Oracle Linux 6266 Published by

The following new updates are available for Oracle Linux:

ELSA-2024-1486 Critical: Oracle Linux 7 firefox security update (aarch64)
ELSA-2024-1530 Moderate: Oracle Linux 9 expat security update
ELSA-2024-1501 Important: Oracle Linux 9 grafana security update
ELSA-2024-1502 Important: Oracle Linux 9 grafana-pcp security update
ELSA-2024-1484 Critical: Oracle Linux 8 firefox security update
ELSA-2024-1485 Critical: Oracle Linux 9 firefox security update
ELSA-2024-1503 Important: Oracle Linux 9 nodejs:18 security update
ELBA-2024-12239 Oracle Linux 9 dtrace bug fix update
ELSA-2024-1493 Moderate: Oracle Linux 9 thunderbird security update
ELSA-2024-1494 Moderate: Oracle Linux 8 thunderbird security update
ELSA-2024-1472 Important: Oracle Linux 8 go-toolset:ol8 security update
ELBA-2024-12239 Oracle Linux 8 dtrace bug fix update
ELBA-2024-12239 Oracle Linux 9 dtrace bug fix update
ELBA-2024-12239 Oracle Linux 8 dtrace bug fix update
ELBA-2024-12239 Oracle Linux 8 dtrace bug fix update
ELBA-2024-12239 Oracle Linux 7 dtrace bug fix update
ELSA-2024-1498 Moderate: Oracle Linux 7 thunderbird security update
ELSA-2024-1498 Moderate: Oracle Linux 7 thunderbird security update (aarch64)
ELSA-2024-1486 Critical: Oracle Linux 7 firefox security update
ELBA-2024-12243 Oracle Linux 9 pam bug fix update
ELBA-2024-12241 Oracle Linux 8 cloud-init bug fix update
ELBA-2024-12242 Oracle Linux 8 pam bug fix update
ELSA-2024-1510 Important: Oracle Linux 8 nodejs:18 security update




ELSA-2024-1486 Critical: Oracle Linux 7 firefox security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-1486

http://linux.oracle.com/errata/ELSA-2024-1486.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
firefox-115.9.1-1.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//firefox-115.9.1-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2023-5388
CVE-2024-0743
CVE-2024-2607
CVE-2024-2608
CVE-2024-2610
CVE-2024-2611
CVE-2024-2612
CVE-2024-2614
CVE-2024-2616
CVE-2024-29944

Description of changes:

[115.9.1-1.0.1]
- Remove upstream references [Orabug: 30143292]
- Update distribution for Oracle Linux [Orabug: 30143292]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.9.1-1]
- Update to 115.9.1

[115.9.0-2]
- Update to 115.9.0 build2

[115.9.0-1]
- Update to 115.9.0 build1
- Fix expat CVE-2023-52425



ELSA-2024-1530 Moderate: Oracle Linux 9 expat security update


Oracle Linux Security Advisory ELSA-2024-1530

http://linux.oracle.com/errata/ELSA-2024-1530.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
expat-2.5.0-1.el9_3.1.i686.rpm
expat-2.5.0-1.el9_3.1.x86_64.rpm
expat-devel-2.5.0-1.el9_3.1.i686.rpm
expat-devel-2.5.0-1.el9_3.1.x86_64.rpm

aarch64:
expat-2.5.0-1.el9_3.1.aarch64.rpm
expat-devel-2.5.0-1.el9_3.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//expat-2.5.0-1.el9_3.1.src.rpm

Related CVEs:

CVE-2023-52425
CVE-2024-28757

Description of changes:

[2.5.0-1.1]
- CVE-2023-52425: Fix parsing of large tokens
- CVE-2024-28757: Reject direct parameter entity recursion
- Resolves: RHEL-29698
- Resolves: RHEL-29695



ELSA-2024-1501 Important: Oracle Linux 9 grafana security update


Oracle Linux Security Advisory ELSA-2024-1501

http://linux.oracle.com/errata/ELSA-2024-1501.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-9.2.10-8.el9_3.x86_64.rpm

aarch64:
grafana-9.2.10-8.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//grafana-9.2.10-8.el9_3.src.rpm

Related CVEs:

CVE-2024-1394

Description of changes:

[9.2.10-8]
- Rebuild with latest version of golang
- resolve RHEL-24313



ELSA-2024-1502 Important: Oracle Linux 9 grafana-pcp security update


Oracle Linux Security Advisory ELSA-2024-1502

http://linux.oracle.com/errata/ELSA-2024-1502.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-pcp-5.1.1-2.el9_3.x86_64.rpm

aarch64:
grafana-pcp-5.1.1-2.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//grafana-pcp-5.1.1-2.el9_3.src.rpm

Related CVEs:

CVE-2024-1394

Description of changes:

[5.1.1-2]
- Rebuild with latest version of golang
- resolves CVE-CVE-2024-1394



ELSA-2024-1484 Critical: Oracle Linux 8 firefox security update


Oracle Linux Security Advisory ELSA-2024-1484

http://linux.oracle.com/errata/ELSA-2024-1484.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.9.1-1.0.1.el8_9.x86_64.rpm

aarch64:
firefox-115.9.1-1.0.1.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//firefox-115.9.1-1.0.1.el8_9.src.rpm

Related CVEs:

CVE-2023-5388
CVE-2024-0743
CVE-2024-2607
CVE-2024-2608
CVE-2024-2610
CVE-2024-2611
CVE-2024-2612
CVE-2024-2614
CVE-2024-2616
CVE-2024-29944

Description of changes:

[115.9.1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file

[115.9.1]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[115.9.1-1]
- Update to 115.9.1

[115.9.0-2]
- Update to 115.9.0 build2

[115.9.0-1]
- Update to 115.9.0 build1
- Fix expat CVE-2023-52425



ELSA-2024-1485 Critical: Oracle Linux 9 firefox security update


Oracle Linux Security Advisory ELSA-2024-1485

http://linux.oracle.com/errata/ELSA-2024-1485.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.9.1-1.0.1.el9_3.x86_64.rpm
firefox-x11-115.9.1-1.0.1.el9_3.x86_64.rpm

aarch64:
firefox-115.9.1-1.0.1.el9_3.aarch64.rpm
firefox-x11-115.9.1-1.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//firefox-115.9.1-1.0.1.el9_3.src.rpm

Related CVEs:

CVE-2023-5388
CVE-2024-0743
CVE-2024-2607
CVE-2024-2608
CVE-2024-2610
CVE-2024-2611
CVE-2024-2612
CVE-2024-2614
CVE-2024-2616
CVE-2024-29944

Description of changes:

[115.9.1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file

[115.9.1]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[115.9.1-1]
- Update to 115.9.1

[115.9.0-2]
- Update to 115.9.0 build2

[115.9.0-1]
- Update to 115.9.0 build1
- Fix expat CVE-2023-52425



ELSA-2024-1503 Important: Oracle Linux 9 nodejs:18 security update


Oracle Linux Security Advisory ELSA-2024-1503

http://linux.oracle.com/errata/ELSA-2024-1503.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-18.19.1-1.module+el9.3.0+90193+90aa0dae.x86_64.rpm
nodejs-devel-18.19.1-1.module+el9.3.0+90193+90aa0dae.x86_64.rpm
nodejs-docs-18.19.1-1.module+el9.3.0+90193+90aa0dae.noarch.rpm
nodejs-full-i18n-18.19.1-1.module+el9.3.0+90193+90aa0dae.x86_64.rpm
nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.noarch.rpm
nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
npm-10.2.4-1.18.19.1.1.module+el9.3.0+90193+90aa0dae.x86_64.rpm

aarch64:
nodejs-18.19.1-1.module+el9.3.0+90193+90aa0dae.aarch64.rpm
nodejs-devel-18.19.1-1.module+el9.3.0+90193+90aa0dae.aarch64.rpm
nodejs-docs-18.19.1-1.module+el9.3.0+90193+90aa0dae.noarch.rpm
nodejs-full-i18n-18.19.1-1.module+el9.3.0+90193+90aa0dae.aarch64.rpm
nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.noarch.rpm
nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
npm-10.2.4-1.18.19.1.1.module+el9.3.0+90193+90aa0dae.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-18.19.1-1.module+el9.3.0+90193+90aa0dae.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.src.rpm

Related CVEs:

CVE-2023-46809
CVE-2024-21892
CVE-2024-22019

Description of changes:

nodejs
[1:18.19.1-1]
- Rebase to version 18.19.1
- Fixes: CVE-2024-21892 CVE-2024-22019 (high)
- Fixes: CVE-2023-46809 (medium)

nodejs-nodemon
nodejs-packaging



ELBA-2024-12239 Oracle Linux 9 dtrace bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12239

http://linux.oracle.com/errata/ELBA-2024-12239.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
dtrace-2.0.0-1.14.el9.aarch64.rpm
dtrace-devel-2.0.0-1.14.el9.aarch64.rpm
dtrace-testsuite-2.0.0-1.14.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dtrace-2.0.0-1.14.el9.src.rpm

Description of changes:

[2.0.0-1.14]
- Implement provider: io. (Eugene Loh, Kris Van Hees)
- Implement actions: print(). (Alan Maguire)
- Implement subroutines: link_ntop(), cleanpath(). (Eugene Loh)
- Implement options: -xcpu, -xaggpercpu. (Eugene Loh)
- Improve providers: pid (offset-based probes) and rawtp (arg info).
- Improve options: -xlockmem (improve default). (Eugene Loh)
- Ensure USDT probes can survive dtprobed restarts. (Nick Alcock)
- Improve USDT probe creation/deletion. (Nick Alcock)
- Improve support for DTrace with upstream kernels. (Nick Alcock)
- Improve support for compiling DTrace in older environments. (Kris Van Hees)
- Add support for aggregations of stacks. (Eugene Loh)
- Improve lexer parsing (top-level wildcard ambiguities and numerals).
(Nick Alcock)
- Fix END probe execution with multiple tracers. (Nick Alcock)
- Preemptive BPF program execution for DTrace probes is not allowed.
- Buffer overrun fix for systems with non-sequential online CPU ids.
(Kris Van Hees, Nick Alcock) [Orabug: 36356681]
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 36329725]

[2.0.0-1.13.2]
- Support using DTrace with upstream kernels.
- Implement provider: ip.
- Implement actions: trunc(), pcap().
- Implement subroutines: inet_ntoa6().
- Implement subroutines: inet_ntop(). (Eugene Loh)
- Support modules.builtin.ranges for builtin module-symbol association.
- Provide a BTF-to-CTF convertor to provide (limited) kernel type information
when CTF is not available.
- Remove dependency on waitfd(). (Nick Alcock)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)

[2.0.0-1.13.1]
- Restart dtprobed when upgrading DTrace.
- Report and clean up orphaned tracing events after each test.

[2.0.0-1.13]
- Full support for is-enabled USDT probes. (Nick Alcock)
- Report error on programs that exceed aggsize or dynvarsize.
- Support for drop counters for principal, speculation, and aggregation buffers
and for dynamic variables.
- Implement probe: proc:::signal-clear.
- Implement provider: sched (partial implementation).
- Implement provider: lockstat (for kernels >= 5.10.0 and UEK6 with fix).
- Support NULL strings. (Eugene Loh)
- Support uregs[] on older kernels. (Eugene Loh)
- New option: lonknommap. (Nick Alcock)
- Support for USDT probes in programs in different fs namespaces. (Nick Alcock)
- Support for USDT probes in non-PIE executables. (Nick Alcock)
- Fix dtprobed to support DOF that exceeds 64KiB. (Nick Alcock)
[Orabug: 35411920]
- Do not modify input files with dtrace -G if unchanged. (Steven Sistare)
[Orbug: 35417184]
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees) [Orabug: 35435195]
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 35435195]

[2.0.0-1.12]
- Fix evaluation order of bcopy() arguments and lift non-alloca restriction
on the source address. (Eugene Loh, Kris Van Hees)
- Implement actions: clear(), tracemem(). (Kris Van Hees, Eugene Loh)
- Implement subroutines: copyout(), copyinstr(). (Kris Van Hees, Eugene Loh)
- Implement options: switchrate, aggrate.
- Implement provider: cpc. (Eugene Loh)
- Implement provider: proc.
- Implement built-in variable: uregs. (Eugene Loh)
- Increase strtab maximum size.
- Support using indirect load instructions for pointers to alloca()'d and
DTrace managed memory. (Kris Van Hees, Eugene Loh)
- Fix arg0 and arg1 for profile-* and tick-* probes. (Eugene Loh)
- Implement runtime bounds checking for scalar array access. (Eugene Loh)
- Updated manpage and moved to dtrace.8.
- Support arbitrary address pointers for basename(), dirname(), strchr(),
strrchr(), and inet_ntoa(). (Eugene Loh) [Orabug: 34857846]
- Add runtime bounds checking for scalar array access. (Eugene Loh)
[Orabug: 35045463]
- Various testsuite fixes and improvements. [Orabug: 34829509]
- Various code improvements. [Orabug: 34829509]

[2.0.0-1.11.1]
- Support both libfuse 2 and libfuse 3.

[2.0.0-1.11]
- Add initial support for USDT. (Nick Alcock, Kris Van Hees)
- Add support for aggregation keys. (Eugene Loh, Kris Van Hees)
- Add support for copyin(), copyinto(), and copyinstr().
- Add support for built-in variable args[] and sdt probe arg types.
- Fix arg handling for various probes. (Eugene Loh)
- Add basic support for setopt().
- Add -xlockmem, with useful error message. (Eugene Loh)
- Fix -xverbose, -xcpp, and -xctfpath
- Fix handling of multiple args after --. (Nick Alcock)
- Have the pid provider ignore compiler-generated internal function names.
- Fix various bugs with typecasting and internal integer storage. (Eugene Loh)
- Fix access to scalars in kernel space.
- Fix libproc search of rtld_global due to glibc changes. (Nick Alcock)
[Orabug: 32856318]
- Truly decouple per-CPU BPF agg maps with a "map of maps."
- Unused dual aggregation copies (DT_AGG_NUM_COPIES) have been removed.
(Eugene Loh)
- Various testsuite fixes and improvements. [Orabug: 34251899]
- Various code improvements. [Orabug: 34251899]

[2.0.0-1.10]
- Add support for associative arrays.
- Add support for allcoa() and bcopy(). (Nick Alcock)
- Add support for inet_ntoa(), progenyof(), getmajor(), getminor(),
mutex_owned(), mutex_owner(), mutex_type_adaptive(), mutex_type_spin(),
rw_read_held(), rw_write_held(), and rw_iswriter(). (Eugene Loh)
- Improved fault handling. (Nick Alcock, Kris Van Hees)
- Various disassembler improvements, esp. annotations.
- Strings are no longer stored using a length prefix.
- The trace() action now supports arrays, structs, and unions.
- Various testsuite fixes and improvements. [Orabug: 34112342]
- Various code improvements. [Orabug: 34112342]



ELSA-2024-1493 Moderate: Oracle Linux 9 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-1493

http://linux.oracle.com/errata/ELSA-2024-1493.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.9.0-1.0.1.el9_3.x86_64.rpm

aarch64:
thunderbird-115.9.0-1.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-115.9.0-1.0.1.el9_3.src.rpm

Related CVEs:

CVE-2023-5388
CVE-2024-0743
CVE-2024-1936
CVE-2024-2607
CVE-2024-2608
CVE-2024-2610
CVE-2024-2611
CVE-2024-2612
CVE-2024-2614

Description of changes:

[115.9.0-1.0.1]
- Add Oracle prefs

[115.9.0-1]
- Update to 115.9.0 build1
- Fix expat CVE-2023-52425



ELSA-2024-1494 Moderate: Oracle Linux 8 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-1494

http://linux.oracle.com/errata/ELSA-2024-1494.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.9.0-1.0.1.el8_9.x86_64.rpm

aarch64:
thunderbird-115.9.0-1.0.1.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//thunderbird-115.9.0-1.0.1.el8_9.src.rpm

Related CVEs:

CVE-2023-5388
CVE-2024-0743
CVE-2024-1936
CVE-2024-2607
CVE-2024-2608
CVE-2024-2610
CVE-2024-2611
CVE-2024-2612
CVE-2024-2614

Description of changes:

[115.9.0-1.0.1]
- Add Oracle prefs

[115.9.0-1]
- Update to 115.9.0 build1
- Fix expat CVE-2023-52425



ELSA-2024-1472 Important: Oracle Linux 8 go-toolset:ol8 security update


Oracle Linux Security Advisory ELSA-2024-1472

http://linux.oracle.com/errata/ELSA-2024-1472.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
delve-1.20.2-1.0.1.module+el8.9.0+90001+52c302fe.x86_64.rpm
golang-1.20.12-3.module+el8.9.0+90189+385a1f8c.x86_64.rpm
golang-bin-1.20.12-3.module+el8.9.0+90189+385a1f8c.x86_64.rpm
golang-docs-1.20.12-3.module+el8.9.0+90189+385a1f8c.noarch.rpm
golang-misc-1.20.12-3.module+el8.9.0+90189+385a1f8c.noarch.rpm
golang-src-1.20.12-3.module+el8.9.0+90189+385a1f8c.noarch.rpm
golang-tests-1.20.12-3.module+el8.9.0+90189+385a1f8c.noarch.rpm
go-toolset-1.20.12-1.module+el8.9.0+90189+385a1f8c.x86_64.rpm

aarch64:
golang-1.20.12-3.module+el8.9.0+90189+385a1f8c.aarch64.rpm
golang-bin-1.20.12-3.module+el8.9.0+90189+385a1f8c.aarch64.rpm
golang-docs-1.20.12-3.module+el8.9.0+90189+385a1f8c.noarch.rpm
golang-misc-1.20.12-3.module+el8.9.0+90189+385a1f8c.noarch.rpm
golang-src-1.20.12-3.module+el8.9.0+90189+385a1f8c.noarch.rpm
golang-tests-1.20.12-3.module+el8.9.0+90189+385a1f8c.noarch.rpm
go-toolset-1.20.12-1.module+el8.9.0+90189+385a1f8c.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//delve-1.20.2-1.0.1.module+el8.9.0+90001+52c302fe.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//golang-1.20.12-3.module+el8.9.0+90189+385a1f8c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//go-toolset-1.20.12-1.module+el8.9.0+90189+385a1f8c.src.rpm

Related CVEs:

CVE-2024-1394

Description of changes:

delve
[1.20.2-1.0.1]
- Disable DWARF compression which has issues (Alex Burmashev)

[1.20.2-1]
- Rebase to 1.20.2
- Resolves: rhbz#2186495

golang
[1.20.12-3]
- Fix CVE-2024-1394
- Resolves: RHEL-27928

[1.20.12-2]
- Fix sources file
- Related: RHEL-19231

go-toolset



ELBA-2024-12239 Oracle Linux 8 dtrace bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12239

http://linux.oracle.com/errata/ELBA-2024-12239.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
dtrace-2.0.0-1.14.el8.aarch64.rpm
dtrace-devel-2.0.0-1.14.el8.aarch64.rpm
dtrace-testsuite-2.0.0-1.14.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dtrace-2.0.0-1.14.el8.src.rpm

Description of changes:

[2.0.0-1.14]
- Implement provider: io. (Eugene Loh, Kris Van Hees)
- Implement actions: print(). (Alan Maguire)
- Implement subroutines: link_ntop(), cleanpath(). (Eugene Loh)
- Implement options: -xcpu, -xaggpercpu. (Eugene Loh)
- Improve providers: pid (offset-based probes) and rawtp (arg info).
- Improve options: -xlockmem (improve default). (Eugene Loh)
- Ensure USDT probes can survive dtprobed restarts. (Nick Alcock)
- Improve USDT probe creation/deletion. (Nick Alcock)
- Improve support for DTrace with upstream kernels. (Nick Alcock)
- Improve support for compiling DTrace in older environments. (Kris Van Hees)
- Add support for aggregations of stacks. (Eugene Loh)
- Improve lexer parsing (top-level wildcard ambiguities and numerals).
(Nick Alcock)
- Fix END probe execution with multiple tracers. (Nick Alcock)
- Preemptive BPF program execution for DTrace probes is not allowed.
- Buffer overrun fix for systems with non-sequential online CPU ids.
(Kris Van Hees, Nick Alcock) [Orabug: 36356681]
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 36329725]

[2.0.0-1.13.2]
- Support using DTrace with upstream kernels.
- Implement provider: ip.
- Implement actions: trunc(), pcap().
- Implement subroutines: inet_ntoa6().
- Implement subroutines: inet_ntop(). (Eugene Loh)
- Support modules.builtin.ranges for builtin module-symbol association.
- Provide a BTF-to-CTF convertor to provide (limited) kernel type information
when CTF is not available.
- Remove dependency on waitfd(). (Nick Alcock)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)

[2.0.0-1.13.1]
- Restart dtprobed when upgrading DTrace.
- Report and clean up orphaned tracing events after each test.

[2.0.0-1.13]
- Full support for is-enabled USDT probes. (Nick Alcock)
- Report error on programs that exceed aggsize or dynvarsize.
- Support for drop counters for principal, speculation, and aggregation buffers
and for dynamic variables.
- Implement probe: proc:::signal-clear.
- Implement provider: sched (partial implementation).
- Implement provider: lockstat (for kernels >= 5.10.0 and UEK6 with fix).
- Support NULL strings. (Eugene Loh)
- Support uregs[] on older kernels. (Eugene Loh)
- New option: lonknommap. (Nick Alcock)
- Support for USDT probes in programs in different fs namespaces. (Nick Alcock)
- Support for USDT probes in non-PIE executables. (Nick Alcock)
- Fix dtprobed to support DOF that exceeds 64KiB. (Nick Alcock)
[Orabug: 35411920]
- Do not modify input files with dtrace -G if unchanged. (Steven Sistare)
[Orbug: 35417184]
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees) [Orabug: 35435195]
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 35435195]

[2.0.0-1.12]
- Fix evaluation order of bcopy() arguments and lift non-alloca restriction
on the source address. (Eugene Loh, Kris Van Hees)
- Implement actions: clear(), tracemem(). (Kris Van Hees, Eugene Loh)
- Implement subroutines: copyout(), copyinstr(). (Kris Van Hees, Eugene Loh)
- Implement options: switchrate, aggrate.
- Implement provider: cpc. (Eugene Loh)
- Implement provider: proc.
- Implement built-in variable: uregs. (Eugene Loh)
- Increase strtab maximum size.
- Support using indirect load instructions for pointers to alloca()'d and
DTrace managed memory. (Kris Van Hees, Eugene Loh)
- Fix arg0 and arg1 for profile-* and tick-* probes. (Eugene Loh)
- Implement runtime bounds checking for scalar array access. (Eugene Loh)
- Updated manpage and moved to dtrace.8.
- Support arbitrary address pointers for basename(), dirname(), strchr(),
strrchr(), and inet_ntoa(). (Eugene Loh) [Orabug: 34857846]
- Add runtime bounds checking for scalar array access. (Eugene Loh)
[Orabug: 35045463]
- Various testsuite fixes and improvements. [Orabug: 34829509]
- Various code improvements. [Orabug: 34829509]

[2.0.0-1.11.1]
- Support both libfuse 2 and libfuse 3.

[2.0.0-1.11]
- Add initial support for USDT. (Nick Alcock, Kris Van Hees)
- Add support for aggregation keys. (Eugene Loh, Kris Van Hees)
- Add support for copyin(), copyinto(), and copyinstr().
- Add support for built-in variable args[] and sdt probe arg types.
- Fix arg handling for various probes. (Eugene Loh)
- Add basic support for setopt().
- Add -xlockmem, with useful error message. (Eugene Loh)
- Fix -xverbose, -xcpp, and -xctfpath
- Fix handling of multiple args after --. (Nick Alcock)
- Have the pid provider ignore compiler-generated internal function names.
- Fix various bugs with typecasting and internal integer storage. (Eugene Loh)
- Fix access to scalars in kernel space.
- Fix libproc search of rtld_global due to glibc changes. (Nick Alcock)
[Orabug: 32856318]
- Truly decouple per-CPU BPF agg maps with a "map of maps."
- Unused dual aggregation copies (DT_AGG_NUM_COPIES) have been removed.
(Eugene Loh)
- Various testsuite fixes and improvements. [Orabug: 34251899]
- Various code improvements. [Orabug: 34251899]

[2.0.0-1.10]
- Add support for associative arrays.
- Add support for allcoa() and bcopy(). (Nick Alcock)
- Add support for inet_ntoa(), progenyof(), getmajor(), getminor(),
mutex_owned(), mutex_owner(), mutex_type_adaptive(), mutex_type_spin(),
rw_read_held(), rw_write_held(), and rw_iswriter(). (Eugene Loh)
- Improved fault handling. (Nick Alcock, Kris Van Hees)
- Various disassembler improvements, esp. annotations.
- Strings are no longer stored using a length prefix.
- The trace() action now supports arrays, structs, and unions.
- Various testsuite fixes and improvements. [Orabug: 34112342]
- Various code improvements. [Orabug: 34112342]

[2.0.0-1.9.1]
- Add support for UEK7. [Orabug: 33806867]

[2.0.0-1.9]
- Add support for strtok(). (Eugene Loh)
- Implement TLS (thread-local storage) variables.
- Add support for basename(), dirname(). (Eugene Loh)
- Generic hash table improvements and consistent use of htabs. (Nick Alcock)
- CTF improvements in view of better kernel support. (Nick Alcock)
- Add support for ftruncate(). (Eugene Loh)
- Add support for rand(). (Eugene Loh)
- Fix string constant handling for strings longer than strsize.
- Optimization of substr(), strjoin(), and storing strings in the trace buffer.
- Various string handling fixes and improvements. (Eugene Loh, Kris Van Hees)
[Orabug: 33651682]
- Various testsuite fixes and improvements. [Orabug: 33651682]
- Various code improvements. [Orabug: 33651682]

[2.0.0-1.8]
- Support running dtrace under valgrind. (Nick Alcock) [Orabug: 32760574]
- Implementation of speculative tracing. (Nick Alcock)
- Add support for string comparison. (Eugene Loh)
- Add support for strchr(), strrchr(), index(), rindex(), strstr(), lltostr().
(Eugene Loh)
- Add support for symbols in compressed kernel modules. (Nick Alcock)
- Add support for htonl, htonll, htons, ntohl, ntohll, ntohs. (Eugene Loh)
- Various testsuite fixes and improvements. [Orabug: 33474154]
- Various code improvements. [Orabug: 33474154]

[2.0.0-1.7]
- Implement argument retrieval for SDT probes.
- Introduce 'bpflog' runtime option to request BPF verifier log.
- Implementation improvements for memry copy operations.
- Fix type alignment handling for enums.
- Fix ERROR-in-BEGIN probe handling.
- Transition from variable-length string size to 2-byte string size.
- Fix size of string data in the trace output buffer.
- Fix data size for value copy.
- Add support for strjoin() subroutine.
- Add support for substr() subroutine.

[2.0.0-1.6]
- Consolidated development of newly ported features. [Orabug: 33037106]
- Implement built-in variables: probeprov, probemod, probefunc, probename.
- Implement built-in variables: caller, stackdepth, ucaller, ustackdepth,
errno, walltimestamp. (Eugene Loh)
- Implement actions: stack(), ustack(). (Eugene Loh)
- Implement subroutine: strlen().
- Implement option: -Z (partial). (Eugene Loh)
- Added support for string constants and string values.
- Added support for strings to trace().
- Fixed storage size determination for global and local variables.
- Improved storage layout for global and local variables.
- Mark aggregation actions as non-data recording actions. (Eugene Loh)
- Load string constant table into the 'strtab' BPF map.
- Load probe description data into the 'probes' BPF map.
- Consolidate all string hash functions into a single hash function.
- Implement variable length integer support.
- Store the length of each string as a variable length integer inline with its
character stream.
- Improve memcpy() internal BPF function.
- Testsuite improvements. (Eugene Loh)



ELBA-2024-12239 Oracle Linux 9 dtrace bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12239

http://linux.oracle.com/errata/ELBA-2024-12239.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.0-1.14.el9.x86_64.rpm
dtrace-devel-2.0.0-1.14.el9.x86_64.rpm
dtrace-testsuite-2.0.0-1.14.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dtrace-2.0.0-1.14.el9.src.rpm

Description of changes:

[2.0.0-1.14]
- Implement provider: io. (Eugene Loh, Kris Van Hees)
- Implement actions: print(). (Alan Maguire)
- Implement subroutines: link_ntop(), cleanpath(). (Eugene Loh)
- Implement options: -xcpu, -xaggpercpu. (Eugene Loh)
- Improve providers: pid (offset-based probes) and rawtp (arg info).
- Improve options: -xlockmem (improve default). (Eugene Loh)
- Ensure USDT probes can survive dtprobed restarts. (Nick Alcock)
- Improve USDT probe creation/deletion. (Nick Alcock)
- Improve support for DTrace with upstream kernels. (Nick Alcock)
- Improve support for compiling DTrace in older environments. (Kris Van Hees)
- Add support for aggregations of stacks. (Eugene Loh)
- Improve lexer parsing (top-level wildcard ambiguities and numerals).
(Nick Alcock)
- Fix END probe execution with multiple tracers. (Nick Alcock)
- Preemptive BPF program execution for DTrace probes is not allowed.
- Buffer overrun fix for systems with non-sequential online CPU ids.
(Kris Van Hees, Nick Alcock) [Orabug: 36356681]
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 36329725]

[2.0.0-1.13.2]
- Support using DTrace with upstream kernels.
- Implement provider: ip.
- Implement actions: trunc(), pcap().
- Implement subroutines: inet_ntoa6().
- Implement subroutines: inet_ntop(). (Eugene Loh)
- Support modules.builtin.ranges for builtin module-symbol association.
- Provide a BTF-to-CTF convertor to provide (limited) kernel type information
when CTF is not available.
- Remove dependency on waitfd(). (Nick Alcock)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)

[2.0.0-1.13.1]
- Restart dtprobed when upgrading DTrace.
- Report and clean up orphaned tracing events after each test.



ELBA-2024-12239 Oracle Linux 8 dtrace bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12239

http://linux.oracle.com/errata/ELBA-2024-12239.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.0-1.14.el8.x86_64.rpm
dtrace-devel-2.0.0-1.14.el8.x86_64.rpm
dtrace-testsuite-2.0.0-1.14.el8.x86_64.rpm

aarch64:
dtrace-2.0.0-1.14.el8.aarch64.rpm
dtrace-devel-2.0.0-1.14.el8.aarch64.rpm
dtrace-testsuite-2.0.0-1.14.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dtrace-2.0.0-1.14.el8.src.rpm

Description of changes:

[2.0.0-1.14]
- Implement provider: io. (Eugene Loh, Kris Van Hees)
- Implement actions: print(). (Alan Maguire)
- Implement subroutines: link_ntop(), cleanpath(). (Eugene Loh)
- Implement options: -xcpu, -xaggpercpu. (Eugene Loh)
- Improve providers: pid (offset-based probes) and rawtp (arg info).
- Improve options: -xlockmem (improve default). (Eugene Loh)
- Ensure USDT probes can survive dtprobed restarts. (Nick Alcock)
- Improve USDT probe creation/deletion. (Nick Alcock)
- Improve support for DTrace with upstream kernels. (Nick Alcock)
- Improve support for compiling DTrace in older environments. (Kris Van Hees)
- Add support for aggregations of stacks. (Eugene Loh)
- Improve lexer parsing (top-level wildcard ambiguities and numerals).
(Nick Alcock)
- Fix END probe execution with multiple tracers. (Nick Alcock)
- Preemptive BPF program execution for DTrace probes is not allowed.
- Buffer overrun fix for systems with non-sequential online CPU ids.
(Kris Van Hees, Nick Alcock) [Orabug: 36356681]
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 36329725]

[2.0.0-1.13.2]
- Support using DTrace with upstream kernels.
- Implement provider: ip.
- Implement actions: trunc(), pcap().
- Implement subroutines: inet_ntoa6().
- Implement subroutines: inet_ntop(). (Eugene Loh)
- Support modules.builtin.ranges for builtin module-symbol association.
- Provide a BTF-to-CTF convertor to provide (limited) kernel type information
when CTF is not available.
- Remove dependency on waitfd(). (Nick Alcock)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)

[2.0.0-1.13.1]
- Restart dtprobed when upgrading DTrace.
- Report and clean up orphaned tracing events after each test.



ELBA-2024-12239 Oracle Linux 8 dtrace bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12239

http://linux.oracle.com/errata/ELBA-2024-12239.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.0-1.14.el8.x86_64.rpm
dtrace-devel-2.0.0-1.14.el8.x86_64.rpm
dtrace-testsuite-2.0.0-1.14.el8.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dtrace-2.0.0-1.14.el8.src.rpm

Description of changes:

[2.0.0-1.14]
- Implement provider: io. (Eugene Loh, Kris Van Hees)
- Implement actions: print(). (Alan Maguire)
- Implement subroutines: link_ntop(), cleanpath(). (Eugene Loh)
- Implement options: -xcpu, -xaggpercpu. (Eugene Loh)
- Improve providers: pid (offset-based probes) and rawtp (arg info).
- Improve options: -xlockmem (improve default). (Eugene Loh)
- Ensure USDT probes can survive dtprobed restarts. (Nick Alcock)
- Improve USDT probe creation/deletion. (Nick Alcock)
- Improve support for DTrace with upstream kernels. (Nick Alcock)
- Improve support for compiling DTrace in older environments. (Kris Van Hees)
- Add support for aggregations of stacks. (Eugene Loh)
- Improve lexer parsing (top-level wildcard ambiguities and numerals).
(Nick Alcock)
- Fix END probe execution with multiple tracers. (Nick Alcock)
- Preemptive BPF program execution for DTrace probes is not allowed.
- Buffer overrun fix for systems with non-sequential online CPU ids.
(Kris Van Hees, Nick Alcock) [Orabug: 36356681]
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 36329725]

[2.0.0-1.13.2]
- Support using DTrace with upstream kernels.
- Implement provider: ip.
- Implement actions: trunc(), pcap().
- Implement subroutines: inet_ntoa6().
- Implement subroutines: inet_ntop(). (Eugene Loh)
- Support modules.builtin.ranges for builtin module-symbol association.
- Provide a BTF-to-CTF convertor to provide (limited) kernel type information
when CTF is not available.
- Remove dependency on waitfd(). (Nick Alcock)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)

[2.0.0-1.13.1]
- Restart dtprobed when upgrading DTrace.
- Report and clean up orphaned tracing events after each test.



ELBA-2024-12239 Oracle Linux 7 dtrace bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12239

http://linux.oracle.com/errata/ELBA-2024-12239.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.0-1.14.el7.x86_64.rpm
dtrace-devel-2.0.0-1.14.el7.x86_64.rpm
dtrace-testsuite-2.0.0-1.14.el7.x86_64.rpm

aarch64:
dtrace-2.0.0-1.14.el7.aarch64.rpm
dtrace-devel-2.0.0-1.14.el7.aarch64.rpm
dtrace-testsuite-2.0.0-1.14.el7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//dtrace-2.0.0-1.14.el7.src.rpm

Description of changes:

[2.0.0-1.14]
- Implement provider: io. (Eugene Loh, Kris Van Hees)
- Implement actions: print(). (Alan Maguire)
- Implement subroutines: link_ntop(), cleanpath(). (Eugene Loh)
- Implement options: -xcpu, -xaggpercpu. (Eugene Loh)
- Improve providers: pid (offset-based probes) and rawtp (arg info).
- Improve options: -xlockmem (improve default). (Eugene Loh)
- Ensure USDT probes can survive dtprobed restarts. (Nick Alcock)
- Improve USDT probe creation/deletion. (Nick Alcock)
- Improve support for DTrace with upstream kernels. (Nick Alcock)
- Improve support for compiling DTrace in older environments. (Kris Van Hees)
- Add support for aggregations of stacks. (Eugene Loh)
- Improve lexer parsing (top-level wildcard ambiguities and numerals).
(Nick Alcock)
- Fix END probe execution with multiple tracers. (Nick Alcock)
- Preemptive BPF program execution for DTrace probes is not allowed.
- Buffer overrun fix for systems with non-sequential online CPU ids.
(Kris Van Hees, Nick Alcock) [Orabug: 36356681]
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 36329725]

[2.0.0-1.13.2]
- Support using DTrace with upstream kernels.
- Implement provider: ip.
- Implement actions: trunc(), pcap().
- Implement subroutines: inet_ntoa6().
- Implement subroutines: inet_ntop(). (Eugene Loh)
- Support modules.builtin.ranges for builtin module-symbol association.
- Provide a BTF-to-CTF convertor to provide (limited) kernel type information
when CTF is not available.
- Remove dependency on waitfd(). (Nick Alcock)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)

[2.0.0-1.13.1]
- Restart dtprobed when upgrading DTrace.
- Report and clean up orphaned tracing events after each test.



ELSA-2024-1498 Moderate: Oracle Linux 7 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-1498

http://linux.oracle.com/errata/ELSA-2024-1498.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.9.0-1.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//thunderbird-115.9.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2023-5388
CVE-2024-0743
CVE-2024-1936
CVE-2024-2607
CVE-2024-2608
CVE-2024-2610
CVE-2024-2611
CVE-2024-2612
CVE-2024-2614

Description of changes:

[115.9.0-1.0.1]
- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js
- Enabled aarch64 build

[115.9.0-1]
- Update to 115.9.0 build1
- Fix expat CVE-2023-52425



ELSA-2024-1498 Moderate: Oracle Linux 7 thunderbird security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-1498

http://linux.oracle.com/errata/ELSA-2024-1498.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
thunderbird-115.9.0-1.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//thunderbird-115.9.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2023-5388
CVE-2024-0743
CVE-2024-1936
CVE-2024-2607
CVE-2024-2608
CVE-2024-2610
CVE-2024-2611
CVE-2024-2612
CVE-2024-2614

Description of changes:

[115.9.0-1.0.1]
- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js
- Enabled aarch64 build

[115.9.0-1]
- Update to 115.9.0 build1
- Fix expat CVE-2023-52425



ELSA-2024-1486 Critical: Oracle Linux 7 firefox security update


Oracle Linux Security Advisory ELSA-2024-1486

http://linux.oracle.com/errata/ELSA-2024-1486.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.9.1-1.0.1.el7_9.i686.rpm
firefox-115.9.1-1.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//firefox-115.9.1-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2023-5388
CVE-2024-0743
CVE-2024-2607
CVE-2024-2608
CVE-2024-2610
CVE-2024-2611
CVE-2024-2612
CVE-2024-2614
CVE-2024-2616
CVE-2024-29944

Description of changes:

[115.9.1-1.0.1]
- Remove upstream references [Orabug: 30143292]
- Update distribution for Oracle Linux [Orabug: 30143292]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.9.1-1]
- Update to 115.9.1

[115.9.0-2]
- Update to 115.9.0 build2

[115.9.0-1]
- Update to 115.9.0 build1
- Fix expat CVE-2023-52425



ELBA-2024-12243 Oracle Linux 9 pam bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12243

http://linux.oracle.com/errata/ELBA-2024-12243.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
pam-1.5.1-15.0.1.el9.i686.rpm
pam-1.5.1-15.0.1.el9.x86_64.rpm
pam-devel-1.5.1-15.0.1.el9.i686.rpm
pam-devel-1.5.1-15.0.1.el9.x86_64.rpm
pam-docs-1.5.1-15.0.1.el9.x86_64.rpm

aarch64:
pam-1.5.1-15.0.1.el9.aarch64.rpm
pam-devel-1.5.1-15.0.1.el9.aarch64.rpm
pam-docs-1.5.1-15.0.1.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//pam-1.5.1-15.0.1.el9.src.rpm

Description of changes:

[1.5.1-15.0.1]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]



ELBA-2024-12241 Oracle Linux 8 cloud-init bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12241

http://linux.oracle.com/errata/ELBA-2024-12241.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
cloud-init-23.1.1-11.0.2.el8_9.1.noarch.rpm

aarch64:
cloud-init-23.1.1-11.0.2.el8_9.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//cloud-init-23.1.1-11.0.2.el8_9.1.src.rpm

Description of changes:

[23.1.1-11.0.2.1]
- Fix Ephemeral local network setup at boot [Orabug: 36390725]
- Set minimum swapsize to 2G on instances with less memory [Orabug: 36390864]



ELBA-2024-12242 Oracle Linux 8 pam bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12242

http://linux.oracle.com/errata/ELBA-2024-12242.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pam-1.3.1-27.0.1.el8.i686.rpm
pam-1.3.1-27.0.1.el8.x86_64.rpm
pam-devel-1.3.1-27.0.1.el8.i686.rpm
pam-devel-1.3.1-27.0.1.el8.x86_64.rpm

aarch64:
pam-1.3.1-27.0.1.el8.aarch64.rpm
pam-devel-1.3.1-27.0.1.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pam-1.3.1-27.0.1.el8.src.rpm

Description of changes:

[1.3.1-27.0.1]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36272695]



ELSA-2024-1510 Important: Oracle Linux 8 nodejs:18 security update


Oracle Linux Security Advisory ELSA-2024-1510

http://linux.oracle.com/errata/ELSA-2024-1510.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-18.19.1-1.module+el8.9.0+90195+64cfbb95.x86_64.rpm
nodejs-devel-18.19.1-1.module+el8.9.0+90195+64cfbb95.x86_64.rpm
nodejs-docs-18.19.1-1.module+el8.9.0+90195+64cfbb95.noarch.rpm
nodejs-full-i18n-18.19.1-1.module+el8.9.0+90195+64cfbb95.x86_64.rpm
nodejs-nodemon-3.0.1-1.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
npm-10.2.4-1.18.19.1.1.module+el8.9.0+90195+64cfbb95.x86_64.rpm

aarch64:
nodejs-18.19.1-1.module+el8.9.0+90195+64cfbb95.aarch64.rpm
nodejs-devel-18.19.1-1.module+el8.9.0+90195+64cfbb95.aarch64.rpm
nodejs-docs-18.19.1-1.module+el8.9.0+90195+64cfbb95.noarch.rpm
nodejs-full-i18n-18.19.1-1.module+el8.9.0+90195+64cfbb95.aarch64.rpm
nodejs-nodemon-3.0.1-1.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
npm-10.2.4-1.18.19.1.1.module+el8.9.0+90195+64cfbb95.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-18.19.1-1.module+el8.9.0+90195+64cfbb95.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.9.0+90157+ed89dc20.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.src.rpm

Related CVEs:

CVE-2023-46809
CVE-2024-21892
CVE-2024-22019

Description of changes:

nodejs
[1:18.19.1-1]
- Rebase to version 18.19.1
- Fixes: CVE-2024-21892 CVE-2024-22019 (high)
- Fixes: CVE-2023-46809 (medium)

nodejs-nodemon
nodejs-packaging