Oracle Linux 6277 Published by

Oracle Linux has received multiple security updates, including golang,.NET 8.0, and Firefox security patches:

ELSA-2024-7550 Moderate: Oracle Linux 9 golang security update
ELSA-2024-7869 Important: Oracle Linux 9 .NET 8.0 security update
ELSA-2024-7958 Important: Oracle Linux 9 firefox security update




ELSA-2024-7550 Moderate: Oracle Linux 9 golang security update


Oracle Linux Security Advisory ELSA-2024-7550

http://linux.oracle.com/errata/ELSA-2024-7550.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
go-toolset-1.21.13-4.el9_4.x86_64.rpm
golang-1.21.13-4.el9_4.x86_64.rpm
golang-bin-1.21.13-4.el9_4.x86_64.rpm
golang-docs-1.21.13-4.el9_4.noarch.rpm
golang-misc-1.21.13-4.el9_4.noarch.rpm
golang-src-1.21.13-4.el9_4.noarch.rpm
golang-tests-1.21.13-4.el9_4.noarch.rpm

aarch64:
go-toolset-1.21.13-4.el9_4.aarch64.rpm
golang-1.21.13-4.el9_4.aarch64.rpm
golang-bin-1.21.13-4.el9_4.aarch64.rpm
golang-docs-1.21.13-4.el9_4.noarch.rpm
golang-misc-1.21.13-4.el9_4.noarch.rpm
golang-src-1.21.13-4.el9_4.noarch.rpm
golang-tests-1.21.13-4.el9_4.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//golang-1.21.13-4.el9_4.src.rpm

Related CVEs:

CVE-2024-9355

Description of changes:

[1.21.13-4]
- Fix CVE-2024-9355
- Resolves: RHEL-61046



ELSA-2024-7869 Important: Oracle Linux 9 .NET 8.0 security update


Oracle Linux Security Advisory ELSA-2024-7869

http://linux.oracle.com/errata/ELSA-2024-7869.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-8.0-8.0.10-1.0.1.el9_4.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.10-1.0.1.el9_4.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.10-1.0.1.el9_4.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.10-1.0.1.el9_4.x86_64.rpm
dotnet-host-8.0.10-1.0.1.el9_4.x86_64.rpm
dotnet-hostfxr-8.0-8.0.10-1.0.1.el9_4.x86_64.rpm
dotnet-runtime-8.0-8.0.10-1.0.1.el9_4.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.10-1.0.1.el9_4.x86_64.rpm
dotnet-sdk-8.0-8.0.110-1.0.1.el9_4.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.110-1.0.1.el9_4.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.10-1.0.1.el9_4.x86_64.rpm
dotnet-templates-8.0-8.0.110-1.0.1.el9_4.x86_64.rpm
netstandard-targeting-pack-2.1-8.0.110-1.0.1.el9_4.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.110-1.0.1.el9_4.x86_64.rpm

aarch64:
aspnetcore-runtime-8.0-8.0.10-1.0.1.el9_4.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.10-1.0.1.el9_4.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.10-1.0.1.el9_4.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.10-1.0.1.el9_4.aarch64.rpm
dotnet-host-8.0.10-1.0.1.el9_4.aarch64.rpm
dotnet-hostfxr-8.0-8.0.10-1.0.1.el9_4.aarch64.rpm
dotnet-runtime-8.0-8.0.10-1.0.1.el9_4.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.10-1.0.1.el9_4.aarch64.rpm
dotnet-sdk-8.0-8.0.110-1.0.1.el9_4.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.110-1.0.1.el9_4.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.10-1.0.1.el9_4.aarch64.rpm
dotnet-templates-8.0-8.0.110-1.0.1.el9_4.aarch64.rpm
netstandard-targeting-pack-2.1-8.0.110-1.0.1.el9_4.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.110-1.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet8.0-8.0.110-1.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-38229
CVE-2024-43483
CVE-2024-43484
CVE-2024-43485

Description of changes:

[8.0.110-1.0.1]
- Add support for Oracle Linux

[8.0.110-1]
- Update to .NET SDK 8.0.110 and Runtime 8.0.10
- Resolves: RHEL-60800

[8.0.109-1]
- Update to .NET SDK 8.0.109 and Runtime 8.0.9
- Resolves: RHEL-56679



ELSA-2024-7958 Important: Oracle Linux 9 firefox security update


Oracle Linux Security Advisory ELSA-2024-7958

http://linux.oracle.com/errata/ELSA-2024-7958.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-128.3.1-2.0.1.el9_4.x86_64.rpm
firefox-x11-128.3.1-2.0.1.el9_4.x86_64.rpm

aarch64:
firefox-128.3.1-2.0.1.el9_4.aarch64.rpm
firefox-x11-128.3.1-2.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//firefox-128.3.1-2.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-9680

Description of changes:

[128.3.1-2.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[128.3.1]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[128.3.1-1]
- Update to 128.3.1