ELSA-2024-10244 Important: Oracle Linux 9 pam:1.5.1 security update
ELSA-2024-10218 Moderate: Oracle Linux 9 perl-App-cpanminus security update
ELBA-2024-9569 Oracle Linux 8 .NET 8.0 bug fix and enhancement update
ELSA-2024-10244 Important: Oracle Linux 9 pam:1.5.1 security update
Oracle Linux Security Advisory ELSA-2024-10244
http://linux.oracle.com/errata/ELSA-2024-10244.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
pam-1.5.1-22.0.1.el9_5.i686.rpm
pam-1.5.1-22.0.1.el9_5.x86_64.rpm
pam-devel-1.5.1-22.0.1.el9_5.i686.rpm
pam-devel-1.5.1-22.0.1.el9_5.x86_64.rpm
pam-docs-1.5.1-22.0.1.el9_5.x86_64.rpm
aarch64:
pam-1.5.1-22.0.1.el9_5.aarch64.rpm
pam-devel-1.5.1-22.0.1.el9_5.aarch64.rpm
pam-docs-1.5.1-22.0.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//pam-1.5.1-22.0.1.el9_5.src.rpm
Related CVEs:
CVE-2024-10963
Description of changes:
[1.5.1-22.0.1]
- pam_access: clean up the remote host matching code [Orabug: 36771903]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]
[1.5.1-22]
- pam_access: rework resolving of tokens as hostname.
Resolves: CVE-2024-10963 and RHEL-66245
[1.5.1-21]
- pam_unix: always run the helper to obtain shadow password file entries.
CVE-2024-10041. Resolves: RHEL-62880
ELSA-2024-10218 Moderate: Oracle Linux 9 perl-App-cpanminus security update
Oracle Linux Security Advisory ELSA-2024-10218
http://linux.oracle.com/errata/ELSA-2024-10218.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
perl-App-cpanminus-1.7044-14.1.el9_5.noarch.rpm
aarch64:
perl-App-cpanminus-1.7044-14.1.el9_5.noarch.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//perl-App-cpanminus-1.7044-14.1.el9_5.src.rpm
Related CVEs:
CVE-2024-45321
Description of changes:
[1.7044-14.1]
- Patch the code to use https instead of http (CVE-2024-45321)
- Resolves: RHEL-56519
ELBA-2024-9569 Oracle Linux 8 .NET 8.0 bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2024-9569
http://linux.oracle.com/errata/ELBA-2024-9569.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
aspnetcore-runtime-8.0-8.0.11-1.0.1.el8_10.1.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.11-1.0.1.el8_10.1.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.11-1.0.1.el8_10.1.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.11-1.0.1.el8_10.1.x86_64.rpm
dotnet-hostfxr-8.0-8.0.11-1.0.1.el8_10.1.x86_64.rpm
dotnet-runtime-8.0-8.0.11-1.0.1.el8_10.1.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.11-1.0.1.el8_10.1.x86_64.rpm
dotnet-sdk-8.0-8.0.111-1.0.1.el8_10.1.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.111-1.0.1.el8_10.1.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.11-1.0.1.el8_10.1.x86_64.rpm
dotnet-templates-8.0-8.0.111-1.0.1.el8_10.1.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.111-1.0.1.el8_10.1.x86_64.rpm
aarch64:
aspnetcore-runtime-8.0-8.0.11-1.0.1.el8_10.1.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.11-1.0.1.el8_10.1.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.11-1.0.1.el8_10.1.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.11-1.0.1.el8_10.1.aarch64.rpm
dotnet-hostfxr-8.0-8.0.11-1.0.1.el8_10.1.aarch64.rpm
dotnet-runtime-8.0-8.0.11-1.0.1.el8_10.1.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.11-1.0.1.el8_10.1.aarch64.rpm
dotnet-sdk-8.0-8.0.111-1.0.1.el8_10.1.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.111-1.0.1.el8_10.1.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.11-1.0.1.el8_10.1.aarch64.rpm
dotnet-templates-8.0-8.0.111-1.0.1.el8_10.1.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.111-1.0.1.el8_10.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet8.0-8.0.111-1.0.1.el8_10.1.src.rpm
Description of changes:
[8.0.111-1.0.1.1]
- Add support for Oracle Linux
[8.0.111-1.1]
- Disable packages provided by another .NET version
- Related: RHEL-65366
[8.0.111-1]
- Update to .NET SDK 8.0.111 and Runtime 8.0.11
- Resolves: RHEL-65366
