ELBA-2024-10833 Oracle Linux 9 scap-security-guide bug fix and enhancement update
ELBA-2024-12883 Oracle Linux 8 scap-security-guide bug fix update
ELSA-2024-11111 Moderate: Oracle Linux 9 python3.11 security update
ELSA-2024-10949 Moderate: Oracle Linux 9 php:8.2 security update
ELBA-2024-10833 Oracle Linux 8 scap-security-guide bug fix and enhancement update
ELBA-2024-10833 Oracle Linux 9 scap-security-guide bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2024-10833
http://linux.oracle.com/errata/ELBA-2024-10833.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
scap-security-guide-0.1.75-1.0.1.el9.noarch.rpm
scap-security-guide-doc-0.1.75-1.0.1.el9.noarch.rpm
aarch64:
scap-security-guide-0.1.75-1.0.1.el9.noarch.rpm
scap-security-guide-doc-0.1.75-1.0.1.el9.noarch.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//scap-security-guide-0.1.75-1.0.1.el9.src.rpm
Description of changes:
[0.1.75-1.0.1]
- Remove rules not applicable to OL [Orabug: 37383594]
- Remove references to other vendors [Orabug: 37383594]
- Add default tailoring file [Orabug: 37383600]
- Fix system with kernel-applicability condition [Orabug: 37383594]
[0.1.75.openela.1.0]
- Add OpenELA as derivative of RHEL
[0.1.75-1]
- Rebase to new release (RHEL-66154)
- the rule sshd_use_priv_separation is no longer used (RHEL-66057)
- add a rule checking for presence of chrony to CIS RHEL 9 profile (RHEL-60005)
- remediation of Networkmanager DNS mode now remediates value "default" (RHEL-53426)
- Adjust mount_option_nodev_nonroot_local_partitions to work in Image Builder environments. (RHEL-45018)
- Adjusted rules related to sshd ensure constancy in checked values and ensure that drop in configuration files are checked. (RHEL-38206)
ELBA-2024-12883 Oracle Linux 8 scap-security-guide bug fix update
Oracle Linux Bug Fix Advisory ELBA-2024-12883
http://linux.oracle.com/errata/ELBA-2024-12883.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
scap-security-guide-0.1.75-1.0.2.el8.noarch.rpm
scap-security-guide-doc-0.1.75-1.0.2.el8.noarch.rpm
aarch64:
scap-security-guide-0.1.75-1.0.2.el8.noarch.rpm
scap-security-guide-doc-0.1.75-1.0.2.el8.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//scap-security-guide-0.1.75-1.0.2.el8.src.rpm
Description of changes:
[0.1.75-1.0.2]
- Fix rules applicability [Orabug: 37388739]
ELSA-2024-11111 Moderate: Oracle Linux 9 python3.11 security update
Oracle Linux Security Advisory ELSA-2024-11111
http://linux.oracle.com/errata/ELSA-2024-11111.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
python3.11-3.11.9-7.el9_5.2.x86_64.rpm
python3.11-devel-3.11.9-7.el9_5.2.i686.rpm
python3.11-devel-3.11.9-7.el9_5.2.x86_64.rpm
python3.11-libs-3.11.9-7.el9_5.2.i686.rpm
python3.11-libs-3.11.9-7.el9_5.2.x86_64.rpm
python3.11-tkinter-3.11.9-7.el9_5.2.x86_64.rpm
python3.11-3.11.9-7.el9_5.2.i686.rpm
python3.11-debug-3.11.9-7.el9_5.2.i686.rpm
python3.11-debug-3.11.9-7.el9_5.2.x86_64.rpm
python3.11-idle-3.11.9-7.el9_5.2.i686.rpm
python3.11-idle-3.11.9-7.el9_5.2.x86_64.rpm
python3.11-test-3.11.9-7.el9_5.2.i686.rpm
python3.11-test-3.11.9-7.el9_5.2.x86_64.rpm
python3.11-tkinter-3.11.9-7.el9_5.2.i686.rpm
aarch64:
python3.11-3.11.9-7.el9_5.2.aarch64.rpm
python3.11-devel-3.11.9-7.el9_5.2.aarch64.rpm
python3.11-libs-3.11.9-7.el9_5.2.aarch64.rpm
python3.11-tkinter-3.11.9-7.el9_5.2.aarch64.rpm
python3.11-debug-3.11.9-7.el9_5.2.aarch64.rpm
python3.11-idle-3.11.9-7.el9_5.2.aarch64.rpm
python3.11-test-3.11.9-7.el9_5.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python3.11-3.11.9-7.el9_5.2.src.rpm
Related CVEs:
CVE-2024-9287
Description of changes:
[3.11.9-7.2]
- Security fix for CVE-2024-9287
Resolves: RHEL-64882
ELSA-2024-10949 Moderate: Oracle Linux 9 php:8.2 security update
Oracle Linux Security Advisory ELSA-2024-10949
http://linux.oracle.com/errata/ELSA-2024-10949.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
apcu-panel-5.1.23-1.module+el9.4.0+90261+af5cc950.noarch.rpm
php-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-bcmath-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-cli-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-common-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-dba-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-dbg-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-devel-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-embedded-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-enchant-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-ffi-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-fpm-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-gd-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-gmp-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-intl-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-ldap-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-mbstring-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-mysqlnd-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-odbc-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-opcache-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-pdo-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-pecl-apcu-5.1.23-1.module+el9.4.0+90261+af5cc950.x86_64.rpm
php-pecl-apcu-devel-5.1.23-1.module+el9.4.0+90261+af5cc950.x86_64.rpm
php-pecl-rrd-2.0.3-4.module+el9.4.0+90261+af5cc950.x86_64.rpm
php-pecl-xdebug3-3.2.2-2.module+el9.4.0+90261+af5cc950.x86_64.rpm
php-pecl-zip-1.22.3-1.module+el9.4.0+90261+af5cc950.x86_64.rpm
php-pgsql-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-process-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-snmp-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-soap-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
php-xml-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.x86_64.rpm
aarch64:
apcu-panel-5.1.23-1.module+el9.4.0+90261+af5cc950.noarch.rpm
php-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-bcmath-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-cli-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-common-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-dba-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-dbg-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-devel-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-embedded-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-enchant-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-ffi-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-fpm-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-gd-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-gmp-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-intl-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-ldap-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-mbstring-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-mysqlnd-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-odbc-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-opcache-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-pdo-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-pecl-apcu-5.1.23-1.module+el9.4.0+90261+af5cc950.aarch64.rpm
php-pecl-apcu-devel-5.1.23-1.module+el9.4.0+90261+af5cc950.aarch64.rpm
php-pecl-rrd-2.0.3-4.module+el9.4.0+90261+af5cc950.aarch64.rpm
php-pecl-xdebug3-3.2.2-2.module+el9.4.0+90261+af5cc950.aarch64.rpm
php-pecl-zip-1.22.3-1.module+el9.4.0+90261+af5cc950.aarch64.rpm
php-pgsql-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-process-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-snmp-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-soap-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
php-xml-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//php-8.2.25-1.module+el9.5.0+90468+3cf2fe4a.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-apcu-5.1.23-1.module+el9.4.0+90261+af5cc950.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-rrd-2.0.3-4.module+el9.4.0+90261+af5cc950.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-xdebug3-3.2.2-2.module+el9.4.0+90261+af5cc950.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-zip-1.22.3-1.module+el9.4.0+90261+af5cc950.src.rpm
Related CVEs:
CVE-2024-2756
CVE-2024-3096
CVE-2024-5458
CVE-2024-8925
CVE-2024-8927
CVE-2024-9026
Description of changes:
php
[8.2.25-1]
- rebase to 8.2.25 RHEL-65837
php-pecl-apcu
[5.1.23-1]
- update to 5.1.23 for PHP 8.2 RHEL-14699
php-pecl-rrd
php-pecl-xdebug3
[3.2.2-2]
- drop inet_ntoa usage using upstream patch
[3.2.2-1]
- update to 3.2.2 for PHP 8.2 RHEL-14699
php-pecl-zip
[1.22.3-1]
- update to 1.22.3 for PHP 8.2 RHEL-14699
ELBA-2024-10833 Oracle Linux 8 scap-security-guide bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2024-10833
http://linux.oracle.com/errata/ELBA-2024-10833.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
scap-security-guide-0.1.75-1.0.1.el8.noarch.rpm
scap-security-guide-doc-0.1.75-1.0.1.el8.noarch.rpm
aarch64:
scap-security-guide-0.1.75-1.0.1.el8.noarch.rpm
scap-security-guide-doc-0.1.75-1.0.1.el8.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//scap-security-guide-0.1.75-1.0.1.el8.src.rpm
Description of changes:
[0.1.75-1.0.1]
- Remove rules notapplicable to OL [Orabug: 37373437]
- Remove references to other vendors [Orabug: 37373437]
- Add default tailoring file [Orabug: 37373453]
[0.1.75.openela.1.0]
- Make OpenELA a derivative of RHEL
[0.1.75-1]
- Rebase scap-security-guide to the latest upstream version (RHEL-66153)
- detection of Grub2 kernel command line arguments has been enhanced to cover more use cases (RHEL-53365)
