ELSA-2024-8860 Important: Oracle Linux 8 krb5 security update
ELSA-2024-12806 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
ELSA-2024-12806 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2024-8833 Moderate: Oracle Linux 8 libtiff security update
ELSA-2024-8859 Moderate: Oracle Linux 8 xmlrpc-c security update
ELSA-2024-8856 Moderate: Oracle Linux 8 kernel security update
ELBA-2024-8841 Oracle Linux 8 rsyslog bug fix update
ELBA-2024-8844 Oracle Linux 8 freerdp bug fix update
ELBA-2024-8839 Oracle Linux 8 httpd:2.4 bug fix and enhancement update
ELSA-2024-8830 Low: Oracle Linux 8 bpftrace security update
ELBA-2024-8845 Oracle Linux 8 ghostscript bug fix update
ELBA-2024-8805 Oracle Linux 8 tzdata bug fix and enhancement update
ELSA-2024-8831 Low: Oracle Linux 8 bcc security update
ELSA-2024-8842 Moderate: Oracle Linux 8 python3.12-urllib3 security update
ELSA-2024-8849 Moderate: Oracle Linux 8 haproxy security update
ELSA-2024-8843 Moderate: Oracle Linux 8 python3.11-urllib3 security update
ELSA-2024-8847 Moderate: Oracle Linux 8 grafana-pcp security update
ELBA-2024-12808 Oracle Linux 8 pcp bug fix update
ELBA-2024-8837 Oracle Linux 8 fence-agents bug fix update
ELSA-2024-8834 Important: Oracle Linux 8 python-gevent security update
ELSA-2024-8860 Important: Oracle Linux 8 krb5 security update
Oracle Linux Security Advisory ELSA-2024-8860
http://linux.oracle.com/errata/ELSA-2024-8860.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
krb5-devel-1.18.2-30.0.1.el8_10.i686.rpm
krb5-devel-1.18.2-30.0.1.el8_10.x86_64.rpm
krb5-libs-1.18.2-30.0.1.el8_10.i686.rpm
krb5-libs-1.18.2-30.0.1.el8_10.x86_64.rpm
krb5-pkinit-1.18.2-30.0.1.el8_10.i686.rpm
krb5-pkinit-1.18.2-30.0.1.el8_10.x86_64.rpm
krb5-server-1.18.2-30.0.1.el8_10.i686.rpm
krb5-server-1.18.2-30.0.1.el8_10.x86_64.rpm
krb5-server-ldap-1.18.2-30.0.1.el8_10.i686.rpm
krb5-server-ldap-1.18.2-30.0.1.el8_10.x86_64.rpm
krb5-workstation-1.18.2-30.0.1.el8_10.x86_64.rpm
libkadm5-1.18.2-30.0.1.el8_10.i686.rpm
libkadm5-1.18.2-30.0.1.el8_10.x86_64.rpm
aarch64:
krb5-devel-1.18.2-30.0.1.el8_10.aarch64.rpm
krb5-libs-1.18.2-30.0.1.el8_10.aarch64.rpm
krb5-pkinit-1.18.2-30.0.1.el8_10.aarch64.rpm
krb5-server-1.18.2-30.0.1.el8_10.aarch64.rpm
krb5-server-ldap-1.18.2-30.0.1.el8_10.aarch64.rpm
krb5-workstation-1.18.2-30.0.1.el8_10.aarch64.rpm
libkadm5-1.18.2-30.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//krb5-1.18.2-30.0.1.el8_10.src.rpm
Related CVEs:
CVE-2024-3596
Description of changes:
[1.18.2-30.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]
[1.18.2-30]
- libkrad: implement support for Message-Authenticator (CVE-2024-3596)
Resolves: RHEL-50253
- Remove RSA protocol for PKINIT
Resolves: RHEL-17616
ELSA-2024-12806 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2024-12806
http://linux.oracle.com/errata/ELSA-2024-12806.html
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.91.3.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.91.3.el6uek.noarch.rpm
kernel-uek-4.1.12-124.91.3.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.91.3.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.91.3.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.91.3.el6uek.x86_64.rpm
Related CVEs:
CVE-2022-48760
CVE-2022-48804
CVE-2023-6606
Description of changes:
[4.1.12-124.91.3.el6uek]
- nfs_atomic_open(): prevent parallel nfs_lookup() on a negative hashed (Al Viro) [Orabug: 37006239]
[4.1.12-124.91.2.el6uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37035560]
[4.1.12-124.91.1.el6uek]
- vt_ioctl: fix array_index_nospec in vt_setactivate (Jakob Koschel) [Orabug: 37101899] {CVE-2022-48804}
- tty: vt_ioctl: fix potential Spectre v1 (Gustavo A. R. Silva) [Orabug: 37101899] {CVE-2022-48804}
- USB: core: Fix hang in usb_kill_urb by adding memory barriers (Alan Stern) [Orabug: 37101883] {CVE-2022-48760}
- smb: client: fix OOB in smbCalcSize() (Paulo Alcantara) [Orabug: 36165420] {CVE-2023-6606}
ELSA-2024-12806 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2024-12806
http://linux.oracle.com/errata/ELSA-2024-12806.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.91.3.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.91.3.el7uek.noarch.rpm
kernel-uek-4.1.12-124.91.3.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.91.3.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.91.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.91.3.el7uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.1.12-124.91.3.el7uek.src.rpm
Related CVEs:
CVE-2022-48760
CVE-2022-48804
CVE-2023-6606
Description of changes:
[4.1.12-124.91.3.el7uek]
- nfs_atomic_open(): prevent parallel nfs_lookup() on a negative hashed (Al Viro) [Orabug: 37006239]
[4.1.12-124.91.2.el7uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37035560]
[4.1.12-124.91.1.el7uek]
- vt_ioctl: fix array_index_nospec in vt_setactivate (Jakob Koschel) [Orabug: 37101899] {CVE-2022-48804}
- tty: vt_ioctl: fix potential Spectre v1 (Gustavo A. R. Silva) [Orabug: 37101899] {CVE-2022-48804}
- USB: core: Fix hang in usb_kill_urb by adding memory barriers (Alan Stern) [Orabug: 37101883] {CVE-2022-48760}
- smb: client: fix OOB in smbCalcSize() (Paulo Alcantara) [Orabug: 36165420] {CVE-2023-6606}
ELSA-2024-8833 Moderate: Oracle Linux 8 libtiff security update
Oracle Linux Security Advisory ELSA-2024-8833
http://linux.oracle.com/errata/ELSA-2024-8833.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
libtiff-4.0.9-33.el8_10.i686.rpm
libtiff-4.0.9-33.el8_10.x86_64.rpm
libtiff-devel-4.0.9-33.el8_10.i686.rpm
libtiff-devel-4.0.9-33.el8_10.x86_64.rpm
libtiff-tools-4.0.9-33.el8_10.x86_64.rpm
aarch64:
libtiff-tools-4.0.9-33.el8_10.aarch64.rpm
libtiff-4.0.9-33.el8_10.aarch64.rpm
libtiff-devel-4.0.9-33.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libtiff-4.0.9-33.el8_10.src.rpm
Related CVEs:
CVE-2024-7006
Description of changes:
[4.0.9-33]
- fix CVE-2024-7006 a null pointer dereference in tif_dirinfo (RHEL-52927)
ELSA-2024-8859 Moderate: Oracle Linux 8 xmlrpc-c security update
Oracle Linux Security Advisory ELSA-2024-8859
http://linux.oracle.com/errata/ELSA-2024-8859.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
xmlrpc-c-1.51.0-10.el8_10.i686.rpm
xmlrpc-c-1.51.0-10.el8_10.x86_64.rpm
xmlrpc-c-client-1.51.0-10.el8_10.i686.rpm
xmlrpc-c-client-1.51.0-10.el8_10.x86_64.rpm
xmlrpc-c-c++-1.51.0-10.el8_10.i686.rpm
xmlrpc-c-c++-1.51.0-10.el8_10.x86_64.rpm
xmlrpc-c-client++-1.51.0-10.el8_10.i686.rpm
xmlrpc-c-client++-1.51.0-10.el8_10.x86_64.rpm
xmlrpc-c-devel-1.51.0-10.el8_10.i686.rpm
xmlrpc-c-devel-1.51.0-10.el8_10.x86_64.rpm
aarch64:
xmlrpc-c-1.51.0-10.el8_10.aarch64.rpm
xmlrpc-c-client-1.51.0-10.el8_10.aarch64.rpm
xmlrpc-c-c++-1.51.0-10.el8_10.aarch64.rpm
xmlrpc-c-client++-1.51.0-10.el8_10.aarch64.rpm
xmlrpc-c-devel-1.51.0-10.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//xmlrpc-c-1.51.0-10.el8_10.src.rpm
Related CVEs:
CVE-2024-45491
Description of changes:
[1.51.0-10]
- Prevent integer overflow or wraparound, CVE-2024-4549 (RHEL-57519)
ELSA-2024-8856 Moderate: Oracle Linux 8 kernel security update
Oracle Linux Security Advisory ELSA-2024-8856
http://linux.oracle.com/errata/ELSA-2024-8856.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.27.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.27.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.27.1.el8_10.x86_64.rpm
perf-4.18.0-553.27.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.27.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.27.1.el8_10.x86_64.rpm
aarch64:
bpftool-4.18.0-553.27.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.27.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.27.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.27.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.27.1.el8_10.aarch64.rpm
perf-4.18.0-553.27.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.27.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.27.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.27.1.el8_10.src.rpm
Related CVEs:
CVE-2022-48773
CVE-2022-48936
CVE-2023-52492
CVE-2024-24857
CVE-2024-26851
CVE-2024-26924
CVE-2024-26976
CVE-2024-27017
CVE-2024-27062
CVE-2024-35839
CVE-2024-35898
CVE-2024-35939
CVE-2024-38540
CVE-2024-38541
CVE-2024-38586
CVE-2024-38608
CVE-2024-39503
CVE-2024-40924
CVE-2024-40961
CVE-2024-40983
CVE-2024-40984
CVE-2024-41009
CVE-2024-41042
CVE-2024-41066
CVE-2024-41092
CVE-2024-41093
CVE-2024-42070
CVE-2024-42079
CVE-2024-42244
CVE-2024-42284
CVE-2024-42292
CVE-2024-42301
CVE-2024-43854
CVE-2024-43880
CVE-2024-43889
CVE-2024-43892
CVE-2024-44935
CVE-2024-44989
CVE-2024-44990
CVE-2024-45018
CVE-2024-46826
CVE-2024-47668
Description of changes:
- [4.18.0-553.27.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757]
- gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757]
- gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757]
- gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757]
- gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757]
- dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492}
- dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939}
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075]
- NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397]
- cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251]
- cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251]
- cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251]
- cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251]
[4.18.0-553.25.1.el8_10]
- cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052]
- cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052]
- cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052]
- smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052]
- smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052]
- cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052]
- cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052]
- cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052]
- cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052]
- cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052]
- cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052]
- cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052]
- cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052]
- Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052]
- SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052]
- cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052]
- cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052]
- drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092}
- scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224]
- kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292}
- gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079}
- of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541}
[4.18.0-553.24.1.el8_10]
- cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729]
- padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889}
- i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000]
- sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935}
- net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608}
- net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608}
- r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586}
- netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018}
- memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892}
- memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892}
- mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892}
- mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892}
- ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676]
[4.18.0-553.23.1.el8_10]
- ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002]
- netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924}
- netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017}
- netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017}
- netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017}
- netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042}
- netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070}
- netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898}
- netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503}
- netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503}
- netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503}
- netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851}
- netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301}
- KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976}
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540}
- tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284}
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857}
- drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924}
- tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983}
- block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854}
- gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936}
- drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093}
- ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961}
- mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880}
- ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066}
- ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066}
- netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244}
- ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984}
ELBA-2024-8841 Oracle Linux 8 rsyslog bug fix update
Oracle Linux Bug Fix Advisory ELBA-2024-8841
http://linux.oracle.com/errata/ELBA-2024-8841.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
rsyslog-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-crypto-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-doc-8.2102.0-15.el8_10.1.noarch.rpm
rsyslog-elasticsearch-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-gnutls-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-gssapi-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-kafka-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-mmaudit-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-mmfields-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-mmjsonparse-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-mmkubernetes-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-mmnormalize-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-mmsnmptrapd-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-mysql-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-omamqp1-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-openssl-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-pgsql-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-relp-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-snmp-8.2102.0-15.el8_10.1.x86_64.rpm
rsyslog-udpspoof-8.2102.0-15.el8_10.1.x86_64.rpm
aarch64:
rsyslog-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-crypto-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-doc-8.2102.0-15.el8_10.1.noarch.rpm
rsyslog-elasticsearch-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-gnutls-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-gssapi-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-kafka-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-mmaudit-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-mmfields-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-mmjsonparse-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-mmkubernetes-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-mmnormalize-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-mmsnmptrapd-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-mysql-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-omamqp1-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-openssl-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-pgsql-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-relp-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-snmp-8.2102.0-15.el8_10.1.aarch64.rpm
rsyslog-udpspoof-8.2102.0-15.el8_10.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//rsyslog-8.2102.0-15.el8_10.1.src.rpm
Description of changes:
[8.2102.0-15.1]
- Propagate gnutlsPriorityString when accepting new connection
resolves: RHEL-54663
ELBA-2024-8844 Oracle Linux 8 freerdp bug fix update
Oracle Linux Bug Fix Advisory ELBA-2024-8844
http://linux.oracle.com/errata/ELBA-2024-8844.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
freerdp-2.11.7-1.el8_10.x86_64.rpm
freerdp-libs-2.11.7-1.el8_10.i686.rpm
freerdp-libs-2.11.7-1.el8_10.x86_64.rpm
libwinpr-2.11.7-1.el8_10.i686.rpm
libwinpr-2.11.7-1.el8_10.x86_64.rpm
libwinpr-devel-2.11.7-1.el8_10.i686.rpm
libwinpr-devel-2.11.7-1.el8_10.x86_64.rpm
freerdp-devel-2.11.7-1.el8_10.i686.rpm
freerdp-devel-2.11.7-1.el8_10.x86_64.rpm
aarch64:
freerdp-2.11.7-1.el8_10.aarch64.rpm
freerdp-libs-2.11.7-1.el8_10.aarch64.rpm
libwinpr-2.11.7-1.el8_10.aarch64.rpm
libwinpr-devel-2.11.7-1.el8_10.aarch64.rpm
freerdp-devel-2.11.7-1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//freerdp-2.11.7-1.el8_10.src.rpm
Description of changes:
[2:2.11.7-1]
- Update to 2.11.7 (RHEL-53081)
ELBA-2024-8839 Oracle Linux 8 httpd:2.4 bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2024-8839
http://linux.oracle.com/errata/ELBA-2024-8839.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
httpd-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.noarch.rpm
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.noarch.rpm
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm
mod_http2-1.15.7-10.module+el8.10.0+90430+1ba508be.1.x86_64.rpm
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.x86_64.rpm
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm
mod_session-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.x86_64.rpm
aarch64:
httpd-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.noarch.rpm
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.noarch.rpm
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm
mod_http2-1.15.7-10.module+el8.10.0+90430+1ba508be.1.aarch64.rpm
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.aarch64.rpm
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm
mod_session-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//httpd-2.4.37-65.0.1.module+el8.10.0+90430+1ba508be.2.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//mod_http2-1.15.7-10.module+el8.10.0+90430+1ba508be.1.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.src.rpm
Description of changes:
httpd
[2.4.37-65.2.0.1]
- Replace index.html with Oracle's index page oracle_index.html
[2.4.37-65.2]
- Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend
applications whose response headers are malicious or exploitable (CVE-2024-38476)
- Resolves: RHEL-53022 - Regression introduced by CVE-2024-38474 fix
[2.4.37-65.1]
- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue
in mod_rewrite (CVE-2024-38474)
- Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in
mod_proxy (CVE-2024-38473)
- Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output
in mod_rewrite (CVE-2024-38475)
- Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference
in mod_proxy (CVE-2024-38477)
- Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF
in mod_rewrite (CVE-2024-39573)
mod_http2
[1.15.7-10.1]
- Resolves: RHEL-46214 - Access logs and ErrorDocument don't work when HTTP431
occurs using http/2 on RHEL8
mod_md
ELSA-2024-8830 Low: Oracle Linux 8 bpftrace security update
Oracle Linux Security Advisory ELSA-2024-8830
http://linux.oracle.com/errata/ELSA-2024-8830.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftrace-0.16.0-6.el8_10.x86_64.rpm
aarch64:
bpftrace-0.16.0-6.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//bpftrace-0.16.0-6.el8_10.src.rpm
Related CVEs:
CVE-2024-2313
Description of changes:
[0.16.0-6]
- Fix security hole checking unpacked kernel headers (CVE-2024-2313)
- Resolves: RHEL-28764
ELBA-2024-8845 Oracle Linux 8 ghostscript bug fix update
Oracle Linux Bug Fix Advisory ELBA-2024-8845
http://linux.oracle.com/errata/ELBA-2024-8845.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
ghostscript-9.27-15.el8_10.x86_64.rpm
ghostscript-x11-9.27-15.el8_10.x86_64.rpm
libgs-9.27-15.el8_10.i686.rpm
libgs-9.27-15.el8_10.x86_64.rpm
ghostscript-doc-9.27-15.el8_10.noarch.rpm
ghostscript-tools-dvipdf-9.27-15.el8_10.x86_64.rpm
ghostscript-tools-fonts-9.27-15.el8_10.x86_64.rpm
ghostscript-tools-printing-9.27-15.el8_10.x86_64.rpm
libgs-devel-9.27-15.el8_10.i686.rpm
libgs-devel-9.27-15.el8_10.x86_64.rpm
aarch64:
ghostscript-9.27-15.el8_10.aarch64.rpm
ghostscript-x11-9.27-15.el8_10.aarch64.rpm
libgs-9.27-15.el8_10.aarch64.rpm
ghostscript-doc-9.27-15.el8_10.noarch.rpm
ghostscript-tools-dvipdf-9.27-15.el8_10.aarch64.rpm
ghostscript-tools-fonts-9.27-15.el8_10.aarch64.rpm
ghostscript-tools-printing-9.27-15.el8_10.aarch64.rpm
libgs-devel-9.27-15.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//ghostscript-9.27-15.el8_10.src.rpm
Description of changes:
[9.27-15]
- fix printing PCL XL on some printers
[9.27-14]
- RHEL-61729 Ghostscript is generating PJL of a significantly larger size
ELBA-2024-8805 Oracle Linux 8 tzdata bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2024-8805
http://linux.oracle.com/errata/ELBA-2024-8805.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
tzdata-2024b-4.0.1.el8.noarch.rpm
tzdata-java-2024b-4.0.1.el8.noarch.rpm
aarch64:
tzdata-2024b-4.0.1.el8.noarch.rpm
tzdata-java-2024b-4.0.1.el8.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tzdata-2024b-4.0.1.el8.src.rpm
Description of changes:
[2024b-4.0.1]
- Use javac 1.6 or newer
[2024b-4]
- Bump release and rebuild to fix a build issue.
[2024b-3]
- Add copyright, patch attribution and build dependencies for
the previous commit. (RHEL-59542)
[2024b-2]
- Harden against links to removed zones (RHEL-59542)
[2024b-1]
- Update to tzdata-2024b
- Improve historical data for Mexico, Mongolia, and Portugal.
- System V names are now obsolescent.
- The main data form now uses %z.
- The code now conforms to RFC 8536 for early timestamps.
- Support POSIX.1-2024, which removes asctime_r and ctime_r.
- Assume POSIX.2-1992 or later for shell scripts.
- SUPPORT_C89 now defaults to 1.
- Include two upstream patches for month names as in April vs Apr.
ELSA-2024-8831 Low: Oracle Linux 8 bcc security update
Oracle Linux Security Advisory ELSA-2024-8831
http://linux.oracle.com/errata/ELSA-2024-8831.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bcc-0.25.0-9.el8_10.x86_64.rpm
bcc-tools-0.25.0-9.el8_10.x86_64.rpm
python3-bcc-0.25.0-9.el8_10.x86_64.rpm
bcc-devel-0.25.0-9.el8_10.x86_64.rpm
bcc-doc-0.25.0-9.el8_10.noarch.rpm
aarch64:
bcc-0.25.0-9.el8_10.aarch64.rpm
bcc-tools-0.25.0-9.el8_10.aarch64.rpm
python3-bcc-0.25.0-9.el8_10.aarch64.rpm
bcc-devel-0.25.0-9.el8_10.aarch64.rpm
bcc-doc-0.25.0-9.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//bcc-0.25.0-9.el8_10.src.rpm
Related CVEs:
CVE-2024-2314
Description of changes:
[0.25.0-9]
- Really prevent the loading of compromised headers (RHEL-28768, CVE-2024-2314)
[0.25.0-8]
- Check header ownership (RHEL-28768)
ELSA-2024-8842 Moderate: Oracle Linux 8 python3.12-urllib3 security update
Oracle Linux Security Advisory ELSA-2024-8842
http://linux.oracle.com/errata/ELSA-2024-8842.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
python3.12-urllib3-1.26.19-1.el8_10.noarch.rpm
aarch64:
python3.12-urllib3-1.26.19-1.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python3.12-urllib3-1.26.19-1.el8_10.src.rpm
Related CVEs:
CVE-2024-37891
Description of changes:
[1.26.19-1]
- Rebase to 1.26.19 to fix CVE-2024-37891
Resolves: RHEL-59989
ELSA-2024-8849 Moderate: Oracle Linux 8 haproxy security update
Oracle Linux Security Advisory ELSA-2024-8849
http://linux.oracle.com/errata/ELSA-2024-8849.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
haproxy-1.8.27-5.el8_10.1.x86_64.rpm
aarch64:
haproxy-1.8.27-5.el8_10.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//haproxy-1.8.27-5.el8_10.1.src.rpm
Related CVEs:
CVE-2023-45539
Description of changes:
[1.8.27-5.1]
- Reject "#" as part of URI path component (CVE-2023-45539, RHEL-18168)
ELSA-2024-8843 Moderate: Oracle Linux 8 python3.11-urllib3 security update
Oracle Linux Security Advisory ELSA-2024-8843
http://linux.oracle.com/errata/ELSA-2024-8843.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
python3.11-urllib3-1.26.12-4.el8_10.noarch.rpm
aarch64:
python3.11-urllib3-1.26.12-4.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python3.11-urllib3-1.26.12-4.el8_10.src.rpm
Related CVEs:
CVE-2024-37891
Description of changes:
[1.26.12-4]
- Fix test_ssltransport for changes in ssl.SSLSocket in Python 3.11.3
Related: RHEL-59995
[1.26.12-3]
- Security fix for CVE-2024-37891
Resolves: RHEL-59995
ELSA-2024-8847 Moderate: Oracle Linux 8 grafana-pcp security update
Oracle Linux Security Advisory ELSA-2024-8847
http://linux.oracle.com/errata/ELSA-2024-8847.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
grafana-pcp-5.1.1-9.el8_10.x86_64.rpm
aarch64:
grafana-pcp-5.1.1-9.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//grafana-pcp-5.1.1-9.el8_10.src.rpm
Related CVEs:
CVE-2024-9355
Description of changes:
[5.1.1-9]
- Resolves RHEL-61780: CVE-2024-9355
ELBA-2024-12808 Oracle Linux 8 pcp bug fix update
Oracle Linux Bug Fix Advisory ELBA-2024-12808
http://linux.oracle.com/errata/ELBA-2024-12808.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
pcp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-conf-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-devel-5.3.7-22.0.2.el8_10.i686.rpm
pcp-devel-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-doc-5.3.7-22.0.2.el8_10.noarch.rpm
pcp-export-pcp2graphite-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-export-pcp2influxdb-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-export-pcp2json-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-export-pcp2xml-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-export-pcp2zabbix-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-export-zabbix-agent-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-gui-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-import-collectl2pcp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-import-ganglia2pcp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-import-iostat2pcp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-import-mrtg2pcp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-import-sar2pcp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-libs-5.3.7-22.0.2.el8_10.i686.rpm
pcp-libs-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-libs-devel-5.3.7-22.0.2.el8_10.i686.rpm
pcp-libs-devel-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-activemq-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-apache-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-bash-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-bcc-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-bind2-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-bonding-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-cifs-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-cisco-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-dbping-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-dm-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-docker-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-ds389-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-ds389log-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-elasticsearch-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-gfs2-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-gluster-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-gpfs-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-gpsd-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-haproxy-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-infiniband-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-json-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-libvirt-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-lio-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-lmsensors-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-logger-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-lustre-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-lustrecomm-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-mailq-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-memcache-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-mic-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-mounts-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-mysql-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-named-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-netfilter-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-news-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-nfsclient-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-nginx-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-nvidia-gpu-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-oracle-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-pdns-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-perfevent-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-podman-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-postfix-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-postgresql-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-redis-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-roomtemp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-rsyslog-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-samba-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-sendmail-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-shping-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-slurm-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-smart-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-snmp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-summary-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-systemd-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-trace-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-unbound-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-weblog-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-zimbra-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-zswap-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-selinux-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-system-tools-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-testsuite-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-zeroconf-5.3.7-22.0.2.el8_10.x86_64.rpm
perl-PCP-LogImport-5.3.7-22.0.2.el8_10.x86_64.rpm
perl-PCP-LogSummary-5.3.7-22.0.2.el8_10.x86_64.rpm
perl-PCP-MMV-5.3.7-22.0.2.el8_10.x86_64.rpm
perl-PCP-PMDA-5.3.7-22.0.2.el8_10.x86_64.rpm
python3-pcp-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-export-pcp2elasticsearch-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-export-pcp2spark-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-bpftrace-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-mssql-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-netcheck-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-openmetrics-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-openvswitch-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-rabbitmq-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-statsd-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-hacluster-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-sockets-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-denki-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-pmda-mongodb-5.3.7-22.0.2.el8_10.x86_64.rpm
pcp-testsuite-5.3.7-22.0.2.el8_10.i686.rpm
aarch64:
pcp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-conf-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-devel-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-doc-5.3.7-22.0.2.el8_10.noarch.rpm
pcp-export-pcp2graphite-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-export-pcp2influxdb-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-export-pcp2json-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-export-pcp2xml-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-export-pcp2zabbix-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-export-zabbix-agent-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-gui-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-import-collectl2pcp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-import-ganglia2pcp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-import-iostat2pcp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-import-mrtg2pcp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-import-sar2pcp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-libs-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-libs-devel-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-activemq-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-apache-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-bash-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-bind2-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-bonding-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-cifs-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-cisco-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-dbping-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-dm-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-docker-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-ds389-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-ds389log-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-elasticsearch-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-gfs2-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-gluster-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-gpfs-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-gpsd-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-haproxy-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-infiniband-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-json-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-libvirt-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-lio-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-lmsensors-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-logger-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-lustre-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-lustrecomm-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-mailq-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-memcache-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-mic-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-mounts-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-mysql-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-named-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-netfilter-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-news-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-nfsclient-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-nginx-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-nvidia-gpu-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-oracle-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-pdns-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-perfevent-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-podman-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-postfix-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-postgresql-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-redis-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-roomtemp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-rsyslog-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-samba-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-sendmail-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-shping-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-slurm-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-smart-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-snmp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-summary-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-systemd-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-trace-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-unbound-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-weblog-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-zimbra-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-zswap-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-selinux-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-system-tools-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-testsuite-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-zeroconf-5.3.7-22.0.2.el8_10.aarch64.rpm
perl-PCP-LogImport-5.3.7-22.0.2.el8_10.aarch64.rpm
perl-PCP-LogSummary-5.3.7-22.0.2.el8_10.aarch64.rpm
perl-PCP-MMV-5.3.7-22.0.2.el8_10.aarch64.rpm
perl-PCP-PMDA-5.3.7-22.0.2.el8_10.aarch64.rpm
python3-pcp-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-export-pcp2elasticsearch-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-export-pcp2spark-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-bcc-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-bpftrace-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-netcheck-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-openmetrics-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-openvswitch-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-rabbitmq-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-statsd-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-hacluster-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-sockets-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-denki-5.3.7-22.0.2.el8_10.aarch64.rpm
pcp-pmda-mongodb-5.3.7-22.0.2.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pcp-5.3.7-22.0.2.el8_10.src.rpm
Description of changes:
[5.3.7-22.0.2]
- Fixed pmlogcheck time consuming issue [Orabug: 36995894]
- Added pcp-ps arg option to view full command argument [Orabug: 37062125]
- Added no interpolation option in pcp-buddyinfo [Orabug: 36985368]
- Added timestamp and fixed broken pipe in pcp-meminfo [Orabug: 36985368]
ELBA-2024-8837 Oracle Linux 8 fence-agents bug fix update
Oracle Linux Bug Fix Advisory ELBA-2024-8837
http://linux.oracle.com/errata/ELBA-2024-8837.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
fence-agents-all-4.2.1-129.el8_10.5.x86_64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.5.x86_64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.5.x86_64.rpm
fence-agents-lpar-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-mpath-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.5.x86_64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.5.noarch.rpm
aarch64:
fence-agents-all-4.2.1-129.el8_10.5.aarch64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.5.aarch64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.5.aarch64.rpm
fence-agents-mpath-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.5.aarch64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.5.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.5.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//fence-agents-4.2.1-129.el8_10.5.src.rpm
Description of changes:
[4.2.1-129.5]
- fence_scsi: preempt clears all devices on the mpath device, so only
run it for the first device
Resolves: RHEL-56840
[4.2.1-129.4]
- bundled setuptools: fix CVE-2024-6345
Resolves: RHEL-50223
[4.2.1-129.3]
- bundled urllib3: fix CVE-2024-37891
Resolves: RHEL-43568
[4.2.1-129.2]
- fence_eps: add fence_epsr2 for ePowerSwitch R2 and newer
Resolves: RHEL-7734
- bundled jinja2: fix CVE-2024-34064
Resolves: RHEL-35655
ELSA-2024-8834 Important: Oracle Linux 8 python-gevent security update
Oracle Linux Security Advisory ELSA-2024-8834
http://linux.oracle.com/errata/ELSA-2024-8834.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
python3-gevent-1.2.2-5.el8_10.x86_64.rpm
aarch64:
python3-gevent-1.2.2-5.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python-gevent-1.2.2-5.el8_10.src.rpm
Related CVEs:
CVE-2023-41419
Description of changes:
[1.2.2-5]
- Avoid printing TypeError traceback
- gevent.pywsgi: Much improved handling of chunk trailers
Backport fix for CVE-2023-41419
Resolves: RHEL-17078