Oracle Linux 6278 Published by

The following security updates are available for Oracle Linux:

ELSA-2024-1912 Important: Oracle Linux 8 firefox security update
ELBA-2024-12339 Oracle Linux 8 aardvark-dns bug fix update
ELSA-2024-1817 Moderate: Oracle Linux 7 java-1.8.0-openjdk security update
ELBA-2024-12338 Oracle Linux 7 selinux-policy bug fix update
ELBA-2024-12333 Oracle Linux 8 selinux-policy bug fix update
ELSA-2024-1908 Important: Oracle Linux 9 firefox security update
ELSA-2024-1939 Low: Oracle Linux 8 thunderbird security update
ELSA-2024-1817 Moderate: Oracle Linux 7 java-1.8.0-openjdk security update (aarch64)
ELSA-2024-1821 Moderate: Oracle Linux 7 java-11-openjdk security update
ELBA-2024-12338 Oracle Linux 7 selinux-policy bug fix update (aarch64)
ELSA-2024-1910 Important: Oracle Linux 7 firefox security update (aarch64)
ELBA-2024-12340 Oracle Linux 9 podman bug fix update
ELSA-2024-1879 Moderate: Oracle Linux 9 gnutls security update
ELBA-2024-1738 Oracle Linux 9 .NET 6.0 bugfix update
ELSA-2024-1935 Low: Oracle Linux 7 thunderbird security update
ELSA-2024-1831 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) kernel security update
ELSA-2024-1935 Low: Oracle Linux 7 thunderbird security update (aarch64)
ELBA-2024-12335 Oracle Linux 8 samba bug fix update
ELSA-2024-1872 Important: Oracle Linux 9 mod_http2 security update
ELSA-2024-1825 Moderate: Oracle Linux 8 java-17-openjdk security update
ELSA-2024-1821 Moderate: Oracle Linux 7 java-11-openjdk security update (aarch64)
ELSA-2024-1784 Moderate: Oracle Linux 8 gnutls security update
ELSA-2024-1825 Moderate: Oracle Linux 9 java-17-openjdk security update
ELSA-2024-1910 Important: Oracle Linux 7 firefox security update



ELSA-2024-1912 Important: Oracle Linux 8 firefox security update


Oracle Linux Security Advisory ELSA-2024-1912

http://linux.oracle.com/errata/ELSA-2024-1912.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.10.0-1.0.1.el8_9.x86_64.rpm

aarch64:
firefox-115.10.0-1.0.1.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//firefox-115.10.0-1.0.1.el8_9.src.rpm

Related CVEs:

CVE-2024-2609
CVE-2024-3852
CVE-2024-3854
CVE-2024-3857
CVE-2024-3859
CVE-2024-3861
CVE-2024-3864

Description of changes:

[115.10.0-1.0.1]
- Change default prefs file to Oracle version

[115.10.0-1]
- Update to 115.10.0 build1



ELBA-2024-12339 Oracle Linux 8 aardvark-dns bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12339

http://linux.oracle.com/errata/ELBA-2024-12339.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aardvark-dns-1.7.0-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
buildah-1.31.3-3.0.1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
buildah-tests-1.31.3-3.0.1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
cockpit-podman-75-1.module+el8.9.0+90281+a2e5717b.noarch.rpm
conmon-2.1.8-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
containernetworking-plugins-1.3.0-8.0.1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
containers-common-1-71.0.1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
container-selinux-2.229.0-1.module+el8.9.0+90281+a2e5717b.noarch.rpm
crit-3.18-4.module+el8.9.0+90281+a2e5717b.x86_64.rpm
criu-3.18-4.module+el8.9.0+90281+a2e5717b.x86_64.rpm
criu-devel-3.18-4.module+el8.9.0+90281+a2e5717b.x86_64.rpm
criu-libs-3.18-4.module+el8.9.0+90281+a2e5717b.x86_64.rpm
crun-1.8.7-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
fuse-overlayfs-1.12-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
libslirp-4.4.0-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
libslirp-devel-4.4.0-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
netavark-1.7.0-2.module+el8.9.0+90281+a2e5717b.x86_64.rpm
oci-seccomp-bpf-hook-1.2.9-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
podman-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.x86_64.rpm
podman-catatonit-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.x86_64.rpm
podman-docker-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.noarch.rpm
podman-gvproxy-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.x86_64.rpm
podman-plugins-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.x86_64.rpm
podman-remote-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.x86_64.rpm
podman-tests-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.x86_64.rpm
python3-criu-3.18-4.module+el8.9.0+90281+a2e5717b.x86_64.rpm
python3-podman-4.6.0-2.0.1.module+el8.9.0+90281+a2e5717b.noarch.rpm
runc-1.1.12-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
skopeo-1.13.3-3.0.1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
skopeo-tests-1.13.3-3.0.1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
slirp4netns-1.2.1-1.module+el8.9.0+90281+a2e5717b.x86_64.rpm
udica-0.2.6-20.module+el8.9.0+90281+a2e5717b.noarch.rpm

aarch64:
aardvark-dns-1.7.0-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
buildah-1.31.3-3.0.1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
buildah-tests-1.31.3-3.0.1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
cockpit-podman-75-1.module+el8.9.0+90281+a2e5717b.noarch.rpm
conmon-2.1.8-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
containernetworking-plugins-1.3.0-8.0.1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
containers-common-1-71.0.1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
container-selinux-2.229.0-1.module+el8.9.0+90281+a2e5717b.noarch.rpm
crit-3.18-4.module+el8.9.0+90281+a2e5717b.aarch64.rpm
criu-3.18-4.module+el8.9.0+90281+a2e5717b.aarch64.rpm
criu-devel-3.18-4.module+el8.9.0+90281+a2e5717b.aarch64.rpm
criu-libs-3.18-4.module+el8.9.0+90281+a2e5717b.aarch64.rpm
crun-1.8.7-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
fuse-overlayfs-1.12-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
libslirp-4.4.0-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
libslirp-devel-4.4.0-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
netavark-1.7.0-2.module+el8.9.0+90281+a2e5717b.aarch64.rpm
oci-seccomp-bpf-hook-1.2.9-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
podman-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.aarch64.rpm
podman-catatonit-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.aarch64.rpm
podman-docker-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.noarch.rpm
podman-gvproxy-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.aarch64.rpm
podman-plugins-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.aarch64.rpm
podman-remote-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.aarch64.rpm
podman-tests-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.aarch64.rpm
python3-criu-3.18-4.module+el8.9.0+90281+a2e5717b.aarch64.rpm
python3-podman-4.6.0-2.0.1.module+el8.9.0+90281+a2e5717b.noarch.rpm
runc-1.1.12-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
skopeo-1.13.3-3.0.1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
skopeo-tests-1.13.3-3.0.1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
slirp4netns-1.2.1-1.module+el8.9.0+90281+a2e5717b.aarch64.rpm
udica-0.2.6-20.module+el8.9.0+90281+a2e5717b.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//aardvark-dns-1.7.0-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//buildah-1.31.3-3.0.1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//cockpit-podman-75-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//conmon-2.1.8-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containernetworking-plugins-1.3.0-8.0.1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containers-common-1-71.0.1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//container-selinux-2.229.0-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//criu-3.18-4.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//crun-1.8.7-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//fuse-overlayfs-1.12-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//netavark-1.7.0-2.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.9-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//podman-4.6.1-8.0.2.module+el8.9.0+90309+a96c4d47.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-podman-4.6.0-2.0.1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//runc-1.1.12-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//skopeo-1.13.3-3.0.1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//slirp4netns-1.2.1-1.module+el8.9.0+90281+a2e5717b.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//udica-0.2.6-20.module+el8.9.0+90281+a2e5717b.src.rpm

Description of changes:

aardvark-dns
buildah
cockpit-podman
conmon
containernetworking-plugins
containers-common
[1-71.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)

[2:1-71]
- update vendored components and configuration files
- Resolves: RHEL-20910

container-selinux
[2:2.229.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.229.0
- Resolves: RHEL-28923

criu
crun
fuse-overlayfs
libslirp
netavark
oci-seccomp-bpf-hook
podman
[3:4.6.1-8.0.2]
- Add devices on container startup, not on creation

python-podman
runc
skopeo
slirp4netns
udica



ELSA-2024-1817 Moderate: Oracle Linux 7 java-1.8.0-openjdk security update


Oracle Linux Security Advisory ELSA-2024-1817

http://linux.oracle.com/errata/ELSA-2024-1817.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.x86_64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.noarch.rpm
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.i686.rpm
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpm

Related CVEs:

CVE-2024-21011
CVE-2024-21068
CVE-2024-21085
CVE-2024-21094

Description of changes:

[1:1.8.0.412.b08-1]
- Update to shenandoah-jdk8u412-b08 (GA)
- Update release notes for shenandoah-8u412-b08.
- Complete release note for Certainly roots
- Switch to GA mode.
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **
- Related: RHEL-30926

[1:1.8.0.412.b07-0.1.ea]
- Update to shenandoah-jdk8u412-b07 (EA)
- Update release notes for shenandoah-8u412-b07.
- Require tzdata 2024a due to upstream inclusion of JDK-8322725
- Only require tzdata 2023d for now as 2024a is unavailable in buildroot
- Resolves: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Turn off xz multi-threading on i686 as it fails with an out of memory error
- Normalise whitespace
- Move to upstream tag style (shenandoah8ux-by) in preparation for eventually moving back to official sources
- generate_source_tarball.sh: Rename JCONSOLE_JS_PATCH{,_DEFAULT} to JCONSOLE_PATCH{,_DEFAULT} for brevity
- generate_source_tarball.sh: Adapt OPENJDK_LATEST logic to work with 8u Shenandoah fork
- generate_source_tarball.sh: Adapt version logic to work with 8u
- generate_source_tarball.sh: Add quoting for SCRIPT_DIR and JCONSOLE_PATCH (SC2086)
- generate_source_tarball.sh: Update examples in header for clarity
- generate_source_tarball.sh: Create directory in TMPDIR when using WITH_TEMP
- generate_source_tarball.sh: Only add --depth=1 on non-local repositories
- Move maintenance scripts to a scripts subdirectory
- icedtea_sync.sh: Update with a VCS mode that retrieves sources from a Mercurial repository
- jconsole.desktop.in: Restored by running icedtea_sync.sh
- policytool.desktop.in: Likewise.
- Restore IcedTea sources correctly in spec file
- discover_trees.sh: Set compile-command and indentation instructions for Emacs
- discover_trees.sh: shellcheck: Do not use -o (SC2166)
- discover_trees.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- discover_trees.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: Add authorship
- icedtea_sync.sh: Set compile-command and indentation instructions for Emacs
- icedtea_sync.sh: shellcheck: Double-quote variable references (SC2086)
- icedtea_sync.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: Set compile-command and indentation instructions for Emacs
- openjdk_news.sh: shellcheck: Double-quote variable references (SC2086)
- openjdk_news.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: shellcheck: Remove deprecated egrep usage (SC2196)
- generate_source_tarball.sh: Handle an existing checkout
- generate_source_tarball.sh: Sync indentation with java-21-openjdk version
- generate_source_tarball.sh: Support using a subdirectory via TO_COMPRESS
- Related: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Invoke xz in multi-threaded mode
- generate_source_tarball.sh: Add WITH_TEMP environment variable
- generate_source_tarball.sh: Multithread xz on all available cores
- generate_source_tarball.sh: Add OPENJDK_LATEST environment variable
- generate_source_tarball.sh: Update comment about tarball naming
- generate_source_tarball.sh: Reformat comment header
- generate_source_tarball.sh: Reformat and update help output
- generate_source_tarball.sh: Do a shallow clone, for speed
- generate_source_tarball.sh: Eliminate some removal prompting
- generate_source_tarball.sh: Make tarball reproducible
- generate_source_tarball.sh: Prefix temporary directory with temp-
- generate_source_tarball.sh: Remove temporary directory exit conditions
- generate_source_tarball.sh: Set compile-command in Emacs
- generate_source_tarball.sh: Remove REPO_NAME from FILE_NAME_ROOT
- generate_source_tarball.sh: Move PROJECT_NAME and REPO_NAME checks
- generate_source_tarball.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- generate_source_tarball.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: shellcheck: Do not use -a (SC2166)
- generate_source_tarball.sh: shellcheck: Do not use $ on arithmetic variables (SC2004)
- Use backward-compatible patch syntax
- generate_source_tarball.sh: Ignore -ga tags with OPENJDK_LATEST
- generate_source_tarball.sh: Remove trailing period in echo
- generate_source_tarball.sh: Use long-style argument to grep
- generate_source_tarball.sh: Add license
- generate_source_tarball.sh: Add indentation instructions for Emacs
- Remove -T0 argument from systemtap tar invocation
- Related: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Update to shenandoah-jdk8u412-b01 (EA)
- Update release notes for shenandoah-8u412-b01.
- Switch to EA mode.
- Related: RHEL-30926



ELBA-2024-12338 Oracle Linux 7 selinux-policy bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12338

http://linux.oracle.com/errata/ELBA-2024-12338.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
selinux-policy-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-devel-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-minimum-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-mls-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-targeted-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-doc-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-sandbox-3.13.1-268.0.19.el7_9.2.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//selinux-policy-3.13.1-268.0.19.el7_9.2.src.rpm

Description of changes:

[3.13.1-268.0.19.2]
- Allow mailman_domain to manage mailman_log_t link files [Orabug: 36424551]



ELBA-2024-12333 Oracle Linux 8 selinux-policy bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12333

http://linux.oracle.com/errata/ELBA-2024-12333.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
selinux-policy-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-devel-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-doc-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-minimum-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-mls-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-sandbox-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-targeted-3.14.3-128.0.5.el8_9.1.noarch.rpm

aarch64:
selinux-policy-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-devel-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-doc-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-minimum-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-mls-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-sandbox-3.14.3-128.0.5.el8_9.1.noarch.rpm
selinux-policy-targeted-3.14.3-128.0.5.el8_9.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//selinux-policy-3.14.3-128.0.5.el8_9.1.src.rpm

Description of changes:

[3.14.3-128.0.5.1]
- Allow cgred_t to get attributes of cgroup filesystems [Orabug: 36226040]



ELSA-2024-1908 Important: Oracle Linux 9 firefox security update


Oracle Linux Security Advisory ELSA-2024-1908

http://linux.oracle.com/errata/ELSA-2024-1908.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.10.0-1.0.1.el9_3.x86_64.rpm
firefox-x11-115.10.0-1.0.1.el9_3.x86_64.rpm

aarch64:
firefox-115.10.0-1.0.1.el9_3.aarch64.rpm
firefox-x11-115.10.0-1.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//firefox-115.10.0-1.0.1.el9_3.src.rpm

Related CVEs:

CVE-2024-2609
CVE-2024-3852
CVE-2024-3854
CVE-2024-3857
CVE-2024-3859
CVE-2024-3861
CVE-2024-3864

Description of changes:

[115.10.0-1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.10.0-1]
- Update to 115.10.0 build1



ELSA-2024-1939 Low: Oracle Linux 8 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-1939

http://linux.oracle.com/errata/ELSA-2024-1939.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.10.0-2.0.1.el8_9.x86_64.rpm

aarch64:
thunderbird-115.10.0-2.0.1.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//thunderbird-115.10.0-2.0.1.el8_9.src.rpm

Related CVEs:

CVE-2024-3302

Description of changes:

[115.10.0-2.0.1]
- Add Oracle prefs

[115.10.0]
- Add OpenELA debranding

[115.10.0-2]
- Update to 115.10.0 build2

[115.10.0-1]
- Update to 115.10.0 build1
- Revert expat CVE-2023-52425 fix



ELSA-2024-1817 Moderate: Oracle Linux 7 java-1.8.0-openjdk security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-1817

http://linux.oracle.com/errata/ELSA-2024-1817.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.noarch.rpm
java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.src.rpm

Related CVEs:

CVE-2024-21011
CVE-2024-21068
CVE-2024-21085
CVE-2024-21094

Description of changes:

[1:1.8.0.412.b08-1]
- Update to shenandoah-jdk8u412-b08 (GA)
- Update release notes for shenandoah-8u412-b08.
- Complete release note for Certainly roots
- Switch to GA mode.
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **
- Related: RHEL-30926

[1:1.8.0.412.b07-0.1.ea]
- Update to shenandoah-jdk8u412-b07 (EA)
- Update release notes for shenandoah-8u412-b07.
- Require tzdata 2024a due to upstream inclusion of JDK-8322725
- Only require tzdata 2023d for now as 2024a is unavailable in buildroot
- Resolves: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Turn off xz multi-threading on i686 as it fails with an out of memory error
- Normalise whitespace
- Move to upstream tag style (shenandoah8ux-by) in preparation for eventually moving back to official sources
- generate_source_tarball.sh: Rename JCONSOLE_JS_PATCH{,_DEFAULT} to JCONSOLE_PATCH{,_DEFAULT} for brevity
- generate_source_tarball.sh: Adapt OPENJDK_LATEST logic to work with 8u Shenandoah fork
- generate_source_tarball.sh: Adapt version logic to work with 8u
- generate_source_tarball.sh: Add quoting for SCRIPT_DIR and JCONSOLE_PATCH (SC2086)
- generate_source_tarball.sh: Update examples in header for clarity
- generate_source_tarball.sh: Create directory in TMPDIR when using WITH_TEMP
- generate_source_tarball.sh: Only add --depth=1 on non-local repositories
- Move maintenance scripts to a scripts subdirectory
- icedtea_sync.sh: Update with a VCS mode that retrieves sources from a Mercurial repository
- jconsole.desktop.in: Restored by running icedtea_sync.sh
- policytool.desktop.in: Likewise.
- Restore IcedTea sources correctly in spec file
- discover_trees.sh: Set compile-command and indentation instructions for Emacs
- discover_trees.sh: shellcheck: Do not use -o (SC2166)
- discover_trees.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- discover_trees.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: Add authorship
- icedtea_sync.sh: Set compile-command and indentation instructions for Emacs
- icedtea_sync.sh: shellcheck: Double-quote variable references (SC2086)
- icedtea_sync.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: Set compile-command and indentation instructions for Emacs
- openjdk_news.sh: shellcheck: Double-quote variable references (SC2086)
- openjdk_news.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: shellcheck: Remove deprecated egrep usage (SC2196)
- generate_source_tarball.sh: Handle an existing checkout
- generate_source_tarball.sh: Sync indentation with java-21-openjdk version
- generate_source_tarball.sh: Support using a subdirectory via TO_COMPRESS
- Related: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Invoke xz in multi-threaded mode
- generate_source_tarball.sh: Add WITH_TEMP environment variable
- generate_source_tarball.sh: Multithread xz on all available cores
- generate_source_tarball.sh: Add OPENJDK_LATEST environment variable
- generate_source_tarball.sh: Update comment about tarball naming
- generate_source_tarball.sh: Reformat comment header
- generate_source_tarball.sh: Reformat and update help output
- generate_source_tarball.sh: Do a shallow clone, for speed
- generate_source_tarball.sh: Eliminate some removal prompting
- generate_source_tarball.sh: Make tarball reproducible
- generate_source_tarball.sh: Prefix temporary directory with temp-
- generate_source_tarball.sh: Remove temporary directory exit conditions
- generate_source_tarball.sh: Set compile-command in Emacs
- generate_source_tarball.sh: Remove REPO_NAME from FILE_NAME_ROOT
- generate_source_tarball.sh: Move PROJECT_NAME and REPO_NAME checks
- generate_source_tarball.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- generate_source_tarball.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: shellcheck: Do not use -a (SC2166)
- generate_source_tarball.sh: shellcheck: Do not use $ on arithmetic variables (SC2004)
- Use backward-compatible patch syntax
- generate_source_tarball.sh: Ignore -ga tags with OPENJDK_LATEST
- generate_source_tarball.sh: Remove trailing period in echo
- generate_source_tarball.sh: Use long-style argument to grep
- generate_source_tarball.sh: Add license
- generate_source_tarball.sh: Add indentation instructions for Emacs
- Remove -T0 argument from systemtap tar invocation
- Related: RHEL-30926

[1:1.8.0.412.b01-0.1.ea]
- Update to shenandoah-jdk8u412-b01 (EA)
- Update release notes for shenandoah-8u412-b01.
- Switch to EA mode.
- Related: RHEL-30926



ELSA-2024-1821 Moderate: Oracle Linux 7 java-11-openjdk security update


Oracle Linux Security Advisory ELSA-2024-1821

http://linux.oracle.com/errata/ELSA-2024-1821.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-11-openjdk-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm
java-11-openjdk-demo-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-demo-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm
java-11-openjdk-devel-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-devel-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm
java-11-openjdk-headless-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-headless-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-javadoc-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-javadoc-zip-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm
java-11-openjdk-jmods-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-jmods-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm
java-11-openjdk-src-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-src-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm
java-11-openjdk-static-libs-11.0.23.0.9-2.0.1.el7_9.i686.rpm
java-11-openjdk-static-libs-11.0.23.0.9-2.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-11-openjdk-11.0.23.0.9-2.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-21011
CVE-2024-21012
CVE-2024-21068
CVE-2024-21085
CVE-2024-21094

Description of changes:

[1:11.0.23.0.9-2.0.1]
- link atomic for ix86 build

[1:11.0.23.0.9-2]
- Fix 11.0.22 release date in NEWS
- Restore ppc64le --with-jobs=1 workaround to avoid flaky ppc builds

[1:11.0.23.0.9-1]
- Update to jdk-11.0.23+9 (GA)
- Update release notes to 11.0.23+9
- Switch to GA mode for release
- Require tzdata 2024a due to upstream inclusion of JDK-8322725
- Only require tzdata 2023d for now as 2024a is unavailable in buildroot
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **
- Resolves: RHEL-30914

[1:11.0.23.0.1-0.1.ea]
- Update to jdk-11.0.23+1 (EA)
- Update release notes to 11.0.23+1
- Switch to EA mode
- Speed up PPC build by removing ppc64le --with-jobs=1 workaround



ELBA-2024-12338 Oracle Linux 7 selinux-policy bug fix update (aarch64)


Oracle Linux Bug Fix Advisory ELBA-2024-12338

http://linux.oracle.com/errata/ELBA-2024-12338.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
selinux-policy-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-devel-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-minimum-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-mls-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-targeted-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-doc-3.13.1-268.0.19.el7_9.2.noarch.rpm
selinux-policy-sandbox-3.13.1-268.0.19.el7_9.2.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//selinux-policy-3.13.1-268.0.19.el7_9.2.src.rpm

Description of changes:

[3.13.1-268.0.19.2]
- Allow mailman_domain to manage mailman_log_t link files [Orabug: 36424551]



ELSA-2024-1910 Important: Oracle Linux 7 firefox security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-1910

http://linux.oracle.com/errata/ELSA-2024-1910.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
firefox-115.10.0-1.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//firefox-115.10.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-2609
CVE-2024-3852
CVE-2024-3854
CVE-2024-3857
CVE-2024-3859
CVE-2024-3861
CVE-2024-3864

Description of changes:

[115.10.0-1.0.1]
- Remove upstream references [Orabug: 30143292]
- Update distribution for Oracle Linux [Orabug: 30143292]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.10.0-1]
- Update to 115.10.0 build1



ELBA-2024-12340 Oracle Linux 9 podman bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12340

http://linux.oracle.com/errata/ELBA-2024-12340.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
podman-4.6.1-8.0.3.el9_3.x86_64.rpm
podman-docker-4.6.1-8.0.3.el9_3.noarch.rpm
podman-gvproxy-4.6.1-8.0.3.el9_3.x86_64.rpm
podman-plugins-4.6.1-8.0.3.el9_3.x86_64.rpm
podman-remote-4.6.1-8.0.3.el9_3.x86_64.rpm
podman-tests-4.6.1-8.0.3.el9_3.x86_64.rpm

aarch64:
podman-4.6.1-8.0.3.el9_3.aarch64.rpm
podman-docker-4.6.1-8.0.3.el9_3.noarch.rpm
podman-gvproxy-4.6.1-8.0.3.el9_3.aarch64.rpm
podman-plugins-4.6.1-8.0.3.el9_3.aarch64.rpm
podman-remote-4.6.1-8.0.3.el9_3.aarch64.rpm
podman-tests-4.6.1-8.0.3.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//podman-4.6.1-8.0.3.el9_3.src.rpm

Description of changes:

[2:4.6.1-8.0.3]
- Add devices on container startup, not on creation

[-2:4.6.1-8.0.2]
- Backport fast gzip for compression [Orabug: 36420418]



ELSA-2024-1879 Moderate: Oracle Linux 9 gnutls security update


Oracle Linux Security Advisory ELSA-2024-1879

http://linux.oracle.com/errata/ELSA-2024-1879.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
gnutls-3.7.6-23.el9_3.4.i686.rpm
gnutls-3.7.6-23.el9_3.4.x86_64.rpm
gnutls-c++-3.7.6-23.el9_3.4.i686.rpm
gnutls-c++-3.7.6-23.el9_3.4.x86_64.rpm
gnutls-dane-3.7.6-23.el9_3.4.i686.rpm
gnutls-dane-3.7.6-23.el9_3.4.x86_64.rpm
gnutls-devel-3.7.6-23.el9_3.4.i686.rpm
gnutls-devel-3.7.6-23.el9_3.4.x86_64.rpm
gnutls-utils-3.7.6-23.el9_3.4.x86_64.rpm

aarch64:
gnutls-3.7.6-23.el9_3.4.aarch64.rpm
gnutls-c++-3.7.6-23.el9_3.4.aarch64.rpm
gnutls-dane-3.7.6-23.el9_3.4.aarch64.rpm
gnutls-devel-3.7.6-23.el9_3.4.aarch64.rpm
gnutls-utils-3.7.6-23.el9_3.4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//gnutls-3.7.6-23.el9_3.4.src.rpm

Related CVEs:

CVE-2024-28834
CVE-2024-28835

Description of changes:

[3.7.6-23.4]
- Fix timing side-channel in deterministic ECDSA (RHEL-28958)
- Fix potential crash during chain building/verification (RHEL-28953)



ELBA-2024-1738 Oracle Linux 9 .NET 6.0 bugfix update


Oracle Linux Bug Fix Advisory ELBA-2024-1738

http://linux.oracle.com/errata/ELBA-2024-1738.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-6.0-6.0.29-1.0.1.el9_3.x86_64.rpm
aspnetcore-targeting-pack-6.0-6.0.29-1.0.1.el9_3.x86_64.rpm
dotnet-apphost-pack-6.0-6.0.29-1.0.1.el9_3.x86_64.rpm
dotnet-hostfxr-6.0-6.0.29-1.0.1.el9_3.x86_64.rpm
dotnet-runtime-6.0-6.0.29-1.0.1.el9_3.x86_64.rpm
dotnet-sdk-6.0-6.0.129-1.0.1.el9_3.x86_64.rpm
dotnet-targeting-pack-6.0-6.0.29-1.0.1.el9_3.x86_64.rpm
dotnet-templates-6.0-6.0.129-1.0.1.el9_3.x86_64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.129-1.0.1.el9_3.x86_64.rpm

aarch64:
aspnetcore-runtime-6.0-6.0.29-1.0.1.el9_3.aarch64.rpm
aspnetcore-targeting-pack-6.0-6.0.29-1.0.1.el9_3.aarch64.rpm
dotnet-apphost-pack-6.0-6.0.29-1.0.1.el9_3.aarch64.rpm
dotnet-hostfxr-6.0-6.0.29-1.0.1.el9_3.aarch64.rpm
dotnet-runtime-6.0-6.0.29-1.0.1.el9_3.aarch64.rpm
dotnet-sdk-6.0-6.0.129-1.0.1.el9_3.aarch64.rpm
dotnet-targeting-pack-6.0-6.0.29-1.0.1.el9_3.aarch64.rpm
dotnet-templates-6.0-6.0.129-1.0.1.el9_3.aarch64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.129-1.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet6.0-6.0.129-1.0.1.el9_3.src.rpm

Description of changes:

[6.0.129-1.0.1]
- Add support for Oracle Linux

[6.0.129-1]
- Update to .NET SDK 6.0.129 and Runtime 6.0.29
- Resolves: RHEL-31197



ELSA-2024-1935 Low: Oracle Linux 7 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-1935

http://linux.oracle.com/errata/ELSA-2024-1935.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.10.0-2.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//thunderbird-115.10.0-2.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-3302

Description of changes:

[115.10.0-2.0.1]
- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js
- Enabled aarch64 build

[115.10.0-2]
- Update to 115.10.0 build2

[115.10.0-1]
- Update to 115.10.0 build1
- Revert expat CVE-2023-52425 fix



ELSA-2024-1831 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) kernel security update


Oracle Linux Security Advisory ELSA-2024-1831

http://linux.oracle.com/errata/ELSA-2024-1831.html

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

i386:
kernel-2.6.32-754.53.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-754.53.1.el6.noarch.rpm
kernel-debug-2.6.32-754.53.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.53.1.el6.i686.rpm
kernel-devel-2.6.32-754.53.1.el6.i686.rpm
kernel-doc-2.6.32-754.53.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.53.1.el6.noarch.rpm
kernel-headers-2.6.32-754.53.1.el6.i686.rpm
perf-2.6.32-754.53.1.el6.i686.rpm
python-perf-2.6.32-754.53.1.el6.i686.rpm

x86_64:
kernel-2.6.32-754.53.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-754.53.1.el6.noarch.rpm
kernel-debug-2.6.32-754.53.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.53.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.53.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.53.1.el6.x86_64.rpm
kernel-doc-2.6.32-754.53.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.53.1.el6.noarch.rpm
kernel-headers-2.6.32-754.53.1.el6.x86_64.rpm
perf-2.6.32-754.53.1.el6.x86_64.rpm
python-perf-2.6.32-754.53.1.el6.x86_64.rpm

Related CVEs:

CVE-2023-3611
CVE-2023-3776
CVE-2023-4921
CVE-2023-31436

Description of changes:

[2.6.32-754.53.1.el6.OL6]
- net/sched: sch_qfq: refactor parsing of netlink parameters [Orabug: 36517546]
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue {CVE-2023-3611} [Orabug: 36517546]
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} [Orabug: 36517546]
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921} [Orabug: 36517546]
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg {CVE-2023-31436} [Orabug: 36517546]



ELSA-2024-1935 Low: Oracle Linux 7 thunderbird security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-1935

http://linux.oracle.com/errata/ELSA-2024-1935.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
thunderbird-115.10.0-2.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//thunderbird-115.10.0-2.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-3302

Description of changes:

[115.10.0-2.0.1]
- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js
- Enabled aarch64 build

[115.10.0-2]
- Update to 115.10.0 build2

[115.10.0-1]
- Update to 115.10.0 build1
- Revert expat CVE-2023-52425 fix



ELBA-2024-12335 Oracle Linux 8 samba bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12335

http://linux.oracle.com/errata/ELBA-2024-12335.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ctdb-4.18.6-3.0.3.el8_9.x86_64.rpm
libsmbclient-4.18.6-3.0.3.el8_9.i686.rpm
libsmbclient-4.18.6-3.0.3.el8_9.x86_64.rpm
libwbclient-4.18.6-3.0.3.el8_9.i686.rpm
libwbclient-4.18.6-3.0.3.el8_9.x86_64.rpm
python3-samba-4.18.6-3.0.3.el8_9.i686.rpm
python3-samba-4.18.6-3.0.3.el8_9.x86_64.rpm
python3-samba-test-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-client-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-client-libs-4.18.6-3.0.3.el8_9.i686.rpm
samba-client-libs-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-common-4.18.6-3.0.3.el8_9.noarch.rpm
samba-common-libs-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-common-tools-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-krb5-printing-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-libs-4.18.6-3.0.3.el8_9.i686.rpm
samba-libs-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-pidl-4.18.6-3.0.3.el8_9.noarch.rpm
samba-test-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-test-libs-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-winbind-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-winbind-clients-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-winbind-krb5-locator-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-winbind-modules-4.18.6-3.0.3.el8_9.i686.rpm
samba-winbind-modules-4.18.6-3.0.3.el8_9.x86_64.rpm
libsmbclient-devel-4.18.6-3.0.3.el8_9.i686.rpm
libsmbclient-devel-4.18.6-3.0.3.el8_9.x86_64.rpm
libwbclient-devel-4.18.6-3.0.3.el8_9.i686.rpm
libwbclient-devel-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-winexe-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-devel-4.18.6-3.0.3.el8_9.i686.rpm
samba-devel-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-vfs-iouring-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-common-libs-4.18.6-3.0.3.el8_9.i686.rpm
samba-test-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-winexe-4.18.6-3.0.3.el8_9.x86_64.rpm
python3-samba-dc-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-dc-libs-4.18.6-3.0.3.el8_9.i686.rpm
samba-dc-libs-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-dcerpc-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-tools-4.18.6-3.0.3.el8_9.x86_64.rpm
python3-samba-devel-4.18.6-3.0.3.el8_9.i686.rpm
python3-samba-devel-4.18.6-3.0.3.el8_9.x86_64.rpm
libnetapi-devel-4.18.6-3.0.3.el8_9.i686.rpm
libnetapi-devel-4.18.6-3.0.3.el8_9.x86_64.rpm
libnetapi-4.18.6-3.0.3.el8_9.i686.rpm
libnetapi-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-ldb-ldap-modules-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-usershares-4.18.6-3.0.3.el8_9.x86_64.rpm
samba-vfs-glusterfs-4.18.6-3.0.3.el8_9.x86_64.rpm

aarch64:
ctdb-4.18.6-3.0.3.el8_9.aarch64.rpm
libsmbclient-4.18.6-3.0.3.el8_9.aarch64.rpm
libwbclient-4.18.6-3.0.3.el8_9.aarch64.rpm
python3-samba-4.18.6-3.0.3.el8_9.aarch64.rpm
python3-samba-test-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-client-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-client-libs-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-common-4.18.6-3.0.3.el8_9.noarch.rpm
samba-common-libs-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-common-tools-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-krb5-printing-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-libs-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-pidl-4.18.6-3.0.3.el8_9.noarch.rpm
samba-test-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-test-libs-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-winbind-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-winbind-clients-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-winbind-krb5-locator-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-winbind-modules-4.18.6-3.0.3.el8_9.aarch64.rpm
libsmbclient-devel-4.18.6-3.0.3.el8_9.aarch64.rpm
libwbclient-devel-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-devel-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-vfs-iouring-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-test-4.18.6-3.0.3.el8_9.aarch64.rpm
python3-samba-dc-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-dc-libs-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-dcerpc-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-tools-4.18.6-3.0.3.el8_9.aarch64.rpm
python3-samba-devel-4.18.6-3.0.3.el8_9.aarch64.rpm
libnetapi-devel-4.18.6-3.0.3.el8_9.aarch64.rpm
libnetapi-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-ldb-ldap-modules-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-usershares-4.18.6-3.0.3.el8_9.aarch64.rpm
samba-vfs-glusterfs-4.18.6-3.0.3.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//samba-4.18.6-3.0.3.el8_9.src.rpm

Description of changes:

[4.18.6-3.0.3]
- s3: winbindd: winbindd_pam: fix leak in extract_pac_vrfy_sigs [Orabug: 36518285]



ELSA-2024-1872 Important: Oracle Linux 9 mod_http2 security update


Oracle Linux Security Advisory ELSA-2024-1872

http://linux.oracle.com/errata/ELSA-2024-1872.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
mod_http2-1.15.19-5.el9_3.1.x86_64.rpm

aarch64:
mod_http2-1.15.19-5.el9_3.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//mod_http2-1.15.19-5.el9_3.1.src.rpm

Related CVEs:

CVE-2024-27316

Description of changes:

[1.15.19-5.1]
- Resolves: RHEL-29826 - mod_http2: httpd: CONTINUATION frames
DoS (CVE-2024-27316)



ELSA-2024-1825 Moderate: Oracle Linux 8 java-17-openjdk security update


Oracle Linux Security Advisory ELSA-2024-1825

http://linux.oracle.com/errata/ELSA-2024-1825.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-17-openjdk-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-javadoc-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-javadoc-zip-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-demo-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-devel-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-headless-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-jmods-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-src-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.11.0.9-2.0.1.el8.x86_64.rpm

aarch64:
java-17-openjdk-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-javadoc-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-javadoc-zip-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-demo-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-devel-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-headless-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-jmods-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-src-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.11.0.9-2.0.1.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//java-17-openjdk-17.0.11.0.9-2.0.1.el8.src.rpm

Related CVEs:

CVE-2024-21011
CVE-2024-21012
CVE-2024-21068
CVE-2024-21094

Description of changes:

[17.0.11.0.9-2.0.1]
- Add Oracle vendor bug URL

[1:17.0.11.0.9-2]
- Update to jdk-17.0.11+9 (GA)
- Add openjdk-17.0.11+9.tar.xz to .gitignore
- Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8
- Update buildver from 7 to 9
- Update portablerelease from 1 to 3
- Change is_ga from 0 to 1 to enable GA mode for release
- Update tzdata Requires comment to mention that 2024a is not yet in the buildroot
- Update tzdata BuildRequires comment to mention that 2024a is not yet in the buildroot
- Update tzdata BuildRequires fro 2023c to 2023d
- Update sources from openjdk-17.0.11+7-ea.tar.xz to openjdk-17.0.11+9.tar.xz
- Resolves: RHEL-27137
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **

[1:17.0.11.0.7-0.2.ea]
- Update to jdk-17.0.11+7 (EA)
- Sync java-17-openjdk-portable.specfile
- Sync java-17-openjdk-portable.specfile again to mention OPENJDK-2730
- Related: RHEL-27137

[1:17.0.11.0.6-0.2.ea]
- Update to jdk-17.0.11+6 (EA)
- Sync java-17-openjdk-portable.specfile
- Update buildjdkver to match the featurever
- Use featurever macro to specify fips patch
- Explain patchN syntax situation in a comment
- generate_source_tarball.sh: Fix whitespace
- generate_source_tarball.sh: Skip -ga tags
- generate_source_tarball.sh: Get -ea suffix from version-numbers.conf
- generate_source_tarball.sh: Use git archive to generate tarball
- generate_source_tarball.sh: Update version in comment
- generate_source_tarball.sh: Remove trailing period in echo
- generate_source_tarball.sh: Add indentation instructions for Emacs
- Require tzdata 2023d (JDK-8322725)
- generate_source_tarball.sh: Add license
- openjdk_news.sh: Use grep -E instead of egrep
- Remove RH1649512 patch for libjpeg-turbo FAR macro
- Move pcsc-lite-libs patch to in-need-of-upstreaming section
- Related: RHEL-27137



ELSA-2024-1821 Moderate: Oracle Linux 7 java-11-openjdk security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-1821

http://linux.oracle.com/errata/ELSA-2024-1821.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
java-11-openjdk-11.0.23.0.9-2.0.1.el7_9.aarch64.rpm
java-11-openjdk-devel-11.0.23.0.9-2.0.1.el7_9.aarch64.rpm
java-11-openjdk-headless-11.0.23.0.9-2.0.1.el7_9.aarch64.rpm
java-11-openjdk-demo-11.0.23.0.9-2.0.1.el7_9.aarch64.rpm
java-11-openjdk-javadoc-11.0.23.0.9-2.0.1.el7_9.aarch64.rpm
java-11-openjdk-javadoc-zip-11.0.23.0.9-2.0.1.el7_9.aarch64.rpm
java-11-openjdk-jmods-11.0.23.0.9-2.0.1.el7_9.aarch64.rpm
java-11-openjdk-src-11.0.23.0.9-2.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-11-openjdk-11.0.23.0.9-2.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-21011
CVE-2024-21012
CVE-2024-21068
CVE-2024-21085
CVE-2024-21094

Description of changes:

[1:11.0.23.0.9-2.0.1]
- link atomic for ix86 build

[1:11.0.23.0.9-2]
- Fix 11.0.22 release date in NEWS
- Restore ppc64le --with-jobs=1 workaround to avoid flaky ppc builds

[1:11.0.23.0.9-1]
- Update to jdk-11.0.23+9 (GA)
- Update release notes to 11.0.23+9
- Switch to GA mode for release
- Require tzdata 2024a due to upstream inclusion of JDK-8322725
- Only require tzdata 2023d for now as 2024a is unavailable in buildroot
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **
- Resolves: RHEL-30914

[1:11.0.23.0.1-0.1.ea]
- Update to jdk-11.0.23+1 (EA)
- Update release notes to 11.0.23+1
- Switch to EA mode
- Speed up PPC build by removing ppc64le --with-jobs=1 workaround



ELSA-2024-1784 Moderate: Oracle Linux 8 gnutls security update


Oracle Linux Security Advisory ELSA-2024-1784

http://linux.oracle.com/errata/ELSA-2024-1784.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
gnutls-3.6.16-8.el8_9.3.i686.rpm
gnutls-3.6.16-8.el8_9.3.x86_64.rpm
gnutls-c++-3.6.16-8.el8_9.3.i686.rpm
gnutls-c++-3.6.16-8.el8_9.3.x86_64.rpm
gnutls-dane-3.6.16-8.el8_9.3.i686.rpm
gnutls-dane-3.6.16-8.el8_9.3.x86_64.rpm
gnutls-devel-3.6.16-8.el8_9.3.i686.rpm
gnutls-devel-3.6.16-8.el8_9.3.x86_64.rpm
gnutls-utils-3.6.16-8.el8_9.3.x86_64.rpm

aarch64:
gnutls-3.6.16-8.el8_9.3.aarch64.rpm
gnutls-c++-3.6.16-8.el8_9.3.aarch64.rpm
gnutls-dane-3.6.16-8.el8_9.3.aarch64.rpm
gnutls-devel-3.6.16-8.el8_9.3.aarch64.rpm
gnutls-utils-3.6.16-8.el8_9.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//gnutls-3.6.16-8.el8_9.3.src.rpm

Related CVEs:

CVE-2024-28834

Description of changes:

[3.6.16-8.3]
- Fix memleak with older GMP (RHEL-28957)

[3.6.16-8.2]
- Fix timing side-channel in deterministic ECDSA (RHEL-28957)



ELSA-2024-1825 Moderate: Oracle Linux 9 java-17-openjdk security update


Oracle Linux Security Advisory ELSA-2024-1825

http://linux.oracle.com/errata/ELSA-2024-1825.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-17-openjdk-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-javadoc-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-javadoc-zip-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-fastdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-slowdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-fastdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-slowdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-fastdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-fastdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-slowdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-fastdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-slowdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-slowdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-fastdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-slowdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.11.0.9-2.0.1.el9.x86_64.rpm

aarch64:
java-17-openjdk-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-javadoc-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-javadoc-zip-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-fastdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-slowdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-fastdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-slowdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-fastdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-fastdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-slowdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-fastdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-slowdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-slowdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-fastdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-slowdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.11.0.9-2.0.1.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//java-17-openjdk-17.0.11.0.9-2.0.1.el9.src.rpm

Related CVEs:

CVE-2024-21011
CVE-2024-21012
CVE-2024-21068
CVE-2024-21094

Description of changes:

[17.0.11.0.9-2.0.1]
- Add Oracle vendor bug URL

[1:17.0.11.0.9-2]
- Update to jdk-17.0.11+9 (GA)
- Add openjdk-17.0.11+9.tar.xz to .gitignore
- Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8
- Update buildver from 7 to 9
- Update portablerelease from 1 to 3
- Change is_ga from 0 to 1 to enable GA mode for release
- Update tzdata Requires comment to mention that 2024a is not yet in the buildroot
- Update tzdata BuildRequires comment to mention that 2024a is not yet in the buildroot
- Update tzdata BuildRequires from 2023c to 2023d
- Update sources from openjdk-17.0.11+7-ea.tar.xz to openjdk-17.0.11+9.tar.xz
- Resolves: RHEL-30939
- ** This tarball is embargoed until 2024-04-16 @ 1pm PT. **

[1:17.0.11.0.7-0.2.ea]
- Update to jdk-17.0.11+7 (EA)
- Update buildjdkver to match the featurever
- Use featurever macro to specify fips patch
- Explain patchN syntax situation in a comment
- Sync generate_source_tarball.sh
- Require tzdata 2023d (JDK-8322725)
- openjdk_news.sh: Use grep -E instead of egrep
- Remove RH1649512 patch for libjpeg-turbo FAR macro
- Move pcsc-lite-libs patch to in-need-of-upstreaming section
- Related: RHEL-30939



ELSA-2024-1910 Important: Oracle Linux 7 firefox security update


Oracle Linux Security Advisory ELSA-2024-1910

http://linux.oracle.com/errata/ELSA-2024-1910.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.10.0-1.0.1.el7_9.i686.rpm
firefox-115.10.0-1.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//firefox-115.10.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-2609
CVE-2024-3852
CVE-2024-3854
CVE-2024-3857
CVE-2024-3859
CVE-2024-3861
CVE-2024-3864

Description of changes:

[115.10.0-1.0.1]
- Remove upstream references [Orabug: 30143292]
- Update distribution for Oracle Linux [Orabug: 30143292]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.10.0-1]
- Update to 115.10.0 build1