Oracle Linux 6267 Published by

A libcap security update has been released for Oracle Linux 8.



ELSA-2023-4524 Moderate: Oracle Linux 8 libcap security update


Oracle Linux Security Advisory ELSA-2023-4524

http://linux.oracle.com/errata/ELSA-2023-4524.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libcap-2.48-5.el8_8.i686.rpm
libcap-2.48-5.el8_8.x86_64.rpm
libcap-devel-2.48-5.el8_8.i686.rpm
libcap-devel-2.48-5.el8_8.x86_64.rpm

aarch64:
libcap-2.48-5.el8_8.aarch64.rpm
libcap-devel-2.48-5.el8_8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libcap-2.48-5.el8_8.src.rpm

Related CVEs:

CVE-2023-2602
CVE-2023-2603

Description of changes:

[2.48-5]
- Fix integer overflow in _libcap_strdup() (CVE-2023-2603)
Resolves: rhbz#2210637
- Correctly check pthread_create() return value to avoid memory leak (CVE-2023-2602)
Resolves: rhbz#2210644