Oracle Linux 6277 Published by

The following updates have been released for Oracle Linux:

ELBA-2024-12538 Oracle Linux 8 Unbreakable Enterprise kernel-container bug fix update
ELBA-2024-12545 Oracle Linux 9 sos bug fix update
ELBA-2024-12537 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
ELSA-2024-4624 Important: Oracle Linux 9 thunderbird security update
ELSA-2024-4623 Important: Oracle Linux 9 qt5-qtbase security update
ELSA-2024-4636 Important: Oracle Linux 9 libndp security update
ELSA-2024-4573 Important: Oracle Linux 9 java-21-openjdk security update
ELSA-2024-4568 Important: Oracle Linux 9 java-17-openjdk security update
ELSA-2024-4583 Important: Oracle Linux 9 kernel security update
ELSA-2024-4567 Important: Oracle Linux 9 java-11-openjdk security update
ELSA-2024-4502 Important: Oracle Linux 9 skopeo security update
ELSA-2024-4563 Important: Oracle Linux 9 java-1.8.0-openjdk security update
ELSA-2024-4500 Important: Oracle Linux 9 firefox security update
ELSA-2024-4620 Important: Oracle Linux 8 libndp security update
ELSA-2024-4635 Important: Oracle Linux 8 thunderbird security update
ELSA-2024-4617 Important: Oracle Linux 8 qt5-qtbase security update
ELSA-2024-4573 Important: Oracle Linux 8 java-21-openjdk security update
ELSA-2024-4567 Important: Oracle Linux 8 java-11-openjdk security update
ELSA-2024-4568 Important: Oracle Linux 8 java-17-openjdk security update
ELSA-2024-4563 Important: Oracle Linux 8 java-1.8.0-openjdk security update
ELSA-2024-4517 Important: Oracle Linux 8 firefox security update
ELSA-2024-4420 Important: Oracle Linux 8 virt:ol and virt-devel:rhel security update
ELSA-2024-4499 Moderate: Oracle Linux 8 ruby security update
ELBA-2024-12544 Oracle Linux 8 sos bug fix update
ELBA-2024-12542 Oracle Linux 8 aardvark-dns bug fix update
ELBA-2024-12543 Oracle Linux 8 grubby bug fix update
ELBA-2024-12541 Oracle Linux 8 keyutils bug fix update
ELBA-2024-12537 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
ELBA-2024-12539 Oracle Linux 7 Unbreakable Enterprise kernel-container bug fix update
ELBA-2024-12537 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update




ELBA-2024-12538 Oracle Linux 8 Unbreakable Enterprise kernel-container bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12538

http://linux.oracle.com/errata/ELBA-2024-12538.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.330.7.5.el8.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.330.7.5.el8.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-container-5.4.17-2136.330.7.5.el8.src.rpm

Description of changes:

[5.4.17-2136.330.7.5.el8]
- mm/memory-failure: fix an incorrect use of tail pages (Liu Shixin) [Orabug: 36664186]
- net/rds: mod reconnect delay on sendmsg() (Sharath Srinivasan) [Orabug: 36664174]
- net/rds: Extend exponential backoff for rds reconnects (Sharath Srinivasan) [Orabug: 36664174]



ELBA-2024-12545 Oracle Linux 9 sos bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12545

http://linux.oracle.com/errata/ELBA-2024-12545.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
sos-4.7.1-3.0.2.el9.noarch.rpm
sos-audit-4.7.1-3.0.2.el9.noarch.rpm

aarch64:
sos-4.7.1-3.0.2.el9.noarch.rpm
sos-audit-4.7.1-3.0.2.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//sos-4.7.1-3.0.2.el9.src.rpm

Description of changes:

[4.7.1-3.0.2]
- Modify sos.spec to make python3-file-magic as dependency for sos package [Orabug: 36834417]



ELBA-2024-12537 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12537

http://linux.oracle.com/errata/ELBA-2024-12537.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.330.7.5.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.330.7.5.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.330.7.5.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.330.7.5.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.330.7.5.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.330.7.5.el8uek.src.rpm

Description of changes:

[5.4.17-2136.330.7.5]
- mm/memory-failure: fix an incorrect use of tail pages (Liu Shixin) [Orabug: 36664186]
- net/rds: mod reconnect delay on sendmsg() (Sharath Srinivasan) [Orabug: 36664174]
- net/rds: Extend exponential backoff for rds reconnects (Sharath Srinivasan) [Orabug: 36664174]



ELSA-2024-4624 Important: Oracle Linux 9 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-4624

http://linux.oracle.com/errata/ELSA-2024-4624.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.13.0-3.0.1.el9_4.x86_64.rpm

aarch64:
thunderbird-115.13.0-3.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-115.13.0-3.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-6601
CVE-2024-6603
CVE-2024-6604

Description of changes:

[115.13.0-3.0.1]
- Add Oracle prefs

[115.13.0]
- Add OpenELA debranding

[115.13.0-3]
- Update to 115.13.0 build5

[115.13.0-2]
- Update to 115.13.0 build3

[115.13.0-1]
- Update to 115.13.0 build1



ELSA-2024-4623 Important: Oracle Linux 9 qt5-qtbase security update


Oracle Linux Security Advisory ELSA-2024-4623

http://linux.oracle.com/errata/ELSA-2024-4623.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
qt5-qtbase-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-5.15.9-10.el9_4.x86_64.rpm
qt5-qtbase-common-5.15.9-10.el9_4.noarch.rpm
qt5-qtbase-devel-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-devel-5.15.9-10.el9_4.x86_64.rpm
qt5-qtbase-examples-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-examples-5.15.9-10.el9_4.x86_64.rpm
qt5-qtbase-gui-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-gui-5.15.9-10.el9_4.x86_64.rpm
qt5-qtbase-mysql-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-mysql-5.15.9-10.el9_4.x86_64.rpm
qt5-qtbase-odbc-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-odbc-5.15.9-10.el9_4.x86_64.rpm
qt5-qtbase-postgresql-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-postgresql-5.15.9-10.el9_4.x86_64.rpm
qt5-qtbase-private-devel-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-private-devel-5.15.9-10.el9_4.x86_64.rpm
qt5-qtbase-static-5.15.9-10.el9_4.i686.rpm
qt5-qtbase-static-5.15.9-10.el9_4.x86_64.rpm

aarch64:
qt5-qtbase-5.15.9-10.el9_4.aarch64.rpm
qt5-qtbase-common-5.15.9-10.el9_4.noarch.rpm
qt5-qtbase-devel-5.15.9-10.el9_4.aarch64.rpm
qt5-qtbase-examples-5.15.9-10.el9_4.aarch64.rpm
qt5-qtbase-gui-5.15.9-10.el9_4.aarch64.rpm
qt5-qtbase-mysql-5.15.9-10.el9_4.aarch64.rpm
qt5-qtbase-odbc-5.15.9-10.el9_4.aarch64.rpm
qt5-qtbase-postgresql-5.15.9-10.el9_4.aarch64.rpm
qt5-qtbase-private-devel-5.15.9-10.el9_4.aarch64.rpm
qt5-qtbase-static-5.15.9-10.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//qt5-qtbase-5.15.9-10.el9_4.src.rpm

Related CVEs:

CVE-2024-39936

Description of changes:

[5.15.9-10]
- HTTP2: Delay any communication until encrypted() can be responded to
Resolves: RHEL-46348



ELSA-2024-4636 Important: Oracle Linux 9 libndp security update


Oracle Linux Security Advisory ELSA-2024-4636

http://linux.oracle.com/errata/ELSA-2024-4636.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libndp-1.8-6.el9_4.i686.rpm
libndp-1.8-6.el9_4.x86_64.rpm

aarch64:
libndp-1.8-6.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//libndp-1.8-6.el9_4.src.rpm

Related CVEs:

CVE-2024-5564

Description of changes:

[1.8-6]
- Validate route information option length

[1.8-5]
- Convert the license tag to SPDX format
Related: RHELMISC-1363



ELSA-2024-4573 Important: Oracle Linux 9 java-21-openjdk security update


Oracle Linux Security Advisory ELSA-2024-4573

http://linux.oracle.com/errata/ELSA-2024-4573.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-21-openjdk-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-demo-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-devel-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-headless-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-javadoc-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-javadoc-zip-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-jmods-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-src-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-static-libs-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-demo-fastdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-demo-slowdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-devel-fastdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-devel-slowdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-fastdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-headless-fastdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-headless-slowdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-jmods-fastdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-jmods-slowdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-slowdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-src-fastdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-src-slowdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-static-libs-fastdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm
java-21-openjdk-static-libs-slowdebug-21.0.4.0.7-1.0.1.el9.x86_64.rpm

aarch64:
java-21-openjdk-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-demo-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-devel-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-headless-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-javadoc-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-javadoc-zip-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-jmods-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-src-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-static-libs-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-demo-fastdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-demo-slowdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-devel-fastdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-devel-slowdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-fastdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-headless-fastdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-headless-slowdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-jmods-fastdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-jmods-slowdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-slowdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-src-fastdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-src-slowdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-static-libs-fastdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm
java-21-openjdk-static-libs-slowdebug-21.0.4.0.7-1.0.1.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//java-21-openjdk-21.0.4.0.7-1.0.1.el9.src.rpm

Related CVEs:

CVE-2024-21131
CVE-2024-21138
CVE-2024-21140
CVE-2024-21145
CVE-2024-21147

Description of changes:

[1:21.0.4.0.7-1.0.1]
- Add Oracle vendor bug URL [Orabug: 34340155]

[1:21.0.4.0.7-1]
- Update to jdk-21.0.4+7 (GA)
- Update release notes to 21.0.4+7
- Switch to GA mode.
- Sync the copy of the portable specfile with the latest update
- Add missing section headers in NEWS
- ** This tarball is embargoed until 2024-07-16 @ 1pm PT. **
- Resolves: RHEL-47022

[1:21.0.4.0.5-0.1.ea]
- Update to jdk-21.0.4+5 (EA)
- Update release notes to 21.0.4+5
- Limit Java only tests to one architecture using jdk_test_arch
- Actually require tzdata 2024a now it is available in the buildroot
- Resolves: RHEL-45356
- Resolves: RHEL-47399

[1:21.0.4.0.1-0.1.ea]
- Update to jdk-21.0.4+1 (EA)
- Update release notes to 21.0.4+1
- Switch to EA mode
- Bump LCMS 2 version to 2.16.0 following JDK-8321489
- Add zlib build requirement or bundled version (1.3.1), depending on system_libs setting
- Restore NEWS file so portable can be rebuilt
- Sync the copy of the portable specfile with the latest update
- Related: RHEL-45356
- Resolves: RHEL-46028



ELSA-2024-4568 Important: Oracle Linux 9 java-17-openjdk security update


Oracle Linux Security Advisory ELSA-2024-4568

http://linux.oracle.com/errata/ELSA-2024-4568.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-17-openjdk-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-javadoc-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-javadoc-zip-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-fastdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-demo-slowdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-fastdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-devel-slowdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-fastdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-fastdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-headless-slowdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-fastdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-jmods-slowdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-slowdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-fastdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-src-slowdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.12.0.7-2.0.1.el9.x86_64.rpm

aarch64:
java-17-openjdk-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-javadoc-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-javadoc-zip-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-fastdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-demo-slowdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-fastdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-devel-slowdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-fastdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-fastdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-headless-slowdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-fastdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-jmods-slowdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-slowdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-fastdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-src-slowdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-fastdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm
java-17-openjdk-static-libs-slowdebug-17.0.12.0.7-2.0.1.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//java-17-openjdk-17.0.12.0.7-2.0.1.el9.src.rpm

Related CVEs:

CVE-2024-21131
CVE-2024-21138
CVE-2024-21140
CVE-2024-21145
CVE-2024-21147

Description of changes:

[1:17.0.12.0.7-2.0.1]
- Add Oracle vendor bug URL

[1:17.0.12.0.7-2]
- Update to jdk-17.0.12+7 (GA)
- Update .gitignore to ignore openjdk-17.0.12+7.tar.xz
- Sync java-17-openjdk-portable.specfile
- Set buildver to 7
- Set portablerelease 1
- Set is_ga to 1
- Update sources to openjdk-17.0.12+7.tar.xz
- Resolves: RHEL-46641
- Resolves: RHEL-47019
- ** This tarball is embargoed until 2024-07-16 @ 1pm PT. **

[1:17.0.12.0.6-0.1.ea]
- Add debuginfo section to rpminspect.yaml (OPENJDK-2904)
- Add unicode section to rpminspect.yaml (OPENJDK-2904)

[1:17.0.12.0.6-0.1.ea]
- Add upstream patch that removes illegal RLO Unicode characters (JDK-8332174)
- Sync the copy of the portable specfile with the latest update

[1:17.0.12.0.6-0.1.ea]
- Delete fips-17u-d63771ea660.patch
- Add fips-17u-e893be00150.patch
- Update fipsver to e893be00150

[1:17.0.12.0.6-0.1.ea]
- generate_source_tarball.sh: Use tar exclude options for VCS files
- generate_source_tarball.sh: Improve VCS exclusion

[1:17.0.12.0.6-0.1.ea]
- generate_source_tarball.sh: Update examples in header for clarity
- generate_source_tarball.sh: Cleanup message issued when checkout already exists
- generate_source_tarball.sh: Create directory in TMPDIR when using WITH_TEMP
- generate_source_tarball.sh: Only add --depth=1 on non-local repositories
- icedtea_sync.sh: Reinstate from rhel-8.9.0 branch
- Move maintenance scripts to a scripts subdirectory
- discover_trees.sh: Set compile-command and indentation instructions for Emacs
- discover_trees.sh: shellcheck: Do not use -o (SC2166)
- discover_trees.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- discover_trees.sh: shellcheck: Double-quote variable references (SC2086)
- generate_source_tarball.sh: Add authorship
- icedtea_sync.sh: Set compile-command and indentation instructions for Emacs
- icedtea_sync.sh: shellcheck: Double-quote variable references (SC2086)
- icedtea_sync.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: Set compile-command and indentation instructions for Emacs
- openjdk_news.sh: shellcheck: Double-quote variable references (SC2086)
- openjdk_news.sh: shellcheck: Remove x-prefixes since we use Bash (SC2268)
- openjdk_news.sh: shellcheck: Remove deprecated egrep usage (SC2196)
- generate_source_tarball.sh: Output values of new options WITH_TEMP and OPENJDK_LATEST
- generate_source_tarball.sh: Double-quote DEPTH reference (SC2086)
- generate_source_tarball.sh: Avoid empty DEPTH reference while still appeasing shellcheck

[1:17.0.12.0.6-0.1.ea]
- Update to jdk-17.0.12+6 (EA)
- Add openjdk-17.0.12+6-ea.tar.xz to .gitignore
- Set updatever to 12
- Set buildver to 6
- Set rpmrelease to 1
- Set is_ga to 0
- Update sources to openjdk-17.0.12+6-ea.tar.xz
- Require tzdata-java 2024a at runtime and for build (JDK-8325150)
- Update lcms2 bundled provides to 2.16.0
- Add zlib 1.3.1 bundled provides and zlib-devel build requirement (OPENJDK-3065)
- Label as error a designator mismatch
- Change a fix-me comment to a note instead
- Sync generate_source_tarball.sh from Fedora rawhide



ELSA-2024-4583 Important: Oracle Linux 9 kernel security update


Oracle Linux Security Advisory ELSA-2024-4583

http://linux.oracle.com/errata/ELSA-2024-4583.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-7.3.0-427.26.1.el9_4.x86_64.rpm
kernel-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-abi-stablelists-5.14.0-427.26.1.el9_4.noarch.rpm
kernel-core-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-cross-headers-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-core-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-devel-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-devel-matched-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-modules-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-modules-core-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-modules-extra-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-debug-uki-virt-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-devel-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-devel-matched-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-doc-5.14.0-427.26.1.el9_4.noarch.rpm
kernel-headers-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-modules-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-modules-core-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-modules-extra-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-tools-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-tools-libs-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-tools-libs-devel-5.14.0-427.26.1.el9_4.x86_64.rpm
kernel-uki-virt-5.14.0-427.26.1.el9_4.x86_64.rpm
libperf-5.14.0-427.26.1.el9_4.x86_64.rpm
perf-5.14.0-427.26.1.el9_4.x86_64.rpm
python3-perf-5.14.0-427.26.1.el9_4.x86_64.rpm
rtla-5.14.0-427.26.1.el9_4.x86_64.rpm
rv-5.14.0-427.26.1.el9_4.x86_64.rpm

aarch64:
bpftool-7.3.0-427.26.1.el9_4.aarch64.rpm
kernel-cross-headers-5.14.0-427.26.1.el9_4.aarch64.rpm
kernel-headers-5.14.0-427.26.1.el9_4.aarch64.rpm
kernel-tools-5.14.0-427.26.1.el9_4.aarch64.rpm
kernel-tools-libs-5.14.0-427.26.1.el9_4.aarch64.rpm
kernel-tools-libs-devel-5.14.0-427.26.1.el9_4.aarch64.rpm
perf-5.14.0-427.26.1.el9_4.aarch64.rpm
python3-perf-5.14.0-427.26.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-427.26.1.el9_4.src.rpm

Related CVEs:

CVE-2021-47548
CVE-2021-47596
CVE-2022-48627
CVE-2023-52638
CVE-2024-26783
CVE-2024-26858
CVE-2024-27397
CVE-2024-27435
CVE-2024-35958
CVE-2024-36270
CVE-2024-36886
CVE-2024-36904
CVE-2024-36957
CVE-2024-38543
CVE-2024-38586
CVE-2024-38593
CVE-2024-38663

Description of changes:

- [5.14.0-427.26.1.el9_4.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64