A systemd security update has been released for Oracle Linux 9.

El-errata: ELSA-2023-0954 Moderate: Oracle Linux 9 systemd security update

Oracle Linux Security Advisory ELSA-2023-0954

  http://linux.oracle.com/errata/ELSA-2023-0954.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
systemd-250-12.0.2.el9_1.3.i686.rpm
systemd-250-12.0.2.el9_1.3.x86_64.rpm
systemd-container-250-12.0.2.el9_1.3.i686.rpm
systemd-container-250-12.0.2.el9_1.3.x86_64.rpm
systemd-devel-250-12.0.2.el9_1.3.i686.rpm
systemd-devel-250-12.0.2.el9_1.3.x86_64.rpm
systemd-journal-remote-250-12.0.2.el9_1.3.x86_64.rpm
systemd-libs-250-12.0.2.el9_1.3.i686.rpm
systemd-libs-250-12.0.2.el9_1.3.x86_64.rpm
systemd-oomd-250-12.0.2.el9_1.3.x86_64.rpm
systemd-pam-250-12.0.2.el9_1.3.x86_64.rpm
systemd-resolved-250-12.0.2.el9_1.3.x86_64.rpm
systemd-rpm-macros-250-12.0.2.el9_1.3.noarch.rpm
systemd-udev-250-12.0.2.el9_1.3.x86_64.rpm

aarch64:
systemd-250-12.0.2.el9_1.3.aarch64.rpm
systemd-container-250-12.0.2.el9_1.3.aarch64.rpm
systemd-devel-250-12.0.2.el9_1.3.aarch64.rpm
systemd-journal-remote-250-12.0.2.el9_1.3.aarch64.rpm
systemd-libs-250-12.0.2.el9_1.3.aarch64.rpm
systemd-oomd-250-12.0.2.el9_1.3.aarch64.rpm
systemd-pam-250-12.0.2.el9_1.3.aarch64.rpm
systemd-resolved-250-12.0.2.el9_1.3.aarch64.rpm
systemd-rpm-macros-250-12.0.2.el9_1.3.noarch.rpm
systemd-udev-250-12.0.2.el9_1.3.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol9/SRPMS-updates//systemd-250-12.0.2.el9_1.3.src.rpm

Related CVEs:

CVE-2022-4415
CVE-2022-45873



Description of changes:

[250-12.0.2.3]
- Backport upstream pstore dmesg fix [Orabug: 34868110]
- Remove upstream references [Orabug: 33995357]
- Disable unprivileged BPF by default [Orabug: 32870980]
- udev rules: fix memory hot add and remove [Orabug: 31310273]
- set "RemoveIPC=no" in logind.conf as default for OL7.2 [Orabug: 22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]
- fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792]
- shutdown: get only active md arrays. [Orabug: 34467234]

[250-12.3]
- shared/json: allow json_variant_dump() to return an error (#2149074)
- shared/json: use different return code for empty input (#2149074)
- coredump: avoid deadlock when passing processed backtrace data (#2149074)
- test: disable flaky subtests that require udevadm wait/lock (#2149074)

[250-12.2]
- coredump: adjust whitespace (#2155516)
- basic: add STRERROR() wrapper for strerror_r() (#2155516)
- coredump: do not allow user to access coredumps with changed uid/gid/capabilities (#2155516)
- Packit: build SRPMs in Copr (#2155516)
- test: support non-summer time (#2155516)
- test: bump the base VM memory to 768M (#2155516)
- test: don't overwrite existing $QEMU_OPTIONS (#2155516)

_______________________________________________