Oracle Linux 6278 Published by

A libcap security update security and bug fix update has been released for Oracle Linux 9.



ELSA-2023-5071 Moderate: Oracle Linux 9 libcap security update


Oracle Linux Security Advisory ELSA-2023-5071

http://linux.oracle.com/errata/ELSA-2023-5071.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libcap-2.48-9.el9_2.i686.rpm
libcap-2.48-9.el9_2.x86_64.rpm
libcap-devel-2.48-9.el9_2.i686.rpm
libcap-devel-2.48-9.el9_2.x86_64.rpm

aarch64:
libcap-2.48-9.el9_2.aarch64.rpm
libcap-devel-2.48-9.el9_2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//libcap-2.48-9.el9_2.src.rpm

Related CVEs:

CVE-2023-2602
CVE-2023-2603

Description of changes:

[2.48-9]
- Fix integer overflow in _libcap_strdup() (CVE-2023-2603)
Resolves: rhbz#2210638
- Correctly check pthread_create() return value to avoid memory leak (CVE-2023-2602)
Resolves: rhbz#2222198