El-errata: ELSA-2021-3956 Important: Oracle Linux 7 xstream security update
Oracle Linux Security Advisory ELSA-2021-3956
http://linux.oracle.com/errata/ELSA-2021-3956.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
xstream-1.3.1-16.el7_9.noarch.rpm
xstream-javadoc-1.3.1-16.el7_9.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/xstream-1.3.1-16.el7_9.src.rpm
Related CVEs:
CVE-2021-39139
CVE-2021-39140
CVE-2021-39141
CVE-2021-39144
CVE-2021-39145
CVE-2021-39146
CVE-2021-39147
CVE-2021-39148
CVE-2021-39149
CVE-2021-39150
CVE-2021-39151
CVE-2021-39152
CVE-2021-39153
CVE-2021-39154
Description of changes:
[1.3.1-16]
- Fix workaround
- Resolves: CVE-2021-39148
[1.3.1-15]
- Fix remote code execution vulnerabilities
- Resolves: CVE-2021-39139
- Resolves: CVE-2021-39140
- Resolves: CVE-2021-39141
- Resolves: CVE-2021-39144
- Resolves: CVE-2021-39145
- Resolves: CVE-2021-39146
- Resolves: CVE-2021-39147
- Resolves: CVE-2021-39148
- Resolves: CVE-2021-39149
- Resolves: CVE-2021-39150
- Resolves: CVE-2021-39151
- Resolves: CVE-2021-39152
- Resolves: CVE-2021-39153
- Resolves: CVE-2021-39154
A xstream security update has been released for Oracle Linux 7.
