Oracle Linux 6269 Published by

The following updates have been released for Oracle Linux 9:

ELSA-2024-0966 Moderate: Oracle Linux 9 opensc security update
ELSA-2024-0950 Important: Oracle Linux 9 postgresql:15 security update
ELBA-2024-12173 Oracle Linux 9 dracut bug fix update
ELSA-2024-0975 Important: Oracle Linux 8 postgresql:13 security update
ELSA-2024-0973 Important: Oracle Linux 8 postgresql:15 security update
ELSA-2024-0967 Moderate: Oracle Linux 8 opensc security update
ELSA-2024-0955 Important: Oracle Linux 8 firefox security update
ELBA-2024-0346-1 Oracle Linux 7 kernel bug fix update
ELSA-2024-0976 Important: Oracle Linux 7 firefox security update (aarch64)
ELSA-2024-0957 Important: Oracle Linux 7 thunderbird security update (aarch64)
ELSA-2024-0976 Important: Oracle Linux 7 firefox security update
ELSA-2024-0346 Important: Oracle Linux 7 kernel security and bug fix update
ELSA-2024-0957 Important: Oracle Linux 7 thunderbird security update



ELSA-2024-0966 Moderate: Oracle Linux 9 opensc security update


Oracle Linux Security Advisory ELSA-2024-0966

http://linux.oracle.com/errata/ELSA-2024-0966.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
opensc-0.23.0-4.el9_3.i686.rpm
opensc-0.23.0-4.el9_3.x86_64.rpm

aarch64:
opensc-0.23.0-4.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//opensc-0.23.0-4.el9_3.src.rpm

Related CVEs:

CVE-2023-5992

Description of changes:

[0.23.0-4]
- Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding



ELSA-2024-0950 Important: Oracle Linux 9 postgresql:15 security update


Oracle Linux Security Advisory ELSA-2024-0950

http://linux.oracle.com/errata/ELSA-2024-0950.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
pgaudit-1.7.0-1.module+el9.2.0+21134+ceb95ed9.x86_64.rpm
pg_repack-1.4.8-1.module+el9.2.0+21134+ceb95ed9.x86_64.rpm
postgres-decoderbufs-1.9.7-1.Final.module+el9.2.0+21134+ceb95ed9.x86_64.rpm
postgresql-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-contrib-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-docs-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-plperl-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-plpython3-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-pltcl-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-private-devel-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-private-libs-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-server-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-server-devel-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-static-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-test-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-test-rpm-macros-15.6-1.module+el9.3.0+90158+dfcdadd2.noarch.rpm
postgresql-upgrade-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm
postgresql-upgrade-devel-15.6-1.module+el9.3.0+90158+dfcdadd2.x86_64.rpm

aarch64:
pgaudit-1.7.0-1.module+el9.2.0+21134+ceb95ed9.aarch64.rpm
pg_repack-1.4.8-1.module+el9.2.0+21134+ceb95ed9.aarch64.rpm
postgres-decoderbufs-1.9.7-1.Final.module+el9.2.0+21134+ceb95ed9.aarch64.rpm
postgresql-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-contrib-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-docs-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-plperl-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-plpython3-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-pltcl-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-private-devel-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-private-libs-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-server-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-server-devel-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-static-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-test-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-test-rpm-macros-15.6-1.module+el9.3.0+90158+dfcdadd2.noarch.rpm
postgresql-upgrade-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm
postgresql-upgrade-devel-15.6-1.module+el9.3.0+90158+dfcdadd2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//pgaudit-1.7.0-1.module+el9.2.0+21134+ceb95ed9.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//pg_repack-1.4.8-1.module+el9.2.0+21134+ceb95ed9.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//postgres-decoderbufs-1.9.7-1.Final.module+el9.2.0+21134+ceb95ed9.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//postgresql-15.6-1.module+el9.3.0+90158+dfcdadd2.src.rpm

Related CVEs:

CVE-2024-0985

Description of changes:

pgaudit
pg_repack
postgres-decoderbufs
postgresql
[15.6-1]
- update to 15.6
- Fixes CVE-2024-0985

[15.5-1]
- update to 15.5
- Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418
Resolves: RHEL-16100, RHEL-16124, RHEL-16139

[15.3-1]
- update to 15.3
- Fixes CVE-2023-2454 and CVE-2023-2455
Resolves: #2214875

[15.2-1]
- update to 15.2
- Resolves: #2128410

[15.0-2]
- update postgresql-setup to 8.8

[15.0-1]
- Initial import for postgresql 15
- Resolves: #2128410



ELBA-2024-12173 Oracle Linux 9 dracut bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12173

http://linux.oracle.com/errata/ELBA-2024-12173.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dracut-057-44.git20230822.0.3.el9.x86_64.rpm
dracut-config-generic-057-44.git20230822.0.3.el9.x86_64.rpm
dracut-config-rescue-057-44.git20230822.0.3.el9.x86_64.rpm
dracut-network-057-44.git20230822.0.3.el9.x86_64.rpm
dracut-squash-057-44.git20230822.0.3.el9.x86_64.rpm
dracut-tools-057-44.git20230822.0.3.el9.x86_64.rpm
dracut-caps-057-44.git20230822.0.3.el9.x86_64.rpm
dracut-live-057-44.git20230822.0.3.el9.x86_64.rpm

aarch64:
dracut-057-44.git20230822.0.3.el9.aarch64.rpm
dracut-config-generic-057-44.git20230822.0.3.el9.aarch64.rpm
dracut-config-rescue-057-44.git20230822.0.3.el9.aarch64.rpm
dracut-network-057-44.git20230822.0.3.el9.aarch64.rpm
dracut-squash-057-44.git20230822.0.3.el9.aarch64.rpm
dracut-tools-057-44.git20230822.0.3.el9.aarch64.rpm
dracut-caps-057-44.git20230822.0.3.el9.aarch64.rpm
dracut-live-057-44.git20230822.0.3.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dracut-057-44.git20230822.0.3.el9.src.rpm

Description of changes:

[057-44.git20230822.0.3]
- Remove microcode check based on CONFIG_MICROCODE_[AMD|INTEL] [Orabug: 36176897]



ELSA-2024-0975 Important: Oracle Linux 8 postgresql:13 security update


Oracle Linux Security Advisory ELSA-2024-0975

http://linux.oracle.com/errata/ELSA-2024-0975.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pgaudit-1.5.0-1.module+el8.9.0+90098+1560b6c2.x86_64.rpm
pg_repack-1.4.6-3.module+el8.9.0+90098+1560b6c2.x86_64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.9.0+90098+1560b6c2.x86_64.rpm
postgresql-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-contrib-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-docs-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-plperl-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-plpython3-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-pltcl-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-server-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-server-devel-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-static-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-test-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-test-rpm-macros-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.noarch.rpm
postgresql-upgrade-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm
postgresql-upgrade-devel-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.x86_64.rpm

aarch64:
pgaudit-1.5.0-1.module+el8.9.0+90098+1560b6c2.aarch64.rpm
pg_repack-1.4.6-3.module+el8.9.0+90098+1560b6c2.aarch64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.9.0+90098+1560b6c2.aarch64.rpm
postgresql-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-contrib-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-docs-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-plperl-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-plpython3-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-pltcl-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-server-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-server-devel-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-static-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-test-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-test-rpm-macros-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.noarch.rpm
postgresql-upgrade-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm
postgresql-upgrade-devel-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pgaudit-1.5.0-1.module+el8.9.0+90098+1560b6c2.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//pg_repack-1.4.6-3.module+el8.9.0+90098+1560b6c2.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//postgres-decoderbufs-0.10.0-2.module+el8.9.0+90098+1560b6c2.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//postgresql-13.14-1.0.1.module+el8.9.0+90161+5c7b3d27.src.rpm

Related CVEs:

CVE-2024-0985

Description of changes:

pgaudit
[1.5.0-1]
- Update to version 1.5.0
Related: #1855776

pg_repack
[1.4.6-3]
- Release bump - enable gating

postgres-decoderbufs
[0.10.0-2]
- Release bump for rebuild against libpq-12.1-3

postgresql
[13.14-1.0.1]
- update to 13.14
- Fixes CVE-2024-0985



ELSA-2024-0973 Important: Oracle Linux 8 postgresql:15 security update


Oracle Linux Security Advisory ELSA-2024-0973

http://linux.oracle.com/errata/ELSA-2024-0973.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pgaudit-1.7.0-1.module+el8.9.0+90110+d8a562d5.x86_64.rpm
pg_repack-1.4.8-1.module+el8.9.0+90110+d8a562d5.x86_64.rpm
postgres-decoderbufs-1.9.7-1.Final.module+el8.9.0+90110+d8a562d5.x86_64.rpm
postgresql-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-contrib-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-docs-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-plperl-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-plpython3-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-pltcl-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-private-devel-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-private-libs-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-server-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-server-devel-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-static-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-test-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-test-rpm-macros-15.6-1.module+el8.9.0+90160+417c9f54.noarch.rpm
postgresql-upgrade-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm
postgresql-upgrade-devel-15.6-1.module+el8.9.0+90160+417c9f54.x86_64.rpm

aarch64:
pgaudit-1.7.0-1.module+el8.9.0+90110+d8a562d5.aarch64.rpm
pg_repack-1.4.8-1.module+el8.9.0+90110+d8a562d5.aarch64.rpm
postgres-decoderbufs-1.9.7-1.Final.module+el8.9.0+90110+d8a562d5.aarch64.rpm
postgresql-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-contrib-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-docs-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-plperl-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-plpython3-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-pltcl-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-private-devel-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-private-libs-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-server-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-server-devel-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-static-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-test-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-test-rpm-macros-15.6-1.module+el8.9.0+90160+417c9f54.noarch.rpm
postgresql-upgrade-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm
postgresql-upgrade-devel-15.6-1.module+el8.9.0+90160+417c9f54.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pgaudit-1.7.0-1.module+el8.9.0+90110+d8a562d5.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//pg_repack-1.4.8-1.module+el8.9.0+90110+d8a562d5.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//postgres-decoderbufs-1.9.7-1.Final.module+el8.9.0+90110+d8a562d5.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//postgresql-15.6-1.module+el8.9.0+90160+417c9f54.src.rpm

Related CVEs:

CVE-2024-0985

Description of changes:

pgaudit
[1.7.0-1]
- Update to 1.7.0
- Support postgresql 15
- Related: #2128241

[1.5.0-1]
- Update to version 1.5.0
Related: #1855776

pg_repack
[1.4.8-1]
- Update to version 1.4.8
- Postgresql 15 is supported
- Related: #2128241

[1.4.6-4]
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

postgres-decoderbufs
[1.9.7-1.Final]
- Iitial import for postgresql 15 stream
- Related: #2128241

[1.4.0-4.Final]
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

[1.4.0-3.Final]
- Build jit based on what postgresql server does
Related: #1933048

[1.4.0-2.Final]
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

[1.4.0-1.Final]
- Update to new release 1.4.0

[1.1.0-0.6.Final]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[1.1.0-0.5.Final]
- Rebuilt for protobuf 3.14

[1.1.0-0.4.Final]
- Rebuilt for protobuf 3.13

[1.1.0-0.3.Final]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

[1.1.0-0.2.Final]
- Rebuilt for protobuf 3.12

[1.1.0-0.1.Final]
- Update to 1.1.0.Final

[1.0.0-0.1.Beta3]
- Update to 1.0.0-Beta3
- Drop BR: postgis-devel

postgresql
[15.6-1]
- update to 15.6
- Fixes CVE-2024-0985



ELSA-2024-0967 Moderate: Oracle Linux 8 opensc security update


Oracle Linux Security Advisory ELSA-2024-0967

http://linux.oracle.com/errata/ELSA-2024-0967.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
opensc-0.20.0-8.el8_9.i686.rpm
opensc-0.20.0-8.el8_9.x86_64.rpm

aarch64:
opensc-0.20.0-8.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//opensc-0.20.0-8.el8_9.src.rpm

Related CVEs:

CVE-2023-5992

Description of changes:

[0.20.0-8]
- Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding



ELSA-2024-0955 Important: Oracle Linux 8 firefox security update


Oracle Linux Security Advisory ELSA-2024-0955

http://linux.oracle.com/errata/ELSA-2024-0955.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.8.0-1.0.1.el8_9.x86_64.rpm

aarch64:
firefox-115.8.0-1.0.1.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//firefox-115.8.0-1.0.1.el8_9.src.rpm

Related CVEs:

CVE-2024-1546
CVE-2024-1547
CVE-2024-1548
CVE-2024-1549
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553

Description of changes:

[115.8.0-1.0.1]
- Update to 115.8.0 build 1



ELBA-2024-0346-1 Oracle Linux 7 kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-0346-1

http://linux.oracle.com/errata/ELBA-2024-0346-1.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
kernel-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1160.108.1.0.2.el7.noarch.rpm
kernel-debug-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
kernel-devel-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
kernel-doc-3.10.0-1160.108.1.0.2.el7.noarch.rpm
kernel-headers-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
kernel-tools-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
perf-3.10.0-1160.108.1.0.2.el7.x86_64.rpm
python-perf-3.10.0-1160.108.1.0.2.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-3.10.0-1160.108.1.0.2.el7.src.rpm

Description of changes:

[3.10.0-1160.108.1.0.2.el7.OL7]
- md/raid5: fix oops during stripe resizing (Ritika Srivastava) [Orabug: 34048726]
- blk-mq: Remove generation seqeunce (Ritika Srivastava) [Orabug: 33964689]
- block: init flush rq ref count to 1 (Ritika Srivastava) [Orabug: 33964689]
- block: fix null pointer dereference in blk_mq_rq_timed_out() (Ritika Srivastava) [Orabug: 33964689]
- [xen/netfront] stop tx queues during live migration (Orabug: 33446314)
- [xen/balloon] Support xend-based toolstack (Orabug: 28663970)
- [x86/apic/x2apic] avoid allocate multiple irq vectors for a single interrupt on multiple cpu, otherwise irq vectors would be used up when there are only 2 cpu online per node. [Orabug: 28691156]
- [bonding] avoid repeated display of same link status change. [Orabug: 28109857]
- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [Orabug: 22552377]
- kexec: Increase KEXEC_AUTO_RESERVED_SIZE to 256M [Orabug: 31517048]

[3.10.0-1160.108.1.0.1.el7.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}

[3.10.0-1160.108.1.el7.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 kill }_wait (Andreas Gruenbacher) [2196280]
- gfs2: Wake up when sd_glock_disposal becomes zero (Alexander Aring) [2196280]



ELSA-2024-0976 Important: Oracle Linux 7 firefox security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-0976

http://linux.oracle.com/errata/ELSA-2024-0976.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
firefox-115.8.0-1.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//firefox-115.8.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-1546
CVE-2024-1547
CVE-2024-1548
CVE-2024-1549
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553

Description of changes:

[115.8.0-1.0.1]
- Remove upstream references [Orabug: 30143292]
- Update distribution for Oracle Linux [Orabug: 30143292]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.8.0-1]
- Update to 115.8.0 build1



ELSA-2024-0957 Important: Oracle Linux 7 thunderbird security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-0957

http://linux.oracle.com/errata/ELSA-2024-0957.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
thunderbird-115.8.0-1.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//thunderbird-115.8.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-1546
CVE-2024-1547
CVE-2024-1548
CVE-2024-1549
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553

Description of changes:

[115.8.0-1.0.1]
- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js
- Enabled aarch64 build

[115.8.0-1]
- Update to 115.8.0 build1



ELSA-2024-0976 Important: Oracle Linux 7 firefox security update


Oracle Linux Security Advisory ELSA-2024-0976

http://linux.oracle.com/errata/ELSA-2024-0976.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.8.0-1.0.1.el7_9.i686.rpm
firefox-115.8.0-1.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//firefox-115.8.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-1546
CVE-2024-1547
CVE-2024-1548
CVE-2024-1549
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553

Description of changes:

[115.8.0-1.0.1]
- Remove upstream references [Orabug: 30143292]
- Update distribution for Oracle Linux [Orabug: 30143292]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.8.0-1]
- Update to 115.8.0 build1



ELSA-2024-0346 Important: Oracle Linux 7 kernel security and bug fix update


Oracle Linux Security Advisory ELSA-2024-0346

http://linux.oracle.com/errata/ELSA-2024-0346.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
kernel-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1160.108.1.0.1.el7.noarch.rpm
kernel-debug-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
kernel-devel-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
kernel-doc-3.10.0-1160.108.1.0.1.el7.noarch.rpm
kernel-headers-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
kernel-tools-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
perf-3.10.0-1160.108.1.0.1.el7.x86_64.rpm
python-perf-3.10.0-1160.108.1.0.1.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-3.10.0-1160.108.1.0.1.el7.src.rpm

Related CVEs:

CVE-2023-42753

Description of changes:

[3.10.0-1160.108.1.0.1.el7.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}

[3.10.0-1160.108.1.el7.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 kill }_wait (Andreas Gruenbacher) [2196280]
- gfs2: Wake up when sd_glock_disposal becomes zero (Alexander Aring) [2196280]



ELSA-2024-0957 Important: Oracle Linux 7 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-0957

http://linux.oracle.com/errata/ELSA-2024-0957.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.8.0-1.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//thunderbird-115.8.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-1546
CVE-2024-1547
CVE-2024-1548
CVE-2024-1549
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553

Description of changes:

[115.8.0-1.0.1]
- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js
- Enabled aarch64 build

[115.8.0-1]
- Update to 115.8.0 build1