Oracle Linux 6277 Published by

A parfait:0.5 security update has been released for Oracle Linux 8.



El-errata: ELSA-2022-0290 Important: Oracle Linux 8 parfait:0.5 security update


Oracle Linux Security Advisory ELSA-2022-0290

  http://linux.oracle.com/errata/ELSA-2022-0290.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
parfait-0.5.4-4.module+el8.5.0+20480+407d1823.noarch.rpm
parfait-examples-0.5.4-4.module+el8.5.0+20480+407d1823.noarch.rpm
parfait-javadoc-0.5.4-4.module+el8.5.0+20480+407d1823.noarch.rpm
pcp-parfait-agent-0.5.4-4.module+el8.5.0+20480+407d1823.noarch.rpm
si-units-0.6.5-2.module+el8+5163+abb6ece5.noarch.rpm
si-units-javadoc-0.6.5-2.module+el8+5163+abb6ece5.noarch.rpm
unit-api-1.0-5.module+el8+5163+abb6ece5.noarch.rpm
unit-api-javadoc-1.0-5.module+el8+5163+abb6ece5.noarch.rpm
uom-lib-1.0.1-6.module+el8+5163+abb6ece5.noarch.rpm
uom-lib-javadoc-1.0.1-6.module+el8+5163+abb6ece5.noarch.rpm
uom-parent-1.0.3-3.module+el8+5163+abb6ece5.noarch.rpm
uom-se-1.0.4-3.module+el8+5163+abb6ece5.noarch.rpm
uom-se-javadoc-1.0.4-3.module+el8+5163+abb6ece5.noarch.rpm
uom-systems-0.7-1.module+el8+5163+abb6ece5.noarch.rpm
uom-systems-javadoc-0.7-1.module+el8+5163+abb6ece5.noarch.rpm

aarch64:
parfait-0.5.4-4.module+el8.5.0+20480+407d1823.noarch.rpm
parfait-examples-0.5.4-4.module+el8.5.0+20480+407d1823.noarch.rpm
parfait-javadoc-0.5.4-4.module+el8.5.0+20480+407d1823.noarch.rpm
pcp-parfait-agent-0.5.4-4.module+el8.5.0+20480+407d1823.noarch.rpm
si-units-0.6.5-2.module+el8+5163+abb6ece5.noarch.rpm
si-units-javadoc-0.6.5-2.module+el8+5163+abb6ece5.noarch.rpm
unit-api-1.0-5.module+el8+5163+abb6ece5.noarch.rpm
unit-api-javadoc-1.0-5.module+el8+5163+abb6ece5.noarch.rpm
uom-lib-1.0.1-6.module+el8+5163+abb6ece5.noarch.rpm
uom-lib-javadoc-1.0.1-6.module+el8+5163+abb6ece5.noarch.rpm
uom-parent-1.0.3-3.module+el8+5163+abb6ece5.noarch.rpm
uom-se-1.0.4-3.module+el8+5163+abb6ece5.noarch.rpm
uom-se-javadoc-1.0.4-3.module+el8+5163+abb6ece5.noarch.rpm
uom-systems-0.7-1.module+el8+5163+abb6ece5.noarch.rpm
uom-systems-javadoc-0.7-1.module+el8+5163+abb6ece5.noarch.rpm

SRPMS:
  http://oss.oracle.com/ol8/SRPMS-updates/parfait-0.5.4-4.module+el8.5.0+20480+407d1823.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/si-units-0.6.5-2.module+el8+5163+abb6ece5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/unit-api-1.0-5.module+el8+5163+abb6ece5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/uom-lib-1.0.1-6.module+el8+5163+abb6ece5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/uom-parent-1.0.3-3.module+el8+5163+abb6ece5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/uom-se-1.0.4-3.module+el8+5163+abb6ece5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/uom-systems-0.7-1.module+el8+5163+abb6ece5.src.rpm

Related CVEs:

CVE-2021-4104
CVE-2022-23302
CVE-2022-23305
CVE-2022-23307



Description of changes:

parfait
[0.5.4-4]
- Obsolete (remove) vulnerable versions of log4j12 (NVR < 1.2.17-23)
when upgrading to parfait 0.5.4-4 (CVE-2021-4104)

[0.5.4-3]
- Drop all code explicitly using Log4J (BZ 2032158)

_______________________________________________