Oracle Linux 6277 Published by

The following new updates have been released for Oracle Linux:

ELSA-2024-4078 Important: Oracle Linux 9 python3.9 security update
ELBA-2024-3982 Oracle Linux 9 selinux-policy bug fix update
ELBA-2024-12445 Oracle Linux 9 oracle-instantclient-release-23ai-el9 bug fix update
ELSA-2024-4077 Important: Oracle Linux 9 python3.11 security update
ELBA-2024-12451 Oracle Linux 9 mcelog bug fix update
ELSA-2024-4083 Important: Oracle Linux 9 git security update
ELSA-2024-4084 Important: Oracle Linux 8 git security update
ELBA-2024-12455 Oracle Linux 8 pam bug fix update
ELBA-2024-12446 Oracle Linux 8 oracle-instantclient-release-23ai-el8 bug fix update




ELSA-2024-4078 Important: Oracle Linux 9 python3.9 security update


Oracle Linux Security Advisory ELSA-2024-4078

http://linux.oracle.com/errata/ELSA-2024-4078.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python-unversioned-command-3.9.18-3.el9_4.1.noarch.rpm
python3-3.9.18-3.el9_4.1.x86_64.rpm
python3-devel-3.9.18-3.el9_4.1.i686.rpm
python3-devel-3.9.18-3.el9_4.1.x86_64.rpm
python3-libs-3.9.18-3.el9_4.1.i686.rpm
python3-libs-3.9.18-3.el9_4.1.x86_64.rpm
python3-tkinter-3.9.18-3.el9_4.1.x86_64.rpm
python3-3.9.18-3.el9_4.1.i686.rpm
python3-debug-3.9.18-3.el9_4.1.i686.rpm
python3-debug-3.9.18-3.el9_4.1.x86_64.rpm
python3-idle-3.9.18-3.el9_4.1.i686.rpm
python3-idle-3.9.18-3.el9_4.1.x86_64.rpm
python3-test-3.9.18-3.el9_4.1.i686.rpm
python3-test-3.9.18-3.el9_4.1.x86_64.rpm
python3-tkinter-3.9.18-3.el9_4.1.i686.rpm

aarch64:
python-unversioned-command-3.9.18-3.el9_4.1.noarch.rpm
python3-3.9.18-3.el9_4.1.aarch64.rpm
python3-devel-3.9.18-3.el9_4.1.aarch64.rpm
python3-libs-3.9.18-3.el9_4.1.aarch64.rpm
python3-tkinter-3.9.18-3.el9_4.1.aarch64.rpm
python3-debug-3.9.18-3.el9_4.1.aarch64.rpm
python3-idle-3.9.18-3.el9_4.1.aarch64.rpm
python3-test-3.9.18-3.el9_4.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python3.9-3.9.18-3.el9_4.1.src.rpm

Related CVEs:

CVE-2023-6597
CVE-2024-0450

Description of changes:

[3.9.18-3.1]
- Security fixes for CVE-2023-6597 and CVE-2024-0450
- Fix tests for XMLPullParser with Expat with fixed CVE
Resolves: RHEL-33887, RHEL-34287



ELBA-2024-3982 Oracle Linux 9 selinux-policy bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-3982

http://linux.oracle.com/errata/ELBA-2024-3982.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
selinux-policy-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-devel-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-doc-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-mls-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-sandbox-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-targeted-38.1.35-2.0.3.el9_4.2.noarch.rpm

aarch64:
selinux-policy-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-devel-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-doc-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-mls-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-sandbox-38.1.35-2.0.3.el9_4.2.noarch.rpm
selinux-policy-targeted-38.1.35-2.0.3.el9_4.2.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//selinux-policy-38.1.35-2.0.3.el9_4.2.src.rpm

Description of changes:

[38.1.35-2.0.3.2]
- Allow user_mail_domain to manage exim_log_t and exim_spool_t link files [Orabug: 36617121]
- Allow exim read network sysctls [Orabug: 36606051]
- Allow exim_t to read exim_log_t and manage exim_spool_t link files [Orabug: 36430005]
- Allow cgred_t to get attributes of cgroup filesystems [Orabug: 36176655]
- Allow kdumpctl_t to execmem [Orabug: 35381156]
- Allow NetworkManager_dispatcher_dhclient_t to execute shells without a domain transition [Orabug: 35091334]
- Allow NetworkManager_dispatcher_dhclient_t to read the DHCP configuration files [Orabug: 35122619]
- Label /var/log/kdump.log with kdump_log_t [Orabug: 33810371]
- Allow rpm_t sys_admin capability [Orabug: 34250651]
- Make systemd_tmpfiles_t MLS trusted for lowering the level of files [Orabug: 33841245]
- Allow nfsd_t to list exports_t dirs [Orabug: 33844301]
- Allow fsadm_t to get attributes of cgroup filesystems [Orabug: 33841268]
- Allow tuned_t to read the process state of all domains [Orabug: 33520684]
- Make import-state work with mls policy [Orabug: 32636699]
- Add map permission to lvm_t on lvm_metadata_t. [Orabug: 31405325]
- Add comment for map on lvm_metadata_t. [Orabug: 31405325]
- Make iscsiadm work with mls policy [Orabug: 32725411]
- Make cloud-init work with mls policy [Orabug: 32430460]
- Allow systemd-pstore to transfer files from /sys/fs/pstore [Orabug: 31594666]
- Make smartd work with mls policy [Orabug: 32430379]
- Allow sysadm_t to mmap modules_object_t files [Orabug: 32411855]
- Allow tuned_t to execute systemd_systemctl_exec_t files [Orabug: 32355342]
- Make udev work with mls policy [Orabug: 31405299]
- Make tuned work with mls policy [Orabug: 31396024]
- Make lsmd, rngd, and kdumpctl work with mls policy [Orabug: 31405378]
- Allow virt_domain to mmap virt_content_t files [Orabug: 30932671]
- Enable NetworkManager and dhclient to use initramfs-configured DHCP connection [Orabug: 30537515]
- Allow udev_t to load modules [Orabug: 28260775]
- Add vhost-scsi to be vhost_device_t type [Orabug: 27774921]
- Fix container selinux policy [Orabug: 26427364]
- Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type. [Orabug: 13333429]



ELBA-2024-12445 Oracle Linux 9 oracle-instantclient-release-23ai-el9 bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12445

http://linux.oracle.com/errata/ELBA-2024-12445.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
oracle-instantclient-release-23ai-el9-1.0-4.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//oracle-instantclient-release-23ai-el9-1.0-4.el9.src.rpm

Description of changes:

[1.0-4]
- Add repository for Oracle Instant Client 23ai [JIRA: OLERRATA-48274]

[1.0-3]
- Make oracle-instantclient-release available for Oracle Linux 9 [JIRA: OLERRATA-41246]

[1.0-2]
- Use $ocidomain instead of hardcoded .oracle.com [Orabug: 35256560]
- Update post scripts to support new self-service DNS hostnames [JIRA: OLDIS-22726]



ELSA-2024-4077 Important: Oracle Linux 9 python3.11 security update


Oracle Linux Security Advisory ELSA-2024-4077

http://linux.oracle.com/errata/ELSA-2024-4077.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-3.11.7-1.el9_4.1.x86_64.rpm
python3.11-devel-3.11.7-1.el9_4.1.i686.rpm
python3.11-devel-3.11.7-1.el9_4.1.x86_64.rpm
python3.11-libs-3.11.7-1.el9_4.1.i686.rpm
python3.11-libs-3.11.7-1.el9_4.1.x86_64.rpm
python3.11-tkinter-3.11.7-1.el9_4.1.x86_64.rpm
python3.11-3.11.7-1.el9_4.1.i686.rpm
python3.11-debug-3.11.7-1.el9_4.1.i686.rpm
python3.11-debug-3.11.7-1.el9_4.1.x86_64.rpm
python3.11-idle-3.11.7-1.el9_4.1.i686.rpm
python3.11-idle-3.11.7-1.el9_4.1.x86_64.rpm
python3.11-test-3.11.7-1.el9_4.1.i686.rpm
python3.11-test-3.11.7-1.el9_4.1.x86_64.rpm
python3.11-tkinter-3.11.7-1.el9_4.1.i686.rpm

aarch64:
python3.11-3.11.7-1.el9_4.1.aarch64.rpm
python3.11-devel-3.11.7-1.el9_4.1.aarch64.rpm
python3.11-libs-3.11.7-1.el9_4.1.aarch64.rpm
python3.11-tkinter-3.11.7-1.el9_4.1.aarch64.rpm
python3.11-debug-3.11.7-1.el9_4.1.aarch64.rpm
python3.11-idle-3.11.7-1.el9_4.1.aarch64.rpm
python3.11-test-3.11.7-1.el9_4.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python3.11-3.11.7-1.el9_4.1.src.rpm

Related CVEs:

CVE-2023-6597

Description of changes:

[3.11.7-1.1]
- Security fix for CVE-2023-6597
- Fix tests for XMLPullParser with Expat with fixed CVE
Resolves: RHEL-33884



ELBA-2024-12451 Oracle Linux 9 mcelog bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12451

http://linux.oracle.com/errata/ELBA-2024-12451.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
mcelog-199-1.0.1.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//mcelog-199-1.0.1.el9.src.rpm

Description of changes:

[3:199-1.0.1]
- Rebase to version 199 [Orabug: 36709085]



ELSA-2024-4083 Important: Oracle Linux 9 git security update


Oracle Linux Security Advisory ELSA-2024-4083

http://linux.oracle.com/errata/ELSA-2024-4083.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
git-2.43.5-1.el9_4.x86_64.rpm
git-all-2.43.5-1.el9_4.noarch.rpm
git-core-2.43.5-1.el9_4.x86_64.rpm
git-core-doc-2.43.5-1.el9_4.noarch.rpm
git-credential-libsecret-2.43.5-1.el9_4.x86_64.rpm
git-daemon-2.43.5-1.el9_4.x86_64.rpm
git-email-2.43.5-1.el9_4.noarch.rpm
git-gui-2.43.5-1.el9_4.noarch.rpm
git-instaweb-2.43.5-1.el9_4.noarch.rpm
git-subtree-2.43.5-1.el9_4.x86_64.rpm
git-svn-2.43.5-1.el9_4.noarch.rpm
gitk-2.43.5-1.el9_4.noarch.rpm
gitweb-2.43.5-1.el9_4.noarch.rpm
perl-Git-2.43.5-1.el9_4.noarch.rpm
perl-Git-SVN-2.43.5-1.el9_4.noarch.rpm

aarch64:
git-2.43.5-1.el9_4.aarch64.rpm
git-all-2.43.5-1.el9_4.noarch.rpm
git-core-2.43.5-1.el9_4.aarch64.rpm
git-core-doc-2.43.5-1.el9_4.noarch.rpm
git-credential-libsecret-2.43.5-1.el9_4.aarch64.rpm
git-daemon-2.43.5-1.el9_4.aarch64.rpm
git-email-2.43.5-1.el9_4.noarch.rpm
git-gui-2.43.5-1.el9_4.noarch.rpm
git-instaweb-2.43.5-1.el9_4.noarch.rpm
git-subtree-2.43.5-1.el9_4.aarch64.rpm
git-svn-2.43.5-1.el9_4.noarch.rpm
gitk-2.43.5-1.el9_4.noarch.rpm
gitweb-2.43.5-1.el9_4.noarch.rpm
perl-Git-2.43.5-1.el9_4.noarch.rpm
perl-Git-SVN-2.43.5-1.el9_4.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//git-2.43.5-1.el9_4.src.rpm

Related CVEs:

CVE-2024-32002
CVE-2024-32004
CVE-2024-32020
CVE-2024-32021
CVE-2024-32465

Description of changes:

[2.43.5-1]
- Update to 2.43.5
- Related: RHEL-36402, RHEL-36414

[2.43.4-1]
- Update to 2.43.4
- Resolves: RHEL-36402, RHEL-36414



ELSA-2024-4084 Important: Oracle Linux 8 git security update


Oracle Linux Security Advisory ELSA-2024-4084

http://linux.oracle.com/errata/ELSA-2024-4084.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
git-2.43.5-1.el8_10.x86_64.rpm
git-all-2.43.5-1.el8_10.noarch.rpm
git-core-2.43.5-1.el8_10.x86_64.rpm
git-core-doc-2.43.5-1.el8_10.noarch.rpm
git-credential-libsecret-2.43.5-1.el8_10.x86_64.rpm
git-daemon-2.43.5-1.el8_10.x86_64.rpm
git-email-2.43.5-1.el8_10.noarch.rpm
git-gui-2.43.5-1.el8_10.noarch.rpm
git-instaweb-2.43.5-1.el8_10.noarch.rpm
git-subtree-2.43.5-1.el8_10.x86_64.rpm
git-svn-2.43.5-1.el8_10.noarch.rpm
gitk-2.43.5-1.el8_10.noarch.rpm
gitweb-2.43.5-1.el8_10.noarch.rpm
perl-Git-2.43.5-1.el8_10.noarch.rpm
perl-Git-SVN-2.43.5-1.el8_10.noarch.rpm

aarch64:
git-2.43.5-1.el8_10.aarch64.rpm
git-all-2.43.5-1.el8_10.noarch.rpm
git-core-2.43.5-1.el8_10.aarch64.rpm
git-core-doc-2.43.5-1.el8_10.noarch.rpm
git-credential-libsecret-2.43.5-1.el8_10.aarch64.rpm
git-daemon-2.43.5-1.el8_10.aarch64.rpm
git-email-2.43.5-1.el8_10.noarch.rpm
git-gui-2.43.5-1.el8_10.noarch.rpm
git-instaweb-2.43.5-1.el8_10.noarch.rpm
git-subtree-2.43.5-1.el8_10.aarch64.rpm
git-svn-2.43.5-1.el8_10.noarch.rpm
gitk-2.43.5-1.el8_10.noarch.rpm
gitweb-2.43.5-1.el8_10.noarch.rpm
perl-Git-2.43.5-1.el8_10.noarch.rpm
perl-Git-SVN-2.43.5-1.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//git-2.43.5-1.el8_10.src.rpm

Related CVEs:

CVE-2024-32002
CVE-2024-32004
CVE-2024-32020
CVE-2024-32021
CVE-2024-32465

Description of changes:

[2.43.5-1]
- Update to 2.43.5
- Related: RHEL-36399, RHEL-36411

[2.43.4-1]
- Update to 2.43.4
- Resolves: RHEL-36399, RHEL-36411



ELBA-2024-12455 Oracle Linux 8 pam bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12455

http://linux.oracle.com/errata/ELBA-2024-12455.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pam-1.3.1-33.0.1.el8.i686.rpm
pam-1.3.1-33.0.1.el8.x86_64.rpm
pam-devel-1.3.1-33.0.1.el8.i686.rpm
pam-devel-1.3.1-33.0.1.el8.x86_64.rpm

aarch64:
pam-1.3.1-33.0.1.el8.aarch64.rpm
pam-devel-1.3.1-33.0.1.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pam-1.3.1-33.0.1.el8.src.rpm

Description of changes:

[1.3.1-33.0.1]
- pam_access: clean up the remote host matching code [Orabug: 36733488]



ELBA-2024-12446 Oracle Linux 8 oracle-instantclient-release-23ai-el8 bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12446

http://linux.oracle.com/errata/ELBA-2024-12446.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
oracle-instantclient-release-23ai-el8-1.0-4.el8.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//oracle-instantclient-release-23ai-el8-1.0-4.el8.src.rpm

Description of changes:

[1.0-4]
- Add repository for Oracle Instant Client 23ai [JIRA: OLERRATA-48274]

[1.0-3]
- Use $ocidomain instead of hardcoded .oracle.com [Orabug: 35256560]
- Update post scripts to support new self-service DNS hostnames [JIRA: OLDIS-22726]

[1.0-2]
- Added aarch64 to BuildArch.

[1.0-1]
- Initial package