Oracle Linux 6277 Published by

The following updates are available for Oracle Linux:

ELSA-2024-5530 Important: Oracle Linux 8 python-setuptools security update
ELSA-2024-5524 Important: Oracle Linux 8 bind security update
ELSA-2024-5532 Important: Oracle Linux 8 python3.11-setuptools security update
ELBA-2024-5301 Oracle Linux 8 cloud-init bug fix update
ELSA-2024-5534 Important: Oracle Linux 9 python-setuptools security update
ELSA-2024-5529 Moderate: Oracle Linux 9 curl security update
ELBA-2024-12589 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update




ELSA-2024-5530 Important: Oracle Linux 8 python-setuptools security update


Oracle Linux Security Advisory ELSA-2024-5530

http://linux.oracle.com/errata/ELSA-2024-5530.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
platform-python-setuptools-39.2.0-8.el8_10.noarch.rpm
python3-setuptools-39.2.0-8.el8_10.noarch.rpm
python3-setuptools-wheel-39.2.0-8.el8_10.noarch.rpm

aarch64:
platform-python-setuptools-39.2.0-8.el8_10.noarch.rpm
python3-setuptools-39.2.0-8.el8_10.noarch.rpm
python3-setuptools-wheel-39.2.0-8.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python-setuptools-39.2.0-8.el8_10.src.rpm

Related CVEs:

CVE-2024-6345

Description of changes:

[39.2.0-8]
- Security fix for CVE-2024-6345
Resolves: RHEL-50470



ELSA-2024-5524 Important: Oracle Linux 8 bind security update


Oracle Linux Security Advisory ELSA-2024-5524

http://linux.oracle.com/errata/ELSA-2024-5524.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind-9.11.36-16.el8_10.2.x86_64.rpm
bind-chroot-9.11.36-16.el8_10.2.x86_64.rpm
bind-devel-9.11.36-16.el8_10.2.i686.rpm
bind-devel-9.11.36-16.el8_10.2.x86_64.rpm
bind-export-devel-9.11.36-16.el8_10.2.i686.rpm
bind-export-devel-9.11.36-16.el8_10.2.x86_64.rpm
bind-export-libs-9.11.36-16.el8_10.2.i686.rpm
bind-export-libs-9.11.36-16.el8_10.2.x86_64.rpm
bind-libs-9.11.36-16.el8_10.2.i686.rpm
bind-libs-9.11.36-16.el8_10.2.x86_64.rpm
bind-libs-lite-9.11.36-16.el8_10.2.i686.rpm
bind-libs-lite-9.11.36-16.el8_10.2.x86_64.rpm
bind-license-9.11.36-16.el8_10.2.noarch.rpm
bind-lite-devel-9.11.36-16.el8_10.2.i686.rpm
bind-lite-devel-9.11.36-16.el8_10.2.x86_64.rpm
bind-pkcs11-9.11.36-16.el8_10.2.x86_64.rpm
bind-pkcs11-devel-9.11.36-16.el8_10.2.i686.rpm
bind-pkcs11-devel-9.11.36-16.el8_10.2.x86_64.rpm
bind-pkcs11-libs-9.11.36-16.el8_10.2.i686.rpm
bind-pkcs11-libs-9.11.36-16.el8_10.2.x86_64.rpm
bind-pkcs11-utils-9.11.36-16.el8_10.2.x86_64.rpm
bind-sdb-9.11.36-16.el8_10.2.x86_64.rpm
bind-sdb-chroot-9.11.36-16.el8_10.2.x86_64.rpm
bind-utils-9.11.36-16.el8_10.2.x86_64.rpm
python3-bind-9.11.36-16.el8_10.2.noarch.rpm

aarch64:
bind-9.11.36-16.el8_10.2.aarch64.rpm
bind-chroot-9.11.36-16.el8_10.2.aarch64.rpm
bind-devel-9.11.36-16.el8_10.2.aarch64.rpm
bind-export-devel-9.11.36-16.el8_10.2.aarch64.rpm
bind-export-libs-9.11.36-16.el8_10.2.aarch64.rpm
bind-libs-9.11.36-16.el8_10.2.aarch64.rpm
bind-libs-lite-9.11.36-16.el8_10.2.aarch64.rpm
bind-license-9.11.36-16.el8_10.2.noarch.rpm
bind-lite-devel-9.11.36-16.el8_10.2.aarch64.rpm
bind-pkcs11-9.11.36-16.el8_10.2.aarch64.rpm
bind-pkcs11-devel-9.11.36-16.el8_10.2.aarch64.rpm
bind-pkcs11-libs-9.11.36-16.el8_10.2.aarch64.rpm
bind-pkcs11-utils-9.11.36-16.el8_10.2.aarch64.rpm
bind-sdb-9.11.36-16.el8_10.2.aarch64.rpm
bind-sdb-chroot-9.11.36-16.el8_10.2.aarch64.rpm
bind-utils-9.11.36-16.el8_10.2.aarch64.rpm
python3-bind-9.11.36-16.el8_10.2.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//bind-9.11.36-16.el8_10.2.src.rpm

Related CVEs:

CVE-2024-1737
CVE-2024-1975

Description of changes:

[32:9.11.36-16.2]
- Rebuild after CI change

[32:9.11.36-16.1]
- Resolve CVE-2024-1975
- Resolve CVE-2024-1737
- Add ability to change runtime limits for max types and records per name

[32:9.11.36-16]
- Ensure incompatible dhcp is not accepted

[32:9.11.36-15]
- Ensure incompatible bind-dyndb-ldap is not accepted



ELSA-2024-5532 Important: Oracle Linux 8 python3.11-setuptools security update


Oracle Linux Security Advisory ELSA-2024-5532

http://linux.oracle.com/errata/ELSA-2024-5532.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-setuptools-65.5.1-3.el8_10.noarch.rpm
python3.11-setuptools-wheel-65.5.1-3.el8_10.noarch.rpm

aarch64:
python3.11-setuptools-65.5.1-3.el8_10.noarch.rpm
python3.11-setuptools-wheel-65.5.1-3.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python3.11-setuptools-65.5.1-3.el8_10.src.rpm

Related CVEs:

CVE-2024-6345

Description of changes:

[65.5.1-3]
- Security fix for CVE-2024-6345
Resolves: RHEL-50484



ELBA-2024-5301 Oracle Linux 8 cloud-init bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-5301

http://linux.oracle.com/errata/ELBA-2024-5301.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
cloud-init-23.4-7.0.1.el8_10.7.noarch.rpm

aarch64:
cloud-init-23.4-7.0.1.el8_10.7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//cloud-init-23.4-7.0.1.el8_10.7.src.rpm

Description of changes:

[23.4-7.0.1.7]
- Update IPv6 IMDS endpoint to ULA and drop NIC identifier [Orabug: 35965980]
- Enable IPv6 [Orabug: 36502414]
- Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938]
- Increase retry value and add timeout for OCI [Orabug: 35329883]
- Fix log file permissions [Orabug: 35302985]
- Update detection logic for OL distros in config template [Orabug: 34845400]
- Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938]
- Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672]
- limit permissions [Orabug: 31352433]
- Changes to ignore all enslaved interfaces [Orabug: 30092148]
- Fix swap file size allocation logic to allocate maxsize [Orabug: 29952349]
- Make Oracle datasource detect dracut based config files [Orabug: 29956753]
- add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch:
1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata
2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader
Resolves: Oracle-Bug:41660 (Bugzilla)
- added OL to list of known distros

[23.4.0.1]
- Apply OpenELA fixes

[23.4-7.el8_10.7]
- ci-fix-Clean-cache-if-no-datasource-fallback-5499.patch [RHEL-49742]
- Resolves: RHEL-49742
([Cloud-init] [RHEL-8.10] Password reset feature broken with CloudstackDataSource)

[23.4-7.el8_10.6]
- ci-feat-sysconfig-Add-DNS-from-interface-config-to-reso.patch [RHEL-46013]
- Resolves: RHEL-46013
([RHEL-8] cloud-init fails to configure DNS search domains [rhel-8.10.z])

[23.4-7.el8_10.5]
- ci-fix-cloudstack-Use-parsed-lease-file-for-virtual-rou.patch [RHEL-40418]
- Resolves: RHEL-40418
([Cloud-init] CloudstackDataSource cannot work with NetworkManager [rhel-8.10.z])



ELSA-2024-5534 Important: Oracle Linux 9 python-setuptools security update


Oracle Linux Security Advisory ELSA-2024-5534

http://linux.oracle.com/errata/ELSA-2024-5534.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-setuptools-53.0.0-12.el9_4.1.noarch.rpm
python3-setuptools-wheel-53.0.0-12.el9_4.1.noarch.rpm

aarch64:
python3-setuptools-53.0.0-12.el9_4.1.noarch.rpm
python3-setuptools-wheel-53.0.0-12.el9_4.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python-setuptools-53.0.0-12.el9_4.1.src.rpm

Related CVEs:

CVE-2024-6345

Description of changes:

[53.0.0-12.1]
- Security fix for CVE-2024-6345
Resolves: RHEL-50466



ELSA-2024-5529 Moderate: Oracle Linux 9 curl security update


Oracle Linux Security Advisory ELSA-2024-5529

http://linux.oracle.com/errata/ELSA-2024-5529.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
curl-7.76.1-29.el9_4.1.x86_64.rpm
curl-minimal-7.76.1-29.el9_4.1.x86_64.rpm
libcurl-7.76.1-29.el9_4.1.i686.rpm
libcurl-7.76.1-29.el9_4.1.x86_64.rpm
libcurl-devel-7.76.1-29.el9_4.1.i686.rpm
libcurl-devel-7.76.1-29.el9_4.1.x86_64.rpm
libcurl-minimal-7.76.1-29.el9_4.1.i686.rpm
libcurl-minimal-7.76.1-29.el9_4.1.x86_64.rpm

aarch64:
curl-7.76.1-29.el9_4.1.aarch64.rpm
curl-minimal-7.76.1-29.el9_4.1.aarch64.rpm
libcurl-7.76.1-29.el9_4.1.aarch64.rpm
libcurl-devel-7.76.1-29.el9_4.1.aarch64.rpm
libcurl-minimal-7.76.1-29.el9_4.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//curl-7.76.1-29.el9_4.1.src.rpm

Related CVEs:

CVE-2024-2398

Description of changes:

[7.76.1-29.el9_4.1]
- provide common cleanup method for push headers (CVE-2024-2398)



ELBA-2024-12589 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12589

http://linux.oracle.com/errata/ELBA-2024-12589.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
bpftool-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-209.161.7.1.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-209.161.7.1.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-209.161.7.1.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-209.161.7.1.el9uek.src.rpm

Description of changes:

[5.15.0-209.161.7.1.el9uek]
- fsnotify: clear PARENT_WATCHED flags lazily (Amir Goldstein) [Orabug: 36940606]