Oracle Linux 6278 Published by

The following new updates are available for Oracle Linux:

ELBA-2024-12211 Oracle Linux 9 btrfs-progs bug fix update
ELSA-2024-1334 Important: Oracle Linux 9 dnsmasq security update
ELBA-2024-1299 Oracle Linux 9 .NET 6.0 bugfix update
ELSA-2024-1310 Moderate: Oracle Linux 9 .NET 8.0 security update
ELSA-2024-1309 Moderate: Oracle Linux 9 .NET 7.0 security update
ELSA-2024-1335 Important: Oracle Linux 8 dnsmasq security update
ELSA-2024-1311 Moderate: Oracle Linux 8 .NET 8.0 security update
ELBA-2024-1298 Oracle Linux 8 .NET 6.0 bugfix update




ELBA-2024-12211 Oracle Linux 9 btrfs-progs bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12211

http://linux.oracle.com/errata/ELBA-2024-12211.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
btrfs-progs-devel-5.15.1-1.el9.x86_64.rpm
libbtrfs-5.15.1-1.el9.x86_64.rpm
libbtrfsutil-5.15.1-1.el9.x86_64.rpm
python3-btrfsutil-5.15.1-1.el9.x86_64.rpm

aarch64:
btrfs-progs-devel-5.15.1-1.el9.aarch64.rpm
libbtrfs-5.15.1-1.el9.aarch64.rpm
libbtrfsutil-5.15.1-1.el9.aarch64.rpm
python3-btrfsutil-5.15.1-1.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//btrfs-progs-5.15.1-1.el9.src.rpm

Description of changes:

[5.15.1-1.el9]
- Release: 5.15.1-1: Fix for missing by-uuid link after mkfs (Anand Jain)
- btrfs-progs: fix stray fd close in open_ctree_fs_info() (Qu Wenruo) [Orabug: 36214038]
- btrfs-progs: rename struct open_ctree_flags to open_ctree_args (Anand Jain) [Orabug: 36214038]
- btrfs-progs: mkfs: keep file descriptors open during whole time (Qu Wenruo) [Orabug: 36214038]
- btrfs-progs: mkfs: run device preparation in parallel (Li Zhang) [Orabug: 36214038]



ELSA-2024-1334 Important: Oracle Linux 9 dnsmasq security update


Oracle Linux Security Advisory ELSA-2024-1334

http://linux.oracle.com/errata/ELSA-2024-1334.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dnsmasq-2.85-14.el9_3.1.x86_64.rpm
dnsmasq-utils-2.85-14.el9_3.1.x86_64.rpm

aarch64:
dnsmasq-2.85-14.el9_3.1.aarch64.rpm
dnsmasq-utils-2.85-14.el9_3.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dnsmasq-2.85-14.el9_3.1.src.rpm

Related CVEs:

CVE-2023-50387
CVE-2023-50868

Description of changes:

[2.85-14.1]
- Fix CVE 2023-50387 and CVE 2023-50868
- Resolves: RHEL-25674
- Resolves: RHEL-25638



ELBA-2024-1299 Oracle Linux 9 .NET 6.0 bugfix update


Oracle Linux Bug Fix Advisory ELBA-2024-1299

http://linux.oracle.com/errata/ELBA-2024-1299.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-6.0-6.0.28-2.0.1.el9_3.x86_64.rpm
aspnetcore-targeting-pack-6.0-6.0.28-2.0.1.el9_3.x86_64.rpm
dotnet-apphost-pack-6.0-6.0.28-2.0.1.el9_3.x86_64.rpm
dotnet-hostfxr-6.0-6.0.28-2.0.1.el9_3.x86_64.rpm
dotnet-runtime-6.0-6.0.28-2.0.1.el9_3.x86_64.rpm
dotnet-sdk-6.0-6.0.128-2.0.1.el9_3.x86_64.rpm
dotnet-targeting-pack-6.0-6.0.28-2.0.1.el9_3.x86_64.rpm
dotnet-templates-6.0-6.0.128-2.0.1.el9_3.x86_64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.128-2.0.1.el9_3.x86_64.rpm

aarch64:
aspnetcore-runtime-6.0-6.0.28-2.0.1.el9_3.aarch64.rpm
aspnetcore-targeting-pack-6.0-6.0.28-2.0.1.el9_3.aarch64.rpm
dotnet-apphost-pack-6.0-6.0.28-2.0.1.el9_3.aarch64.rpm
dotnet-hostfxr-6.0-6.0.28-2.0.1.el9_3.aarch64.rpm
dotnet-runtime-6.0-6.0.28-2.0.1.el9_3.aarch64.rpm
dotnet-sdk-6.0-6.0.128-2.0.1.el9_3.aarch64.rpm
dotnet-targeting-pack-6.0-6.0.28-2.0.1.el9_3.aarch64.rpm
dotnet-templates-6.0-6.0.128-2.0.1.el9_3.aarch64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.128-2.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet6.0-6.0.128-2.0.1.el9_3.src.rpm

Description of changes:

[6.0.128-2.0.1]
- Update to .NET 6.0 to SDK 6.0.128 and Runtime 6.0.28
- Resolves RHEL-27540
- CheckCertificateRevocationList flag for SHA1 CAs : Allow certificate validation with SHA-1 signatures
- Resolves RHEL-28359 and RHEL-25254



ELSA-2024-1310 Moderate: Oracle Linux 9 .NET 8.0 security update


Oracle Linux Security Advisory ELSA-2024-1310

http://linux.oracle.com/errata/ELSA-2024-1310.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-8.0-8.0.3-2.0.1.el9_3.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.3-2.0.1.el9_3.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.3-2.0.1.el9_3.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.3-2.0.1.el9_3.x86_64.rpm
dotnet-host-8.0.3-2.0.1.el9_3.x86_64.rpm
dotnet-hostfxr-8.0-8.0.3-2.0.1.el9_3.x86_64.rpm
dotnet-runtime-8.0-8.0.3-2.0.1.el9_3.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.3-2.0.1.el9_3.x86_64.rpm
dotnet-sdk-8.0-8.0.103-2.0.1.el9_3.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.103-2.0.1.el9_3.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.3-2.0.1.el9_3.x86_64.rpm
dotnet-templates-8.0-8.0.103-2.0.1.el9_3.x86_64.rpm
netstandard-targeting-pack-2.1-8.0.103-2.0.1.el9_3.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.103-2.0.1.el9_3.x86_64.rpm

aarch64:
aspnetcore-runtime-8.0-8.0.3-2.0.1.el9_3.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.3-2.0.1.el9_3.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.3-2.0.1.el9_3.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.3-2.0.1.el9_3.aarch64.rpm
dotnet-host-8.0.3-2.0.1.el9_3.aarch64.rpm
dotnet-hostfxr-8.0-8.0.3-2.0.1.el9_3.aarch64.rpm
dotnet-runtime-8.0-8.0.3-2.0.1.el9_3.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.3-2.0.1.el9_3.aarch64.rpm
dotnet-sdk-8.0-8.0.103-2.0.1.el9_3.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.103-2.0.1.el9_3.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.3-2.0.1.el9_3.aarch64.rpm
dotnet-templates-8.0-8.0.103-2.0.1.el9_3.aarch64.rpm
netstandard-targeting-pack-2.1-8.0.103-2.0.1.el9_3.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.103-2.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet8.0-8.0.103-2.0.1.el9_3.src.rpm

Related CVEs:

CVE-2024-21392

Description of changes:

[- 8.0.103-2.0.1]
- Update to .NET SDK 8.0.103 and Runtime 8.0.3
- Disable checking the signature of the last certificate in a chain if the certificate is supposedly self-signed.
- Resolves: RHEL-25254
- Backport MSBuild locale fix
- Resolves: RHEL-23936



ELSA-2024-1309 Moderate: Oracle Linux 9 .NET 7.0 security update


Oracle Linux Security Advisory ELSA-2024-1309

http://linux.oracle.com/errata/ELSA-2024-1309.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-7.0-7.0.17-1.0.1.el9_3.x86_64.rpm
aspnetcore-targeting-pack-7.0-7.0.17-1.0.1.el9_3.x86_64.rpm
dotnet-apphost-pack-7.0-7.0.17-1.0.1.el9_3.x86_64.rpm
dotnet-hostfxr-7.0-7.0.17-1.0.1.el9_3.x86_64.rpm
dotnet-runtime-7.0-7.0.17-1.0.1.el9_3.x86_64.rpm
dotnet-sdk-7.0-7.0.117-1.0.1.el9_3.x86_64.rpm
dotnet-targeting-pack-7.0-7.0.17-1.0.1.el9_3.x86_64.rpm
dotnet-templates-7.0-7.0.117-1.0.1.el9_3.x86_64.rpm
dotnet-sdk-7.0-source-built-artifacts-7.0.117-1.0.1.el9_3.x86_64.rpm

aarch64:
aspnetcore-runtime-7.0-7.0.17-1.0.1.el9_3.aarch64.rpm
aspnetcore-targeting-pack-7.0-7.0.17-1.0.1.el9_3.aarch64.rpm
dotnet-apphost-pack-7.0-7.0.17-1.0.1.el9_3.aarch64.rpm
dotnet-hostfxr-7.0-7.0.17-1.0.1.el9_3.aarch64.rpm
dotnet-runtime-7.0-7.0.17-1.0.1.el9_3.aarch64.rpm
dotnet-sdk-7.0-7.0.117-1.0.1.el9_3.aarch64.rpm
dotnet-targeting-pack-7.0-7.0.17-1.0.1.el9_3.aarch64.rpm
dotnet-templates-7.0-7.0.117-1.0.1.el9_3.aarch64.rpm
dotnet-sdk-7.0-source-built-artifacts-7.0.117-1.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet7.0-7.0.117-1.0.1.el9_3.src.rpm

Related CVEs:

CVE-2024-21392

Description of changes:

[- 7.0.117-1.0.1]
- Update to .NET SDK 7.0.117 and Runtime 7.0.17
- Port revert "Disable implicit rejection for RSA PKCS#1 (#95217)" patch

[- 7.0.116-1.0.1]
- Update to .NET SDK 7.0.116 and Runtime 7.0.16

* Tue Jan 16 2024 Lukáš Lipinský - 7.0.115-1.0.1
- Update to .NET SDK 7.0.115 and Runtime 7.0.15

[7.0.114-1.0.1]
- Update to .NET SDK 7.0.114 and Runtime 7.0.14



ELSA-2024-1335 Important: Oracle Linux 8 dnsmasq security update


Oracle Linux Security Advisory ELSA-2024-1335

http://linux.oracle.com/errata/ELSA-2024-1335.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
dnsmasq-2.79-31.el8_9.2.x86_64.rpm
dnsmasq-utils-2.79-31.el8_9.2.x86_64.rpm

aarch64:
dnsmasq-2.79-31.el8_9.2.aarch64.rpm
dnsmasq-utils-2.79-31.el8_9.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dnsmasq-2.79-31.el8_9.2.src.rpm

Related CVEs:

CVE-2023-50387
CVE-2023-50868

Description of changes:

[2.79-31.2]
- Fix CVE 2023-50387 and CVE 2023-50868
- Resolves: RHEL-25628
- Resolves: RHEL-25666

[2.79-31.1]
- Do not crash on invalid domain in --synth-domain option (RHEL-22741)

[2.79-31]
- Do not create and search --local and --address=/x/# domains (#2233542)

[2.79-30]
- Make create logfile writeable by root (#2156789)

[2.79-29]
- Fix also dynamically set resolvers over dbus (#2186481)

[2.79-28]
- Correct possible crashes when server=/example.net/# is used (#2186481)

[2.79-27]
- Limit offered EDNS0 size to 1232 (CVE-2023-28450)



ELSA-2024-1311 Moderate: Oracle Linux 8 .NET 8.0 security update


Oracle Linux Security Advisory ELSA-2024-1311

http://linux.oracle.com/errata/ELSA-2024-1311.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-8.0-8.0.3-1.0.1.el8_9.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.3-1.0.1.el8_9.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.3-1.0.1.el8_9.x86_64.rpm
dotnet-8.0.103-1.0.1.el8_9.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.3-1.0.1.el8_9.x86_64.rpm
dotnet-host-8.0.3-1.0.1.el8_9.x86_64.rpm
dotnet-hostfxr-8.0-8.0.3-1.0.1.el8_9.x86_64.rpm
dotnet-runtime-8.0-8.0.3-1.0.1.el8_9.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.3-1.0.1.el8_9.x86_64.rpm
dotnet-sdk-8.0-8.0.103-1.0.1.el8_9.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.103-1.0.1.el8_9.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.3-1.0.1.el8_9.x86_64.rpm
dotnet-templates-8.0-8.0.103-1.0.1.el8_9.x86_64.rpm
netstandard-targeting-pack-2.1-8.0.103-1.0.1.el8_9.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.103-1.0.1.el8_9.x86_64.rpm

aarch64:
aspnetcore-runtime-8.0-8.0.3-1.0.1.el8_9.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.3-1.0.1.el8_9.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.3-1.0.1.el8_9.aarch64.rpm
dotnet-8.0.103-1.0.1.el8_9.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.3-1.0.1.el8_9.aarch64.rpm
dotnet-host-8.0.3-1.0.1.el8_9.aarch64.rpm
dotnet-hostfxr-8.0-8.0.3-1.0.1.el8_9.aarch64.rpm
dotnet-runtime-8.0-8.0.3-1.0.1.el8_9.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.3-1.0.1.el8_9.aarch64.rpm
dotnet-sdk-8.0-8.0.103-1.0.1.el8_9.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.103-1.0.1.el8_9.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.3-1.0.1.el8_9.aarch64.rpm
dotnet-templates-8.0-8.0.103-1.0.1.el8_9.aarch64.rpm
netstandard-targeting-pack-2.1-8.0.103-1.0.1.el8_9.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.103-1.0.1.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet8.0-8.0.103-1.0.1.el8_9.src.rpm

Related CVEs:

CVE-2024-21392

Description of changes:

[8.0.103-1.0.1]
- Update to .NET SDK 8.0.103 and Runtime 8.0.3
- Backport MSBuild locale fix



ELBA-2024-1298 Oracle Linux 8 .NET 6.0 bugfix update


Oracle Linux Bug Fix Advisory ELBA-2024-1298

http://linux.oracle.com/errata/ELBA-2024-1298.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-6.0-6.0.28-1.0.1.el8_9.x86_64.rpm
aspnetcore-targeting-pack-6.0-6.0.28-1.0.1.el8_9.x86_64.rpm
dotnet-apphost-pack-6.0-6.0.28-1.0.1.el8_9.x86_64.rpm
dotnet-hostfxr-6.0-6.0.28-1.0.1.el8_9.x86_64.rpm
dotnet-runtime-6.0-6.0.28-1.0.1.el8_9.x86_64.rpm
dotnet-sdk-6.0-6.0.128-1.0.1.el8_9.x86_64.rpm
dotnet-targeting-pack-6.0-6.0.28-1.0.1.el8_9.x86_64.rpm
dotnet-templates-6.0-6.0.128-1.0.1.el8_9.x86_64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.128-1.0.1.el8_9.x86_64.rpm

aarch64:
aspnetcore-runtime-6.0-6.0.28-1.0.1.el8_9.aarch64.rpm
aspnetcore-targeting-pack-6.0-6.0.28-1.0.1.el8_9.aarch64.rpm
dotnet-apphost-pack-6.0-6.0.28-1.0.1.el8_9.aarch64.rpm
dotnet-hostfxr-6.0-6.0.28-1.0.1.el8_9.aarch64.rpm
dotnet-runtime-6.0-6.0.28-1.0.1.el8_9.aarch64.rpm
dotnet-sdk-6.0-6.0.128-1.0.1.el8_9.aarch64.rpm
dotnet-targeting-pack-6.0-6.0.28-1.0.1.el8_9.aarch64.rpm
dotnet-templates-6.0-6.0.128-1.0.1.el8_9.aarch64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.128-1.0.1.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet6.0-6.0.128-1.0.1.el8_9.src.rpm

Description of changes:

[6.0.128-1.0.1]
- Update to .NET SDK 6.0.128 and Runtime 6.0.28
- Resolves RHEL-27538