00(ver:0x08A0000A);

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.43.el6_10.tuxcare.els1.x86_64.rpm cbe7f1f4a7bb012ce7aae7537a9ecb53df84a969041c761ab3aeabe60a5c909a CLSA-2025:1748365686 TuxCare License Agreement 0 - ext4: fix OOB read when checking dotdot dir {CVE-2025-37785} - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() {CVE-2025-21993} - media: uvcvideo: Fix double free in error path {CVE-2024-57980} - jffs2: Prevent rtime decompress memory corruption {CVE-2024-57850} - wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234} - udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143} - wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads {CVE-2022-49740} - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() {CVE-2021-47636} - kvm: avoid speculation-based attacks from out-of-range memslot accesses {CVE-2021-47277} - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() {CVE-2021-47219} - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() {CVE-2022-48702} - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- ext4: fix OOB read when checking dotdot dir {CVE-2025-37785} - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() {CVE-2025-21993} - media: uvcvideo: Fix double free in error path {CVE-2024-57980} - jffs2: Prevent rtime decompress memory corruption {CVE-2024-57850} - wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234} - udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143} - wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads {CVE-2022-49740} - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() {CVE-2021-47636} - kvm: avoid speculation-based attacks from out-of-range memslot accesses {CVE-2021-47277} - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() {CVE-2021-47219} - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() {CVE-2022-48702} - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm 2ea186a597d981b675b2aaa6f19155011e0a87919c2f45857daed954ec0ead23 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els22.noarch.rpm dbdb81b8f642085b24e4ad76a56c1f00b915051a5f2c963f88a67947807910ab kernel-debug-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm e41af03f7645d04b43b38df57c711d4bfcae7932da723e0ef26897867ca10b55 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els22.i686.rpm 856d857fad9c95c19e390a68ba5f5111852b7b2a555c0006a0b9fd0328974bdf kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm 84d41a1130938f41c13791ade2451f43284d7029b9464e59c11bdcbdba27c46a kernel-devel-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm 92a52fd0ab9e9efa4eda8d4fc2d4f32453386d5c9dc59499e1aa29d3ff1be331 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els22.noarch.rpm 5adbe3a216b9124128021e07b59b9765c7fa12621ff35a8549dc826119490304 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els22.noarch.rpm eb1b39ed307006a474732c87c56c55d75d22efea8c0a101938ecf4d63ef91f75 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm bc2bd96c7f9d877dfcd20a3cdc8bd501929bd695f1c5f381b9627733907d4c83 perf-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm f9d9494787855015dd051359b1e6d27e7e1aefb1ea9f9007424abf9448efd075 python-perf-2.6.32-754.35.8.el6.tuxcare.els22.x86_64.rpm 3f9a734f076ded58d67366f125c80ea437bc86f56adfc27c088d9c474c6c8f6c CLSA-2025:1748945377 TuxCare License Agreement 0 - CVE-2023-3758: fix race condition in ad_gpo Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-3758: fix race condition in ad_gpo

0 tuxcare-oraclelinux6-els libipa_hbac-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm 61907c54dccaece42758a8364725ab44abce6bf0b2b2fbe790c0c1d6a39f57d1 libipa_hbac-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 491e5afe1482a8676b8fbbd843bca26d91ebf9bf4c7396b19e104a9963cc7a65 libipa_hbac-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm 7e3621629a924b132c8a63e34a82c4a86eec85d263523a34354b4898a01f3324 libipa_hbac-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 095c0c0205d1cb76e7d1af927eb3ddcfd026f6d74626eb4a77ba377fe6a36748 libsss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm 43e15b44bf9140671def9ee0fe6f211af39b5b4897ea9e70a97ce949096f201f libsss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 02abc31d79c4f5eb0617c3c9f547c2968ad06d28b6436f8aad8a0c4ab6bb3979 libsss_idmap-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm a4ca266eae5a211291066ccbed7c77f03fffc35d0042bcba5203a3c93fa00e04 libsss_idmap-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm f254f82c768593131952d555540ea068ea8978a5cc093978c5f4172a97e0f04a libsss_nss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm 4e02189568dbdd5ffbb9c14344e22458ca22954d7cac5cadd78954b7ea782309 libsss_nss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm d8a939170b71b1d6f337504b49cacc35050b4aa3483133f966d259832d5c7824 libsss_nss_idmap-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm ef22a3cff1baad8086d1fa413c77f0405ac5619f1c676041689208851fafa0ea libsss_nss_idmap-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 999b608daca732e1b2a8d7da4b2c3beaa7dc9da88daf64b1ad88f9aa835be112 libsss_simpleifp-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm a5805f782623cf4c5497041298223e96bed52eb0863430bd9b9daf8bf003cfb0 libsss_simpleifp-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm a70cad61b09eab0d125f4bde89f009eb36995368077759b748219105098bd220 libsss_simpleifp-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm bffdccc5a65908caef6d11f030f8de272101b00e21a1ce0ab107b98985748c6d libsss_simpleifp-devel-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 1adea8000bb216b8f5be0c75d33131ceaec56b8cd2caddf54dd4c85a1f7b7107 python-libipa_hbac-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 9a8de97f760c7990e2c1a952593ccfc90470548f6361447a63e3cd0bee9dad59 python-libsss_nss_idmap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 957da45166aff79e579fd7e17c52b124063d493efe23533e66d235944cbcc9e4 python-sss-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm a27f7e9294239138ff33aba8867100ccebe73abe9fda04983456379b291ef076 python-sss-murmur-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 95d2dce631034ca73d86b59ed5095cca526af5dc66014855bad69123562b1790 python-sssdconfig-1.13.3-60.0.4.el6_10.2.tuxcare.els1.noarch.rpm 6a0a6200326ed888496d7c421fdaa92538fb121266597a9d1d9d6832c778c4b1 sssd-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 4634074a11c47510eefc27387ae5bf16f681e9feaad5041469e273d71a69ce5b sssd-ad-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm d80647f928807607cec32cdbf1c8890cec0f01f249bd3b157f0e487aef834834 sssd-client-1.13.3-60.0.4.el6_10.2.tuxcare.els1.i686.rpm 973d2c54e2865a5b6292cef7189fd24b965334b02c42958bc2047e6b2fc8c998 sssd-client-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm b94f92b348b83aff2e8215a208c5decef1a049d16d8064e47c65dbc0bea21078 sssd-common-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm b1b631ee3fe6d782d14b927dd12e92b8f5c5405883f11fe0d61c811d7d5081de sssd-common-pac-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 5ffd5dca51b7dfd8c0374c9450788221b0ef42c6c6a024ac18df2e712f377953 sssd-dbus-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm ad8e38ecab925b278c41998ce28e35815f11c26a1b624b26c42327d440be3489 sssd-ipa-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 602784957fb8cd4ca3a82c2fd5c20f282563cf37f0ffaa69640ce52c4d6f6138 sssd-krb5-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm acbb5198531acb2afdd287a01ea73991fd32acd8aec932218a0ea8cd3e9d9582 sssd-krb5-common-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 3c649670ee0336ffaf3f915bb424f0f9495de47b50ba2098cf4071b6f52b0c83 sssd-ldap-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 8d12cfb79b2daffe9d584378a1a0e33b0467352c225c352d1498136cd3ed0e3d sssd-proxy-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm 5b2375905659cd673d96163b8de4a57a8f08eb606d2ea31710944c1c0e0734e5 sssd-tools-1.13.3-60.0.4.el6_10.2.tuxcare.els1.x86_64.rpm dfa0a01458bd74b65a64c85ef60675190d96cd643ca54a805880f4ac1fc340a8 CLSA-2025:1750172760 TuxCare License Agreement 0 - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init {CVE-2022-49478} - x86/kvm: Disable kvmclock on all CPUs on shutdown {CVE-2021-47110} - cifs: fix potential double free during failed mount {CVE-2022-49541} - drm/amd/pm: fix double free in si_parse_power_table() {CVE-2022-49530} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init {CVE-2022-49478} - x86/kvm: Disable kvmclock on all CPUs on shutdown {CVE-2021-47110} - cifs: fix potential double free during failed mount {CVE-2022-49541} - drm/amd/pm: fix double free in si_parse_power_table() {CVE-2022-49530}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm 3bf40a361d77820a14cac1a93944b620e76f2df6af3ad15c499c4b3a52187b62 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els23.noarch.rpm d2c12c70a18a08c71b6c636c6777abfb1bd192a8a94888b51974178ebe4af9bc kernel-debug-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm 570323c81de7bdc3d3158e0b8b91816459fb97a83f9c3eb63495e38307aeb357 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els23.i686.rpm 827a7650edf1386a2e5943c5c7bc5587994f55a3b9d1e1dde03a72bc7fef0704 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm e40554874bc1ea587db6aec097acb98d9c9f39fa22d0e8fd7dbe95b2c4854366 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm 4082688edf859a75b3a481bf2882a7e0b2b2ef5ead62e654c7832bf420bb196a kernel-doc-2.6.32-754.35.8.el6.tuxcare.els23.noarch.rpm 78c4cf5d03dafd503e9bcf7b73dc020e696e9245a6dd2081e8d49035f04d5fce kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els23.noarch.rpm a6a296a43eaf7121a891afb203199dc06165ec85da5903398a97a57b7f352fd0 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm e8e260bb6baaa9e0fb448504e2f5a0a0286259cfd1eb71fa7c3a19370ced6da4 perf-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm 9e6cafdc9fce555eef007651c7343696c4227f6c53024d4ce2d236d0f053786e python-perf-2.6.32-754.35.8.el6.tuxcare.els23.x86_64.rpm e10b0d9712cf244aa298f1953002c2bf40b3de143d5319e9ffacbc4490535407 CLSA-2025:1750781004 TuxCare License Agreement 0 - CVE-2024-12088: fix improper verification of symbolic link destinations to prevent path traversal vulnerability Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-12088: fix improper verification of symbolic link destinations to prevent path traversal vulnerability

0 tuxcare-oraclelinux6-els rsync-3.0.6-12.el6.tuxcare.els5.x86_64.rpm 09f849c647d520e162db94249eb81f1e0246d693783c050b201086c96b861f08 CLSA-2025:1750784361 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u452-b09. That fixes following CVE: CVE-2025-21587, CVE-2025-30698. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u452-b09. That fixes following CVE: CVE-2025-21587, CVE-2025-30698.

0 tuxcare-oraclelinux6-els java-1.8.0-openjdk-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm f467aea28b8f6081769bcf598040476294b9be1f90bbbd83bc130c0400344e30 java-1.8.0-openjdk-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm 6a4dec212424e8488850159faeb8dfe11c4c0934c6b8e79275ffc07b0c83528d java-1.8.0-openjdk-demo-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm d29ce31f9f9669bdbd1a7d8525aa152009c9ebc836d6a392a1940afada86cf0d java-1.8.0-openjdk-demo-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm bd29a3bd0acdc05265ecad0d4de9b1335095e39c36b1fb747e9be78dcc56fe4f java-1.8.0-openjdk-devel-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm d0bc0cf7e0ac8980799d75db3996a2c12fed9bbdcf6a0c3d77d7812698ec95e8 java-1.8.0-openjdk-devel-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm 9c9ceb0031a7c57fe9091e251d48dd845dc5c3a64496569f5e3e90f1b0c6dd65 java-1.8.0-openjdk-headless-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm 83ec7321565365e5569568c5783cd3b27074208ac7fe843ffb8469a048ad0433 java-1.8.0-openjdk-headless-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm 1f35be2ab127e1fae5e989839e50d9bc12849370f63e3381528d590e42e96ff5 java-1.8.0-openjdk-javadoc-1.8.0.452.b09-1.el6.tuxcare.els1.noarch.rpm e90782dabbb4b134b0c1829b591a1249cc97358290db9088e3c2e7056bb19d1b java-1.8.0-openjdk-javadoc-debug-1.8.0.452.b09-1.el6.tuxcare.els1.noarch.rpm e4fe3bf48f4152f456fabac6bd7b4ddf99418b9e7154d33b1a4b189623994517 java-1.8.0-openjdk-src-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm 50efaa5bdbc88408c5175b5099fce93284033691018454e04cac1fb7acc4afea java-1.8.0-openjdk-src-debug-1.8.0.452.b09-1.el6.tuxcare.els1.x86_64.rpm f9c6878975ecd3aaf67035766c41fed35f41e41f62fa008fb49e679883fc09a7 CLSA-2025:1750878491 TuxCare License Agreement 0 - Upgrade to tzdata-2025b - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V names are now obsolescent. - The main data form now uses %z. - The code now conforms to RFC 8536 for early timestamps. - Support POSIX.1-2024, which removes asctime_r and ctime_r. - Assume POSIX.2-1992 or later for shell scripts. - SUPPORT_C89 now defaults to 1. None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to tzdata-2025b - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V names are now obsolescent. - The main data form now uses %z. - The code now conforms to RFC 8536 for early timestamps. - Support POSIX.1-2024, which removes asctime_r and ctime_r. - Assume POSIX.2-1992 or later for shell scripts. - SUPPORT_C89 now defaults to 1.

0 tuxcare-oraclelinux6-els tzdata-2025b-1.el6.tuxcare.els1.noarch.rpm e98b4cc4e8c7417b464690f31d19af9ef55492f2b261b75ccacc6cb6200c17ed tzdata-java-2025b-1.el6.tuxcare.els1.noarch.rpm f371af3a61973afc9611ac9e9241eab3dcec49733fec8b6c8ade23b4ba4fa750 CLSA-2025:1751913256 TuxCare License Agreement 0 - CVE-2024-12087: fix path traversal vulnerability by adding a proper symlink verification and deduplication checks on a per-file-list basis Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-12087: fix path traversal vulnerability by adding a proper symlink verification and deduplication checks on a per-file-list basis

0 tuxcare-oraclelinux6-els rsync-3.0.6-12.el6.tuxcare.els6.x86_64.rpm 7447915b3ac75b897765b4a92ea96a8be002564a38cb1b92f295a0518c5d3249 CLSA-2025:1752090603 TuxCare License Agreement 0 - Fix incorrect tzdb.dat by harding links None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fix incorrect tzdb.dat by harding links

0 tuxcare-oraclelinux6-els tzdata-2025b-1.el6.tuxcare.els2.noarch.rpm a1e9e74765910d24bb100e4dc6577ab99cd9fc4e4170eecf8804748d5ee42348 tzdata-java-2025b-1.el6.tuxcare.els2.noarch.rpm 51baefd04c5f52143936a1d639e7ed6094d979b0300eeb3821733138617dc90e CLSA-2025:1752683103 TuxCare License Agreement 0 - CVE-2025-48384: config: quote values containing CR character Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-48384: config: quote values containing CR character

0 tuxcare-oraclelinux6-els emacs-git-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm 65221153961aee8c20e16e7365249948354b5cb85325b236e4cc23d699ad2258 emacs-git-el-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm f4625c1e5b1e52fca5da87cdf23f42fd18aac0de5b03011a3dbf5ab122a88cfe git-1.7.1-10.el6_10.tuxcare.els4.x86_64.rpm 978e778f4dc146824529d212e1441ca72494eb0dfb5097dc850febcb0db7e3c0 git-all-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm ff70bbb6a76225388caa5113cd444399d010f00f4311a06c6bb9e292d276df5a git-cvs-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm 7e97c4b93ae18d026580d39b02a5b61cecea8b4916f53544cc558be2d2b03c15 git-daemon-1.7.1-10.el6_10.tuxcare.els4.x86_64.rpm 019111f6fe6b6e9fb46785f673dccbe3eff6fc2ffb35cd91c48d470a03640113 git-email-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm dc7d3a637c52d612f524dce86fe75a444e072baebce1c1d89a93673bfbc3421f git-gui-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm e6084aa57be7d52abd892bd74a1f3e8ef4a4b23b963fe9c09feb6d8785ed5ccc git-svn-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm 574401843c1d7213b01b54a8ad6ec714dee5b40b1d40a10dbf7fbd1e1a9a28f2 gitk-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm 778d4c0a8864c461d9718a899b777cc41d10ba9522a297cb5e1261f09f141fa4 gitweb-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm 9a104e5039bead1d5ccebb70acc109622e36758438021347d60aa0c560c1cf3c perl-Git-1.7.1-10.el6_10.tuxcare.els4.noarch.rpm 30e18e793415e82956b91edca0877db1ce7eed573b33ce86b534e00e7f149a7e CLSA-2025:1753207552 TuxCare License Agreement 0 - CVE-2018-18311: fix buffer overflow Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-18311: fix buffer overflow

0 tuxcare-oraclelinux6-els perl-5.10.1-146.el6.tuxcare.els5.x86_64.rpm 0b19a81df50111ea17e11255b6a0cad27c8ab45d758ae993d00de4dd427217d9 perl-Archive-Extract-0.38-146.el6.tuxcare.els5.x86_64.rpm b1f8f5187bc88c6fcef0d7304975912b3326adb6da6bb4cbb0eddadad7f63c5e perl-Archive-Tar-1.58-146.el6.tuxcare.els5.x86_64.rpm e75cd67407711738f47f0e1ba9ced0cb980707d65ce36bd3b27d044348c86c86 perl-CGI-3.51-146.el6.tuxcare.els5.x86_64.rpm 8f13426ab2f27e80a83f96bd2216d77be91eab53c8d4c9cec2e14cf4cdd690e2 perl-CPAN-1.9402-146.el6.tuxcare.els5.x86_64.rpm fb18002849caabae4b303a592c671f5ca0a456d850fe42c6eb312b61b9fd6a4f perl-CPANPLUS-0.88-146.el6.tuxcare.els5.x86_64.rpm 1837923fba1f9fcbb00ddfe2039e259c7f27ada8b0e4e03e0abb71686f0e6190 perl-Compress-Raw-Bzip2-2.021-146.el6.tuxcare.els5.x86_64.rpm 1cd79f71a0ca0fcd22daaf8a393da94bd5cdcb11d4f321843ee4dde9890f7253 perl-Compress-Raw-Zlib-2.021-146.el6.tuxcare.els5.x86_64.rpm d9b6f31ca7f4ab26cd9b3d520b85880974b539274eccf3d51809606cabb8fc71 perl-Compress-Zlib-2.021-146.el6.tuxcare.els5.x86_64.rpm 577961397e3e92f741de43a91f24f5f8f587815d2cee55eed5dbbd3d28d9ed8c perl-Digest-SHA-5.47-146.el6.tuxcare.els5.x86_64.rpm 46a1ed6d9c50c1b9bddcd8f6c13b910edae09d480f5eca3b2aaa8895971d35da perl-ExtUtils-CBuilder-0.27-146.el6.tuxcare.els5.x86_64.rpm f4fddcd42a64f5779fc474a00948feefb93872ec3adab063cb892f510eb459a0 perl-ExtUtils-Embed-1.28-146.el6.tuxcare.els5.x86_64.rpm 98daadf96a16c4517db529d8f9ab812b6fd1d72dafff3f75b2bbf51cd3a12fce perl-ExtUtils-MakeMaker-6.55-146.el6.tuxcare.els5.x86_64.rpm 5c6868a13f7b968f9ad1eaa33d1046e988dfe7648d27b3e6d45d7dfaced632c9 perl-ExtUtils-ParseXS-2.2003.0-146.el6.tuxcare.els5.x86_64.rpm 3b4bd005eb37c4cf3ea1948a1975a4d6a6e005174458e88c97855ce8169882a1 perl-File-Fetch-0.26-146.el6.tuxcare.els5.x86_64.rpm 896f0b049701e48ecc37571f3244e5ed16237d59e4999edf8cdf07a3fc422220 perl-IO-Compress-Base-2.021-146.el6.tuxcare.els5.x86_64.rpm 08728d8f716f98c155c1f2fd9b3bdd41ec19450c05603083ffc2192c796d6af4 perl-IO-Compress-Bzip2-2.021-146.el6.tuxcare.els5.x86_64.rpm ebce2c06ebecd8e3dbc83f4155d3e8e4e28a13dd600ddf535883dff03d307f2a perl-IO-Compress-Zlib-2.021-146.el6.tuxcare.els5.x86_64.rpm 0adf7a33124ec8610956f6c33e62d615c8880590a2f0d6afe308b1cd510a353b perl-IO-Zlib-1.09-146.el6.tuxcare.els5.x86_64.rpm 192176645b28b60f727ea0d6e74ca5e86c5eb47d6c8b600dc7690fab3ced9406 perl-IPC-Cmd-0.56-146.el6.tuxcare.els5.x86_64.rpm cab8430c19b3b7c741887fc4bac11c4441d6ad4eb55debef73b2fa3ed6c38b3a perl-Locale-Maketext-Simple-0.18-146.el6.tuxcare.els5.x86_64.rpm b2d359eed1ec15fa1fbcb066329a00df2a335bb31ffae7ae9e105e3fb2de1ef6 perl-Log-Message-0.02-146.el6.tuxcare.els5.x86_64.rpm 5722b0928081707383d9f07ec920cb9015deacc29fce99bf724223c084543886 perl-Log-Message-Simple-0.04-146.el6.tuxcare.els5.x86_64.rpm a4764b27449b4ab46d13841d89048d174e7067c984afb80cd3d01277e89c53af perl-Module-Build-0.3500-146.el6.tuxcare.els5.x86_64.rpm 039d8e27f12af7d8e9d58f5afd4aae1a676267391ebb88165d0eb1ba48205edf perl-Module-CoreList-2.18-146.el6.tuxcare.els5.x86_64.rpm 43555427c6dd62991ae3344d6011b2bdece6e2c2d82693eba08db0e8250533d7 perl-Module-Load-0.16-146.el6.tuxcare.els5.x86_64.rpm 123c93915b7afe518a2063399263709b708041781e387c2aa37cb008db2c6170 perl-Module-Load-Conditional-0.30-146.el6.tuxcare.els5.x86_64.rpm aaa79645a00797c66cdf483bba1c3dc3ef00c1009830e730fee06c484a8ddc49 perl-Module-Loaded-0.02-146.el6.tuxcare.els5.x86_64.rpm 44d3fff4119962e13037aa17072916bce678142efc9f3581497b275cb6ca094e perl-Module-Pluggable-3.90-146.el6.tuxcare.els5.x86_64.rpm bb0570b2cebaa4e97242b662fe0fed6199d96f2fab610b6903e175fd36c685c4 perl-Object-Accessor-0.34-146.el6.tuxcare.els5.x86_64.rpm 47c8fb7cfcb641314c707c41b0827184280161ed0f006947ee65beaa4bc59eca perl-Package-Constants-0.02-146.el6.tuxcare.els5.x86_64.rpm 0d9fb9ef4730f047807348bcf820370dde721fbf7eab20c5975d83b787ecbe5b perl-Params-Check-0.26-146.el6.tuxcare.els5.x86_64.rpm 22a27611b5280ddc86fa4238d51bd5c60c981446a540299e4df5324853d7b7ec perl-Parse-CPAN-Meta-1.40-146.el6.tuxcare.els5.x86_64.rpm d397f40966fab054403a471fd0d35889847fdd57e26f86aedba48368d9e37dc0 perl-Pod-Escapes-1.04-146.el6.tuxcare.els5.x86_64.rpm 66c9562c05ab82cbf75ab801a2795f7fd9ba7f05e3f01eb1827c0fd9d1ec08fe perl-Pod-Simple-3.13-146.el6.tuxcare.els5.x86_64.rpm 61407502c3a0a4e266f97b95b154c00a344584acf1d27236f77fd11d62cd8551 perl-Term-UI-0.20-146.el6.tuxcare.els5.x86_64.rpm 0709e6336e0a17d543406fc229c60fc37bcc78af5f43b8870362a8c7986eb430 perl-Test-Harness-3.17-146.el6.tuxcare.els5.x86_64.rpm bde5d378e1b239e63b35ec0b3cf0148d2452b1d2867ea1932a3304e6699ac87d perl-Test-Simple-0.92-146.el6.tuxcare.els5.x86_64.rpm c392f91551028354333e57adb61b3b5ad349a3811bcb35f4b0c6fce040ca4243 perl-Time-HiRes-1.9721-146.el6.tuxcare.els5.x86_64.rpm 603735f6d4ba23c791687b87c1515a3ce793a2137638b3d02c3d0a91c6a79a82 perl-Time-Piece-1.15-146.el6.tuxcare.els5.x86_64.rpm a3232fabff5d59dfa29147a288ccc8f89b71dc4b8d780b68a54737770eadbbe4 perl-core-5.10.1-146.el6.tuxcare.els5.x86_64.rpm f9d6c06b13c07b64fe7ab3a8da49738236b3acb1681c2a727781d5c005ad9e43 perl-devel-5.10.1-146.el6.tuxcare.els5.i686.rpm 54833837a0cc9e85f850bc5eda97f68b976a314b90ea011df86a6999aee09575 perl-devel-5.10.1-146.el6.tuxcare.els5.x86_64.rpm 2186ad89b3324c724ba8764caf7bc01feba847a8c7a9fd15f5b1616379d7b0f2 perl-libs-5.10.1-146.el6.tuxcare.els5.i686.rpm be01379080632fbae8c2dcd720d6ffbff326485decc7fbb0a0f2651c94a4f32f perl-libs-5.10.1-146.el6.tuxcare.els5.x86_64.rpm 4f9cedad9e3ed977e7aae9dc4d386c75e894890a0b3f4b2d9103c710fe181baa perl-parent-0.221-146.el6.tuxcare.els5.x86_64.rpm 17812afdf345a9e4be040a09f0e9fee99808fb8cc985f3cb7f17e9bc8a617f22 perl-suidperl-5.10.1-146.el6.tuxcare.els5.x86_64.rpm d464a6a7053b09ca104647909b7e4c70b7e87291e03660298f9770a9f2bafceb perl-version-0.77-146.el6.tuxcare.els5.x86_64.rpm 9eee4de7491c0fb936015531461c78ef882e767f1baa729fcd8351c4d44478e8 CLSA-2025:1753374522 TuxCare License Agreement 0 - CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els9.i686.rpm ac0912c7b336ef07b5d560ba7778637bbcbc30bcfb9f510c0e303cb5c9d680ab libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els9.x86_64.rpm b263f97a324f365795b112542eca7b8173295199ad0640553766191cf0e5aced libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els9.i686.rpm 98987dfaacc64d354a74ca5ac6de372c35107fd66956253c6991758795623c5b libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els9.x86_64.rpm 13a3e589af0a2099c1d3d36059d7cda51fde8d309a1b563b00c3e19dcc979dff libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els9.x86_64.rpm ac0b6579cc3dce34c91302612a543fe4cdf0d1dcfac5efad96337358b884fcc4 libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els9.x86_64.rpm 90ac722570e1f7606a9c40f0d8f26c31943211c68547e975dbb65b01c43095ec CLSA-2025:1753729863 TuxCare License Agreement 0 - CVE-2025-1220: fix null byte termination in hostnames Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-1220: fix null byte termination in hostnames

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 2ad67f53136ee07c3c07eec9ae8636b208599646ac22673dbed038da40b36672 php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm e659217dc50d143dd55cba986d239c80132569252721a6653f867f0da1a942a2 php-cli-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 3e9b8093985fbd27fa615ecc3c82206a0ae4b74be5d363ee7a4defca22584ebd php-common-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 033f52da2e288679433f3ce305cb849bed76513cc143a77a4ff89e48725f8c89 php-dba-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 813727a8ccfe1998dbdb10a5a93809b442e232f8ddb65d1bcb2213ee170642a5 php-devel-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 02f11294c46ab089c4bd47a9d6a262ea677629aa0dd4473111235a2493eda95a php-embedded-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm b501219ab2339e55b832ee97adf421bd3de186dd65da377ef89445b59bdcec98 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 6174742a1df3c336b378609dc8a439f84a2078c2958722efb8981d80b2eb64b3 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 3f913bd204ad13c6a822f52b408f31daed29a0a673eab810d4123ecf92e8765d php-gd-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 90c689e2eab15af1e2cb4a6b290878862dd43bf54a85d4cb0e9df55ff224152d php-imap-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 1c4c01384110528aaa6087a41a2dba5bb5e4c84e50d7ca96dca717adc3a99897 php-intl-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm dbd94c5171f26e457c7b68218bb2046e567d9f34a01ada4bce4a0d1b7e221b1f php-ldap-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 8fa94f6923e97c0b35134523184b7af88dae62f1420f982ae9a3bd64a5d23485 php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm c9f45c569b8cf103f52d9c10dbfe0e6690683ec8bfdde9411eb457ee3d3f9a92 php-mysql-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm a61ca68d04f9eb1c146a11d3fc3a0354638741f80d3694fdd53be08bd05efd09 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 53c69f5bcec5bdc1481ca80785e1360e3a7dd224febe6a726892c2e1e67e5b49 php-pdo-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm d19ea53890315d4c6e264948281f41be42490ba9d80805827cf4684b93bc79f7 php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 0d844344718415a27ef59e203f9529cd6624d79371300267df742e59fa4262fe php-process-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 14013cdbc2b7802c0b83780f0c7714bbede2936821fd2f678a2c054b8b1af83a php-pspell-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm f2dd409e9503d4a7721956ec62f9685254d49804232a1e6a5c90ddd6da6a7e34 php-recode-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm c62e4617f802c70e3205d8448d5165cd2d5232e917ed7ae92b206da797da3d5e php-snmp-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 07a95ddfdb2eac6de1af9dd370cc5f27e2b7ac4edc729b7ece1bfd2edad84462 php-soap-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm a0221c80e1183808f5e3ee44ada5a2f05c37b4f5e19ec9b37aa090798bedc886 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 0845b9d2268baf6d72c033492385fd81ccbc2f4c5e93d9a8f518e6f4d0008f1f php-xml-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 4d7c9617f3f6666132a9388fbf20fd612715baff4886aea2f68d30a3d156ddbe php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm ea2223f363445438c7305706728ed783017d7862a59ddb1a2ee36df16591e644 php-zts-5.3.3-50.el6_10.tuxcare.ol.els13.x86_64.rpm 523f06500fa9be6d7e39065e504e6acf5bf48e3da5896e42d47029929f08ceb2 CLSA-2025:1754339166 TuxCare License Agreement 0 - CVE-2025-6965: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-6965: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns

0 tuxcare-oraclelinux6-els lemon-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm 8a3bb1ac9d80c6d95c01733d8a04b9e3dca8fb68ff9bc8adf537bc4a6e5108b2 sqlite-3.6.20-1.el6_7.2.tuxcare.els3.i686.rpm 8adcf0baa548b9392c44dde35a056040f7c3332ed2ea5e51f16e076afbbefcec sqlite-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm 4a87dd32cc1b48202bff3d46bfd1a30afbedf552b0eaf6622b0fe05cd10da31b sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els3.i686.rpm 0f34b3a8f31c3f99b1a337954944608660686d6ab9679d35ca65ad19623a006a sqlite-devel-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm a1dabba4ccef921b4fc3305d9fc1cbaaa7222138d411f268e6228d9a32db2a4c sqlite-doc-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm e9f719b63a6ede3b22df0e96d29bf21aa01919221cd61540e1036ce9cb074026 sqlite-tcl-3.6.20-1.el6_7.2.tuxcare.els3.x86_64.rpm 76bdb881e4c0bee1b608a24b960db5bf2662d3cf653325c0d34fa5737d2665cc CLSA-2025:1754346021 TuxCare License Agreement 0 - CVE-2025-27613: fix vulnerability where Gitk can write and truncate arbitrary writable files Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-27613: fix vulnerability where Gitk can write and truncate arbitrary writable files

0 tuxcare-oraclelinux6-els emacs-git-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm 7accb58586d021af8dfcc73c2b84888dfcb46400b948d230555d82770301671a emacs-git-el-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm d944f13454c45fb2389cd39eded4eb825258447a551e5bfac0c6f70f7747b996 git-1.7.1-10.el6_10.tuxcare.els5.x86_64.rpm 8085383cb438a77b5fd3148bb8e5480d407d38a22b77b1e9dd6635c9bd971c22 git-all-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm e41fdda77a3a033047308a06bf28565dc4d32abd44f1ea871faf6fed2aede10f git-cvs-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm 41874cfb7d2c2717026192d1f1025ef79023f288a60b5867781af720512ebbe9 git-daemon-1.7.1-10.el6_10.tuxcare.els5.x86_64.rpm 6b3c67c119e5fafa3a525502af944b0cbda82ab0bd4cb6694c5317b4d2b87b92 git-email-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm b9e19a0b9a3b3477482017fe0619bf3534c6ebb030764963f2692c5d767e687b git-gui-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm 3634821a37cf23556ec1802558305b51e2b2bfcc36481653195924275948a2af git-svn-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm 0030303b43253ea7f63f22a963534c009e5d3664d892baac6d97bad2f7becb6d gitk-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm 49fc2027ab1199a0776176dc64171b67ac073c4aa64fbe5be8baccd86001c1fd gitweb-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm f850a66132b767ab6dd33a3bfb9a102a860513f45b196a2be59ea71e6a197ed9 perl-Git-1.7.1-10.el6_10.tuxcare.els5.noarch.rpm f77b2869dbf22c1c1b02c64c4bd2104d061e53b3bd87915d2f27bede21d8b6ee CLSA-2025:1754381565 TuxCare License Agreement 0 - update to CKBI 2.74 from NSS 3.110 - updated certificates: - # Certificate "certSIGN ROOT CA" - # Certificate "ACCVRAIZ1" - # Certificate "Entrust Root Certification Authority - G4" - # Certificate "Security Communication ECC RootCA1" - # Certificate "BJCA Global Root CA1" - # Certificate "BJCA Global Root CA2" - added certificates: - # Certificate "TWCA CYBER Root CA" - # Certificate "TWCA Global Root CA G2" - # Certificate "SecureSign Root CA12" - # Certificate "SecureSign Root CA14" - # Certificate "SecureSign Root CA15" - # Certificate "D-TRUST BR Root CA 2 2023" - # Certificate "D-TRUST EV Root CA 2 2023" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.74 from NSS 3.110 - updated certificates: - # Certificate "certSIGN ROOT CA" - # Certificate "ACCVRAIZ1" - # Certificate "Entrust Root Certification Authority - G4" - # Certificate "Security Communication ECC RootCA1" - # Certificate "BJCA Global Root CA1" - # Certificate "BJCA Global Root CA2" - added certificates: - # Certificate "TWCA CYBER Root CA" - # Certificate "TWCA Global Root CA G2" - # Certificate "SecureSign Root CA12" - # Certificate "SecureSign Root CA14" - # Certificate "SecureSign Root CA15" - # Certificate "D-TRUST BR Root CA 2 2023" - # Certificate "D-TRUST EV Root CA 2 2023"

0 tuxcare-oraclelinux6-els nss-3.44.0-12.el6.tuxcare.els7.i686.rpm 8b7a0a83fb19f7f2c45cc6b6e62d47704e9003355b21196884fbb625c3d08a5b nss-3.44.0-12.el6.tuxcare.els7.x86_64.rpm 1836ac5bc6673004b69338ecd7c26c2fa273c9035a4f1510f1aac5fd83aff916 nss-devel-3.44.0-12.el6.tuxcare.els7.i686.rpm abaeddaceb0af4f6c86392b971eb7086aadc5c8429abdcffffed82e769d48f7e nss-devel-3.44.0-12.el6.tuxcare.els7.x86_64.rpm 7fcc3a9507ff50919fcdcbdba4290daa0d7c9da00664e676063301d0532a738a nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els7.i686.rpm 1e8c7660ef8e43bfef3573984459ff3e8bc83280b55fab8eca1a48bf50820a07 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els7.x86_64.rpm 4f938af3871452bab2aba4e6dff15741c195c311c309a21ba10e517e1848a536 nss-sysinit-3.44.0-12.el6.tuxcare.els7.x86_64.rpm c90d3300f5007cd75ce27346deddb98f0f4752f478e88a80e286a4a0c924ba42 nss-tools-3.44.0-12.el6.tuxcare.els7.x86_64.rpm 105e8515fb99f30a9ea96d03dee70f46ed0e34d55e6fd8addb2fc893ebe9d163 CLSA-2025:1755004868 TuxCare License Agreement 0 - CVE-2024-46901: fix mod_dav_svn denial-of-service via control characters in paths Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-46901: fix mod_dav_svn denial-of-service via control characters in paths

0 tuxcare-oraclelinux6-els mod_dav_svn-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm ec67156a56f6e2f6b114f93b0a7b9f33a13809576a943b45fcac8305ac10d2b9 subversion-1.6.11-15.el6_7.tuxcare.els1.i686.rpm 8cde7c2c2bf4793241eb15bc07d65a0a6d700f3f2dae04dfd813e84ec9a48cec subversion-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm 07ebabc65b919419e4b742fefa0f2df32a8fca69350f70099f40e91d096aaa17 subversion-devel-1.6.11-15.el6_7.tuxcare.els1.i686.rpm 4de7ee162c93def2bccfacae3937f8128d78022e908c4b656a7c6752265543ca subversion-devel-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm 774c9e74b8486ef347cee58bd3a1f96719bcb8c0b78e24e0f8aba63e10f057d1 subversion-gnome-1.6.11-15.el6_7.tuxcare.els1.i686.rpm ea566a99b55cc7eb30c0515c1d8e898cba03b57f923f0149d2cf4d4444032edc subversion-gnome-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm b26fa835e6d0bbd45ca5e985fbece560ffaaf04b7820f88f11003dfad15978c9 subversion-javahl-1.6.11-15.el6_7.tuxcare.els1.i686.rpm 692f3a4fc2555cef8cdc6c8918a737582281954f2fd1a5dc6f367ae06b92031a subversion-javahl-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm 10297459cc23eb0e49e3deba6c94e4c9f4b836f09b49979d3c04a48b3b2d9a9f subversion-kde-1.6.11-15.el6_7.tuxcare.els1.i686.rpm eae26106797d207ec1c0b45be7eab5c907c4794b3132a7276525614776889268 subversion-kde-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm 4e79fcea9754ffc54b66fda39e66ac9bebd52426856b1b764b942454fee4307c subversion-perl-1.6.11-15.el6_7.tuxcare.els1.i686.rpm da0a2b09e2c19d77e27a617fecc57771d4619eca06061456b6c89c688b7758f0 subversion-perl-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm 75a576b030d1f4ee8a8f36d0ade80ca55419606af7b9376e1c5f57169a1b5616 subversion-ruby-1.6.11-15.el6_7.tuxcare.els1.i686.rpm bf496c20ed5973882a7d38f787d98a3eb60eb3e76b8875de73f3f526a7e90a34 subversion-ruby-1.6.11-15.el6_7.tuxcare.els1.x86_64.rpm a75f72b6cb8b82c37947524175526db6a462b2cfcb54fd3ea4123cfb58665a75 subversion-svn2cl-1.6.11-15.el6_7.tuxcare.els1.noarch.rpm 3ecf83aae48c462083941a120648cd99a100ac759a733bd545c658f1ebf10470 CLSA-2025:1755007642 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u462-b08. That fixes following CVEs: - CVE-2025-30749: better Glyph drawing - CVE-2025-30754: enhance TLS protocol support - CVE-2025-30761: improve scripting supports - CVE-2025-50106: glyph out-of-memory access and crash Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u462-b08. That fixes following CVEs: - CVE-2025-30749: better Glyph drawing - CVE-2025-30754: enhance TLS protocol support - CVE-2025-30761: improve scripting supports - CVE-2025-50106: glyph out-of-memory access and crash

0 tuxcare-oraclelinux6-els java-1.8.0-openjdk-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm dea0ef0c05e0621b30b85ef54f78c3c9fd89f85bbfb385d25d365a16f2023b3c java-1.8.0-openjdk-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm 78df4daf741a79a84d5b9f4f5186848b2f48187c8782e72ac926647ec96bb87e java-1.8.0-openjdk-demo-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm db4371571d710abbd20a9fb3f65baff4707f593af1c2e35f8cfc089cc5a43f22 java-1.8.0-openjdk-demo-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm 6c648fe01b6522a370e8c54aad3ea6381afdfd1104f3e10a8ebebd0551625023 java-1.8.0-openjdk-devel-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm 08db6c0b480cf1139981518b6925ebca9da285f4bad12280550fd080cdcdc114 java-1.8.0-openjdk-devel-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm 460ca98e68662e646a84f1510586dbf92c4cec22a2f120301ef99930b5fec6d3 java-1.8.0-openjdk-headless-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm f76f0d00709aff4dc3375bce3facc45f6bf58dae3a3b723842d9e9216835f8b2 java-1.8.0-openjdk-headless-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm cbcf1ab9f94e12b910700ad0c1e9779ac3d5fbd83246be43e88a0cbb84e64a76 java-1.8.0-openjdk-javadoc-1.8.0.462.b08-1.el6.tuxcare.els1.noarch.rpm 0bdbb53cbd97de42016fa8a6a650d22c35315a00786e1459758b4c7eaf72b2a1 java-1.8.0-openjdk-javadoc-debug-1.8.0.462.b08-1.el6.tuxcare.els1.noarch.rpm 5c2df3ac4cfd3e1a46ba76bf385059e8a34da6ecfe1f8e2aa03dc1a9ba0daf75 java-1.8.0-openjdk-src-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm 619cb8e4c4c34e93ec777d320ae98750b3f8344150e83b4ea6a6b1648487baff java-1.8.0-openjdk-src-debug-1.8.0.462.b08-1.el6.tuxcare.els1.x86_64.rpm 644b9e72f3a2d46abfb6e508c18f2afd9bab241565ea75aca3999837b4cd5ded CLSA-2025:1755008210 TuxCare License Agreement 0 - CVE-2025-46835: fix vulnerability where Git GUI can create and overwrite arbitrary writable files Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-46835: fix vulnerability where Git GUI can create and overwrite arbitrary writable files

0 tuxcare-oraclelinux6-els emacs-git-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm 42ce37fe32355fbf00e20e0144a995add17bcb7bfa8efd85660e72b53f1f612c emacs-git-el-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm e9d088e0bd59cd0e10fa2f09bd95c159b43122c117a697e1deaeea21e4f6d040 git-1.7.1-10.el6_10.tuxcare.els6.x86_64.rpm 86eeddae27fecefa58a2a6267b59aa12e2c2d575ccc4ffd8ee1e75a1aa9db468 git-all-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm 40d5d856b8d11b0c382715149220a8ec4d3a3076e146d4e26e8c50f559f14784 git-cvs-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm 989891d287ebb5de677c8746939c960fd0dbf69103b6b2bf36caa0cb6f0d24c7 git-daemon-1.7.1-10.el6_10.tuxcare.els6.x86_64.rpm f16ad059ff072d276c278f0a01ac14461c6bbc97e4d9746723a1e0b913e7ca95 git-email-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm bb4ffe5f1befbb4e420e9fb4c973b39967a1b50bcbd00d6577b94efa89a76697 git-gui-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm 3d609b2d1d5d3526b0aee8ea82c88593e80f5360a896c13411b1605093b4340e git-svn-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm e90a0a822c2bbe290b3497f32cf52dd282411ddb1fab21d9b7121d72eeb217c2 gitk-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm b7a61706cee8a8e37398151f34af957f56db1f549e0bd90843ec111f0911ebd1 gitweb-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm 100ac3f5e72137203a5417424066238098336fe380af0667a51670adf6351e10 perl-Git-1.7.1-10.el6_10.tuxcare.els6.noarch.rpm 4b80cfaa3a02ee0531cd507e9d9493c77881040b0a6aa314ebe6aee266476b34 CLSA-2025:1755271152 TuxCare License Agreement 0 - CVE-2023-30630: prevent --dump-bin from overwriting local files to address privilege escalation vulnerability Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-30630: prevent --dump-bin from overwriting local files to address privilege escalation vulnerability

0 tuxcare-oraclelinux6-els dmidecode-2.12-7.el6.tuxcare.els1.x86_64.rpm 7c9e5ef7bc28fe8b76cb86e19c58062b3c4072801fb6e1025371957cd27944ee CLSA-2025:1755516017 TuxCare License Agreement 0 - CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT

0 tuxcare-oraclelinux6-els tomcat6-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm a839af19a8309c1114e155ad9137941eb66b89f7fc7dc1affd31563cf37a84c4 tomcat6-admin-webapps-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm b8ef4c701bb3ee76d62da0cb23aca92ea58cd5f411861ce5ec34f6d832c81143 tomcat6-docs-webapp-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm 1a60db87b92ee9204b068c7f5df9aed5295081b3f226e42db19086f808b183cb tomcat6-el-2.1-api-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm a0942e13bc1216278165f507d2b0f82007559c48e40ce4060d9e9191c64569bd tomcat6-javadoc-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm 2a0549681e98a29957a8d16dba13b652bbbeb6d35316f1a921ee12d1ded0f9fb tomcat6-jsp-2.1-api-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm 2dd708e47c50f61ca745f21007903824e0697579469163096bff4a14fc14854d tomcat6-lib-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm f9592f8b34fc491c495f6fc744ef4f595530abe2362f42557affdcce00fec297 tomcat6-servlet-2.5-api-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm 1e1d638a974f13ca07fec6a159ec5fde7a7964bfb1f3724e23edb953d5eea48c tomcat6-webapps-6.0.24-115.el6_10.tuxcare.els1.noarch.rpm 9153581a55c265a3257252c54c7b7f31ad30aee207cb1b2ef499fbc99ca3e6bf CLSA-2025:1755707619 TuxCare License Agreement 0 - cifs: Fix UAF in cifs_demultiplex_thread() {CVE-2023-52572} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- cifs: Fix UAF in cifs_demultiplex_thread() {CVE-2023-52572}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm 368448c18eb3f02dea1dd481eed74ab514c1e265b60dc261be71c1c3235deda8 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els24.noarch.rpm fc19928f0f7aa496e90553110910ee43835936a257dd6bad74a61a4da07af057 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm 7ef33b2fa3d12958f605da976146aaf14a68cc2b521c59f7c27f639a459cabf5 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els24.i686.rpm 5fd51b03d271e923956c5c1165de5fdb7578ad70cffb96c77eeff686bb97e7fc kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm 6628a0d6df1f19d7fb0e5160eea2028ef035df2232018a4595b4a8e125aac856 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm 0c6b775ae91f597c0d21e61956f7fa89f524af280ad23cd5aee8ac1e646457a2 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els24.noarch.rpm fb5cc550327ed2f25b93f2539bf9dc2f1b18467d3800d8001021292279fd8ac6 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els24.noarch.rpm b258cec91c97bc5868900e5849803c9b92d15629c22044bb6254eca5bd06653f kernel-headers-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm b205f676e2407160e8c7dbef63731611c3741f027509b903b46650f27aed8a3f perf-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm bbfc980e8f2a080a49a71a7560ca0bc6c07d6c47baa821d1ea8795cb8c380a6c python-perf-2.6.32-754.35.8.el6.tuxcare.els24.x86_64.rpm 2833939c2a5dfbb2eeb38e25e2d4b42f9b57a2dcb68ab9eaf478dfde7898ad4a CLSA-2025:1756409198 TuxCare License Agreement 0 - CVE-2024-38428: fix mishandle semicolons in userinfo subcomponent of URI to prevent insecure behavior Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-38428: fix mishandle semicolons in userinfo subcomponent of URI to prevent insecure behavior

0 tuxcare-oraclelinux6-els wget-1.12-10.el6.tuxcare.els1.x86_64.rpm 15de57a4cc0068db05c15b9280950020ac4ee3a02382977fb427e26ffd26c2b3 CLSA-2025:1756483693 TuxCare License Agreement 0 - CVE-2025-1217: http stream wrapper: fix handling folded headers - CVE-2025-1734: http stream wrapper: fix handling headers with invalid name and no colon - CVE-2025-1861: fix http redirect location truncation Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-1217: http stream wrapper: fix handling folded headers - CVE-2025-1734: http stream wrapper: fix handling headers with invalid name and no colon - CVE-2025-1861: fix http redirect location truncation

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm b698ed647fb332c68db759c85c024db40034756e0cd6dabcf464ecd3366cc3bd php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm c2e3f9aa866eb9a9ebca4e5216c2a1538304f7d9c305b9a75bf0af84b42987bd php-cli-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 71c6159e51b299055c1ea9d0811854cb7f7f799955174829167bc61452ebbb88 php-common-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 2cb52a844696c7529b55c959637c1d8689e89cb6ef3984e7a683dd928bcb79c6 php-dba-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm ad3a651a449f81d9cd703553edc155a757e532538fe3084a98d5e16c846ef8d2 php-devel-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm b92394a72bc66f7cc17f1dbe117147eaa707609af5b2e533550a387ac8d0acb9 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 1099da43004fe7f2a3c3dae7cb1b6e50fd799780d92da51e0b43976d73fd1fa5 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 03d6cb45eb0b114f35f239857ebd1b0e36fa72dec5119095dc0df6d4b805feef php-fpm-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm b8f3af08d35b0c731ccaa0e36ffcf294dc9d6cebf5e6a8fed847a41f343a5e77 php-gd-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 3f37c286dd27cc2460d70b99b46c32534bb64c0fe42860f2ec7a077a26ac392b php-imap-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm a9fb81d0c72561dd396451514c7c6fae77729be41fdcccdd78ed5f98d45e04cf php-intl-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm d3eabfd67aedf663532bcb48b7e76f18d0b259fd4318732a137026f8cc461b84 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 4cd25e5ede23f10e048ace0f9fbd67612ef7d09922bc0573ccfe1c60d8a2753f php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 09d415f743f9a87971976a36ad9fac4dd0266d5240eb674abc58446d112adbfa php-mysql-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 5b62e93ada784a6ab2eba651b801405ee34c58444f50c807afbeab17c850d75c php-odbc-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm f3991bd4df36e4c91880e550f3780190e1b79af47b776d29766d39a78973df22 php-pdo-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm d46678cc7c6508611ca42cc359997662bc31482b31beb6a50842ee5facc0056d php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm b4ad027acd6508d278c6420cab407c7716c46161216ca055c400ec6d44f47997 php-process-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 513c313daab5faf78d6a36ce337b52630c7051f6ed96bbd22d48bfa751333fc9 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 7b9a86baf40e88f77166a8697adc06fb87011d1955929e6641e171d91d38b146 php-recode-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 0eb5497c12ad68d9a2bb3a3f0bb660fb0edf821d4d6534d3d228834c7f0e2941 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 78e6b5ecd83a61cc3e7c73e645b862de80077cc49e647b135cc233734ef917e1 php-soap-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm fd6d4d9f5a8f50aacb363741b4ca862f1aaf10100911c0c795a3071918395fde php-tidy-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 452a2c5dcc1b5b099f2378c8a6576cdbbde1a4488b03a476b1e87f430e2c1d0f php-xml-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm 4e77edbfaa3e30b8dddd3128258d49273f4bcfc1686bb0ca244951b837329bdc php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm dcfa0a12c785f114b3fb2778d8324a7c620225ea49af44956e45508a94be52c2 php-zts-5.3.3-50.el6_10.tuxcare.ol.els14.x86_64.rpm ee661aecab8fef0d46b4e47ab65a20a09152694e5ffc94454b52873ea5f20d1b CLSA-2025:1757014622 TuxCare License Agreement 0 - CVE-2025-54574: fix buffer overflow in URN handling Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-54574: fix buffer overflow in URN handling

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els10.x86_64.rpm 711f97d2e94ce2d7f67d206887ef915bff7c83092bd6351e2aa648d7f7a74e1d CLSA-2025:1757015131 TuxCare License Agreement 0 - CVE-2025-54574: fix buffer overflow in URN handling Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-54574: fix buffer overflow in URN handling

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els14.x86_64.rpm dd742a8448059acb4609c2b826df5ec3012b9f2e6891ce9aca72edfd4e676f16 CLSA-2025:1757523459 TuxCare License Agreement 0 - Fix multiple vulnerabilities in oniguruma: - CVE-2017-9224: out-of-bounds read in match_at() - CVE-2017-9226: heap buffer overflow in next_state_val() - CVE-2017-9227: out-of-bounds read in mbc_enc_len() - CVE-2017-9228: out-of-bounds heap write in bitset_set_range() Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Fix multiple vulnerabilities in oniguruma: - CVE-2017-9224: out-of-bounds read in match_at() - CVE-2017-9226: heap buffer overflow in next_state_val() - CVE-2017-9227: out-of-bounds read in mbc_enc_len() - CVE-2017-9228: out-of-bounds heap write in bitset_set_range()

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 653569bc4e0fd18e3600af095cf57e79d417ca8692d9385f6be894b8a683732a php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 2d7002a7ea4fbcd0fcdd6861452b63aa4ecf0df2f6af0cf556f67836f1bd592b php-cli-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 899069059afe11c68f478a62c040e2506abe1b14d6ee3f427da3c935d4d29bc6 php-common-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 60a5838d5932cc791a1300b173f63135767970500d8d63cfb724d2187cba8610 php-dba-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm f4fcceaf3ed38d12aa21ce23b4ecb95f0a3b4fba0951f51dc8e43c0637575194 php-devel-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 7b16c4f00438875051cc842d03a73f9e9f59cec81ceda220284305bc9c8bb810 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 3c52147ba6f7309278628241c64ebddcc35b984d907af37610b4ef94a42f4256 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 095b7338b655a0343af18a884e58cd4188afbc632c3e3028a2892beab74aee07 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 17d899f2438105a4e7d61634aa4d8ff552b2838a779befd0d8ebbad420a5ee62 php-gd-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm e2dd31f6a97197b1b3119c89ad6a564a60675b888efe3aef63141d947d2febbe php-imap-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 19169fb34a8dc5c9dac3c250c179c9a6adce52d7148aef1996228e34792a6e25 php-intl-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 6a92c526242e394ef31c843c3549126167bf644e6a354c91cc98bb243fd4627c php-ldap-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm e5bdf690a0da26dd2b992dc2a2af957563b0d6a5bed1b74936137b585a17fe1c php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm f6f31a5d75c1078954954d3385c63445e5c0f16679336459d5761ef240509d7f php-mysql-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm bb2c908c177ee65f02c64555ae598f0a714b56f931ef9c3742c06a46d8d534a8 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 0d57b2cd3ccf3492e640948dbcd41db630a3e69ef777afa6e1924d25811e775c php-pdo-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm dd956e15342451f5d1e00cc4914869bccddc580c113e8007429b4f57c598fc43 php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 3b6a3cc521e0dd6f1f60c857c28e1414c1048ad93988e6f3076d99b41f1c8c2b php-process-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm a1f9d4dfd0d328b9de3b200e9a1bd9e79a9e97802ac27000767bac24d9189806 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm bffd580cc6be273e6a97e1c2f92adf548a1d128131842c3fa25cfdf542896c32 php-recode-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 483209775af34a7d745c2a4ff19188b7db2c66cce30c44636be5c33f29f80bf0 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 7b8c4691789a35ce5c24fc3c00e90a6f6be6ce0b6f28f3bed1652324763f5ae3 php-soap-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 479ad1030f5bb1586f25a606019dec78b1b60b4c36263d5313809edc0e625924 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm b1f11efd78e13ecbc8c8819511df4aef48464a74e37b36253a1da2a6e5de96af php-xml-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm 94de42303001eb9bed553efe21bbc3b12a7afc510d049f235e0e0fa6848475e1 php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm f8aea6e7132502dd456555d3a194ef3d1b4f7a76b0e49ea91857237062fc4e93 php-zts-5.3.3-50.el6_10.tuxcare.ol.els15.x86_64.rpm eb2f5ba0d051e4a0fefd16869eff778918a9d955d1ca31707e0357dd26c11413 CLSA-2025:1757608338 TuxCare License Agreement 0 - CVE-2016-5636: fix heap-based buffer overflow in zipimport.c Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2016-5636: fix heap-based buffer overflow in zipimport.c

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els15.i686.rpm 9b1b4ba49b595a3eed591edf6e6b14e70aedc7e3a5a2f1dd883a4cdddca4d953 python-2.6.6-70.el6.tuxcare.els15.x86_64.rpm 702761486f2f91325130a7964a4f285a04f6146d1debd2e99065ebf12f189bb2 python-devel-2.6.6-70.el6.tuxcare.els15.i686.rpm aeeb7f4a3605fac1fda3e0f6a05dfec8e090f9216b5085ddde0b7dbea4eb6257 python-devel-2.6.6-70.el6.tuxcare.els15.x86_64.rpm c3740881c91b417c9951e6368d6910a59602c0f16f6fcb16e7be0a65665159c8 python-libs-2.6.6-70.el6.tuxcare.els15.i686.rpm 6d542f0249b54be59518df0638581a551c6ee96a187dbca957da46b9af2f12c8 python-libs-2.6.6-70.el6.tuxcare.els15.x86_64.rpm d28bb7068bed49ef39a4888fd227c0a0170586697e0b67302f135e1ee92be57f python-test-2.6.6-70.el6.tuxcare.els15.x86_64.rpm 4db97e546007aad20203151f532e54dccaef846fd16a5197d6ebb23a831073c8 python-tools-2.6.6-70.el6.tuxcare.els15.x86_64.rpm 1302cb13c93bf3d4a6b1bd048c611b45e9c85483eed7cc65aacdbc749a0a6c96 tkinter-2.6.6-70.el6.tuxcare.els15.x86_64.rpm 7e2f04aa04bab8b7d1d48287ac76f265d2e95526b37e97b04dc3c5df0fc96425 CLSA-2025:1757690876 TuxCare License Agreement 0 - CVE-2019-9169: fix heap-based buffer over-read in proceed_next_node in posix/regexec.c Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2019-9169: fix heap-based buffer over-read in proceed_next_node in posix/regexec.c

0 tuxcare-oraclelinux6-els glibc-2.12-2.215.el6.tuxcare.els10.i686.rpm 9578575ca562006f838c3090eb091ac437e1e178646118e1dfff54e756f87c27 glibc-2.12-2.215.el6.tuxcare.els10.x86_64.rpm 4cf65028b18cf1886d5dac42d3e31af0979c5a5a3f2448ada8952d67230abcdf glibc-common-2.12-2.215.el6.tuxcare.els10.x86_64.rpm 708461a3b3dcfe33e8d67cbb40c52789ba137bd99a406f8de79ffb09b601a1d9 glibc-devel-2.12-2.215.el6.tuxcare.els10.i686.rpm 00fc4e0e9770ad4200a5462947c5a062cecfd21ea8dea6aab1c51cd34bcc1a58 glibc-devel-2.12-2.215.el6.tuxcare.els10.x86_64.rpm 1eb783b0e0ceafeec25d26ed82eabf73b8f027748595e37a4ae34bbaf349f6c7 glibc-headers-2.12-2.215.el6.tuxcare.els10.x86_64.rpm 54a9480fbbeb4222ea381f2127a4e7e393937cf294630107d0cccd4540e35077 glibc-static-2.12-2.215.el6.tuxcare.els10.i686.rpm 1f96f2d257a9c5e79efea9a94ea7ade5b3c0979343fd15d386d34f69998a8683 glibc-static-2.12-2.215.el6.tuxcare.els10.x86_64.rpm e33d3b8c07be6e0c73b54c2404c3eb93a80d0bbb78aa72e252bd154bb403c30b glibc-utils-2.12-2.215.el6.tuxcare.els10.x86_64.rpm da9a4d6be7394fba2a8ffc84ab43bbf24f252ee045d2a712973493a22bcffd0d nscd-2.12-2.215.el6.tuxcare.els10.x86_64.rpm adbff07784a20964af67e4e8d251d6b9714f2cc6b7ef6c15936b48e2d61ae9fa CLSA-2025:1758009294 TuxCare License Agreement 0 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() {CVE-2025-38352} - sch_qfq: make qfq_qlen_notify() idempotent {CVE-2025-38177} - sch_hfsc: make hfsc_qlen_notify() idempotent {CVE-2025-38177} - sch_drr: make drr_qlen_notify() idempotent {CVE-2025-38177} - sch_htb: make htb_qlen_notify() idempotent {CVE-2025-38177} - net: atm: fix /proc/net/atm/lec handling {CVE-2025-38180} - net: atm: add lec_mutex {CVE-2025-38180} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() {CVE-2025-38352} - sch_qfq: make qfq_qlen_notify() idempotent {CVE-2025-38177} - sch_hfsc: make hfsc_qlen_notify() idempotent {CVE-2025-38177} - sch_drr: make drr_qlen_notify() idempotent {CVE-2025-38177} - sch_htb: make htb_qlen_notify() idempotent {CVE-2025-38177} - net: atm: fix /proc/net/atm/lec handling {CVE-2025-38180} - net: atm: add lec_mutex {CVE-2025-38180}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm de544b3a45c78b0e37179057a1ba2362d4b8a4ecfedd3fb25edd8b70b1802deb kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els25.noarch.rpm 0e0136dc0393e9fbe521a68f6020fedc4a54c10b432119e78ad1150853cb3644 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm 40d2142694a81c53ec52206cff8ad7e70335161dec3aeed83e06a79ed0d3cda4 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els25.i686.rpm 3b5b2b97f74b821253a2c47cad43bab25d31e2e50f2a0b10365c235c0ad3fa5b kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm f75647e84747c1be93330d0587163641169345b9e9b9ce4952e5277f0aa1d4b9 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm 4eb3660915f59bcaa427e2c4be667e1d4729007634d25e47522eb23d1bcc39f7 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els25.noarch.rpm 7105b02977f806f65d326d32ffd506336aac9a43cf668638cc944dd3a3a9faaf kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els25.noarch.rpm 5145d436a2a556e3a9b315e700a29050a280727890885f044c0726aa7ea2a356 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm e556118dc047b627c07f02faf4abc5a1915025ddda5e5df14cfb55c4ea6678dd perf-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm 39c7e220a7277bdf90499d8924dcf249449bd1745ca8cbd093a71c7ef6c46eda python-perf-2.6.32-754.35.8.el6.tuxcare.els25.x86_64.rpm 9b77081fed8077140bc5c82cedd1f42369e83334c5cc7ccc6cb113bfdc0cb6f2 CLSA-2025:1758031207 TuxCare License Agreement 0 - CVE-2024-47252: escape characters are now properly handled in mod_ssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP desynchronisation attack Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-47252: escape characters are now properly handled in mod_ssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP desynchronisation attack

0 tuxcare-oraclelinux6-els httpd-2.2.15-72.el6.tuxcare.els10.x86_64.rpm 678c01c37733f25d2457623eb8389874950882cc29be518836a6c02555a29575 httpd-devel-2.2.15-72.el6.tuxcare.els10.i686.rpm b53bee366b1aa0aca6de0884fa402b88e60ad245585775c59c79c8e62e1444de httpd-devel-2.2.15-72.el6.tuxcare.els10.x86_64.rpm 36f3d9128888ff54f1de686bacab8b84ed6e61d685776449a103df6fdf7f6dab httpd-manual-2.2.15-72.el6.tuxcare.els10.noarch.rpm 0637fec74ec0340d5bea9472a50b0d99b7cb4a38f0fec8435516a81f8b3f6efa httpd-tools-2.2.15-72.el6.tuxcare.els10.x86_64.rpm bbb4634c58fb7d3d1734bc434faa64f5ce7bdbf023a4cfff0c0a423affdc265b mod_ssl-2.2.15-72.el6.tuxcare.els10.x86_64.rpm f9e556a2e983bc1b57e628e0fe1fcf29358b155f8e480405608c1ef664be2bce CLSA-2025:1758102067 TuxCare License Agreement 0 - CVE-2020-7059: fix read past the allocated buffer in the fgetss() function Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-7059: fix read past the allocated buffer in the fgetss() function

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 85694965399fdbeeb22f2ea3529262fca67e5c72c4af0ca99d5d834d9b2b5e1a php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 69a89e777482d13be87842d3a475a82fe2f128f9fa4123027e0d5858897cc891 php-cli-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm cd6afe146b4dda6ff5420909d077c505c821ad175dedd9cf08e8e517dcf89913 php-common-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm c31db2f38ae7604df72490b5bc50374a454f7a50cfa17e50c0f37355f6f23cfd php-dba-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 95404e9dfe8e2d8285aa6bf7f14f85bb21ff04f1826558a06bc4a63b279c4560 php-devel-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm b9ea7888b73c1e91151dbb8eb9784b03384e9def1a190b4e4aae92f506975bc7 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 47e3054c1fb24c3145f7923b58699d9bd400e0ef2395b589c351234bc67ad35c php-enchant-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm f4a083625f69a2de9d5f9390a566873ba21da4fef6f55e06a41f06f86fb7ea66 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 8d5f943c30f45291da27767641ae8d462e7776f1633ca2b80f6db3096d920bac php-gd-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 9d43caed4022721bfa0a604140e66dd25668870ecf6465f4f6533e1de463b5ea php-imap-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 079fc30621b16cd810e71f47b7eb9e81ddcbcbc0c7a6438a94158ac4ab4f7a45 php-intl-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 411ddab4f6253fd83fd3bfb0e1532e91c2c2f404ba8cec5d1d26aa7e94d7fb16 php-ldap-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 3fcd19232ab324f7a3d79e987398e896b7601895275f7c8e9f29e29da14e21d6 php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 7968b549efb38472c99ee7a17f1988070af81f0c4d99dea689794e5ff78de58b php-mysql-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm b679140d8cc9ab437b9be7613c4008b777284dde0e2a6fd9b00dd45fbd6ff383 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 3484803f8ae67456bc8792fef72ca81af83941e9308fd53f250982638123604e php-pdo-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 03c7a522a8a2eefa333f29da656f1d4886c1ee1aa90ff074add3940e69f008bb php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm d454f2897f392e63df745dadde22ee94be535a3ded709b94383b28fa51d2fd70 php-process-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm ab6cb67349b11005b3e0cb0a052758b59033f14dfd117777ad76917778977bc3 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm af1b9323ce09e101c55e25454aa81fa78ccf39d91df4bbc46c2669ce8cdca83e php-recode-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 201d64e93dfd2365fb715de30edd02cedca2623fd0441d4fd9e2cee341185cb6 php-snmp-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 01c2aa2a334981bc45b6713fbc52cd210729c6b5a74c5dd1b255220e1fc0a575 php-soap-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm eebfe0dd07578ee06f1a09f67227d8a8ed8ffd231216b0288663affd32d298a1 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 3106e11876a1b6ab346d7eb39260e431046ad32e914fb860466d9d5989687efb php-xml-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 9f5d6cd3f8afbea2f749dc985c7e32bdb5846fe2083814778fdad05dd3abf6ad php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm ffa5eca55c1f42b6b3b4cf3aa04b90c69b9fd974097a9257ff37d46eb449632f php-zts-5.3.3-50.el6_10.tuxcare.ol.els16.x86_64.rpm 8a353316cfa35a30606bc60d8f4c2ae396e9969fe830e650d5372913aa5276cf CLSA-2025:1758193800 TuxCare License Agreement 0 - CVE-2020-7067: fix negative indexing in php_url_decode() function Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-7067: fix negative indexing in php_url_decode() function

0 tuxcare-oraclelinux6-els php-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm ecc0e22365bd00ea9ab3c8d6a92b709aee74b2d5937c4852c3c2edc8b36276ff php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 91cb67b3684f2d986cc382c4c1e1a84525a1b83d079f822bf7dedae266e0f733 php-cli-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 0c929efcc95c218ef5a0b3694a78fdd5f653564900d682889191d3f8dcb0e966 php-common-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 38f1d989c2898bfac794fe70bf20b390ce741301297e4bee33dab21f458af8cf php-dba-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm d2a0b5183dfb95fa2549a9b6000c8b412409ad7e6e8906dc8310595cd6655fca php-devel-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 06c15a1d7dc5cf338d090b97d288297bf85933e4e153edc73ec1e344051c7da7 php-embedded-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 29680f662d74c430a1a1c01cfebdb5bfa1d555a6377efdf6216941f3021ae801 php-enchant-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 8966b7b4d43cdaf655cca9a7a93db2bf9307160725917c584a9e97fcc3e004b0 php-fpm-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm d8d23b1f97f127fc77437b859e2510f6923fa5b19d0df0ab2940cf5fb3b3e011 php-gd-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 9f6d7b46eb6f0319b76a3c256719df8c958507b47db9585a72d59f83823db5c8 php-imap-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 7b052e68c5befb7a486e8d7a83e9cec4768e78abd27a9a467de216e1d2cdb448 php-intl-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 6f5d663afedee0305757fc925a8bfab05919a3e660a4ad68d401a4e3aa2ab38a php-ldap-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 0632b16634042eb66f87e9246743cae8ebc5f79dfa953fe2c637a86ef8c4f7ab php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 740c024a2144696e564fec8dc3c600265c3c0e8db671a52c47af3faffbedbe5c php-mysql-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 14f191432eed17e87049a2265b96e1c3f3e506f523409b48eefaf881b4820745 php-odbc-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 2730e9d812e8ef044a9824df34e8817c8b607411bad2fc4c60ef66d4ccc1fa9d php-pdo-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 0d09b5ad0290d3880d552d7116f0613c7ad4e2715003da67b1024ed058794115 php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 988fc3f55bd844a4b0f14bd6b834d930b1aa837ff79d03039ee8318b9904c730 php-process-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm b2b8ed89ca063fc35e6b7a6cc2fcca22230351d19ab9dd37079175bf9109f6b0 php-pspell-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 949c316ec706abc43846e28d22c574dd6f1ce96cade6e157cfb5c0b3f8468d11 php-recode-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 5eb4197eaea2df6ca58ad7229cf77448c67f1eed991f52c80642c174b2c8dc8b php-snmp-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 835b80560d2fa9755d2de0338df4f96bad7bc168425ac3d04a812a1e7b6095c2 php-soap-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 718f81ccbaa1ef2a55499b16f2bedf4dee88f19c6ffb3fe82749d3968522d3c7 php-tidy-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm 0472c2bb0d80b85c80bc2143c4d5d6ab2141fc81b6c73bc0536f1ffaa819514c php-xml-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm bf55963c0624d60d674209678c217ed6a5b39482cc92e2cd8273d63829315a91 php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm ba64fdc4fbda09475dd66afa05a368289fd99fab3bcccadb86467a390bb1ee77 php-zts-5.3.3-50.el6_10.tuxcare.ol.els17.x86_64.rpm d055bd5abcc81df99825eb961f418e36a2f091ebf127181aa45eaab4aad7df70 CLSA-2025:1758615308 TuxCare License Agreement 0 - CVE-2020-36328: fix a heap-based buffer overflow in WebPDecode*Into functions Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-36328: fix a heap-based buffer overflow in WebPDecode*Into functions

0 tuxcare-oraclelinux6-els libwebp-0.4.3-3.el6.tuxcare.els2.i686.rpm d5c18fe6b37603bb8c3b28495f9e78a98dfe048a61a142770dc538aa8e8b0417 libwebp-0.4.3-3.el6.tuxcare.els2.x86_64.rpm d27206b666f7d24867a630a4cf1e69ac84bc76c7653cf4ce5de7c79bdf1b73d6 libwebp-devel-0.4.3-3.el6.tuxcare.els2.i686.rpm 2da5cb2dad158e84773773d667816f9919049fdedf33f9f6fd5d9d35dffdc134 libwebp-devel-0.4.3-3.el6.tuxcare.els2.x86_64.rpm e6aac998f19c7179e1b759e55f1d1f86ce7b8d65e7a12f61db2d8f0c21bfc43a libwebp-java-0.4.3-3.el6.tuxcare.els2.x86_64.rpm e514e5eb38783ca7ff90788cc357d80ba2b5f50e48a77e1403b1bbf8cce8e19f libwebp-tools-0.4.3-3.el6.tuxcare.els2.x86_64.rpm 1375da19ede876c59cc0373a9428d8e720909a5547df7464cbf8d1cccfaa2de9 CLSA-2025:1758630391 TuxCare License Agreement 0 - CVE-2020-12673: fix reading past buffer Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-12673: fix reading past buffer

0 tuxcare-oraclelinux6-els dovecot-2.0.9-23.el6.tuxcare.els1.i686.rpm 78694ddc93acf32c252f3fcb212ebe8c28ff9bbef91a48b1f1bd44fcdc20a242 dovecot-2.0.9-23.el6.tuxcare.els1.x86_64.rpm 87ceb66a05cc1a62cd18d44e260718ca77fdf2f99a792c94dc1aa1ef639d308e dovecot-devel-2.0.9-23.el6.tuxcare.els1.i686.rpm ba20f7141d1f8c6c947840197086ae709533183a1ffceccb2d104c95e147fbaa dovecot-devel-2.0.9-23.el6.tuxcare.els1.x86_64.rpm 730b8c429565bf652c5575f411c589746bf6306c34d6949c95031283ec0e0ac2 dovecot-mysql-2.0.9-23.el6.tuxcare.els1.x86_64.rpm d26be784d5cd3f2af1c634694c4cf8824a31371cb2750490672fd0092b4ce0a9 dovecot-pgsql-2.0.9-23.el6.tuxcare.els1.x86_64.rpm 00067eb12ff17ea5ebe6319c353aae4c6b06891a5dc4c2f1455069229a17303a dovecot-pigeonhole-2.0.9-23.el6.tuxcare.els1.x86_64.rpm e7a9beb6018493c19cdca9108643b9d21117ff45b4d15ffef8469ceff70a5beb CLSA-2025:1758636652 TuxCare License Agreement 0 - Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return Filter control handling - CVE-2020-36226: fix slapd crash in the saslAuthzTo processing - CVE-2020-36228: fix slapd crash in the Certificate List Exact Assertion processing - CVE-2020-36225: fix double free and slapd crash in the saslAuthzTo processing - CVE-2020-36227: fix infinite loop in slapd with the cancel_extop Cancel operation - CVE-2020-36230: fix assertion failure in slapd in the X.509 DN parsing in decode.c - CVE-2020-25692: fix NULL pointer dereference during a request for renaming RDNs - CVE-2020-25709: fix assertion failure caused by processing malicious packet - CVE-2020-36224: fix invalid pointer free and slapd crash in the saslAuthzTo processing - CVE-2020-36229: fix slapd crash in the X.509 DN parsing in ad_keystring - CVE-2020-25710: fix failed assertion in csnNormalize23() - CVE-2020-36222: fix assertion failure in slapd in the saslAuthzTo validation Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return Filter control handling - CVE-2020-36226: fix slapd crash in the saslAuthzTo processing - CVE-2020-36228: fix slapd crash in the Certificate List Exact Assertion processing - CVE-2020-36225: fix double free and slapd crash in the saslAuthzTo processing - CVE-2020-36227: fix infinite loop in slapd with the cancel_extop Cancel operation - CVE-2020-36230: fix assertion failure in slapd in the X.509 DN parsing in decode.c - CVE-2020-25692: fix NULL pointer dereference during a request for renaming RDNs - CVE-2020-25709: fix assertion failure caused by processing malicious packet - CVE-2020-36224: fix invalid pointer free and slapd crash in the saslAuthzTo processing - CVE-2020-36229: fix slapd crash in the X.509 DN parsing in ad_keystring - CVE-2020-25710: fix failed assertion in csnNormalize23() - CVE-2020-36222: fix assertion failure in slapd in the saslAuthzTo validation

0 tuxcare-oraclelinux6-els openldap-2.4.58-1.el6.tuxcare.els1.i686.rpm 1372570f3539ce4b7b561ac6118ecb120226b5647c63f5022d699d5ca6ea6f4b openldap-2.4.58-1.el6.tuxcare.els1.x86_64.rpm 3305af4bc148709afcb223ae2f85d35fed6a2a3840997460e12a118fb9f3559a openldap-clients-2.4.58-1.el6.tuxcare.els1.x86_64.rpm 517ff62270576c40ff3bd6070bc021e232c46a337ff3160b3a20ab6242ef36df openldap-devel-2.4.58-1.el6.tuxcare.els1.i686.rpm 3526ed304aecdf1fe37e0f4ecee9ef6eae2e8cdf142648e278d8d91f2f0de9bc openldap-devel-2.4.58-1.el6.tuxcare.els1.x86_64.rpm 333caa15db04bd5ca29ddfb55421ed4cd6848c242a3e452d2dcdecbf5a7d0e6b openldap-servers-2.4.58-1.el6.tuxcare.els1.x86_64.rpm f00666362fed1c02cf25eedd0ab8070cab76f0f7c72e6fd4c402fc4d01331cd1 openldap-servers-sql-2.4.58-1.el6.tuxcare.els1.x86_64.rpm 3b0e05a9a8b08c46eadc8e2b2ec0d14c535cd07e455c8523f8593ad02ac2b304 CLSA-2025:1758704869 TuxCare License Agreement 0 - CVE-2020-1752: fix use-after-free vulnerability in glob Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-1752: fix use-after-free vulnerability in glob

0 tuxcare-oraclelinux6-els glibc-2.12-2.215.el6.tuxcare.els11.i686.rpm 332af49c2a633fe97256a21c655866f7267fc049ab37f596d001189062fd9eb7 glibc-2.12-2.215.el6.tuxcare.els11.x86_64.rpm 4d3be9eceb813bc61a6aecc7f4a6a2cb0bd04d3dbd133b604765a88360a5168d glibc-common-2.12-2.215.el6.tuxcare.els11.x86_64.rpm 148f17e222be6c6db97e081e7c836ac289c4ef0b435f78d61e3a9d2e362de5d1 glibc-devel-2.12-2.215.el6.tuxcare.els11.i686.rpm 4d2d38bc7077da83796432a38b3b9bab926a3dfef26171cc26156922c68e4504 glibc-devel-2.12-2.215.el6.tuxcare.els11.x86_64.rpm d67ad0611df7e14bacfe645e1957b6c7a671145cf2499a5902377fc91474d751 glibc-headers-2.12-2.215.el6.tuxcare.els11.x86_64.rpm 97e388cd2ef3ea456cec2526f59915b5ab863e686bac10d0abf0b4e482021fff glibc-static-2.12-2.215.el6.tuxcare.els11.i686.rpm a7dd261004763118a0523a263d544dd5a305a04ed0ee1e2ca886808d71504857 glibc-static-2.12-2.215.el6.tuxcare.els11.x86_64.rpm bd0c8045cabccf61004f4d75517301cf414ce98829949e6fda9f8cd1438d6ed9 glibc-utils-2.12-2.215.el6.tuxcare.els11.x86_64.rpm 669c9a2ce1e049eb5ae28069c2db7fe68197b7849057084a33570986e61d3db7 nscd-2.12-2.215.el6.tuxcare.els11.x86_64.rpm 68588fd4d25cb29e57df5072dc3c1d0e9f9f16023fa4717af189d979d61401f6 CLSA-2025:1758705181 TuxCare License Agreement 0 - CVE-2020-35457: fix integer overflow in g_option_group_add_entries to prevent potential out-of-bounds write - Bug775510: avoid calling Standard C string/array functions with NULL arguments Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-35457: fix integer overflow in g_option_group_add_entries to prevent potential out-of-bounds write - Bug775510: avoid calling Standard C string/array functions with NULL arguments

0 tuxcare-oraclelinux6-els glib2-2.28.8-12.el6.tuxcare.els4.i686.rpm 82c5a8d92fbeae9441338bcef1dddc86d8de40c60e14d77a8df7631903bad126 glib2-2.28.8-12.el6.tuxcare.els4.x86_64.rpm 3f11d0591cd0a3611c5cd846d07b62a4c13792cb1fdb9e92454baeb7ba19c1c5 glib2-devel-2.28.8-12.el6.tuxcare.els4.i686.rpm d303a636a78242a0232b9257d81728f4dcd6dccfadfad218d1be282b2c75c027 glib2-devel-2.28.8-12.el6.tuxcare.els4.x86_64.rpm ef644abd0cdf98f3fc072be370da7e576185b011a68ccd30468fa5aa8e2aebb4 glib2-doc-2.28.8-12.el6.tuxcare.els4.noarch.rpm f2d7d82371a89b9c545d4fe71dd9412350bb2748898838158c5e8c90fc46a184 glib2-static-2.28.8-12.el6.tuxcare.els4.x86_64.rpm a21eb4c237467bf6d37805db6073d5afda84d5475575239433519f8537698509 CLSA-2025:1758728428 TuxCare License Agreement 0 - CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing - CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing - CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing

0 tuxcare-oraclelinux6-els spamassassin-3.3.1-3.el6.tuxcare.els1.x86_64.rpm c00e48e6ed633820004b6413ebe7340676e4664c8066e262fc830982f4d06e3d CLSA-2025:1758743212 TuxCare License Agreement 0 - CVE-2023-4504: check for null terminator after a backslash Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2023-4504: check for null terminator after a backslash

0 tuxcare-oraclelinux6-els cups-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm 7348eae3ffdafabb11bc8329ef011ee824479a644cd1e968b50c5a96b5836c0d cups-devel-1.4.2-81.el6_10.tuxcare.els1.i686.rpm f999a73e995ef8d4a74921495b1834d1fe0cd11c4c082174374f4f34426d3f4b cups-devel-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm 0503d757e0e3d0e367205ce9e8c854348cac4eec696d3027591e79a2bbf66f60 cups-libs-1.4.2-81.el6_10.tuxcare.els1.i686.rpm cbcf6423440ec2ae736586e9626aaf42f38a2ce8ea763a1c58b1770298c604c6 cups-libs-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm e2ae99b2b64fdebb7dca1d07f6297fedc45f81e514eeb3230d53ebf5b0c7f0ff cups-lpd-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm 92671fbb3834e38177c2e9598958e785ebab67142027215e5a765934de130db3 cups-php-1.4.2-81.el6_10.tuxcare.els1.x86_64.rpm 456bb2205a502bc9793679fbf132c107d2df64a71db2b998ccfd0c9b91a6db33 CLSA-2025:1758820840 TuxCare License Agreement 0 - CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-12674: fix mishandling of zero length in RPA request to prevent auth service crash

0 tuxcare-oraclelinux6-els dovecot-2.0.9-23.el6.tuxcare.els2.i686.rpm ad63b26e8f25e2329848a5c720331f313a4f4b71b33bafaf39d3df3639952334 dovecot-2.0.9-23.el6.tuxcare.els2.x86_64.rpm 87822a364777c0fe30d617c68da784d04f1e9507fd74676b84e1a3b80c986b30 dovecot-devel-2.0.9-23.el6.tuxcare.els2.i686.rpm 6382205dbb13b783874a0085f6218f196d8edde3e4272dbf3fb55f28ccce4d13 dovecot-devel-2.0.9-23.el6.tuxcare.els2.x86_64.rpm edbddeae68d31ab16f1d6d1400aafa22d01db441025b085f8417fdb27820a7d9 dovecot-mysql-2.0.9-23.el6.tuxcare.els2.x86_64.rpm 2977faa21c21365770896638f0d538f33535284ec3c30c0bc8f57a97af3906d3 dovecot-pgsql-2.0.9-23.el6.tuxcare.els2.x86_64.rpm ecbee9657c6ca8978ca4ac11394dd272f10f8e542c54dd9d79644084c4ba1778 dovecot-pigeonhole-2.0.9-23.el6.tuxcare.els2.x86_64.rpm 4616596ba3c3c37e2032bf3e027f345222d5ad9a94ca2d258e5931307e7a504a CLSA-2025:1758892204 TuxCare License Agreement 0 - CVE-2024-52533: fix off-by-one error and resulting buffer overflow in gsocks4aproxy.c by increasing SOCKS4_CONN_MSG_LEN Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-52533: fix off-by-one error and resulting buffer overflow in gsocks4aproxy.c by increasing SOCKS4_CONN_MSG_LEN

0 tuxcare-oraclelinux6-els glib2-2.28.8-12.el6.tuxcare.els5.i686.rpm 67086c2c6545b73a7588e372036ec224d365c8add6fc00c81141bacaa1989bbb glib2-2.28.8-12.el6.tuxcare.els5.x86_64.rpm dfa3f5f7e2d654f1e2a80f4f7849a227e22dbe665e1d864c1f5344e82d303ac1 glib2-devel-2.28.8-12.el6.tuxcare.els5.i686.rpm deec142469f0a5c3fe836475aeff0bfaec0d7537a2b461613f463b030ff1f9d2 glib2-devel-2.28.8-12.el6.tuxcare.els5.x86_64.rpm 7976b3d39a033d520aadb0da2f39acaa12bc2e039867f9a2cf64185b66a8cb9b glib2-doc-2.28.8-12.el6.tuxcare.els5.noarch.rpm b038431721164871aacc24684656aff340a4a408b77a1d66c14d8b64353f8dd7 glib2-static-2.28.8-12.el6.tuxcare.els5.x86_64.rpm 11df4f588140a594ed0f75cb4fa21343b4d8293d29eacde0eec459046401ea7c CLSA-2025:1759157126 TuxCare License Agreement 0 - CVE-2020-36329: fix use-after-free vulnerability by delaying thread termination - CVE-2020-36330: fix out-of-bounds read in ChunkVerifyAndAssign function - CVE-2020-36331: fix out-of-bounds read in ChunkAssignData function Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-36329: fix use-after-free vulnerability by delaying thread termination - CVE-2020-36330: fix out-of-bounds read in ChunkVerifyAndAssign function - CVE-2020-36331: fix out-of-bounds read in ChunkAssignData function

0 tuxcare-oraclelinux6-els libwebp-0.4.3-3.el6.tuxcare.els3.i686.rpm eedb79ad488bda718b874d5fc070b7d826c768305c803bc7f090856adf0b6b49 libwebp-0.4.3-3.el6.tuxcare.els3.x86_64.rpm 2113a9c1f9aa00d494a883237f0d83f26b451c1e6cbc360f08ee4f4e2d1ab419 libwebp-devel-0.4.3-3.el6.tuxcare.els3.i686.rpm 5301584433a94b4ea9210fee8a1fc4dcb92fcf17c297ee090c6b512c77012463 libwebp-devel-0.4.3-3.el6.tuxcare.els3.x86_64.rpm baabe626629f271c1b406c1139d352ff7a0c7307524df9353f79a9c48e66417f libwebp-java-0.4.3-3.el6.tuxcare.els3.x86_64.rpm de3f7a019cc3fc56125044aa59d22f22bb9017294acd8af7d97d632f3eb3128b libwebp-tools-0.4.3-3.el6.tuxcare.els3.x86_64.rpm fa5dd41e9a9079e2c6c2cf1fc38bddbac13c5a1776e077ffa4e9dba529be76a5 CLSA-2025:1759332050 TuxCare License Agreement 0 - CVE-2025-6021: fix integer overflows in buffer size calculations Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-6021: fix integer overflows in buffer size calculations

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els10.i686.rpm 791ee8033069a1e158acf0d559c70d68b5f878514c65cdb706c787b0abb5ec2c libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els10.x86_64.rpm e50ec4074144b0c3ca86a16fb723b6f4774f972b4c71afcd0a01ebf80b9ceb7d libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els10.i686.rpm 84d5c8550476528e0bfb6337b472030d99d9e463dfe84a632862f5a4a50a8083 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els10.x86_64.rpm 744ab73818abe58fbdc9cc5f4746151134411b63fd257380644cfc28630a00df libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els10.x86_64.rpm 084089ad401b14263be0e21aca63117905f75b4907879a81c62364b4ffd36786 libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els10.x86_64.rpm 4bb2a6397e379c6d2b5c7eee8d0bb01e0caa11bfbb01d46a080f999075615b39 CLSA-2025:1759337779 TuxCare License Agreement 0 - CVE-2020-15078: fix authentication bypass and access to control channel data on servers configured with deferred authentication Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-15078: fix authentication bypass and access to control channel data on servers configured with deferred authentication

0 tuxcare-oraclelinux6-els openvpn-2.4.9-1.el6.tuxcare.els2.x86_64.rpm 8e07c9b4542cf89464d497352cb729b4be6f61c29ceb660c4315e3275921e210 openvpn-devel-2.4.9-1.el6.tuxcare.els2.x86_64.rpm 1f28c2ef8edb0245f7c13aa6cb76292e63867131d9687c5ddf7f469adc092b7a CLSA-2025:1759419790 TuxCare License Agreement 0 - CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where regular user id starts from 500, so change the default value of the new config parameters added: "min domain uid" to 500 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where regular user id starts from 500, so change the default value of the new config parameters added: "min domain uid" to 500

0 tuxcare-oraclelinux6-els libsmbclient-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.i686.rpm 317666e9a5be26f1761ea0a6dd9f17ec20be1cb1245795180fb519b47a8f8c5a libsmbclient-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 743d19512ad80847b1c9f1ab7eed54c3cae5da57277bdc6f1f2ab660fafdd9c7 libsmbclient-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.i686.rpm f4e7425722e7befe0e3d1bcc63b5a0380d4ce80ff45636088978450b73ce9083 libsmbclient-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 4460b0aaf6069c7006a916650fb43b0af29071e88ea600cfab72323b98f43dec samba-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 2f07312c6b4387007c1960a4e07964a9bada7eec88b1d063a045280d577cf8c4 samba-client-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 57ba56f974794165bbc1fa81abda8d79870f8ee664d9cf3001f8e5b61bb48c10 samba-common-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.i686.rpm fe5461064b9f63c7674f3efcb99b6a4d31fea6c0b2526585af601918ce3fa613 samba-common-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 33cf422e95639a1a878f60dea9d06d2786eb10ceb7c9f4af04a868bd9c0d0de7 samba-doc-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 0e82640028b07df9cb761278a3e495238d9f5d8edf76e56e8ba27889f3a95449 samba-domainjoin-gui-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 722ec847d2fd07bf456222303d579e5161ea8099db7f08f4f33e8d824d5268d2 samba-glusterfs-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 1b1e63a528ce8ef507bbf4c60c7c33e2c4da6113fa17560968a78fc41c9c0b75 samba-swat-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 708a54933d59fe5ee26725d1d3dd7a1c3f35c81a594df37710c5f982ea73dff1 samba-winbind-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm cce2ba144dd5f782fb05f7529c8f52fc3cc7e4d19380fc21ef1d47d2307e9992 samba-winbind-clients-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.i686.rpm c50a700b012f52423ae8d3f63dbd61bbc5d9108b143f57624f26675a8c7208a5 samba-winbind-clients-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 2310d86d7be388a81b368b903246f5049dca6f8f1c5d0339aa40735b7ae4018b samba-winbind-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.i686.rpm aea305bd4a4abc6831300463f20475ce9f8fbf3e4b1051d76f0b3f6161c1ee3c samba-winbind-devel-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 2ad6c37ba86a7db83adce02f3038705dbb465c931aa8abdddf693d57153ca473 samba-winbind-krb5-locator-3.6.23-53.0.1.el6_10.tuxcare.ol.els4.x86_64.rpm 1dce182e3e3a7ae459e482c24d9f56f9b88432242d378b0ddcca517d1bd3be91 CLSA-2025:1760105902 TuxCare License Agreement 0 - CVE-2017-9042: readelf.c fix a possible application crash known as the "cannot be represented in type long" issue Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2017-9042: readelf.c fix a possible application crash known as the "cannot be represented in type long" issue

0 tuxcare-oraclelinux6-els binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els9.x86_64.rpm 20088b054a3c0365cfa62d715c12c4c154eeb9adfa21893edb0f0f211af8199a binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els9.i686.rpm a98ecc5f11d2250379e3b3357028b6de4047d7b730dc4d5fa55e3c67cc36c46c binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els9.x86_64.rpm 6717142457adc5a75149fd671dfeab37884db2e5a538f644efbd8ac1bdc38515 CLSA-2025:1760106204 TuxCare License Agreement 0 - CVE-2020-25648: fix DoS in case of receiving multiple CCS messages - extended tests Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2020-25648: fix DoS in case of receiving multiple CCS messages - extended tests

0 tuxcare-oraclelinux6-els nss-3.44.0-12.el6.tuxcare.els8.i686.rpm 948a8363d287ccd2772dcdea7850a8cb69d2396e630852958a7a867f313c8549 nss-3.44.0-12.el6.tuxcare.els8.x86_64.rpm dfc036259c8f6f201f2258b74e28de9585a8cafd65599ba51d4668d8c1a36186 nss-devel-3.44.0-12.el6.tuxcare.els8.i686.rpm 3ebfc83326836ddd566ca43d20c23b173c9bdc12f73e636dae30daa6e3820f13 nss-devel-3.44.0-12.el6.tuxcare.els8.x86_64.rpm 59f8480a698fac2f067a65abab232ca2721a45f1b8f473f7ec51ad93cbb682ff nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els8.i686.rpm d591dd43b5c5a2b164361a656bb662b242aa0427c42c462b12cf29c07e061301 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els8.x86_64.rpm 4f776d3497b56ae65b5a40205c2ba4d1473c6a94e833e170eb10d4eab8f821df nss-sysinit-3.44.0-12.el6.tuxcare.els8.x86_64.rpm 58ed8c1c4747e300541da79743c47e919279ec98b60d592de127065f89e47910 nss-tools-3.44.0-12.el6.tuxcare.els8.x86_64.rpm 0c3b4a19189c97cfdf224638ad70172d36e58d3b8e4bc9112cb1433ad2884887 CLSA-2025:1760556795 TuxCare License Agreement 0 - CVE-2018-0734: fix timing side channel attack in DSA signature algorithm Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-0734: fix timing side channel attack in DSA signature algorithm

0 tuxcare-oraclelinux6-els openssl-1.0.1e-63.el6.tuxcare.els13.i686.rpm f6fddd67f2ffa3aef1716de7ea4178e6a30d81e14afe2a45ee9a7993c8071355 openssl-1.0.1e-63.el6.tuxcare.els13.x86_64.rpm ad29d1b542defef67a76820327feff80ef614ceaa1798363b480053697f5056a openssl-devel-1.0.1e-63.el6.tuxcare.els13.i686.rpm 0bff681b7222d453b45a354e56440d47c962bdb12ef9d8399733037ac841bcdc openssl-devel-1.0.1e-63.el6.tuxcare.els13.x86_64.rpm 505d952446def3f2c009c516f30e14421588d9f9c459f68c4fa573c4a333f367 openssl-perl-1.0.1e-63.el6.tuxcare.els13.x86_64.rpm ec9797bffc7be68ef1c53ecb6011308fe260719a914f955572d834821f899507 openssl-static-1.0.1e-63.el6.tuxcare.els13.x86_64.rpm a6bbd6d8c2cea17b248518c0fb925970ed3d89bd3991235705eddf82281c87f6 CLSA-2025:1761074747 TuxCare License Agreement 0 - nfs: fix UAF in direct writes {CVE-2024-26958} - NFSD: Fix the behavior of READ near OFFSET_MAX {CVE-2022-48827} - thermal: core: prevent potential string overflow {CVE-2023-52868} - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 {CVE-2021-47633} - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests {CVE-2021-47391} - drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616} - Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982} - wifi: mac80211: fix potential key use-after-free {CVE-2023-52530} - crypto: qat - resolve race condition during AER recovery {CVE-2024-26974} - netfilter: validate user input for expected length {CVE-2024-35896} - wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937} - net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538} - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487} - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885} - tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383} - watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321} - virtio-net: Add validation for used length {CVE-2021-47352} - USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760} - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901} - xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014} - scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695} - jffs2: prevent xattr node from overflowing the eraseblock {CVE-2024-38599} - ecryptfs: Fix buffer size for tag 66 packet {CVE-2024-38578} - dlm: fix plock invalid read {CVE-2022-49407} - media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764} - igb: Fix potential invalid memory access in igb_init_module() {CVE-2024-52332} - jfs: fix shift-out-of-bounds in dbSplit {CVE-2024-56597} - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() {CVE-2023-52594} - pid: take a reference when initializing `cad_pid` {CVE-2021-47118} - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779} - sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077} - media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824} - xen/grant-table: add gnttab_try_end_foreign_access() {CVE-2022-23038} - media: dvb-core: Fix use-after-free due to race at dvb_register_device() {CVE-2022-45884} - media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886} - media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885} - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919} - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265} - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265} - x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265} - i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- nfs: fix UAF in direct writes {CVE-2024-26958} - NFSD: Fix the behavior of READ near OFFSET_MAX {CVE-2022-48827} - thermal: core: prevent potential string overflow {CVE-2023-52868} - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 {CVE-2021-47633} - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests {CVE-2021-47391} - drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616} - Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982} - wifi: mac80211: fix potential key use-after-free {CVE-2023-52530} - crypto: qat - resolve race condition during AER recovery {CVE-2024-26974} - netfilter: validate user input for expected length {CVE-2024-35896} - wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937} - net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538} - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487} - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885} - tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383} - watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321} - virtio-net: Add validation for used length {CVE-2021-47352} - USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760} - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901} - xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014} - scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695} - jffs2: prevent xattr node from overflowing the eraseblock {CVE-2024-38599} - ecryptfs: Fix buffer size for tag 66 packet {CVE-2024-38578} - dlm: fix plock invalid read {CVE-2022-49407} - media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764} - igb: Fix potential invalid memory access in igb_init_module() {CVE-2024-52332} - jfs: fix shift-out-of-bounds in dbSplit {CVE-2024-56597} - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() {CVE-2023-52594} - pid: take a reference when initializing `cad_pid` {CVE-2021-47118} - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779} - sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077} - media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824} - xen/grant-table: add gnttab_try_end_foreign_access() {CVE-2022-23038} - media: dvb-core: Fix use-after-free due to race at dvb_register_device() {CVE-2022-45884} - media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886} - media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885} - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919} - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265} - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265} - x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265} - i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm bd7b791a448212c336eea3866a08702c24a3e63651f5e319378feebaa7be1b18 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els26.noarch.rpm 87ec0d61374a313c9b3e8aa0a03641127debac34f80389910a0cbc8dc36bf978 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm 1bd3cadba79b8f4a658effe5eae6dc5fd750e49a25b6848218d74976f004b2b5 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els26.i686.rpm e49cdee835371f22e87b204a3f52bf91a6b3b504da2a7b292ba8a858565ad61f kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm 39116cdec1e72e4fa06748c7d450b913328d5bc9517bf754860f5baeb53a0d64 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm f1ef5ebcf5203bd2a89d9d7a76f175df51d0da4dcfdddb27c2d5989df9f17182 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els26.noarch.rpm ff23ef80446bce6751d7aabefccbf5f6ab40b06e680b78ad7389ef495cffd3e5 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els26.noarch.rpm eeeb0c15c61c65707334c7a680d05ff047f8d97fd086f35aca2e0a7e80af7344 kernel-headers-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm 020cd595c7e43bc9c94e49ac3e15e581cc74a8ad2c5e92d78f7c6f2246ce7fb6 perf-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm 2eac878fa04f888b2a6ce548e34c4e6b0c0ce478056946f0e94640271de57e78 python-perf-2.6.32-754.35.8.el6.tuxcare.els26.x86_64.rpm dc22f7f49f04fded847754c544142b78abbdb788479d1e840665321d5c8d2d47 CLSA-2025:1761673925 TuxCare License Agreement 0 - CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els11.i686.rpm 8cb0bf1e550a1845ab76a7a4eddad2860c365294a953789ddd040d09f4c42e7f libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els11.x86_64.rpm d9e39b270be261f9ec576858193c3a0885bfa6183071d43bae514ebcf9e8497b libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els11.i686.rpm 48e4ada6a859050b0fc24a9f4244341b68a0afb242ce50a62b2cf973bbbb43ec libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els11.x86_64.rpm 5dc2bc61673ee9b48701a044ab2ba2ec5516a22c5be711de06b1958c7300ba6e libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els11.x86_64.rpm 7f799c167847ce5e10b51aa9af0a9d2af8af2358b197ff22a5b57a4b126288ef libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els11.x86_64.rpm f470479e6cefa80d9c2fc29ef0dc630e4cb6d9a17649814ea9293d5b0a4a4be0 CLSA-2025:1762455270 TuxCare License Agreement 0 - fix: virtio-net: Add validation for used length {CVE-2021-47352} - xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037} - net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477} - net: fix information leakage in /proc/net/ptype {CVE-2022-48757} - net: atm: fix use after free in lec_send() {CVE-2025-22004} - ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- fix: virtio-net: Add validation for used length {CVE-2021-47352} - xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037} - net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477} - net: fix information leakage in /proc/net/ptype {CVE-2022-48757} - net: atm: fix use after free in lec_send() {CVE-2025-22004} - ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm c1c082527c36c047c9aa5a797d0a3d4f7c31f87447fde57e0a10b4c17878da62 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm 27a55374c1a9cc5de6497b55283d2181c2e2e3af208e8f743cc48d5ab447ccc9 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm 674b07424eebec4222d970163a9421845fb449972dd8d6073e8ca3d04c8a3e43 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els27.i686.rpm 8823a064395cad766f25820e26c128bc7280707028ead8c32c3b7fce3988f247 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm ca7ac020575b59e0a35c5db82bb0bf39cac63cb61923c38c2acb59f8ea41b161 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm be8b5dfcc258a40ab5f12a3e3050b3af59ba9fc702546bb48fd1193fe69ccf0a kernel-doc-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm d0097ce6a564474d4c17a2e9b72a14197300f01712b795e3f30bae90d6a23000 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm 7d74700332b5aac351224cc2b365d8b8fd8cfbac0ee807720092e230e9dd9f5f kernel-headers-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm 7d483997d79501559e8369a35e24d1a93a8bae3a2453af73be2cba605454b60c perf-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm 9bd8fa2d9bd2766aa9dd4b5a456efb5e79ba298f774d6e71ba1302d023b1d8b2 python-perf-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm 2981258a4be9deb10b81e6e883d885d4282b3ba1febafa2e583c4bd3c2a617da CLSA-2025:1763031933 TuxCare License Agreement 0 - CVE-2025-9714: additional fixes - CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c - CVE-2024-56171: fix use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-9714: additional fixes - CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c - CVE-2024-56171: fix use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els13.i686.rpm b7dee911fc946e38562515bfc1c0273c45f583aa5e23808b942419b965a2c5fb libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els13.x86_64.rpm 8c9dbb7adde97237fb02859f64ae958bc1106b96dde3469f2e470f064e10a672 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els13.i686.rpm aa1dc923c2f90bd9dc4340eb19174902eec66e061781091ec9d5790ac2dd9958 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els13.x86_64.rpm 63c5a71f1c5dad6db4b0d6c04c150685390603805f421cc83abb6ff3b9e16a3c libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els13.x86_64.rpm 46df33cd76b55900dd0bdce5b296efd15ca293138b4a8a320600dd039355c32f libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els13.x86_64.rpm 7a2000a7b71083a60e8d8fac73943fa3f0678ae4841b9fd7724ecac7cb8c7ba9 CLSA-2025:1763388821 TuxCare License Agreement 0 - CVE-2025-62168: Redact HTTP authentication credentials in error handling to prevent information disclosure Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-62168: Redact HTTP authentication credentials in error handling to prevent information disclosure

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els11.x86_64.rpm 663e2a410a46f19721e3cd062b95dccb4fc85d44cdb59ed6f72849b599d67147 CLSA-2025:1763478867 TuxCare License Agreement 0 - CVE-2025-62168: Fix failure to redact HTTP authentication credentials in error handling to prevent information disclosure Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-62168: Fix failure to redact HTTP authentication credentials in error handling to prevent information disclosure

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els15.x86_64.rpm 2a791ee0b6b956fff7898713b789de8e004e5fc39313885b6d65f05b2ad0bb82 CLSA-2026:1767950442 TuxCare License Agreement 0 - CVE-2024-32021: checking whether the hardlinked destination file matches the source file and abort in case it doesn't Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2024-32021: checking whether the hardlinked destination file matches the source file and abort in case it doesn't

0 tuxcare-oraclelinux6-els emacs-git-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm 02e3a299d372e3c784e557f491682becd39d4f5371479b4be19738c821dd559d emacs-git-el-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm 7887f8905eb2d88f9fa5b14f923a30a48b038a163ae27fde96af1e08858d7455 git-1.7.1-10.el6_10.tuxcare.els7.x86_64.rpm dc85eef24c619b2dbe0d251861d96e0fa8d963b58c5fb749e2b6239aea13b674 git-all-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm c59a6671f211b166a98bb2430fbb5776b1549fd2068484856572089ac3e77c44 git-cvs-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm 06aa94f2a6b3d24bb85cf984aba7fdf991a465eb4e95f1a63120b3f946db9331 git-daemon-1.7.1-10.el6_10.tuxcare.els7.x86_64.rpm 0cb748418a98ea224e3d047f4edb3c761a631b6e4983c741680fa0b192f43828 git-email-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm e5fb06de2f98ca885992755d32aed0497e1cace4891e932582a71e8b7bd95589 git-gui-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm 2c5c6f25fd57ed92554de43117b84fd4274638929cdce8f85c4657ac282c1128 git-svn-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm f8a0da809913a75c3b3dbd323e057e357efccebe42d7fadb272c8159ded194a2 gitk-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm 95e73de1790f798e1f5a034e89bb3e8b3847e7f1cf2bf12dfac58c0e75d7d563 gitweb-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm d56ab027422271722e30343d4f3e270eb43de3085b59c09961d3ee406981896c perl-Git-1.7.1-10.el6_10.tuxcare.els7.noarch.rpm 548608d9282fe3508ac480c9a3c631fec7e3494c3485a66583e587c35cb0cc74 CLSA-2026:1769171615 TuxCare License Agreement 0 - CVE-2025-68973: fix possible memory corruption in the armor parser that could lead to out-of-bounds write for crafted input Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-68973: fix possible memory corruption in the armor parser that could lead to out-of-bounds write for crafted input

0 tuxcare-oraclelinux6-els gnupg2-2.0.14-9.el6_10.tuxcare.els1.x86_64.rpm 7fb8c666c8f2b8532d994d3e1d29bfed0ef48bf05ceb318b75587d2bf5fff43d gnupg2-smime-2.0.14-9.el6_10.tuxcare.els1.x86_64.rpm 2b03e7670db4720baab49994f56a9ffe8ca38d302f34483b7e32671c1655ce4a CLSA-2026:1768943030 TuxCare License Agreement 0 - revert fixes for CVE-2025-9714 due to build failures due to XPath error None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- revert fixes for CVE-2025-9714 due to build failures due to XPath error

0 tuxcare-oraclelinux6-els libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els14.i686.rpm ca1dd6f5791a3c78219768a4d30b5b20068c6d9339dee82c3966f29f3ab4e7a2 libxml2-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els14.x86_64.rpm 5eef2ea1b9a306ed111ac1b02072f632c2d5900a721ea3d884cdcdd0b6f65883 libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els14.i686.rpm 86936f55e16cfb88759fcd9cb92df435a6e4df7281f58fb6bd98b5c1fe51b26e libxml2-devel-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els14.x86_64.rpm a949f9ed50b8f1e25820ea8d11d5075495759df8d321b317537217c70eea3bd5 libxml2-python-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els14.x86_64.rpm bdbf0f78dd19aa01d7f868bb4ea185977e67689c00de4e34aedd8520f41d405d libxml2-static-2.7.6-21.0.1.el6_8.1.tuxcare.ol.els14.x86_64.rpm 8dd7cc7797ce91388c5de463cf4ed73ea1925edf21764769f03f0d9f58bb8c41 CLSA-2026:1769610819 TuxCare License Agreement 0 - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419} - firewire: net: fix use after free in fwnet_finish_incoming_packet() {CVE-2023-53432} - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408} - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380} - wifi: mac80211_hwsim: drop short frames {CVE-2023-53321} - wifi: cfg80211: Fix use after free for wext {CVE-2023-53153} - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422} - wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863} - NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945} - can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004} - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415} - scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322} - fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-2978} - ipv6: Fix infinite recursion in fib6_dump_done(). {CVE-2024-35886} - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} - atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459} - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} - spec: merge oraclelinux6els changes - ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365} - ipvs: fix WARNING in ip_vs_app_net_cleanup() {CVE-2022-49917} - ipvs: fix WARNING in __ip_vs_cleanup_batch() {CVE-2022-49918} - ipvs: use explicitly signed chars - HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556} - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too {CVE-2025-37823} - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-48900} - netlink: prevent potential spectre v1 gadgets {CVE-2023-53000} - mtd: inftlcore: Add error check for inftl_read_oob() {CVE-2025-37892} - igb: Do not free q_vector unless new one was allocated {CVE-2022-50252} - scsi: target: Fix WRITE_SAME No Data Buffer crash {CVE-2022-21546} - net: mdio: fix undefined behavior in bit shift for __mdiobus_register {CVE-2022-49907} - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK {CVE-2022-49870} - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258} - md-raid10: fix KASAN warning {CVE-2022-50211} - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882} - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751} - crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() {CVE-2024-58014} - isofs: Prevent the use of too small fid {CVE-2025-37780} - net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789} - partitions: mac: fix handling of bogus partition table {CVE-2025-21772} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419} - firewire: net: fix use after free in fwnet_finish_incoming_packet() {CVE-2023-53432} - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408} - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380} - wifi: mac80211_hwsim: drop short frames {CVE-2023-53321} - wifi: cfg80211: Fix use after free for wext {CVE-2023-53153} - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422} - wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863} - NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945} - can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004} - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415} - scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322} - fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-2978} - ipv6: Fix infinite recursion in fib6_dump_done(). {CVE-2024-35886} - wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157} - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245} - atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459} - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051} - spec: merge oraclelinux6els changes - ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365} - ipvs: fix WARNING in ip_vs_app_net_cleanup() {CVE-2022-49917} - ipvs: fix WARNING in __ip_vs_cleanup_batch() {CVE-2022-49918} - ipvs: use explicitly signed chars - HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556} - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too {CVE-2025-37823} - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-48900} - netlink: prevent potential spectre v1 gadgets {CVE-2023-53000} - mtd: inftlcore: Add error check for inftl_read_oob() {CVE-2025-37892} - igb: Do not free q_vector unless new one was allocated {CVE-2022-50252} - scsi: target: Fix WRITE_SAME No Data Buffer crash {CVE-2022-21546} - net: mdio: fix undefined behavior in bit shift for __mdiobus_register {CVE-2022-49907} - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK {CVE-2022-49870} - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258} - md-raid10: fix KASAN warning {CVE-2022-50211} - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882} - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751} - crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() {CVE-2024-58014} - isofs: Prevent the use of too small fid {CVE-2025-37780} - net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789} - partitions: mac: fix handling of bogus partition table {CVE-2025-21772}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm ed0822a15d49c27aa16007e2f45b484a1036ca8989aa5c60ea29034cbf387613 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els28.noarch.rpm 00ec98f672ba4a839e0f9b43adaae88f092f0c7614088658422fc19468df14c9 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm 9ce6f1046cb0998827dfc38cb739e6f46e99e0c2f4447be08c548d3ed921717e kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els28.i686.rpm c9211f646342706413e654d0e24bbb2e4dca4340a2fcc38b88c6cc516b19c8b0 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm 0bf618e8f79dc89bdc323166bc15fcc66a652ce7890d3b9329ba3d735966fafd kernel-devel-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm 9315470260a9ec7fcb222bef3874088c4c5bab7f7aeb2c3acc99e8d8594b1ad1 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els28.noarch.rpm 8bd058c86c6351cd05d2bc2f65c9d5c4ff795b24e57a54deb3a8e6874d37fa2b kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els28.noarch.rpm fa3801855a313d3da51b870553a05ed2116e3e37a1cf5de13f19cc437e0d99be kernel-headers-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm 29f379fe9a8a2880cf6318b6e22f77d8aae8cceae9277c6c0fc62b4100570ea2 perf-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm f0464cecdf00fe080b9a55436a00abe6804085b16cd664ac7d8a1692c792748e python-perf-2.6.32-754.35.8.el6.tuxcare.els28.x86_64.rpm 9ddd63386b995fdbf46ec061e3c12893deca3d833118c11a0710fa5282897ef2 CLSA-2026:1770213436 TuxCare License Agreement 0 - Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000410; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b000650; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x3d; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x43a; - Addition of cpuid:A06D1/0x20 (GNR-AP/SP H0) microcode (in microcode.dat) at revision 0xa000124; - Addition of cpuid:A06D1/0x95 (GNR-AP/SP B0) microcode (in microcode.dat) at revision 0x10003f0; - Addition of cpuid:A06E1/0x97 microcode (in microcode.dat) at revision 0x1000273; - Addition of cpuid:B0650/0x80 (ARL-U A1) microcode (in microcode.dat) at revision 0xa; - Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x132; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x6133; - Addition of cpuid:B06D1/0x80 (LNL B0) microcode (in microcode.dat) at revision 0x125; - Addition of cpuid:C0652/0x82 (ARL-H A1) microcode (in microcode.dat) at revision 0x11a; - Addition of cpuid:C0662/0x82 (ARL-HX 8P/S B0) microcode (in microcode.dat) at revision 0x11a; - Addition of cpuid:C0664/0x82 microcode (in microcode.dat) at revision 0x11a; - Addition of cpuid:C06A2/0x82 microcode (in microcode.dat) at revision 0x11a; - Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x210002c0; - Removal of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) at revision 0x4003605; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c0003e0; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b000620; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x38; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x436; - Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x12c; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4124; - Removal of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) at revision 0x21000291; - Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x21000291; - Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003707 up to 0x5003901; - Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002904 up to 0x7002b01; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003f5 up to 0xd000410; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x10002c0 up to 0x10002e0; - Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x24 up to 0x26; - Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xc6 up to 0xca; - Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xb8 up to 0xbc; - Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x38 up to 0x3c; - Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x52 up to 0x56; - Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000410; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000650; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000410; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000650; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000410; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000650; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000650; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x9 up to 0xb; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x436 up to 0x43a; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0x102 up to 0x104; - Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xfe up to 0x102; - Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x63 up to 0x64; - Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from revision 0x20 up to 0x25; - Update of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) from revision 0x3000330 up to 0x3000382; - Update of cpuid:B0674/0x32 microcode (in microcode.dat) from revision 0x12c up to 0x132; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x4124 up to 0x6133; - Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision 0x4124 up to 0x6133; - Update of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) from revision 0x1c up to 0x1e; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:B06F6/0x07 microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:B06F7/0x07 microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from revision 0x21000291 up to 0x210002c0; - Update AMD CPU microcode to 2026-01-10: - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001247), cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101158), cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109), cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211), cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012), cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108), cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008), cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F02(ver:0x0AA0021C); None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c000410; - Addition of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b000650; - Addition of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x3d; - Addition of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x43a; - Addition of cpuid:A06D1/0x20 (GNR-AP/SP H0) microcode (in microcode.dat) at revision 0xa000124; - Addition of cpuid:A06D1/0x95 (GNR-AP/SP B0) microcode (in microcode.dat) at revision 0x10003f0; - Addition of cpuid:A06E1/0x97 microcode (in microcode.dat) at revision 0x1000273; - Addition of cpuid:B0650/0x80 (ARL-U A1) microcode (in microcode.dat) at revision 0xa; - Addition of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x132; - Addition of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x6133; - Addition of cpuid:B06D1/0x80 (LNL B0) microcode (in microcode.dat) at revision 0x125; - Addition of cpuid:C0652/0x82 (ARL-H A1) microcode (in microcode.dat) at revision 0x11a; - Addition of cpuid:C0662/0x82 (ARL-HX 8P/S B0) microcode (in microcode.dat) at revision 0x11a; - Addition of cpuid:C0664/0x82 microcode (in microcode.dat) at revision 0x11a; - Addition of cpuid:C06A2/0x82 microcode (in microcode.dat) at revision 0x11a; - Addition of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x210002c0; - Removal of cpuid:50656/0xbf (CLX-SP B0) microcode (in microcode.dat) at revision 0x4003605; - Removal of cpuid:806F8/0x10 (SPR-HBM B3) microcode (in microcode.dat) at revision 0x2c0003e0; - Removal of cpuid:806F8/0x87 (SPR-SP E5/S3) microcode (in microcode.dat) at revision 0x2b000620; - Removal of cpuid:90672/0x07 (ADL-HX/S 8+8 C0) microcode (in microcode.dat) at revision 0x38; - Removal of cpuid:906A3/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in microcode.dat) at revision 0x436; - Removal of cpuid:B0671/0x32 (RPL-S B0) microcode (in microcode.dat) at revision 0x12c; - Removal of cpuid:B06A2/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in microcode.dat) at revision 0x4124; - Removal of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) at revision 0x21000291; - Removal of cpuid:C06F2/0x87 (EMR-SP A1) microcode (in microcode.dat) at revision 0x21000291; - Update of cpuid:50657/0xbf (CLX-SP/W/X B1/L1) microcode (in microcode.dat) from revision 0x5003707 up to 0x5003901; - Update of cpuid:5065B/0xbf (CPX-SP A1) microcode (in microcode.dat) from revision 0x7002904 up to 0x7002b01; - Update of cpuid:606A6/0x87 (ICX-SP D0) microcode (in microcode.dat) from revision 0xd0003f5 up to 0xd000410; - Update of cpuid:606C1/0x10 (ICL-D B0) microcode (in microcode.dat) from revision 0x10002c0 up to 0x10002e0; - Update of cpuid:706A8/0x01 (GLK-R R0) microcode (in microcode.dat) from revision 0x24 up to 0x26; - Update of cpuid:706E5/0x80 (ICL-U/Y D1) microcode (in microcode.dat) from revision 0xc6 up to 0xca; - Update of cpuid:806C1/0x80 (TGL-UP3/UP4 B1) microcode (in microcode.dat) from revision 0xb8 up to 0xbc; - Update of cpuid:806C2/0xc2 (TGL-R C0) microcode (in microcode.dat) from revision 0x38 up to 0x3c; - Update of cpuid:806D1/0xc2 (TGL-H R0) microcode (in microcode.dat) from revision 0x52 up to 0x56; - Update of cpuid:806EC/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:806F4/0x10 microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000410; - Update of cpuid:806F4/0x87 (SPR-SP E0/S1) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000650; - Update of cpuid:806F5/0x10 (SPR-HBM B1) microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000410; - Update of cpuid:806F5/0x87 (SPR-SP E2) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000650; - Update of cpuid:806F6/0x10 microcode (in microcode.dat) from revision 0x2c0003e0 up to 0x2c000410; - Update of cpuid:806F6/0x87 (SPR-SP E3) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000650; - Update of cpuid:806F7/0x87 (SPR-SP E4/S2) microcode (in microcode.dat) from revision 0x2b000620 up to 0x2b000650; - Update of cpuid:90675/0x07 (ADL-S 6+0 K0) microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:906A4/0x40 (AZB A0) microcode (in microcode.dat) from revision 0x9 up to 0xb; - Update of cpuid:906A4/0x80 (ADL-P 2+8 R0) microcode (in microcode.dat) from revision 0x436 up to 0x43a; - Update of cpuid:906ED/0x22 (CFL-H/S/Xeon E R0) microcode (in microcode.dat) from revision 0x102 up to 0x104; - Update of cpuid:A0652/0x20 (CML-H R1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0653/0x22 (CML-S 6+2 G1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0655/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0660/0x80 (CML-U 6+2 A0) microcode (in microcode.dat) from revision 0xfe up to 0x102; - Update of cpuid:A0661/0x80 (CML-U 6+2 v2 K1) microcode (in microcode.dat) from revision 0xfc up to 0x100; - Update of cpuid:A0671/0x02 (RKL-S B0) microcode (in microcode.dat) from revision 0x63 up to 0x64; - Update of cpuid:A06A4/0xe6 (MTL-H/U C0) microcode (in microcode.dat) from revision 0x20 up to 0x25; - Update of cpuid:A06F3/0x01 (SRF-SP C0) microcode (in microcode.dat) from revision 0x3000330 up to 0x3000382; - Update of cpuid:B0674/0x32 microcode (in microcode.dat) from revision 0x12c up to 0x132; - Update of cpuid:B06A3/0xe0 (RPL-U 2+8 Q0) microcode (in microcode.dat) from revision 0x4124 up to 0x6133; - Update of cpuid:B06A8/0xe0 microcode (in microcode.dat) from revision 0x4124 up to 0x6133; - Update of cpuid:B06E0/0x19 (ADL-N A0) microcode (in microcode.dat) from revision 0x1c up to 0x1e; - Update of cpuid:B06F2/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:B06F5/0x07 (ADL C0) microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:B06F6/0x07 microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:B06F7/0x07 microcode (in microcode.dat) from revision 0x38 up to 0x3d; - Update of cpuid:C06F1/0x87 (EMR-SP A0) microcode (in microcode.dat) from revision 0x21000291 up to 0x210002c0; - Update AMD CPU microcode to 2026-01-10: - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001247), cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101158), cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109), cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211), cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012), cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108), cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008), cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F02(ver:0x0AA0021C);

0 tuxcare-oraclelinux6-els microcode_ctl-1.17-33.44.el6_10.tuxcare.els1.x86_64.rpm 805c10b0c1de8e8b7a444fddd3aa5e0af5f3b22b58fa127e658c4f99410c90a3 CLSA-2026:1770734875 TuxCare License Agreement 0 - CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers

0 tuxcare-oraclelinux6-els expat-2.0.1-13.el6_8.tuxcare.els6.i686.rpm 63bb2d8a73c3f5213a3d2313de37ec47c1780c42934fcefd653a0d950795f346 expat-2.0.1-13.el6_8.tuxcare.els6.x86_64.rpm 95356e9601603f56cbe9d8b38994b0a957ad395991fd8ef56b6b3020fc5515a2 expat-devel-2.0.1-13.el6_8.tuxcare.els6.i686.rpm f4daad82dbd2b05595368f46111ec07872e1b0b1e09cde216686bf23bb08a199 expat-devel-2.0.1-13.el6_8.tuxcare.els6.x86_64.rpm 3ca15a3aec778d65fa4cdf5f268073302c8aa31d38e3d22999dc0d7ba589eedc CLSA-2026:1771237797 TuxCare License Agreement 0 - fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685} - cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945} - scsi: bfa: Double-free fix {CVE-2025-38699} - fbdev: fix potential buffer overflow in do_register_framebuffer() {CVE-2025-38702} - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} - usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760} - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680} - fs/buffer: fix use-after-free when call bh_read() helper {CVE-2025-39691} - mmc: core: replace sprintf() with scnprintf() for sysfs output {CVE-2022-49267} - ubi: ensure that VID header offset + VID header size <= alloc, size {CVE-2023-53265} - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write {CVE-2023-53282} - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" {CVE-2023-53063} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-53063} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685} - cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945} - scsi: bfa: Double-free fix {CVE-2025-38699} - fbdev: fix potential buffer overflow in do_register_framebuffer() {CVE-2025-38702} - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} - usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760} - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() {CVE-2025-38680} - fs/buffer: fix use-after-free when call bh_read() helper {CVE-2025-39691} - mmc: core: replace sprintf() with scnprintf() for sysfs output {CVE-2022-49267} - ubi: ensure that VID header offset + VID header size <= alloc, size {CVE-2023-53265} - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write {CVE-2023-53282} - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" {CVE-2023-53063} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-53063}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm db67f4ba418674be99368f50f947591ea414211d71380e080d27f12c07ac43a8 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els29.noarch.rpm ecd2959789da05759045d5502850f6e7719d2e0744301628b76a36f5b490865d kernel-debug-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm e6e1c4b66726947a5f9d88030956905e1ff3716b0722a59c2d460f05ecb83a57 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els29.i686.rpm 4c7878458ca3cd8c4f7d2f38440097fa765d7cc5dc6cb6de15dbd9837086efe1 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm b1b9e17a4e888d9ca2ee967875328cdc5dadf4e1812a229b38cb2aa74dc11189 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm 3a6edfbc6ccfb4981e4effd3c23d63ed90fcf89ef07ca23ce2c2621ac861f2a8 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els29.noarch.rpm ff264fa8de3e52bfe02275e00b72f9884806ea90a2d06f2b056c4b75ec9c9410 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els29.noarch.rpm 5b8e96eb92fc2bf134097556ad83e41896e176331c1141075ec87523bf268e1a kernel-headers-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm 09c39e982e57a4eb272eabd4c9d24aa33f6abedf6c8ccdadc8b31d6f2d387114 perf-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm 9a6fb5b0ae07c09c4144b9f50a754a8fbe1639901330b1eb7386937278c8cffd python-perf-2.6.32-754.35.8.el6.tuxcare.els29.x86_64.rpm 1d7c676086e165ea46c0df9262305e00d05b0d55633b6569302ed2adb2a528a2 CLSA-2026:1771411561 TuxCare License Agreement 0 - update to CKBI 2.82 from NSS 3.120 - updated certificates: - # Certificate "GlobalSign Root CA" - # Certificate "Entrust.net Premium 2048 Secure Server CA" - # Certificate "Comodo AAA Services root" - # Certificate "XRamp Global CA Root" - # Certificate "Go Daddy Class 2 CA" - # Certificate "Starfield Class 2 CA" - removed certificates: - # Certificate "Baltimore CyberTrust Root" - added certificates: - # Certificate "TrustAsia SMIME ECC Root CA" - # Certificate "TrustAsia SMIME RSA Root CA" - # Certificate "TrustAsia TLS ECC Root CA" - # Certificate "TrustAsia TLS RSA Root CA" - # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" - # Certificate "SwissSign RSA TLS Root CA 2022 - 1" - # Certificate "OISTE Client Root ECC G1" - # Certificate "OISTE Client Root RSA G1" - # Certificate "OISTE Server Root ECC G1" - # Certificate " OISTE Server Root RSA G1" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.82 from NSS 3.120 - updated certificates: - # Certificate "GlobalSign Root CA" - # Certificate "Entrust.net Premium 2048 Secure Server CA" - # Certificate "Comodo AAA Services root" - # Certificate "XRamp Global CA Root" - # Certificate "Go Daddy Class 2 CA" - # Certificate "Starfield Class 2 CA" - removed certificates: - # Certificate "Baltimore CyberTrust Root" - added certificates: - # Certificate "TrustAsia SMIME ECC Root CA" - # Certificate "TrustAsia SMIME RSA Root CA" - # Certificate "TrustAsia TLS ECC Root CA" - # Certificate "TrustAsia TLS RSA Root CA" - # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" - # Certificate "SwissSign RSA TLS Root CA 2022 - 1" - # Certificate "OISTE Client Root ECC G1" - # Certificate "OISTE Client Root RSA G1" - # Certificate "OISTE Server Root ECC G1" - # Certificate " OISTE Server Root RSA G1"

0 tuxcare-oraclelinux6-els ca-certificates-2026.2.82-60.1.el6.tuxcare.els1.noarch.rpm 7d93c63b8eac910936cf66e6c403c0dc6ab215ee796eb57ebe0ff2617e1c67a2 CLSA-2026:1771579997 TuxCare License Agreement 0 - CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings

0 tuxcare-oraclelinux6-els glib2-2.28.8-12.el6.tuxcare.els6.i686.rpm 0523b46eada564ebdda4f23d85d08706db6c41ffcdb3edd0c4a501b9ba95f483 glib2-2.28.8-12.el6.tuxcare.els6.x86_64.rpm 10dda587e74ab7dc34a3c8658378a526e0063962909483f85a42f732fdd49b06 glib2-devel-2.28.8-12.el6.tuxcare.els6.i686.rpm ccc89558797536ce0ed79ed58d599215874c37f99de9fc1c1072ec59aa747437 glib2-devel-2.28.8-12.el6.tuxcare.els6.x86_64.rpm 10c4462ba60d8fd86a28ff670681391c86664aa2e1836b84c788eea4db1727f2 glib2-doc-2.28.8-12.el6.tuxcare.els6.noarch.rpm 85f56f47ef1b78e3852f73e416d95f4c01ae058ae73e22320e925f68cd12a274 glib2-static-2.28.8-12.el6.tuxcare.els6.x86_64.rpm bdf3e58ce28fcce48100831834874e2ed6f6e308970c8cb8562e4709dfb3f67d CLSA-2026:1771927168 TuxCare License Agreement 0 - CVE-2018-1060: fix catastrophic backtracking in APOP method, prevent denial of service, add input validation and enforce backtracking limits - CVE-2018-1061: fix catastrophic backtracking in the difflib.IS_LINE_JUNK method Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-1060: fix catastrophic backtracking in APOP method, prevent denial of service, add input validation and enforce backtracking limits - CVE-2018-1061: fix catastrophic backtracking in the difflib.IS_LINE_JUNK method

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els16.i686.rpm 68a694a8388ede7432f7fa4d2a2d58afc349ddd722c13fc989861cc398bc188a python-2.6.6-70.el6.tuxcare.els16.x86_64.rpm e0b80aabf38b6548f677c2bb32726ba0830ec40ffa9a12cd98e682f0b65fce02 python-devel-2.6.6-70.el6.tuxcare.els16.i686.rpm d0d0928c114cd67f866140ac97ea98cbe2eea43ff823c100edf700fe565cd38a python-devel-2.6.6-70.el6.tuxcare.els16.x86_64.rpm d451f467a059730bfa6d6f199b67cf24b40194ea96be12126cf10c64bfc09ef2 python-libs-2.6.6-70.el6.tuxcare.els16.i686.rpm 2dd1221b19de540cc2ad4cc34ad12ed7af3bdbc508d4aacc23f3100c156fb240 python-libs-2.6.6-70.el6.tuxcare.els16.x86_64.rpm f6c772e26794b89e3ed9c42ea56b0a5e65668de8c469bf2604fb9e95bed617b5 python-test-2.6.6-70.el6.tuxcare.els16.x86_64.rpm 509c6e1e0746b21d7adfe2aa61b3e0dab6afcb2861daf2c2e52423a136b6aa2d python-tools-2.6.6-70.el6.tuxcare.els16.x86_64.rpm ca510445ff5e4db86a04a1736284bb4e1e502ad3cdaffb5d9689d89989fca9dd tkinter-2.6.6-70.el6.tuxcare.els16.x86_64.rpm 088061f9f036fd989e6f534ef448152f83a685f97af138b7c0687f02595b0728 CLSA-2026:1772177379 TuxCare License Agreement 0 - CVE-2016-9843: avoid pre-decrement of pointer in big-endian CRC calculation Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2016-9843: avoid pre-decrement of pointer in big-endian CRC calculation

0 tuxcare-oraclelinux6-els minizip-1.2.3-29.el6.tuxcare.els4.i686.rpm 470960a44bcf22e8fe1d18a8410428d60330af95e7596dc7183986aa3d0302b2 minizip-1.2.3-29.el6.tuxcare.els4.x86_64.rpm 1fea9607b2472f757560b166bb09dad4536b3dea1a515101b7806729e61ead41 minizip-devel-1.2.3-29.el6.tuxcare.els4.i686.rpm 1c2c42a31cbf28e0edce5907b883ec5901ef8f36d8aad786fa69b5c50b7482cf minizip-devel-1.2.3-29.el6.tuxcare.els4.x86_64.rpm 84eb800cfdd9c99dbbe758f8b9e2ce822e336fbe4aa8e6f0b9ce9b036f96a595 zlib-1.2.3-29.el6.tuxcare.els4.i686.rpm b6007fe0acd1db3a014691ef85cb97a650f6af70216673302fefefcad8555458 zlib-1.2.3-29.el6.tuxcare.els4.x86_64.rpm 8f43401db002d706fba7362efc428163fffb8edb6b9234c032adaedb92f7a44f zlib-devel-1.2.3-29.el6.tuxcare.els4.i686.rpm 957904fce1eec2ccfe853f66c2047e5fb1b28a5d238e406be6f29c950f859a8c zlib-devel-1.2.3-29.el6.tuxcare.els4.x86_64.rpm 829caecebcb37a5ff14aea68bbe949054faf1e059f26c77a0005a24f65b53f12 zlib-static-1.2.3-29.el6.tuxcare.els4.x86_64.rpm b6e7634b7c1bf0c62aaf6395f7791d11229220960c7293e3e8cdd4eb6b4c4fab CLSA-2026:1772576551 TuxCare License Agreement 0 - CVE-2025-8194: tarfile now validates archives to ensure member offsets are non-negative Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-8194: tarfile now validates archives to ensure member offsets are non-negative

0 tuxcare-oraclelinux6-els python-2.6.6-70.el6.tuxcare.els17.i686.rpm 8832710a0b05249275f5c2ddd45f8171faf6a472669139b7ac1b3de25368b297 python-2.6.6-70.el6.tuxcare.els17.x86_64.rpm ec3c84dfc79670f59542b72e6fe3e62837578961c56dd438ead0789fd44de631 python-devel-2.6.6-70.el6.tuxcare.els17.i686.rpm 7706ef0e27baed5bb0a62bbc6f933e4dac273c8d30f17e76287fcab842479339 python-devel-2.6.6-70.el6.tuxcare.els17.x86_64.rpm 7e1514e48498fadbed7aef8dbef735de43a5f71aaa4bfe6c1257c146bd87974f python-libs-2.6.6-70.el6.tuxcare.els17.i686.rpm 47315c74095787b21065b1788a7fbb522210f49667232694d12735cab4815506 python-libs-2.6.6-70.el6.tuxcare.els17.x86_64.rpm 06921e666f404b1738f2fcabd1c383d29c571924abd6d820d8d8259759368215 python-test-2.6.6-70.el6.tuxcare.els17.x86_64.rpm 344d542365a4078f78b06173ed2f13281137fbf77cf4ab29b369a828acf7b8f6 python-tools-2.6.6-70.el6.tuxcare.els17.x86_64.rpm 64793dcbbdc8688552b84265e77e04bdea243c4affb59e0813c811fee7547253 tkinter-2.6.6-70.el6.tuxcare.els17.x86_64.rpm 575cfe203ff56fe0b9669c6063fdb7266ee55e56eb374f59901b983c0b42b12a CLSA-2026:1772644086 TuxCare License Agreement 0 - update to CKBI 2.82 from NSS 3.120 - updated certificates: - # Certificate "GlobalSign Root CA" - # Certificate "Entrust.net Premium 2048 Secure Server CA" - # Certificate "Comodo AAA Services root" - # Certificate "XRamp Global CA Root" - # Certificate "Go Daddy Class 2 CA" - # Certificate "Starfield Class 2 CA" - removed certificates: - # Certificate "Baltimore CyberTrust Root" - added certificates: - # Certificate "TrustAsia SMIME ECC Root CA" - # Certificate "TrustAsia SMIME RSA Root CA" - # Certificate "TrustAsia TLS ECC Root CA" - # Certificate "TrustAsia TLS RSA Root CA" - # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" - # Certificate "SwissSign RSA TLS Root CA 2022 - 1" - # Certificate "OISTE Client Root ECC G1" - # Certificate "OISTE Client Root RSA G1" - # Certificate "OISTE Server Root ECC G1" - # Certificate "OISTE Server Root RSA G1" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- update to CKBI 2.82 from NSS 3.120 - updated certificates: - # Certificate "GlobalSign Root CA" - # Certificate "Entrust.net Premium 2048 Secure Server CA" - # Certificate "Comodo AAA Services root" - # Certificate "XRamp Global CA Root" - # Certificate "Go Daddy Class 2 CA" - # Certificate "Starfield Class 2 CA" - removed certificates: - # Certificate "Baltimore CyberTrust Root" - added certificates: - # Certificate "TrustAsia SMIME ECC Root CA" - # Certificate "TrustAsia SMIME RSA Root CA" - # Certificate "TrustAsia TLS ECC Root CA" - # Certificate "TrustAsia TLS RSA Root CA" - # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" - # Certificate "SwissSign RSA TLS Root CA 2022 - 1" - # Certificate "OISTE Client Root ECC G1" - # Certificate "OISTE Client Root RSA G1" - # Certificate "OISTE Server Root ECC G1" - # Certificate "OISTE Server Root RSA G1"

0 tuxcare-oraclelinux6-els nss-3.44.0-12.el6.tuxcare.els9.i686.rpm 7cd097f05da1a185df31c75bda886eccbb76380ceab6cea57d091e1425a6d907 nss-3.44.0-12.el6.tuxcare.els9.x86_64.rpm 943160d5114f3cda65158d16f07596999896e64bacb54b4f100a088f1778d0ad nss-devel-3.44.0-12.el6.tuxcare.els9.i686.rpm 9acaaa3e604e8f53accb7b187146743fc22f8ade97d716f66e0327cb9d0b2ed1 nss-devel-3.44.0-12.el6.tuxcare.els9.x86_64.rpm 6c72eca3314baaa695ae501d00f0161452831c01ff48817192db56b79a52fbbc nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els9.i686.rpm 491494cd1121c1b37aea2cbcab81f72e344c6d51007988e4f15cb79f34303677 nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els9.x86_64.rpm e6d386ed8429ccf4d0187149625507f18869abfe5e002e1f049f72efb1935070 nss-sysinit-3.44.0-12.el6.tuxcare.els9.x86_64.rpm 2714252167ffbb7a579e7a30aad581790a88f8e18c83a3b762d4b72929b97193 nss-tools-3.44.0-12.el6.tuxcare.els9.x86_64.rpm c4a33583d7bd5fc51173a8d06c15afc0410397390517924ea17502c2129a9102 CLSA-2026:1773044010 TuxCare License Agreement 0 - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer {CVE-2023-53395} - net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749} - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS {CVE-2022-50315} - ext2: Check block size validity during mount {CVE-2023-53569} - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} - netfilter: allow exp not to be removed in nf_ct_find_expectation {CVE-2023-52927} - bna: ensure the copied buf is NUL terminated {CVE-2024-36934} - new helper: memdup_user_nul() {CVE-2024-36934} - udf: Do not bother merging very long extents {CVE-2023-53506} - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865} - binfmt_misc: fix shift-out-of-bounds in check_special_flags {CVE-2022-50497} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer {CVE-2023-53395} - net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749} - ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS {CVE-2022-50315} - ext2: Check block size validity during mount {CVE-2023-53569} - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} - netfilter: allow exp not to be removed in nf_ct_find_expectation {CVE-2023-52927} - bna: ensure the copied buf is NUL terminated {CVE-2024-36934} - new helper: memdup_user_nul() {CVE-2024-36934} - udf: Do not bother merging very long extents {CVE-2023-53506} - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865} - binfmt_misc: fix shift-out-of-bounds in check_special_flags {CVE-2022-50497}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm e27739c20e15f26397b98642e146dd9b9cb06179926906c4b8125569a8c4bf8d kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els30.noarch.rpm 5793719902e0e1c3739cabc2016c1be6365e1348dd7cf048f57d8abdfec7c385 kernel-debug-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm 0005f3f7a7649fb39f048d413d69f985e9de1f66aeee4553636c05cb3de5b563 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els30.i686.rpm 801116220e6f917ff09c642c0e0e2d3742f0c5704dc5fd4f495a0caa17fbe37c kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm 7b5438f68def6e828154f0ec71dac7aaf3eef854114bb7de856cb233566241f9 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm 1e19eb842c2be03ddc863d1199d49cd23c22d92e73119367856b30852f8c3a09 kernel-doc-2.6.32-754.35.8.el6.tuxcare.els30.noarch.rpm e188ac6994044b09fd46ff2ecb9ff76c958dafbefafaaac0a82bed1ea50dee5b kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els30.noarch.rpm 826c2639e302430a63d2db614065c27511e1a979415a0e569fd937474d37327e kernel-headers-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm 8492af2188399522a2974a4a7aef0d8498c11ee1d83c08a61e377d5a5096fa86 perf-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm 001784006c7ac490916ed8ef6f41a1f738ca2d5615ab30ec15f44c37212d5ea3 python-perf-2.6.32-754.35.8.el6.tuxcare.els30.x86_64.rpm 581e026dd9cf8aafad087e8a87612de1adedbe36165eea183f286ef716f74fce CLSA-2026:1773505564 TuxCare License Agreement 0 - CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm 739776515de85c0952a1e7eee99fc0823bbcf49fdd4361da826c2d716d220aa9 vim-common-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm c6fdb21cf59b535add45b282416b758c12d8ad03e621a7084e9155b60d518b22 vim-enhanced-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm e11c2006df75d06976c4c360acef54871bd9da98cd9d15821a4eba3990ebdd0a vim-filesystem-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm 2c3ef3332da43e44ec58d0f3cec042d2072e917a5f2b0a31c576eaf49a089d3f vim-minimal-7.4.629-5.2.el6.tuxcare.els47.x86_64.rpm 97e5c000f2ec925955519397820f62f87cd2a9edb48266112c45da20b1f58522 CLSA-2026:1773506438 TuxCare License Agreement 0 - Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b08. That fixes following CVEs: - CVE-2025-53057: Security: enforce proper access control in certificate handling to prevent data tampering - CVE-2025-53066: JAXP: restrict data access in Path Factory processing to prevent information disclosure - CVE-2026-21925: RMI: tighten access controls on JMX connections - CVE-2026-21933: Networking: harden HttpServer request parsing to prevent cross-context data manipulation - CVE-2026-21945: Security: add resource consumption limits in certificate parsing to prevent DoS Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b08. That fixes following CVEs: - CVE-2025-53057: Security: enforce proper access control in certificate handling to prevent data tampering - CVE-2025-53066: JAXP: restrict data access in Path Factory processing to prevent information disclosure - CVE-2026-21925: RMI: tighten access controls on JMX connections - CVE-2026-21933: Networking: harden HttpServer request parsing to prevent cross-context data manipulation - CVE-2026-21945: Security: add resource consumption limits in certificate parsing to prevent DoS

0 tuxcare-oraclelinux6-els java-1.8.0-openjdk-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm d42eeeca204fecacd1cf4f0f009816b86a7ee7d68030063c8ec495b807dabf08 java-1.8.0-openjdk-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm 1f9b093ddebf0e76e35e05316ada13507c275aea319d0ba87b8e4b4dd1209197 java-1.8.0-openjdk-demo-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm 0de3250a80d5a4a0cb60ec7482b977dabe7169b27b51365cfbd83ecb3eb2d41a java-1.8.0-openjdk-demo-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm 3aa32195b7d61e7eef7a34bb4c8da258eb78d81d33e01da6abdccf46c77b182d java-1.8.0-openjdk-devel-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm cc47aafb893cbd045bbe5b31b78b24392e114c862f862d0fa26de1e5daabb7bf java-1.8.0-openjdk-devel-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm 859e87d079a9ae45ebd725df2b4018df0c1bef427220bddda5fe53c3140fc57d java-1.8.0-openjdk-headless-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm 55f6d23802524243865e9a01515a95b767f0f0cea48201b1aec0f7863eab9afd java-1.8.0-openjdk-headless-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm 2369b91a1a76b00f7e5e5d9834bc75df5747bb6cea4b54c3e643e60dca5ea30f java-1.8.0-openjdk-javadoc-1.8.0.482.b08-1.el6.tuxcare.els1.noarch.rpm bc219544972abee7244a049dfc1edc2cbda367026ecf4dbafe36f497f3e7c46e java-1.8.0-openjdk-javadoc-debug-1.8.0.482.b08-1.el6.tuxcare.els1.noarch.rpm 937051a87044f8b1874ad6cf663965fe62f3b743efa70ccb75b38a7cd28c13d0 java-1.8.0-openjdk-src-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm fb213e9b1461a674fb6db744e2be614b0f892256eae5960b6b612c738c9a055d java-1.8.0-openjdk-src-debug-1.8.0.482.b08-1.el6.tuxcare.els1.x86_64.rpm 1174818ad2013f2dc27503905c830ad3af8ab8cf52a4d1f2229934e80cdad289 CLSA-2026:1774021417 TuxCare License Agreement 0 - CVE-2026-25210: fix memory corruption via integer overflow in doContent function during tag buffer reallocation Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2026-25210: fix memory corruption via integer overflow in doContent function during tag buffer reallocation

0 tuxcare-oraclelinux6-els expat-2.0.1-13.el6_8.tuxcare.els7.i686.rpm 9b96360a881e243bc86875001276d02b4346017259a69131bd6c6ed83e2cf41f expat-2.0.1-13.el6_8.tuxcare.els7.x86_64.rpm 3e30d5696fa4a793cbbde30c229d57372638c5d3cd7d646e6ecaac0c6bbe79c7 expat-devel-2.0.1-13.el6_8.tuxcare.els7.i686.rpm 9beaddb9125794e069e7555f0cf48c16e962ad63055fb1a4d4d5f8c372124474 expat-devel-2.0.1-13.el6_8.tuxcare.els7.x86_64.rpm dbe6be6252c5d8e96c4a202c49306c652e2262945351249d17d5330fc5cec37a CLSA-2026:1774273500 TuxCare License Agreement 0 - CVE-2026-3784: fix proxy connection reuse with different credentials - update outdated timestamps in test 046 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2026-3784: fix proxy connection reuse with different credentials - update outdated timestamps in test 046

0 tuxcare-oraclelinux6-els curl-7.19.7-59.el6.tuxcare.els11.x86_64.rpm 7375e5560a684191c09fe25e60b49a4bff1102d490a574755160fae904ec2cb3 libcurl-7.19.7-59.el6.tuxcare.els11.i686.rpm 6973e6538d7aff29ebe22b9bcc8e95eec2354e28ab0418e0c4ac2d3cbdc1483b libcurl-7.19.7-59.el6.tuxcare.els11.x86_64.rpm 57e9eb0a84d93f00111eb84453ec8daa23ac3e49b7de049f56b955a24de9321a libcurl-devel-7.19.7-59.el6.tuxcare.els11.i686.rpm e9104c7992ad9200ec4f509dfc1a4fb5d4ee2ea6b244b1ec56dce109783b47a1 libcurl-devel-7.19.7-59.el6.tuxcare.els11.x86_64.rpm 34191570147aeb1bbcad8675d46f79a959a6deae738a4859f4777008f30cfc04 CLSA-2026:1774432284 TuxCare License Agreement 0 - CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file

0 tuxcare-oraclelinux6-els vim-X11-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm 6598927f13645a86d695da466691b44575dc6b629c266eb5462d71e19767738b vim-common-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm 96cc0bcf68f93e21b07c47e6e424fe65a28df2b2a08aaf012798ed4aa64b7249 vim-enhanced-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm fccb3308718cbcf95e69191fe3ce25ee248d70adcdaf3356a7ca73bc98738d22 vim-filesystem-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm 432f16e4cab6ee18297b0443f0b94ead800a868a39af9b9d64915c07245825d8 vim-minimal-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm 560a5ba488195e06013f6836e3833082667a1e648fecf866af495ec44de86214 CLSA-2026:1774947708 TuxCare License Agreement 0 - CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-33515: fix out-of-bounds read in ICP message handling leaking sensitive information - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-33515: fix out-of-bounds read in ICP message handling leaking sensitive information - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS

0 tuxcare-oraclelinux6-els squid-3.1.23-30.el6.tuxcare.els16.x86_64.rpm a65a00d39d28356e59d190db9ac1804781de300a661453499873d6d3312d1adb CLSA-2026:1775062103 TuxCare License Agreement 0 - CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS

0 tuxcare-oraclelinux6-els squid34-3.4.14-16.el6.tuxcare.els12.x86_64.rpm 7f99b616bec7e7342fa956db62860c01dff7065886fb32b6b7b95028b97520be CLSA-2026:1775148284 TuxCare License Agreement 0 - CVE-2025-66862: fix heap-buffer-overflow in gnu_special in cplus-dem.c - CVE-2025-66863: fix SEGV in d_discriminator in cp-demangle.c - CVE-2025-66865: fix stack overflow in d_print_comp in cp-demangle.c Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-66862: fix heap-buffer-overflow in gnu_special in cplus-dem.c - CVE-2025-66863: fix SEGV in d_discriminator in cp-demangle.c - CVE-2025-66865: fix stack overflow in d_print_comp in cp-demangle.c

0 tuxcare-oraclelinux6-els binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els10.x86_64.rpm 66dd3702c34cf0571ce5630f1fcde2b106ed7b378c0928ab5908f3b21f7fd923 binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els10.i686.rpm 08ffdb752f4378de38b619917312137ac0175106fb5cdd447195bce7826afe93 binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els10.x86_64.rpm 80c06e6e3118775430418bbb6035ecaba300b5f0e7da4cf4de4ec7b33c0c88b9 CLSA-2026:1775721575 TuxCare License Agreement 0 - CVE-2025-5244: fix NULL deref in elf_gc_sweep with empty groups - CVE-2025-5245: fix SEGV in debug_type_samep, handle undefined tagged enums - CVE-2026-3441 CVE-2026-3442: fix out-of-bounds read in XCOFF relocation processing Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-5244: fix NULL deref in elf_gc_sweep with empty groups - CVE-2025-5245: fix SEGV in debug_type_samep, handle undefined tagged enums - CVE-2026-3441 CVE-2026-3442: fix out-of-bounds read in XCOFF relocation processing

0 tuxcare-oraclelinux6-els binutils-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els7.x86_64.rpm ff8d59b56fc621297487e249323969325314074559f66b0d60d5ddb37544d042 binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els7.i686.rpm ec5847e5e5ea1e7e203096a10520c0f19d38bbef9527ca46e301a4dd7ff0e563 binutils-devel-2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els7.x86_64.rpm b72c4dfe942f4d169065addf39fb3dc87c3125c4c3caa3b2f600a803e66cf48d CLSA-2026:1775745222 TuxCare License Agreement 0 - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve {CVE-2023-4623} - net/sched: Enforce that teql can only be used as root qdisc {CVE-2026-23074} - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() {CVE-2026-23089} - atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). {CVE-2025-39828} - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class - wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() {CVE-2025-38348} Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve {CVE-2023-4623} - net/sched: Enforce that teql can only be used as root qdisc {CVE-2026-23074} - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() {CVE-2026-23089} - atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). {CVE-2025-39828} - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class - wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() {CVE-2025-38348}

0 tuxcare-oraclelinux6-els kernel-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm b59f2be48f6cf7bba55c93b0a36aac707b94049bf2dd5bffdc2be810445809b8 kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els31.noarch.rpm 0992e401a93c6b995af31e2381d66913cd226a802d91a688d3153a4e4ec18dac kernel-debug-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm 67e89d764a8358a380dfaf326fc16541a7ceb7029f9bd4d03cefdf8066ffb9b8 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els31.i686.rpm 393260260550c993e2163257e01241ad9313bc207fc72d428ecc0694f335bd90 kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm 96b31f2c98636de8395056e580ab9d7d5c54a310438f6505479d970321e8ef81 kernel-devel-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm 1b46685a3a2a065e563068b917d0ba05986398abb219f2a0b70593a11358a25e kernel-doc-2.6.32-754.35.8.el6.tuxcare.els31.noarch.rpm 498778e837dc462f61f165a73f59311a35f2bb49f6fa8da7c5862eec6622e950 kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els31.noarch.rpm 1136504b622fba92b9a94f495614f50064cc3d8b879783df1c05dae3db4dd67f kernel-headers-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm f5cc4cb64aabdc305d18e970b0a14888baa124c493af87c860f77c1ce7181930 perf-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm ce037212bfa737cb1500b321e3715c5c8c1a60150a65b8458d898db05891a2f7 python-perf-2.6.32-754.35.8.el6.tuxcare.els31.x86_64.rpm 93897ebb6055f78237a69972b3193fae9c5d22de8292a24921cb18be39cce1d4 CLSA-2026:1776259627 TuxCare License Agreement 0 - CVE-2025-11082: fix heap-based buffer overflow in _bfd_elf_parse_eh_frame ('Important', ['ELSCVE-84019']) Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2025-11082: fix heap-based buffer overflow in _bfd_elf_parse_eh_frame

0 tuxcare-oraclelinux6-els binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els12.x86_64.rpm 57b619d2cd6b257bea9dc15fc608af7766eeb52bb6b70af04afadbdd9ceb3254 binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els12.i686.rpm eda8c1e5dba3f12de6f6b9a82fd5d81c86b6aed2a44d9275397a3290ea718f9e binutils-devel-2.20.51.0.2-5.48.1.el6.tuxcare.els12.x86_64.rpm 981ee12fa50f5cc19c6076e553e30d77fb71b869cb7b06cc53957a66658b2c14 CLSA-2026:1776336742 TuxCare License Agreement 0 - CVE-2019-18277: reject messages where "chunked" is missing from transfer-encoding ('Important', ['ELSCVE-86792']) Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2019-18277: reject messages where "chunked" is missing from transfer-encoding

0 tuxcare-oraclelinux6-els haproxy-1.5.18-1.el6.tuxcare.els2.x86_64.rpm c1fbf84c29189065185cc4061e6f530f731684c81c72acbeda6eee75ae7ffec7 CLSA-2026:1776347560 TuxCare License Agreement 0 - CVE-2019-12450: fix insecure file permissions during copy operations - CVE-2019-13012: fix insecure directory and file permissions in keyfile settings backend ('Critical', ['ELSCVE-86054', 'ELSCVE-85918']) Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2019-12450: fix insecure file permissions during copy operations - CVE-2019-13012: fix insecure directory and file permissions in keyfile settings backend

0 tuxcare-oraclelinux6-els glib2-2.28.8-12.el6.tuxcare.els7.i686.rpm b18e4254e5d8387f2369ba2fc977ec9f44eafda8864ebfe37160e7ccfaf58c54 glib2-2.28.8-12.el6.tuxcare.els7.x86_64.rpm eb57b0aef4cd35fa088c30516c7573ab370a67c3f6b838691b8035e3bc08ff6d glib2-devel-2.28.8-12.el6.tuxcare.els7.i686.rpm b1e9204421f3fd8a6a0f183a1cb10d1c864e3c868627ef47c0f4f9e16b739f96 glib2-devel-2.28.8-12.el6.tuxcare.els7.x86_64.rpm ea9b52fe3929446c9e0d53a939054e2c31c8cc578e6335728f1173966fb81304 glib2-doc-2.28.8-12.el6.tuxcare.els7.noarch.rpm 0f0b0d6fdc0479263e69c359f7e6428ce63441a66692c4dd1ae8214bf1fd6e90 glib2-static-2.28.8-12.el6.tuxcare.els7.x86_64.rpm 83ddcee053001bcda0b65cd0958072650f0b293aea92193a49ecaeb5b926272f CLSA-2026:1776606103 TuxCare License Agreement 0 - CVE-2018-6485: fix integer overflows in memalign and malloc - CVE-2018-1000001: fix realpath buffer underflow via getcwd - CVE-2018-19591: fix if_nametoindex descriptor leak Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

- CVE-2018-6485: fix integer overflows in memalign and malloc - CVE-2018-1000001: fix realpath buffer underflow via getcwd - CVE-2018-19591: fix if_nametoindex descriptor leak

0 tuxcare-oraclelinux6-els glibc-2.12-2.215.el6.tuxcare.els12.i686.rpm c77a18867b9d715b7427039c9b86f5301290ea449424a2b655b6047ae737b762 glibc-2.12-2.215.el6.tuxcare.els12.x86_64.rpm 66d022dd40d4578c536dce6ef9d2ea5d49c231f0ab616774dc355de90802e646 glibc-common-2.12-2.215.el6.tuxcare.els12.x86_64.rpm 0de12ed8111598945d5d62a56fbf05ae968a3aed64463807bcdbe381bdbdc217 glibc-devel-2.12-2.215.el6.tuxcare.els12.i686.rpm f4630fa9b1f5662897a024ce9d9dc67b142f901d900ee7b83a9959a405c60f00 glibc-devel-2.12-2.215.el6.tuxcare.els12.x86_64.rpm 49bed9b3601afd4e7384072ff47c5fec29ecf4f56a6396ef36c0c5ec44dd430a glibc-headers-2.12-2.215.el6.tuxcare.els12.x86_64.rpm 695e78f82a5317a6489f0a0b4f4b842625f031091e5845e9d75591c2952b1382 glibc-static-2.12-2.215.el6.tuxcare.els12.i686.rpm 7e2656fa342528e3b8fa7b18549f1274b5826da3f088de72e84ebe528d1e4143 glibc-static-2.12-2.215.el6.tuxcare.els12.x86_64.rpm fbb104245cb739af6e307b383e85ac176f45b9300eafc558884807b09c647be2 glibc-utils-2.12-2.215.el6.tuxcare.els12.x86_64.rpm 6fd61f7b4e59505391cec86d29fd5dbf9558524d5a1a221b26bfcf6e2b970300 nscd-2.12-2.215.el6.tuxcare.els12.x86_64.rpm 89a84413901124fb9218f0131efc32fe3a312576f04380149008ffd56d3bbb50