Oracle Linux 6278 Published by

The following updates are available for Oracle Linux:

ELSA-2024-4265 Moderate: Oracle Linux 8 cups security update
ELSA-2024-4260 Moderate: Oracle Linux 8 python-idna security update
ELSA-2024-4264 Low: Oracle Linux 8 openldap security update
ELSA-2024-4259 Moderate: Oracle Linux 8 xmlrpc-c security and bug fix update
ELSA-2024-4256 Important: Oracle Linux 8 less security update
ELSA-2024-4247 Moderate: Oracle Linux 8 libuv security update
ELSA-2024-4249 Low: Oracle Linux 8 c-ares security update
ELSA-2024-4197 Moderate: Oracle Linux 8 httpd:2.4/httpd security update
ELSA-2024-4242 Moderate: Oracle Linux 8 libreoffice security update
ELSA-2024-4244 Moderate: Oracle Linux 8 python3.11-PyMySQL security update
ELSA-2024-4241 Moderate: Oracle Linux 8 iperf3 security update
ELSA-2024-4231 Moderate: Oracle Linux 8 python-jinja2 security update
ELBA-2024-4239 Oracle Linux 8 tigervnc enhancement update
ELSA-2024-4227 Moderate: Oracle Linux 8 python-pillow security update
ELSA-2024-4211 Important: Oracle Linux 8 kernel security and bug fix update
ELBA-2024-4250 Oracle Linux 8 libtirpc bug fix update
ELSA-2024-4246 Moderate: Oracle Linux 8 container-tools security update
ELSA-2024-4237 Moderate: Oracle Linux 8 go-toolset security update
ELBA-2024-4255 Oracle Linux 8 systemd update
ELBA-2024-4263 Oracle Linux 8 krb5 bug fix update
ELBA-2024-4236 Oracle Linux 8 sysstat bug fix update
ELBA-2024-4261 Oracle Linux 8 samba bug fix update
ELBA-2024-4253 Oracle Linux 8 policycoreutils bug fix update
ELBA-2024-4251 Oracle Linux 8 pam bug fix update
ELBA-2024-4254 Oracle Linux 8 kmod-redhat-oracleasm bug fix update
ELSA-2024-4245 Moderate: Oracle Linux 8 python3 security update
ELBA-2024-4230 Oracle Linux 8 cockpit-appstream bug fix update
ELSA-2024-4312 Important: Oracle Linux 9 openssh security update
ELBA-2024-12473 Oracle Linux 7 chkconfig bug fix update (aarch64)
ELBA-2024-12473 Oracle Linux 7 chkconfig bug fix update



ELSA-2024-4265 Moderate: Oracle Linux 8 cups security update


Oracle Linux Security Advisory ELSA-2024-4265

http://linux.oracle.com/errata/ELSA-2024-4265.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
cups-2.2.6-60.el8_10.x86_64.rpm
cups-client-2.2.6-60.el8_10.x86_64.rpm
cups-devel-2.2.6-60.el8_10.i686.rpm
cups-devel-2.2.6-60.el8_10.x86_64.rpm
cups-filesystem-2.2.6-60.el8_10.noarch.rpm
cups-ipptool-2.2.6-60.el8_10.x86_64.rpm
cups-libs-2.2.6-60.el8_10.i686.rpm
cups-libs-2.2.6-60.el8_10.x86_64.rpm
cups-lpd-2.2.6-60.el8_10.x86_64.rpm

aarch64:
cups-2.2.6-60.el8_10.aarch64.rpm
cups-client-2.2.6-60.el8_10.aarch64.rpm
cups-devel-2.2.6-60.el8_10.aarch64.rpm
cups-filesystem-2.2.6-60.el8_10.noarch.rpm
cups-ipptool-2.2.6-60.el8_10.aarch64.rpm
cups-libs-2.2.6-60.el8_10.aarch64.rpm
cups-lpd-2.2.6-60.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//cups-2.2.6-60.el8_10.src.rpm

Related CVEs:

CVE-2024-35235

Description of changes:

[ - 1:2.2.6-60]
- RHEL-40386 cups: Cupsd Listen arbitrary chmod 0140777
- Delete the domain socket file after stopping the cups.socket service
- Fix cupsd Listener checks

[1:2.2.6-59]
- RHEL-40386 cups: Cupsd Listen arbitrary chmod 0140777
- Require cups.socket in cupsd service file

[1:2.2.6-58]
- CVE-2024-35235 cups: Cupsd Listen arbitrary chmod 0140777



ELSA-2024-4260 Moderate: Oracle Linux 8 python-idna security update


Oracle Linux Security Advisory ELSA-2024-4260

http://linux.oracle.com/errata/ELSA-2024-4260.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-idna-2.5-7.el8_10.noarch.rpm

aarch64:
python3-idna-2.5-7.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python-idna-2.5-7.el8_10.src.rpm

Related CVEs:

CVE-2024-3651

Description of changes:

[2.5-7]
- Fix patch application for security fix for CVE-2024-3651
Resolves: RHEL-32703

[2.5-6]
- Security fix for CVE-2024-3651
Resolves: RHEL-32703



ELSA-2024-4264 Low: Oracle Linux 8 openldap security update


Oracle Linux Security Advisory ELSA-2024-4264

http://linux.oracle.com/errata/ELSA-2024-4264.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
openldap-2.4.46-19.el8_10.i686.rpm
openldap-2.4.46-19.el8_10.x86_64.rpm
openldap-clients-2.4.46-19.el8_10.x86_64.rpm
openldap-devel-2.4.46-19.el8_10.i686.rpm
openldap-devel-2.4.46-19.el8_10.x86_64.rpm
openldap-servers-2.4.46-19.el8_10.x86_64.rpm

aarch64:
openldap-2.4.46-19.el8_10.aarch64.rpm
openldap-clients-2.4.46-19.el8_10.aarch64.rpm
openldap-devel-2.4.46-19.el8_10.aarch64.rpm
openldap-servers-2.4.46-19.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//openldap-2.4.46-19.el8_10.src.rpm

Related CVEs:

CVE-2023-2953

Description of changes:

[2.4.46-19]
- Bump version to 2.4.46-19
- Resolves: RHEL-34283 - openldap: null pointer dereference in ber_memalloc_x function



ELSA-2024-4259 Moderate: Oracle Linux 8 xmlrpc-c security and bug fix update


Oracle Linux Security Advisory ELSA-2024-4259

http://linux.oracle.com/errata/ELSA-2024-4259.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
xmlrpc-c-1.51.0-9.el8_10.i686.rpm
xmlrpc-c-1.51.0-9.el8_10.x86_64.rpm
xmlrpc-c-client-1.51.0-9.el8_10.i686.rpm
xmlrpc-c-client-1.51.0-9.el8_10.x86_64.rpm
xmlrpc-c-c++-1.51.0-9.el8_10.i686.rpm
xmlrpc-c-c++-1.51.0-9.el8_10.x86_64.rpm
xmlrpc-c-client++-1.51.0-9.el8_10.i686.rpm
xmlrpc-c-client++-1.51.0-9.el8_10.x86_64.rpm
xmlrpc-c-devel-1.51.0-9.el8_10.i686.rpm
xmlrpc-c-devel-1.51.0-9.el8_10.x86_64.rpm

aarch64:
xmlrpc-c-1.51.0-9.el8_10.aarch64.rpm
xmlrpc-c-client-1.51.0-9.el8_10.aarch64.rpm
xmlrpc-c-c++-1.51.0-9.el8_10.aarch64.rpm
xmlrpc-c-client++-1.51.0-9.el8_10.aarch64.rpm
xmlrpc-c-devel-1.51.0-9.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//xmlrpc-c-1.51.0-9.el8_10.src.rpm

Related CVEs:

CVE-2023-52425

Description of changes:

[1.51.0-9]
- Address segfault found in CVE-2023-52425 (RHEL-24226)



ELSA-2024-4256 Important: Oracle Linux 8 less security update


Oracle Linux Security Advisory ELSA-2024-4256

http://linux.oracle.com/errata/ELSA-2024-4256.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
less-530-3.el8_10.x86_64.rpm

aarch64:
less-530-3.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//less-530-3.el8_10.src.rpm

Related CVEs:

CVE-2022-48624
CVE-2024-32487

Description of changes:

[530-3]
- Fix CVE-2024-32487
- Resolves: RHEL-32738



ELSA-2024-4247 Moderate: Oracle Linux 8 libuv security update


Oracle Linux Security Advisory ELSA-2024-4247

http://linux.oracle.com/errata/ELSA-2024-4247.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libuv-1.41.1-2.el8_10.i686.rpm
libuv-1.41.1-2.el8_10.x86_64.rpm
libuv-devel-1.41.1-2.el8_10.i686.rpm
libuv-devel-1.41.1-2.el8_10.x86_64.rpm

aarch64:
libuv-1.41.1-2.el8_10.aarch64.rpm
libuv-devel-1.41.1-2.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libuv-1.41.1-2.el8_10.src.rpm

Related CVEs:

CVE-2024-24806

Description of changes:

[1:1.41.1-2]
- Backport fixes for CVE-2024-24806
Resolves: RHEL-24790



ELSA-2024-4249 Low: Oracle Linux 8 c-ares security update


Oracle Linux Security Advisory ELSA-2024-4249

http://linux.oracle.com/errata/ELSA-2024-4249.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
c-ares-1.13.0-11.el8_10.i686.rpm
c-ares-1.13.0-11.el8_10.x86_64.rpm
c-ares-devel-1.13.0-11.el8_10.i686.rpm
c-ares-devel-1.13.0-11.el8_10.x86_64.rpm

aarch64:
c-ares-1.13.0-11.el8_10.aarch64.rpm
c-ares-devel-1.13.0-11.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//c-ares-1.13.0-11.el8_10.src.rpm

Related CVEs:

CVE-2024-25629

Description of changes:

[1.13.0-11]
- Resolves: RHEL-26525 - c-ares: Out of bounds read in ares__read_line() [rhel-8]



ELSA-2024-4197 Moderate: Oracle Linux 8 httpd:2.4/httpd security update


Oracle Linux Security Advisory ELSA-2024-4197

http://linux.oracle.com/errata/ELSA-2024-4197.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
httpd-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.x86_64.rpm
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.x86_64.rpm
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.noarch.rpm
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.noarch.rpm
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.x86_64.rpm
mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.x86_64.rpm
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.x86_64.rpm
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.x86_64.rpm
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.x86_64.rpm
mod_session-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.x86_64.rpm
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.x86_64.rpm

aarch64:
httpd-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.aarch64.rpm
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.aarch64.rpm
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.noarch.rpm
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.noarch.rpm
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.aarch64.rpm
mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.aarch64.rpm
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.aarch64.rpm
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.aarch64.rpm
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.aarch64.rpm
mod_session-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.aarch64.rpm
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//httpd-2.4.37-65.0.1.module+el8.10.0+90356+f7b9d583.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.src.rpm

Related CVEs:

CVE-2023-38709

Description of changes:

httpd
[2.4.37-65.0.1]
- Replace index.html with Oracle's index page oracle_index.html

[2.4.37-65]
- Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response
splitting (CVE-2023-38709)

mod_http2
[1.15.7-10]
- Resolves: RHEL-29817 - httpd:2.4/mod_http2: httpd: CONTINUATION frames
DoS (CVE-2024-27316)

[1.15.7-9.3]
- Resolves: RHEL-13367 - httpd:2.4/mod_http2: reset requests exhaust memory
(incomplete fix of CVE-2023-44487)(CVE-2023-45802)

[1.15.7-8.3]
- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting
with mod_rewrite and mod_proxy

[1.15.7-7]
- Resolves: #2095650 - Dependency from mod_http2 on httpd broken

[1.15.7-6]
- Backport SNI feature refactor
- Resolves: rhbz#2137257

[1.15.7-5]
- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference
or SSRF in forward proxy configurations

[1.15.7-4]
- Resolves: #1966728 - CVE-2021-33193 httpd:2.4/mod_http2: httpd:
Request splitting via HTTP/2 method injection and mod_proxy

[1.15.7-3]
- Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd:
mod_http2 concurrent pool usage

[1.15.7-2]
- Resolves: #1869073 - CVE-2020-9490 httpd:2.4/mod_http2: httpd:
Push diary crash on specifically crafted HTTP/2 header

[1.15.7-1]
- new version 1.15.7
- Resolves: #1814236 - RFE: mod_http2 rebase
- Resolves: #1747289 - CVE-2019-10082 httpd:2.4/mod_http2: httpd:
read-after-free in h2 connection shutdown
- Resolves: #1696099 - CVE-2019-0197 httpd:2.4/mod_http2: httpd:
mod_http2: possible crash on late upgrade
- Resolves: #1696094 - CVE-2019-0196 httpd:2.4/mod_http2: httpd:
mod_http2: read-after-free on a string compare
- Resolves: #1677591 - CVE-2018-17189 httpd:2.4/mod_http2: httpd:
mod_http2: DoS via slow, unneeded request bodies

[1.11.3-3]
- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount
of data request leads to denial of service
- Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length
headers leads to denial of service
- Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for
large response leads to denial of service

[1.11.3-2]
- update release (#1695587)

[1.11.3-1]
- new version 1.11.3
- Resolves: #1633401 - CVE-2018-11763 mod_http2: httpd: DoS for HTTP/2
connections by continuous SETTINGS

[1.10.20-1]
- update to 1.10.20

[1.10.18-1]
- update to 1.10.18

[1.10.16-1]
- update to 1.10.16 (CVE-2018-1302)

[1.10.13-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1.10.13-1]
- update to 1.10.13

[1.10.12-1]
- update to 1.10.12

[1.10.10-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

[1.10.10-1]
- update to 1.10.10

[1.10.7-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

[1.10.7-1]
- update to 1.10.7

[1.10.6-1]
- update to 1.10.6

[1.10.5-1]
- update to 1.10.5

[1.10.1-1]
- Initial import (#1440780).

mod_md



ELSA-2024-4242 Moderate: Oracle Linux 8 libreoffice security update


Oracle Linux Security Advisory ELSA-2024-4242

http://linux.oracle.com/errata/ELSA-2024-4242.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
autocorr-af-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-bg-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-ca-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-cs-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-da-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-de-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-en-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-es-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-fa-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-fi-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-fr-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-ga-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-hr-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-hu-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-is-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-it-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-ja-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-ko-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-lb-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-lt-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-mn-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-nl-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-pl-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-pt-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-ro-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-ru-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-sk-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-sl-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-sr-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-sv-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-tr-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-vi-6.4.7.2-17.0.1.el8_10.noarch.rpm
autocorr-zh-6.4.7.2-17.0.1.el8_10.noarch.rpm
libreoffice-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-base-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-calc-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-core-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-data-6.4.7.2-17.0.1.el8_10.noarch.rpm
libreoffice-draw-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-emailmerge-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-filters-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-gdb-debug-support-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-graphicfilter-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-gtk3-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-ar-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-bg-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-bn-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-ca-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-cs-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-da-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-de-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-dz-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-el-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-en-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-es-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-et-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-eu-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-fi-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-fr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-gl-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-gu-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-he-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-hi-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-hr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-hu-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-id-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-it-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-ja-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-ko-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-lt-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-lv-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-nb-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-nl-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-nn-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-pl-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-pt-BR-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-pt-PT-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-ro-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-ru-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-si-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-sk-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-sl-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-sv-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-ta-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-tr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-uk-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-zh-Hans-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-help-zh-Hant-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-impress-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-af-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ar-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-as-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-bg-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-bn-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-br-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ca-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-cs-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-cy-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-da-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-de-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-dz-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-el-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-en-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-es-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-et-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-eu-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-fa-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-fi-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-fr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ga-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-gl-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-gu-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-he-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-hi-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-hr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-hu-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-id-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-it-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ja-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-kk-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-kn-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ko-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-lt-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-lv-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-mai-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ml-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-mr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-nb-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-nl-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-nn-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-nr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-nso-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-or-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-pa-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-pl-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-pt-BR-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-pt-PT-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ro-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ru-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-si-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-sk-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-sl-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-sr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ss-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-st-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-sv-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ta-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-te-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-th-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-tn-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-tr-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ts-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-uk-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-ve-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-xh-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-zh-Hans-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-zh-Hant-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-langpack-zu-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-math-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-ogltrans-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-opensymbol-fonts-6.4.7.2-17.0.1.el8_10.noarch.rpm
libreoffice-pdfimport-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-pyuno-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-ure-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-ure-common-6.4.7.2-17.0.1.el8_10.noarch.rpm
libreoffice-wiki-publisher-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-writer-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-x11-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-xsltfilter-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreofficekit-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-sdk-6.4.7.2-17.0.1.el8_10.x86_64.rpm
libreoffice-sdk-doc-6.4.7.2-17.0.1.el8_10.x86_64.rpm

aarch64:
libreoffice-sdk-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-sdk-doc-6.4.7.2-17.0.1.el8_10.aarch64.rpm
autocorr-en-6.4.7.2-17.0.1.el8_10.noarch.rpm
libreoffice-calc-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-core-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-data-6.4.7.2-17.0.1.el8_10.noarch.rpm
libreoffice-graphicfilter-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-help-en-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-impress-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-langpack-en-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-ogltrans-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-opensymbol-fonts-6.4.7.2-17.0.1.el8_10.noarch.rpm
libreoffice-pdfimport-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-pyuno-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-ure-6.4.7.2-17.0.1.el8_10.aarch64.rpm
libreoffice-ure-common-6.4.7.2-17.0.1.el8_10.noarch.rpm
libreoffice-writer-6.4.7.2-17.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libreoffice-6.4.7.2-17.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-3044

Description of changes:

[6.4.7.2-17.0.1]
- Replace colors with Oracle colors [Orabug: 32120093]
- Build with --with-vendor="Oracle America, Inc."
- Added the --with-hamcrest option to configure.

[6.4.7.2]
- Remove Red Hat branding
- Change vendor to RESF

[1:6.4.7.2-17]
- Fix CVE-2024-3044 add notify for script use



ELSA-2024-4244 Moderate: Oracle Linux 8 python3.11-PyMySQL security update


Oracle Linux Security Advisory ELSA-2024-4244

http://linux.oracle.com/errata/ELSA-2024-4244.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-PyMySQL-1.0.2-2.el8_10.noarch.rpm

aarch64:
python3.11-PyMySQL-1.0.2-2.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python3.11-PyMySQL-1.0.2-2.el8_10.src.rpm

Related CVEs:

CVE-2024-36039

Description of changes:

[1.0.2-2]
- Security fix for CVE-2024-36039
Resolves: RHEL-38365



ELSA-2024-4241 Moderate: Oracle Linux 8 iperf3 security update


Oracle Linux Security Advisory ELSA-2024-4241

http://linux.oracle.com/errata/ELSA-2024-4241.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
iperf3-3.5-10.el8_10.i686.rpm
iperf3-3.5-10.el8_10.x86_64.rpm

aarch64:
iperf3-3.5-10.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//iperf3-3.5-10.el8_10.src.rpm

Related CVEs:

CVE-2023-7250
CVE-2024-26306

Description of changes:

[3.5-10]
- Resolves: RHEL-29578 - vulnerable to marvin attack if the authentication option is used

[3.5-9]
- Resolves: RHEL-17069 - possible denial of service

[3.5-8]
- Related: #2222205 - bumping nvr for correct update path



ELSA-2024-4231 Moderate: Oracle Linux 8 python-jinja2 security update


Oracle Linux Security Advisory ELSA-2024-4231

http://linux.oracle.com/errata/ELSA-2024-4231.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-jinja2-2.10.1-5.el8_10.noarch.rpm

aarch64:
python3-jinja2-2.10.1-5.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python-jinja2-2.10.1-5.el8_10.src.rpm

Related CVEs:

CVE-2024-34064

Description of changes:

[2.10.1-5]
- Security fix for CVE-2024-34064
Resolves: RHEL-35651



ELBA-2024-4239 Oracle Linux 8 tigervnc enhancement update


Oracle Linux Bug Fix Advisory ELBA-2024-4239

http://linux.oracle.com/errata/ELBA-2024-4239.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
tigervnc-1.13.1-11.0.1.el8_10.x86_64.rpm
tigervnc-icons-1.13.1-11.0.1.el8_10.noarch.rpm
tigervnc-license-1.13.1-11.0.1.el8_10.noarch.rpm
tigervnc-selinux-1.13.1-11.0.1.el8_10.noarch.rpm
tigervnc-server-1.13.1-11.0.1.el8_10.x86_64.rpm
tigervnc-server-minimal-1.13.1-11.0.1.el8_10.x86_64.rpm
tigervnc-server-module-1.13.1-11.0.1.el8_10.x86_64.rpm

aarch64:
tigervnc-1.13.1-11.0.1.el8_10.aarch64.rpm
tigervnc-icons-1.13.1-11.0.1.el8_10.noarch.rpm
tigervnc-license-1.13.1-11.0.1.el8_10.noarch.rpm
tigervnc-selinux-1.13.1-11.0.1.el8_10.noarch.rpm
tigervnc-server-1.13.1-11.0.1.el8_10.aarch64.rpm
tigervnc-server-minimal-1.13.1-11.0.1.el8_10.aarch64.rpm
tigervnc-server-module-1.13.1-11.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tigervnc-1.13.1-11.0.1.el8_10.src.rpm

Description of changes:

[1.13.1-11.0.1]
- Removed xorg-CVE-2024-31083-followup.patch, already fixed in xorg-X11-server-1.20.11-24.el8_10.

[1.13.1-11]
- vncconfig: add option to force view-only remote client connections
Resolves: RHEL-11908



ELSA-2024-4227 Moderate: Oracle Linux 8 python-pillow security update


Oracle Linux Security Advisory ELSA-2024-4227

http://linux.oracle.com/errata/ELSA-2024-4227.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-pillow-5.1.1-21.el8_10.x86_64.rpm
python3-pillow-5.1.1-21.el8_10.i686.rpm
python3-pillow-devel-5.1.1-21.el8_10.i686.rpm
python3-pillow-devel-5.1.1-21.el8_10.x86_64.rpm
python3-pillow-doc-5.1.1-21.el8_10.noarch.rpm
python3-pillow-tk-5.1.1-21.el8_10.x86_64.rpm

aarch64:
python3-pillow-5.1.1-21.el8_10.aarch64.rpm
python3-pillow-devel-5.1.1-21.el8_10.aarch64.rpm
python3-pillow-doc-5.1.1-21.el8_10.noarch.rpm
python3-pillow-tk-5.1.1-21.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python-pillow-5.1.1-21.el8_10.src.rpm

Related CVEs:

CVE-2024-28219

Description of changes:

[5.1.1-21]
- Security fix for CVE-2024-28219
Resolves: RHEL-31071



ELSA-2024-4211 Important: Oracle Linux 8 kernel security and bug fix update


Oracle Linux Security Advisory ELSA-2024-4211

http://linux.oracle.com/errata/ELSA-2024-4211.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.8.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.8.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.8.1.el8_10.x86_64.rpm
perf-4.18.0-553.8.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.8.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.8.1.el8_10.x86_64.rpm

aarch64:
bpftool-4.18.0-553.8.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.8.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.8.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.8.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.8.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.8.1.el8_10.aarch64.rpm
perf-4.18.0-553.8.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.8.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.8.1.el8_10.src.rpm

Related CVEs:

CVE-2020-26555
CVE-2021-46909
CVE-2021-46972
CVE-2021-47069
CVE-2021-47073
CVE-2021-47236
CVE-2021-47310
CVE-2021-47311
CVE-2021-47353
CVE-2021-47356
CVE-2021-47456
CVE-2021-47495
CVE-2023-5090
CVE-2023-52464
CVE-2023-52560
CVE-2023-52615
CVE-2023-52626
CVE-2023-52667
CVE-2023-52669
CVE-2023-52675
CVE-2023-52686
CVE-2023-52700
CVE-2023-52703
CVE-2023-52781
CVE-2023-52813
CVE-2023-52835
CVE-2023-52877
CVE-2023-52878
CVE-2023-52881
CVE-2024-26583
CVE-2024-26584
CVE-2024-26585
CVE-2024-26656
CVE-2024-26675
CVE-2024-26735
CVE-2024-26759
CVE-2024-26801
CVE-2024-26804
CVE-2024-26826
CVE-2024-26859
CVE-2024-26906
CVE-2024-26907
CVE-2024-26974
CVE-2024-26982
CVE-2024-27397
CVE-2024-27410
CVE-2024-35789
CVE-2024-35835
CVE-2024-35838
CVE-2024-35845
CVE-2024-35852
CVE-2024-35853
CVE-2024-35854
CVE-2024-35855
CVE-2024-35888
CVE-2024-35890
CVE-2024-35958
CVE-2024-35959
CVE-2024-35960
CVE-2024-36004
CVE-2024-36007

Description of changes:

- [4.18.0-553.8.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 4K (Vladis Dronov) [RHEL-35106]
- crypto: qat - avoid division by zero (Vladis Dronov) [RHEL-35106]
- crypto: qat - resolve race condition during AER recovery (Vladis Dronov) [RHEL-35106] {CVE-2024-26974}
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (Vladis Dronov) [RHEL-35106]
- [rt] Enable CONFIG_DRM_MGAG200_DISABLE_WRITECOMBINE (Jocelyn Falempe) [RHEL-36172]
- drm/mgag200: Add an option to disable Write-Combine (Jocelyn Falempe) [RHEL-36172]
- drm/mgag200: Fix caching setup for remapped video memory (Jocelyn Falempe) [RHEL-36172]
- Revert "drm/mgag200: Add a workaround for low-latency" (Jocelyn Falempe) [RHEL-36172]
- mptcp: fix data re-injection from stale subflow (Davide Caratti) [RHEL-33133] {CVE-2024-26826}
- ipv6: sr: fix incorrect unregister order (Hangbin Liu) [RHEL-31730]
- ipv6: sr: fix possible use-after-free and null-ptr-deref (Hangbin Liu) [RHEL-31730] {CVE-2024-26735}
- net/bnx2x: Prevent access to a freed page in page_pool (Michal Schmidt) [RHEL-14195 RHEL-33243] {CVE-2024-26859}
- bnx2x: new flag for track HW resource allocation (Michal Schmidt) [RHEL-14195 RHEL-33243]
- bnx2x: fix page fault following EEH recovery (Michal Schmidt) [RHEL-14195 RHEL-33243]
- x86: KVM: SVM: always update the x2avic msr interception (Maxim Levitsky) [RHEL-15495] {CVE-2023-5090}
- EDAC/thunderx: Fix possible out-of-bounds string access (Aristeu Rozanski) [RHEL-26573] {CVE-2023-52464}

[4.18.0-553.7.1.el8_10]
- net: qcom/emac: fix UAF in emac_remove (Ken Cox) [RHEL-37834] {CVE-2021-47311}
- perf/core: Bail out early if the request AUX area is out of bound (Michael Petlan) [RHEL-38268] {CVE-2023-52835}
- crypto: pcrypt - Fix hungtask for PADATA_RESET (Herbert Xu) [RHEL-38171] {CVE-2023-52813}
- drm/amdgpu: fix use-after-free bug (Jocelyn Falempe) [RHEL-31240] {CVE-2024-26656}
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash (Ivan Vecera) [RHEL-37008] {CVE-2024-35854}
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update (Ivan Vecera) [RHEL-37004] {CVE-2024-35855}
- mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (Ivan Vecera) [RHEL-37012] {CVE-2024-35853}
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (Ivan Vecera) [RHEL-37016] {CVE-2024-35852}
- mlxsw: spectrum_acl_tcam: Fix warning during rehash (Ivan Vecera) [RHEL-37480] {CVE-2024-36007}
- can: peak_pci: peak_pci_remove(): fix UAF (Jose Ignacio Tornos Martinez) [RHEL-38419] {CVE-2021-47456}
- usbnet: fix error return code in usbnet_probe() (Jose Ignacio Tornos Martinez) [RHEL-38440] {CVE-2021-47495}
- usbnet: sanity check for maxpacket (Jose Ignacio Tornos Martinez) [RHEL-38440] {CVE-2021-47495}
- net/mlx5e: fix a double-free in arfs_create_groups (Kamal Heib) [RHEL-36920] {CVE-2024-35835}
- can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds (Jose Ignacio Tornos Martinez) [RHEL-38220] {CVE-2023-52878}
- net: cdc_eem: fix tx fixup skb leak (Jose Ignacio Tornos Martinez) [RHEL-38080] {CVE-2021-47236}
- net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Jose Ignacio Tornos Martinez) [RHEL-38113] {CVE-2023-52703}
- usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() (Desnes Nunes) [RHEL-38248] {CVE-2023-52877}
- usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (Desnes Nunes) [RHEL-38240] {CVE-2023-52781}
- gro: fix ownership transfer (Xin Long) [RHEL-37226] {CVE-2024-35890}
- tipc: fix kernel warning when sending SYN message (Xin Long) [RHEL-38109] {CVE-2023-52700}
- erspan: make sure erspan_base_hdr is present in skb->head (Xin Long) [RHEL-37230] {CVE-2024-35888}
- scsi: mpi3mr: Use proper format specifier in mpi3mr_sas_port_add() (Bryan Gurney) [RHEL-17366]
- scsi: mpi3mr: Sanitise num_phys (Bryan Gurney) [RHEL-17366]
- netfilter: nf_tables: use timestamp to check for set element timeout (Phil Sutter) [RHEL-38023] {CVE-2024-27397}
- net/ipv6: SKB symmetric hash should incorporate transport ports (Sabrina Dubroca) [RHEL-32061]
- crypto: s390/aes - Fix buffer overread in CTR mode (Herbert Xu) [RHEL-37089] {CVE-2023-52669}
- net: Save and restore msg_namelen in sock_sendmsg (Jamie Bainbridge) [RHEL-35893]
- net: prevent address rewrite in kernel_bind() (Jamie Bainbridge) [RHEL-35893]
- net: prevent rewrite of msg_name in sock_sendmsg() (Jamie Bainbridge) [RHEL-35893]
- net: replace calls to sock->ops->connect() with kernel_connect() (Jamie Bainbridge) [RHEL-35893]
- net: Avoid address overwrite in kernel_connect (Jamie Bainbridge) [RHEL-35893]
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (Jose Ignacio Tornos Martinez) [RHEL-37026] {CVE-2024-35845}
- wifi: mac80211: fix potential sta-link leak (Jose Ignacio Tornos Martinez) [RHEL-36916] {CVE-2024-35838}
- wifi: nl80211: reject iftype change with mesh ID change (Jose Ignacio Tornos Martinez) [RHEL-36884] {CVE-2024-27410}
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (Jose Ignacio Tornos Martinez) [RHEL-36807] {CVE-2024-35789}
- Bluetooth: Avoid potential use-after-free in hci_error_reset (David Marlin) [RHEL-31826] {CVE-2024-26801}
- tls: disable async encrypt/decrypt (Sabrina Dubroca) [RHEL-26362 RHEL-26409 RHEL-26420] {CVE-2024-26584 CVE-2024-26583 CVE-2024-26585}
- Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) [RHEL-35096] {CVE-2024-26982}
- ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- ipc/msg.c: update and document memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- ipc/sem.c: document and update memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- ipc/mqueue.c: update/document memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- ipc/mqueue.c: remove duplicated code (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (Kamal Heib) [RHEL-30582] {CVE-2023-52626}
- Revert "ACPI: bus: Rework system-level device notification handling" (Prarit Bhargava) [RHEL-21486]
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Prarit Bhargava) [RHEL-29485] {CVE-2023-52615}

[4.18.0-553.6.1.el8_10]
- powerpc/powernv: Add a null pointer check in opal_event_init() (Mamatha Inamdar) [RHEL-37058] {CVE-2023-52686}
- crypto: rsa - add a check for allocation failure (Vladis Dronov) [RHEL-35361]
- crypto: rsa - allow only odd e and restrict value in FIPS mode (Vladis Dronov) [RHEL-35361]
- KEYS: use kfree_sensitive with key (Vladis Dronov) [RHEL-35361]
- lib/mpi: Extend the MPI library (only mpi_*_bit() part) (Vladis Dronov) [RHEL-35361]
- net: ip_tunnel: prevent perpetual headroom growth (Felix Maurer) [RHEL-31814] {CVE-2024-26804}
- s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-36048]
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (Kamal Heib) [RHEL-33162] {CVE-2024-26907}
- ovl: fix leaked dentry (Miklos Szeredi) [RHEL-27306] {CVE-2021-46972}
- x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm/vsyscall: Consider vsyscall page part of user address space (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm: Add vsyscall address helper (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- mm/swap: fix race when skipping swapcache (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- swap: fix do_swap_page() race with swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- mm/swapfile: use percpu_ref to serialize against concurrent swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() (Rafael Aquini) [RHEL-29294] {CVE-2023-52560}
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-29783]
- block: null_blk: Fix handling of fake timeout request (Ming Lei) [RHEL-8130]
- null_blk: fix poll request timeout handling (Ming Lei) [RHEL-8130]
- block: null_blk: end timed out poll request (Ming Lei) [RHEL-8130]
- block: null_blk: only set set->nr_maps as 3 if active poll_queues is > 0 (Ming Lei) [RHEL-8130]
- null_blk: allow zero poll queues (Ming Lei) [RHEL-8130]
- null_blk: Fix handling of submit_queues and poll_queues attributes (Ming Lei) [RHEL-8130]
- null_blk: poll queue support (Ming Lei) [RHEL-8130]
- null_blk: fix command timeout completion handling (Ming Lei) [RHEL-8130]
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (Prarit Bhargava) [RHEL-27790] {CVE-2021-47073}
- Bluetooth: avoid memcmp() out of bounds warning (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Fix coding style (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Fix using memcmp when comparing keys (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: Reject connection with the device which has same BD_ADDR (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Ignore NULL link key (David Marlin) [RHEL-3017] {CVE-2020-26555}
- ppp_async: limit MRU to 64K (Guillaume Nault) [RHEL-31353] {CVE-2024-26675}
- powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (Mamatha Inamdar) [RHEL-37078] {CVE-2023-52675}
- tcp: do not accept ACK of bytes we never sent (Xin Long) [RHEL-21952]



ELBA-2024-4250 Oracle Linux 8 libtirpc bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-4250

http://linux.oracle.com/errata/ELBA-2024-4250.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libtirpc-1.1.4-12.el8_10.i686.rpm
libtirpc-1.1.4-12.el8_10.x86_64.rpm
libtirpc-devel-1.1.4-12.el8_10.i686.rpm
libtirpc-devel-1.1.4-12.el8_10.x86_64.rpm

aarch64:
libtirpc-1.1.4-12.el8_10.aarch64.rpm
libtirpc-devel-1.1.4-12.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libtirpc-1.1.4-12.el8_10.src.rpm

Description of changes:

[1.1.4-12]
- binddynport.c honor ip_local_reserved_ports (RHEL-27005)

[1.1.4-11]
- rpcb_clnt.c (fixed): Eliminate double frees in delete_cache() (RHEL-11293)



ELSA-2024-4246 Moderate: Oracle Linux 8 container-tools security update


Oracle Linux Security Advisory ELSA-2024-4246

http://linux.oracle.com/errata/ELSA-2024-4246.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aardvark-dns-1.10.0-1.module+el8.10.0+90298+77a9814d.x86_64.rpm
buildah-1.33.8-1.module+el8.10.0+90360+0c35d233.x86_64.rpm
buildah-tests-1.33.8-1.module+el8.10.0+90360+0c35d233.x86_64.rpm
cockpit-podman-84.1-1.module+el8.10.0+90298+77a9814d.noarch.rpm
conmon-2.1.10-1.module+el8.10.0+90298+77a9814d.x86_64.rpm
containernetworking-plugins-1.4.0-2.module+el8.10.0+90298+77a9814d.x86_64.rpm
containers-common-1-81.0.1.module+el8.10.0+90298+77a9814d.x86_64.rpm
container-selinux-2.229.0-2.module+el8.10.0+90298+77a9814d.noarch.rpm
crit-3.18-5.module+el8.10.0+90337+0d7b6e74.x86_64.rpm
criu-3.18-5.module+el8.10.0+90337+0d7b6e74.x86_64.rpm
criu-devel-3.18-5.module+el8.10.0+90337+0d7b6e74.x86_64.rpm
criu-libs-3.18-5.module+el8.10.0+90337+0d7b6e74.x86_64.rpm
crun-1.14.3-2.module+el8.10.0+90298+77a9814d.x86_64.rpm
fuse-overlayfs-1.13-1.module+el8.10.0+90298+77a9814d.x86_64.rpm
libslirp-4.4.0-2.module+el8.10.0+90337+0d7b6e74.x86_64.rpm
libslirp-devel-4.4.0-2.module+el8.10.0+90337+0d7b6e74.x86_64.rpm
netavark-1.10.3-1.module+el8.10.0+90298+77a9814d.x86_64.rpm
oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90298+77a9814d.x86_64.rpm
podman-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.x86_64.rpm
podman-catatonit-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.x86_64.rpm
podman-docker-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.noarch.rpm
podman-gvproxy-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.x86_64.rpm
podman-plugins-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.x86_64.rpm
podman-remote-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.x86_64.rpm
podman-tests-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.x86_64.rpm
python3-criu-3.18-5.module+el8.10.0+90337+0d7b6e74.x86_64.rpm
python3-podman-4.9.0-1.module+el8.10.0+90298+77a9814d.noarch.rpm
runc-1.1.12-1.module+el8.10.0+90298+77a9814d.x86_64.rpm
skopeo-1.14.4-1.module+el8.10.0+90360+0c35d233.x86_64.rpm
skopeo-tests-1.14.4-1.module+el8.10.0+90360+0c35d233.x86_64.rpm
slirp4netns-1.2.3-1.module+el8.10.0+90298+77a9814d.x86_64.rpm
udica-0.2.6-21.module+el8.10.0+90337+0d7b6e74.noarch.rpm

aarch64:
aardvark-dns-1.10.0-1.module+el8.10.0+90298+77a9814d.aarch64.rpm
buildah-1.33.8-1.module+el8.10.0+90360+0c35d233.aarch64.rpm
buildah-tests-1.33.8-1.module+el8.10.0+90360+0c35d233.aarch64.rpm
cockpit-podman-84.1-1.module+el8.10.0+90298+77a9814d.noarch.rpm
conmon-2.1.10-1.module+el8.10.0+90298+77a9814d.aarch64.rpm
containernetworking-plugins-1.4.0-2.module+el8.10.0+90298+77a9814d.aarch64.rpm
containers-common-1-81.0.1.module+el8.10.0+90298+77a9814d.aarch64.rpm
container-selinux-2.229.0-2.module+el8.10.0+90298+77a9814d.noarch.rpm
crit-3.18-5.module+el8.10.0+90337+0d7b6e74.aarch64.rpm
criu-3.18-5.module+el8.10.0+90337+0d7b6e74.aarch64.rpm
criu-devel-3.18-5.module+el8.10.0+90337+0d7b6e74.aarch64.rpm
criu-libs-3.18-5.module+el8.10.0+90337+0d7b6e74.aarch64.rpm
crun-1.14.3-2.module+el8.10.0+90298+77a9814d.aarch64.rpm
fuse-overlayfs-1.13-1.module+el8.10.0+90298+77a9814d.aarch64.rpm
libslirp-4.4.0-2.module+el8.10.0+90337+0d7b6e74.aarch64.rpm
libslirp-devel-4.4.0-2.module+el8.10.0+90337+0d7b6e74.aarch64.rpm
netavark-1.10.3-1.module+el8.10.0+90298+77a9814d.aarch64.rpm
oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90298+77a9814d.aarch64.rpm
podman-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.aarch64.rpm
podman-catatonit-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.aarch64.rpm
podman-docker-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.noarch.rpm
podman-gvproxy-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.aarch64.rpm
podman-plugins-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.aarch64.rpm
podman-remote-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.aarch64.rpm
podman-tests-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.aarch64.rpm
python3-criu-3.18-5.module+el8.10.0+90337+0d7b6e74.aarch64.rpm
python3-podman-4.9.0-1.module+el8.10.0+90298+77a9814d.noarch.rpm
runc-1.1.12-1.module+el8.10.0+90298+77a9814d.aarch64.rpm
skopeo-1.14.4-1.module+el8.10.0+90360+0c35d233.aarch64.rpm
skopeo-tests-1.14.4-1.module+el8.10.0+90360+0c35d233.aarch64.rpm
slirp4netns-1.2.3-1.module+el8.10.0+90298+77a9814d.aarch64.rpm
udica-0.2.6-21.module+el8.10.0+90337+0d7b6e74.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//aardvark-dns-1.10.0-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//buildah-1.33.8-1.module+el8.10.0+90360+0c35d233.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//cockpit-podman-84.1-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//conmon-2.1.10-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containernetworking-plugins-1.4.0-2.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containers-common-1-81.0.1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//container-selinux-2.229.0-2.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//criu-3.18-5.module+el8.10.0+90337+0d7b6e74.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//crun-1.14.3-2.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//fuse-overlayfs-1.13-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//libslirp-4.4.0-2.module+el8.10.0+90337+0d7b6e74.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//netavark-1.10.3-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//podman-4.9.4-4.0.1.module+el8.10.0+90360+0c35d233.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-podman-4.9.0-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//runc-1.1.12-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//skopeo-1.14.4-1.module+el8.10.0+90360+0c35d233.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//slirp4netns-1.2.3-1.module+el8.10.0+90298+77a9814d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//udica-0.2.6-21.module+el8.10.0+90337+0d7b6e74.src.rpm

Related CVEs:

CVE-2024-24786

Description of changes:

aardvark-dns
[2:1.10.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0
- Related: Jira:RHEL-2110

[2:1.9.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0
- Related: Jira:RHEL-2110

[2:1.8.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.8.0
- Related: Jira:RHEL-2110

buildah
[2:1.33.8-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
( https://github.com/containers/buildah/commit/b65a814)
- Resolves: RHEL-40850

cockpit-podman
conmon
containernetworking-plugins
containers-common
container-selinux
criu
[3.18-5]
- rebuild to preserve upgrade path
- Related: RHEL-32671

crun
fuse-overlayfs
libslirp
[4.4.0-2]
- rebuild to preserve upgrade path 8.9 -> 8.10
- Related: RHEL-32671

netavark
oci-seccomp-bpf-hook
podman
[4.9.4-4.0.1]
- Add devices on container startup, not on creation

[4:4.9.4-4]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
( https://github.com/containers/podman/commit/1a6dca2)
- Resolves: RHEL-40851

python-podman
runc
skopeo
[2:1.14.4-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.14
( https://github.com/containers/skopeo/commit/78d9c9a)
- Resolves: RHEL-40852

slirp4netns
udica
[0.2.6-21]
- bump release to preserve update path
- Resolves: RHEL-32671

[0.2.6-20]
- bump release to preserve update path
- Related: #2139052



ELSA-2024-4237 Moderate: Oracle Linux 8 go-toolset security update


Oracle Linux Security Advisory ELSA-2024-4237

http://linux.oracle.com/errata/ELSA-2024-4237.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
delve-1.21.2-3.0.1.module+el8.10.0+90307+cdf2b281.x86_64.rpm
golang-1.21.11-1.module+el8.10.0+90357+32bea22c.x86_64.rpm
golang-bin-1.21.11-1.module+el8.10.0+90357+32bea22c.x86_64.rpm
golang-docs-1.21.11-1.module+el8.10.0+90357+32bea22c.noarch.rpm
golang-misc-1.21.11-1.module+el8.10.0+90357+32bea22c.noarch.rpm
golang-src-1.21.11-1.module+el8.10.0+90357+32bea22c.noarch.rpm
golang-tests-1.21.11-1.module+el8.10.0+90357+32bea22c.noarch.rpm
go-toolset-1.21.11-1.module+el8.10.0+90357+32bea22c.x86_64.rpm

aarch64:
delve-1.21.2-3.0.1.module+el8.10.0+90307+cdf2b281.aarch64.rpm
golang-1.21.11-1.module+el8.10.0+90357+32bea22c.aarch64.rpm
golang-bin-1.21.11-1.module+el8.10.0+90357+32bea22c.aarch64.rpm
golang-docs-1.21.11-1.module+el8.10.0+90357+32bea22c.noarch.rpm
golang-misc-1.21.11-1.module+el8.10.0+90357+32bea22c.noarch.rpm
golang-src-1.21.11-1.module+el8.10.0+90357+32bea22c.noarch.rpm
golang-tests-1.21.11-1.module+el8.10.0+90357+32bea22c.noarch.rpm
go-toolset-1.21.11-1.module+el8.10.0+90357+32bea22c.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//delve-1.21.2-3.0.1.module+el8.10.0+90307+cdf2b281.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//golang-1.21.11-1.module+el8.10.0+90357+32bea22c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//go-toolset-1.21.11-1.module+el8.10.0+90357+32bea22c.src.rpm

Related CVEs:

CVE-2024-24789
CVE-2024-24790

Description of changes:

delve
[1.21.2-3.0.1]
- Disable DWARF compression which has issues (Alex Burmashev)

[1.21.2-3]
- Skip an additional test as it's breaking in the CI system.
- Modify the name of the patch.
- Resolves: RHEL-22820

[1.21.2-2]
- Fix: Remove architectures from exclude ExcludeArch
- Resolves: RHEL-22820

[1.21.2-1]
- Rebase to 1.21.2
- Add support for ppc64le and aarch64
- Enable the test suite
- Modify ports: Some CI systems complain about the usage of the 8888 port.
- Improve the way PPC64LE support is enabled.
- Resolves: RHEL-22820

golang
[1.21.11-1]
- Update to Go1.21.11 to address CVE-2024-24789 and CVE-2024-24790
- Resolves: RHEL-40274

[1.21.10]
- Update to Go 1.21.10
- Resolves: RHEL-36993

go-toolset
[1.21.11-1]
- Rebase to Go1.21.11 that includes fixes for CVE-2024-24789 and CVE-2024-24790
- Resolves: RHEL-40274

[1.21.10-1]
- Update to Go 1.21.10
- Resolves: RHEL-36993



ELBA-2024-4255 Oracle Linux 8 systemd update


Oracle Linux Bug Fix Advisory ELBA-2024-4255

http://linux.oracle.com/errata/ELBA-2024-4255.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
systemd-239-82.0.1.el8_10.1.i686.rpm
systemd-239-82.0.1.el8_10.1.x86_64.rpm
systemd-container-239-82.0.1.el8_10.1.i686.rpm
systemd-container-239-82.0.1.el8_10.1.x86_64.rpm
systemd-devel-239-82.0.1.el8_10.1.i686.rpm
systemd-devel-239-82.0.1.el8_10.1.x86_64.rpm
systemd-journal-remote-239-82.0.1.el8_10.1.x86_64.rpm
systemd-libs-239-82.0.1.el8_10.1.i686.rpm
systemd-libs-239-82.0.1.el8_10.1.x86_64.rpm
systemd-pam-239-82.0.1.el8_10.1.x86_64.rpm
systemd-tests-239-82.0.1.el8_10.1.x86_64.rpm
systemd-udev-239-82.0.1.el8_10.1.x86_64.rpm

aarch64:
systemd-239-82.0.1.el8_10.1.aarch64.rpm
systemd-container-239-82.0.1.el8_10.1.aarch64.rpm
systemd-devel-239-82.0.1.el8_10.1.aarch64.rpm
systemd-journal-remote-239-82.0.1.el8_10.1.aarch64.rpm
systemd-libs-239-82.0.1.el8_10.1.aarch64.rpm
systemd-pam-239-82.0.1.el8_10.1.aarch64.rpm
systemd-tests-239-82.0.1.el8_10.1.aarch64.rpm
systemd-udev-239-82.0.1.el8_10.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//systemd-239-82.0.1.el8_10.1.src.rpm

Description of changes:

[239-82.0.1.1]
- Udevd: add an extra configurable timeout before udevd kills workers [Orabug: 36424686]
- Fixed deletion issue for symlink when device is opened [Orabug: 36228608]
- Fix local-fs and remote-fs targets during system boot (replaces old Orabug: 25897792) [Orabug: 35871376]
- 1A) Add "systemd-fstab-generator-reload-targets.service" file [Orabug: 35871376]
- 1B) Add required rpms for correct kickstart/systemd functionality within systemd.spec [Orabug: 35871376]
- 1C) Important: Review 1902-systemd-fstab-generator-reload-targets.patch for important build details/steps [Orabug: 35871376]
- Prevent duplicate uuid device to replace existing one in udev [Orabug: 35987487]
- Backport upstream pstore dmesg fix [Orabug: 34850699]
- mount: flush out cycle state on DEAD->MOUNTED only, not the other way round [Orabug: 35454661]
- core/mount: adjust deserialized state based on /proc/self/mountinfo [Orabug: 35454661]
- Prevent duplicate label to replace exsisting one in udev [Orabug: 34898273]
- Oracle-Redhat Errata ELSA-2023:3837 CVE-2023-26604 OLERRATA-43629
- Detect podman as separate container type [Orabug: 31922204]
- improve container detection logic [Orabug: 31922204]
- mount: flush out cycle state on DEAD->MOUNTED only, not the other way round [Orabug: 35454661]
- core/mount: adjust deserialized state based on /proc/self/mountinfo [Orabug: 35454661]
- Prevent duplicate label to replace existing one in udev [Orabug: 34898273]
- Standardize ioctl (BTRFS_IOC_QGROUP_CREATE) check and return -ENOTCONN, if quota is not enabled [Orabug: 34694253]
- Disable unprivileged BPF by default [Orabug: 32870980]
- udev rules: fix memory hot add and remove [Orabug: 31310273]
- fix to enable systemd-pstore.service [Orabug: 30951066]
- journal: change support URL shown in the catalog entries [Orabug: 30853009]
- set "RemoveIPC=no" in logind.conf as default for OL7.2 [Orabug: 22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]
- Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056]
- Removed unneeded patches (Already provided upstream or not required)
- 1902-Fix-missing-netdev-for-iscsi-entry-in-fstab.patch [Orabug: 25897792]
- 1800-pager-set-LESSSECURE-whenver-we-invoke-a-pager.patch (#2175624)
- 1801-pager-make-pager-secure-when-under-euid-is-changed-o.patch (#2175624)
- 1802-pstore-fix-crash-and-forward-dummy-arguments-instead.patch (#2190151)
- 2002-orabug31420486-pstore-introduce-tmpfiles.d-systemd-pstore.conf.patch [Orabug: 31420486]
- 2009-login-add-a-missing-error-check-for-session_set_lead.patch (#2158167)
- 2010-logind-reset-session-leader-if-we-know-for-a-fact-th.patch (#2158167)
- 2011-sulogin-fix-control-lost-of-the-current-terminal-whe.patch (#2227769)
- systemd.spec: prevent 'myhostname' from being appended on upgrade (#2187761) (#2227769)
- Updated mod_nss() and readlink /etc/nsswitch.conf sections (#2187761)
- systemd.spec: mod_nss() and readlink /etc/nsswitch.conf sections (#2187761)



ELBA-2024-4263 Oracle Linux 8 krb5 bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-4263

http://linux.oracle.com/errata/ELBA-2024-4263.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
krb5-devel-1.18.2-28.0.1.el8_10.i686.rpm
krb5-devel-1.18.2-28.0.1.el8_10.x86_64.rpm
krb5-libs-1.18.2-28.0.1.el8_10.i686.rpm
krb5-libs-1.18.2-28.0.1.el8_10.x86_64.rpm
krb5-pkinit-1.18.2-28.0.1.el8_10.i686.rpm
krb5-pkinit-1.18.2-28.0.1.el8_10.x86_64.rpm
krb5-server-1.18.2-28.0.1.el8_10.i686.rpm
krb5-server-1.18.2-28.0.1.el8_10.x86_64.rpm
krb5-server-ldap-1.18.2-28.0.1.el8_10.i686.rpm
krb5-server-ldap-1.18.2-28.0.1.el8_10.x86_64.rpm
krb5-workstation-1.18.2-28.0.1.el8_10.x86_64.rpm
libkadm5-1.18.2-28.0.1.el8_10.i686.rpm
libkadm5-1.18.2-28.0.1.el8_10.x86_64.rpm

aarch64:
krb5-devel-1.18.2-28.0.1.el8_10.aarch64.rpm
krb5-libs-1.18.2-28.0.1.el8_10.aarch64.rpm
krb5-pkinit-1.18.2-28.0.1.el8_10.aarch64.rpm
krb5-server-1.18.2-28.0.1.el8_10.aarch64.rpm
krb5-server-ldap-1.18.2-28.0.1.el8_10.aarch64.rpm
krb5-workstation-1.18.2-28.0.1.el8_10.aarch64.rpm
libkadm5-1.18.2-28.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//krb5-1.18.2-28.0.1.el8_10.src.rpm

Description of changes:

[1.18.2-28.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]

[1.18.2-28]
- Fix leak of default credentials in gss_inquire_cred()
Resolves: RHEL-32258



ELBA-2024-4236 Oracle Linux 8 sysstat bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-4236

http://linux.oracle.com/errata/ELBA-2024-4236.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
sysstat-11.7.3-13.0.1.el8_10.x86_64.rpm

aarch64:
sysstat-11.7.3-13.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//sysstat-11.7.3-13.0.1.el8_10.src.rpm

Description of changes:

[11.7.3-13.0.1]
- add mpstat -H option to also display physically hotplugged vCPUs [Orabug: 34683071]

[11.7.3-13]
- fix memory allocation errors with malformed sa files (RHEL-35511)
- reorder patches to prevent errors during their application



ELBA-2024-4261 Oracle Linux 8 samba bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-4261

http://linux.oracle.com/errata/ELBA-2024-4261.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ctdb-4.19.4-4.0.1.el8_10.x86_64.rpm
libnetapi-4.19.4-4.0.1.el8_10.i686.rpm
libnetapi-4.19.4-4.0.1.el8_10.x86_64.rpm
libsmbclient-4.19.4-4.0.1.el8_10.i686.rpm
libsmbclient-4.19.4-4.0.1.el8_10.x86_64.rpm
libwbclient-4.19.4-4.0.1.el8_10.i686.rpm
libwbclient-4.19.4-4.0.1.el8_10.x86_64.rpm
python3-samba-4.19.4-4.0.1.el8_10.i686.rpm
python3-samba-4.19.4-4.0.1.el8_10.x86_64.rpm
python3-samba-dc-4.19.4-4.0.1.el8_10.x86_64.rpm
python3-samba-test-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-client-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-client-libs-4.19.4-4.0.1.el8_10.i686.rpm
samba-client-libs-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-common-4.19.4-4.0.1.el8_10.noarch.rpm
samba-common-libs-4.19.4-4.0.1.el8_10.i686.rpm
samba-common-libs-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-common-tools-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-dc-libs-4.19.4-4.0.1.el8_10.i686.rpm
samba-dc-libs-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-dcerpc-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-krb5-printing-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-ldb-ldap-modules-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-libs-4.19.4-4.0.1.el8_10.i686.rpm
samba-libs-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-pidl-4.19.4-4.0.1.el8_10.noarch.rpm
samba-test-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-test-libs-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-tools-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-usershares-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-vfs-iouring-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-winbind-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-winbind-clients-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-winbind-krb5-locator-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-winbind-modules-4.19.4-4.0.1.el8_10.i686.rpm
samba-winbind-modules-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-winexe-4.19.4-4.0.1.el8_10.x86_64.rpm
libnetapi-devel-4.19.4-4.0.1.el8_10.i686.rpm
libnetapi-devel-4.19.4-4.0.1.el8_10.x86_64.rpm
libsmbclient-devel-4.19.4-4.0.1.el8_10.i686.rpm
libsmbclient-devel-4.19.4-4.0.1.el8_10.x86_64.rpm
libwbclient-devel-4.19.4-4.0.1.el8_10.i686.rpm
libwbclient-devel-4.19.4-4.0.1.el8_10.x86_64.rpm
python3-samba-devel-4.19.4-4.0.1.el8_10.i686.rpm
python3-samba-devel-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-devel-4.19.4-4.0.1.el8_10.i686.rpm
samba-devel-4.19.4-4.0.1.el8_10.x86_64.rpm
samba-vfs-glusterfs-4.19.4-4.0.1.el8_10.x86_64.rpm

aarch64:
samba-vfs-glusterfs-4.19.4-4.0.1.el8_10.aarch64.rpm
ctdb-4.19.4-4.0.1.el8_10.aarch64.rpm
libnetapi-4.19.4-4.0.1.el8_10.aarch64.rpm
libsmbclient-4.19.4-4.0.1.el8_10.aarch64.rpm
libwbclient-4.19.4-4.0.1.el8_10.aarch64.rpm
python3-samba-4.19.4-4.0.1.el8_10.aarch64.rpm
python3-samba-dc-4.19.4-4.0.1.el8_10.aarch64.rpm
python3-samba-test-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-client-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-client-libs-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-common-4.19.4-4.0.1.el8_10.noarch.rpm
samba-common-libs-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-common-tools-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-dc-libs-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-dcerpc-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-krb5-printing-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-ldb-ldap-modules-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-libs-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-pidl-4.19.4-4.0.1.el8_10.noarch.rpm
samba-test-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-test-libs-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-tools-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-usershares-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-vfs-iouring-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-winbind-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-winbind-clients-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-winbind-krb5-locator-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-winbind-modules-4.19.4-4.0.1.el8_10.aarch64.rpm
libnetapi-devel-4.19.4-4.0.1.el8_10.aarch64.rpm
libsmbclient-devel-4.19.4-4.0.1.el8_10.aarch64.rpm
libwbclient-devel-4.19.4-4.0.1.el8_10.aarch64.rpm
python3-samba-devel-4.19.4-4.0.1.el8_10.aarch64.rpm
samba-devel-4.19.4-4.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//samba-4.19.4-4.0.1.el8_10.src.rpm

Description of changes:

[4.19.4-4.0.1]
- s3: winbindd: winbindd_pam: fix leak in extract_pac_vrfy_sigs [Orabug: 36518285]
- s3:passdb: Do not leak memory in pdb_tdb [Orabug: 36371377]
- Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs
in OL8 [Orabug: 30205755]

[4.19.4-4]
- resolves: RHEL-33813 - Add option to request only POSIX groups from AD in idmap_ad



ELBA-2024-4253 Oracle Linux 8 policycoreutils bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-4253

http://linux.oracle.com/errata/ELBA-2024-4253.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
policycoreutils-2.9-26.0.1.el8_10.x86_64.rpm
policycoreutils-dbus-2.9-26.0.1.el8_10.noarch.rpm
policycoreutils-devel-2.9-26.0.1.el8_10.i686.rpm
policycoreutils-devel-2.9-26.0.1.el8_10.x86_64.rpm
policycoreutils-gui-2.9-26.0.1.el8_10.noarch.rpm
policycoreutils-newrole-2.9-26.0.1.el8_10.x86_64.rpm
policycoreutils-python-utils-2.9-26.0.1.el8_10.noarch.rpm
policycoreutils-restorecond-2.9-26.0.1.el8_10.x86_64.rpm
policycoreutils-sandbox-2.9-26.0.1.el8_10.x86_64.rpm
python3-policycoreutils-2.9-26.0.1.el8_10.noarch.rpm

aarch64:
policycoreutils-2.9-26.0.1.el8_10.aarch64.rpm
policycoreutils-dbus-2.9-26.0.1.el8_10.noarch.rpm
policycoreutils-devel-2.9-26.0.1.el8_10.aarch64.rpm
policycoreutils-gui-2.9-26.0.1.el8_10.noarch.rpm
policycoreutils-newrole-2.9-26.0.1.el8_10.aarch64.rpm
policycoreutils-python-utils-2.9-26.0.1.el8_10.noarch.rpm
policycoreutils-restorecond-2.9-26.0.1.el8_10.aarch64.rpm
policycoreutils-sandbox-2.9-26.0.1.el8_10.aarch64.rpm
python3-policycoreutils-2.9-26.0.1.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//policycoreutils-2.9-26.0.1.el8_10.src.rpm

Description of changes:

[2.9-26.0.1]
- Fixed issue sepolicy generate command does not create the .spec file [Orabug: 34124962]
- Lazy unmount private, shared entry (Joe Jin) [OraBug: 12560705]

[2.9-26]
- python/semanage: Allow modifying records on "add" (RHEL-28167)
- python/semanage: Do not sort local fcontext definitions (RHEL-24461)



ELBA-2024-4251 Oracle Linux 8 pam bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-4251

http://linux.oracle.com/errata/ELBA-2024-4251.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pam-1.3.1-34.0.1.el8_10.i686.rpm
pam-1.3.1-34.0.1.el8_10.x86_64.rpm
pam-devel-1.3.1-34.0.1.el8_10.i686.rpm
pam-devel-1.3.1-34.0.1.el8_10.x86_64.rpm

aarch64:
pam-1.3.1-34.0.1.el8_10.aarch64.rpm
pam-devel-1.3.1-34.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pam-1.3.1-34.0.1.el8_10.src.rpm

Description of changes:

[1.3.1-34.0.1]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36272695]
- pam_access: clean up the remote host matching code [Orabug: 36733488]

[1.3.1-34]
- fix formatting of audit messages. Resolves: RHEL-28620



ELBA-2024-4254 Oracle Linux 8 kmod-redhat-oracleasm bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-4254

http://linux.oracle.com/errata/ELBA-2024-4254.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kmod-redhat-oracleasm-2.0.8-18.1.0.1.el8_10.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kmod-redhat-oracleasm-2.0.8-18.1.0.1.el8_10.src.rpm

Description of changes:

[2.0.8-18.1.0.1]
- fix Release string. [Orabug: 35011371]
- add OL signature

[2.0.8-18.1]
- Fix use-after-free in asmfs_svc_query_handle (RHEL-30468).



ELSA-2024-4245 Moderate: Oracle Linux 8 python3 security update


Oracle Linux Security Advisory ELSA-2024-4245

http://linux.oracle.com/errata/ELSA-2024-4245.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-PyMySQL-1.1.0-3.el8_10.noarch.rpm

aarch64:
python3.12-PyMySQL-1.1.0-3.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python3.12-PyMySQL-1.1.0-3.el8_10.src.rpm

Related CVEs:

CVE-2024-36039

Description of changes:

[1.1.0-3]
- Security fix for CVE-2024-36039
Resolves: RHEL-38366



ELBA-2024-4230 Oracle Linux 8 cockpit-appstream bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-4230

http://linux.oracle.com/errata/ELBA-2024-4230.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
cockpit-machines-310.3-3.0.1.el8_10.noarch.rpm
cockpit-packagekit-310.3-3.0.1.el8_10.noarch.rpm
cockpit-pcp-310.3-3.0.1.el8_10.x86_64.rpm
cockpit-storaged-310.3-3.0.1.el8_10.noarch.rpm

aarch64:
cockpit-machines-310.3-3.0.1.el8_10.noarch.rpm
cockpit-packagekit-310.3-3.0.1.el8_10.noarch.rpm
cockpit-pcp-310.3-3.0.1.el8_10.aarch64.rpm
cockpit-storaged-310.3-3.0.1.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//cockpit-appstream-310.3-3.0.1.el8_10.src.rpm

Description of changes:

[310.3-3.0.1]
- Drop subscription-manager-cockpit requirement for ol [Orabug: 34681110]
- Update documentation links [Orabug: 30271413], [Orabug: 32013095],
[Orabug: 32795691], [Orabug: 34398512], [Orabug: 34742876]

[310.3-3]
- Machines: Fix detaching host devices for running VMs (RHEL-34694)



ELSA-2024-4312 Important: Oracle Linux 9 openssh security update


Oracle Linux Security Advisory ELSA-2024-4312

http://linux.oracle.com/errata/ELSA-2024-4312.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
openssh-8.7p1-38.0.2.el9_4.1.x86_64.rpm
openssh-askpass-8.7p1-38.0.2.el9_4.1.x86_64.rpm
openssh-clients-8.7p1-38.0.2.el9_4.1.x86_64.rpm
openssh-keycat-8.7p1-38.0.2.el9_4.1.x86_64.rpm
openssh-server-8.7p1-38.0.2.el9_4.1.x86_64.rpm
pam_ssh_agent_auth-0.10.4-5.38.0.2.el9_4.1.x86_64.rpm

aarch64:
openssh-8.7p1-38.0.2.el9_4.1.aarch64.rpm
openssh-askpass-8.7p1-38.0.2.el9_4.1.aarch64.rpm
openssh-clients-8.7p1-38.0.2.el9_4.1.aarch64.rpm
openssh-keycat-8.7p1-38.0.2.el9_4.1.aarch64.rpm
openssh-server-8.7p1-38.0.2.el9_4.1.aarch64.rpm
pam_ssh_agent_auth-0.10.4-5.38.0.2.el9_4.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//openssh-8.7p1-38.0.2.el9_4.1.src.rpm

Related CVEs:

CVE-2024-6387

Description of changes:

[8.7p1-38.0.2.1]
- Update upstream references [Orabug: 36564626]

[8.7p1-38.1]
- Possible remote code execution due to a race condition (CVE-2024-6387)
Resolves: RHEL-45347



ELBA-2024-12473 Oracle Linux 7 chkconfig bug fix update (aarch64)


Oracle Linux Bug Fix Advisory ELBA-2024-12473

http://linux.oracle.com/errata/ELBA-2024-12473.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
chkconfig-1.7.6-1.0.3.el7.aarch64.rpm
ntsysv-1.7.6-1.0.3.el7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//chkconfig-1.7.6-1.0.3.el7.src.rpm

Description of changes:

[1.7.6-1.0.3]
- Use rename to replace old link atomically [Orabug: 36483848]



ELBA-2024-12473 Oracle Linux 7 chkconfig bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12473

http://linux.oracle.com/errata/ELBA-2024-12473.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
chkconfig-1.7.6-1.0.3.el7.x86_64.rpm
ntsysv-1.7.6-1.0.3.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//chkconfig-1.7.6-1.0.3.el7.src.rpm

Description of changes:

[1.7.6-1.0.3]
- Use rename to replace old link atomically [Orabug: 36483848]