Oracle Linux 6277 Published by

The following six updates have been released for Oracle Linux:

ELSA-2024-12078 Important: Oracle Linux 9 python3.11-cryptography security update
ELSA-2024-12078 Important: Oracle Linux 8 python3.11-cryptography security update
ELSA-2024-0158 Important: Oracle Linux 8 .NET 6.0 security update
ELSA-2024-0232 Important: Oracle Linux 7 java-11-openjdk security update (aarch64)
ELSA-2024-0223 Important: Oracle Linux 7 java-1.8.0-openjdk security and bug fix update (aarch64)
ELBA-2024-12075 Oracle Linux 6 Extended Lifecycle Support (ELS) kernel bug fix update




ELSA-2024-12078 Important: Oracle Linux 9 python3.11-cryptography security update


Oracle Linux Security Advisory ELSA-2024-12078

http://linux.oracle.com/errata/ELSA-2024-12078.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-cryptography-37.0.2-5.0.1.el9.x86_64.rpm

aarch64:
python3.11-cryptography-37.0.2-5.0.1.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python3.11-cryptography-37.0.2-5.0.1.el9.src.rpm

Related CVEs:

CVE-2023-49083

Description of changes:

[37.0.2-5.0.1]
- Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates [Orabug: 36119159]



ELSA-2024-12078 Important: Oracle Linux 8 python3.11-cryptography security update


Oracle Linux Security Advisory ELSA-2024-12078

http://linux.oracle.com/errata/ELSA-2024-12078.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-cryptography-37.0.2-5.0.1.el8.x86_64.rpm

aarch64:
python3.11-cryptography-37.0.2-5.0.1.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python3.11-cryptography-37.0.2-5.0.1.el8.src.rpm

Related CVEs:

CVE-2023-49083

Description of changes:

[37.0.2-5.0.1]
- Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates [Orabug: 36143834]



ELSA-2024-0158 Important: Oracle Linux 8 .NET 6.0 security update


Oracle Linux Security Advisory ELSA-2024-0158

http://linux.oracle.com/errata/ELSA-2024-0158.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-6.0-6.0.26-1.0.1.el8_9.x86_64.rpm
aspnetcore-targeting-pack-6.0-6.0.26-1.0.1.el8_9.x86_64.rpm
dotnet-apphost-pack-6.0-6.0.26-1.0.1.el8_9.x86_64.rpm
dotnet-hostfxr-6.0-6.0.26-1.0.1.el8_9.x86_64.rpm
dotnet-runtime-6.0-6.0.26-1.0.1.el8_9.x86_64.rpm
dotnet-sdk-6.0-6.0.126-1.0.1.el8_9.x86_64.rpm
dotnet-targeting-pack-6.0-6.0.26-1.0.1.el8_9.x86_64.rpm
dotnet-templates-6.0-6.0.126-1.0.1.el8_9.x86_64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.126-1.0.1.el8_9.x86_64.rpm

aarch64:
aspnetcore-runtime-6.0-6.0.26-1.0.1.el8_9.aarch64.rpm
aspnetcore-targeting-pack-6.0-6.0.26-1.0.1.el8_9.aarch64.rpm
dotnet-apphost-pack-6.0-6.0.26-1.0.1.el8_9.aarch64.rpm
dotnet-hostfxr-6.0-6.0.26-1.0.1.el8_9.aarch64.rpm
dotnet-runtime-6.0-6.0.26-1.0.1.el8_9.aarch64.rpm
dotnet-sdk-6.0-6.0.126-1.0.1.el8_9.aarch64.rpm
dotnet-targeting-pack-6.0-6.0.26-1.0.1.el8_9.aarch64.rpm
dotnet-templates-6.0-6.0.126-1.0.1.el8_9.aarch64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.126-1.0.1.el8_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet6.0-6.0.126-1.0.1.el8_9.src.rpm

Related CVEs:

CVE-2024-0056
CVE-2024-0057
CVE-2024-21319

Description of changes:

[6.0.126-1.0.1]
- Add support for Oracle Linux

[6.0.126-1]
- Update to .NET SDK 6.0.126 and Runtime 6.0.26



ELSA-2024-0232 Important: Oracle Linux 7 java-11-openjdk security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-0232

http://linux.oracle.com/errata/ELSA-2024-0232.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
java-11-openjdk-11.0.22.0.7-1.0.1.el7_9.aarch64.rpm
java-11-openjdk-devel-11.0.22.0.7-1.0.1.el7_9.aarch64.rpm
java-11-openjdk-headless-11.0.22.0.7-1.0.1.el7_9.aarch64.rpm
java-11-openjdk-demo-11.0.22.0.7-1.0.1.el7_9.aarch64.rpm
java-11-openjdk-javadoc-11.0.22.0.7-1.0.1.el7_9.aarch64.rpm
java-11-openjdk-javadoc-zip-11.0.22.0.7-1.0.1.el7_9.aarch64.rpm
java-11-openjdk-jmods-11.0.22.0.7-1.0.1.el7_9.aarch64.rpm
java-11-openjdk-src-11.0.22.0.7-1.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-11-openjdk-11.0.22.0.7-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-20918
CVE-2024-20919
CVE-2024-20921
CVE-2024-20926
CVE-2024-20945
CVE-2024-20952

Description of changes:

[1:11.0.22.0.7-1.0.1]
- link atomic for ix86 build

[1:11.0.22.0.7-1]
- Update to jdk-11.0.22+7 (GA)
- Update release notes to 11.0.22+7
- Switch to GA mode for release
- ** This tarball is embargoed until 2024-01-16 @ 1pm PT. **
- Resolves: RHEL-20966

[1:11.0.22.0.6-0.1.ea]
- Update to jdk-11.0.22+6 (EA)
- Update release notes to 11.0.22+6
- Switch to EA mode
- Drop local copy of JDK-8312489 which is now included upstream
- Resolves: RHEL-21031

[1:11.0.21.0.9-2]
- Restore %{epoch}:%{javaver} versioning to jre, java, jre-headless, java-headless, java-devel & java-sdk
- Resolves: RHEL-19642



ELSA-2024-0223 Important: Oracle Linux 7 java-1.8.0-openjdk security and bug fix update (aarch64)


Oracle Linux Security Advisory ELSA-2024-0223

http://linux.oracle.com/errata/ELSA-2024-0223.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.aarch64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el7_9.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.402.b06-1.el7_9.noarch.rpm
java-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.src.rpm

Related CVEs:

CVE-2024-20918
CVE-2024-20919
CVE-2024-20921
CVE-2024-20926
CVE-2024-20945
CVE-2024-20952

Description of changes:

[1:1.8.0.402.b06-0.1.ea]
- Update to shenandoah-jdk8u402-b06 (GA)
- Update release notes for shenandoah-8u402-b06.
- Drop local copy of JDK-8312489 which is now included upstream
- Switch to GA mode.
- ** This tarball is embargoed until 2024-01-16 @ 1pm PT. **
- Resolves: RHEL-17914
- Resolves: RHEL-20965

[1:1.8.0.402.b01-0.1.ea]
- Update to shenandoah-jdk8u402-b01 (EA)
- Update release notes for shenandoah-8u402-b01.
- Switch to EA mode.
- Sync NEWS with vanilla branch version.
- Related: RHEL-17914

[1:1.8.0.392.b08-3]
- Restore %{epoch}:%{javaver} versioning to jre, java, jre-headless, java-headless, java-devel & java-sdk
- Resolves: RHEL-19630



ELBA-2024-12075 Oracle Linux 6 Extended Lifecycle Support (ELS) kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12075

http://linux.oracle.com/errata/ELBA-2024-12075.html

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

kernel-2.6.32-754.35.1.0.9.el6.i686.rpm
kernel-debug-2.6.32-754.35.1.0.9.el6.i686.rpm
kernel-debug-devel-2.6.32-754.35.1.0.9.el6.i686.rpm
kernel-devel-2.6.32-754.35.1.0.9.el6.i686.rpm
kernel-doc-2.6.32-754.35.1.0.9.el6.noarch.rpm
kernel-firmware-2.6.32-754.35.1.0.9.el6.noarch.rpm
kernel-headers-2.6.32-754.35.1.0.9.el6.i686.rpm
perf-2.6.32-754.35.1.0.9.el6.i686.rpm
python-perf-2.6.32-754.35.1.0.9.el6.i686.rpm
kernel-abi-whitelists-2.6.32-754.35.1.0.9.el6.noarch.rpm

x86_64:
kernel-2.6.32-754.35.1.0.9.el6.x86_64.rpm
kernel-debug-2.6.32-754.35.1.0.9.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.35.1.0.9.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.35.1.0.9.el6.i686.rpm
kernel-devel-2.6.32-754.35.1.0.9.el6.x86_64.rpm
kernel-doc-2.6.32-754.35.1.0.9.el6.noarch.rpm
kernel-firmware-2.6.32-754.35.1.0.9.el6.noarch.rpm
kernel-headers-2.6.32-754.35.1.0.9.el6.x86_64.rpm
perf-2.6.32-754.35.1.0.9.el6.x86_64.rpm
python-perf-2.6.32-754.35.1.0.9.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-754.35.1.0.9.el6.noarch.rpm

Description of changes:

[2.6.32-754.35.1.0.9.el6.OL6]
- RDMA/cma: Fix Add missing locking to rdma_accept() patch [Orabug: 34645373]
- RDMA/ucma: Add missing locking around rdma_leave_multicast() [Orabug: 34645373]