Oracle Linux 6277 Published by

Oracle Linux has issued many security upgrades, including squid, binutils, evolution, webkit2gtk3,.NET 6.0, and cups-filters. These patches fix bugs in the unbreakable Enterprise kernel, binutils, evolution, webkit2gtk3, and giflib. They also solve vulnerabilities with the cups-filters and giflib security features in Oracle Linux 7.

ELSA-2024-9644 Important: Oracle Linux 8 squid security update
ELBA-2024-12826 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
ELBA-2024-12822 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
ELSA-2024-9689 Low: Oracle Linux 8 binutils security update
ELBA-2024-9685 Oracle Linux 8 evolution bug fix update
ELSA-2024-9636 Important: Oracle Linux 8 webkit2gtk3 security update
ELBA-2024-9568 Oracle Linux 8 .NET 6.0 bug fix and enhancement update
ELBA-2024-12826 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
ELBA-2024-12822 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
ELBA-2024-12822 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update
ELBA-2024-12826 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update
ELSA-2024-7553 Important: Oracle Linux 7 cups-filters security update (aarch64)
ELSA-2024-12825 Moderate: Oracle Linux 7 giflib security update (aarch64)
ELSA-2024-7553 Important: Oracle Linux 7 cups-filters security update
ELSA-2024-12825 Moderate: Oracle Linux 7 giflib security update



ELSA-2024-9644 Important: Oracle Linux 8 squid security update


Oracle Linux Security Advisory ELSA-2024-9644

http://linux.oracle.com/errata/ELSA-2024-9644.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libecap-1.0.1-2.module+el8.9.0+90083+f7556140.x86_64.rpm
libecap-devel-1.0.1-2.module+el8.9.0+90083+f7556140.x86_64.rpm
squid-4.15-10.module+el8.10.0+90442+8ef3f586.3.x86_64.rpm

aarch64:
libecap-1.0.1-2.module+el8.9.0+90083+f7556140.aarch64.rpm
libecap-devel-1.0.1-2.module+el8.9.0+90083+f7556140.aarch64.rpm
squid-4.15-10.module+el8.10.0+90442+8ef3f586.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libecap-1.0.1-2.module+el8.9.0+90083+f7556140.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//squid-4.15-10.module+el8.10.0+90442+8ef3f586.3.src.rpm

Related CVEs:

CVE-2024-23638
CVE-2024-45802

Description of changes:

libecap
squid
[7:4.15-10.3]
- Resolves: RHEL-22593 - CVE-2024-23638 squid:4/squid: vulnerable to
a Denial of Service attack against Cache Manager error responses

[7:4.15-10.2]
- Disable ESI support
- Resolves: RHEL-65075 - CVE-2024-45802 squid:4/squid: Denial of Service
processing ESI response content

[7:4.15-10.1]
- Resolves: RHEL-56024 - (Regression) Transfer-encoding:chunked data is not sent
to the client in its complementary



ELBA-2024-12826 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12826

http://linux.oracle.com/errata/ELBA-2024-12826.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.336.5.3.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.336.5.3.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.336.5.3.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.336.5.3.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.336.5.3.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.336.5.3.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.336.5.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.3.el8uek.src.rpm

Description of changes:

[5.4.17-2136.336.5.3]
- uek: Disable /proc/uek under Xen and under non-Exadata systems (Konrad Rzeszutek Wilk) [Orabug: 37190565]

[5.4.17-2136.336.5.2]
- uek: Add force_noio runtime option. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- treewide: Make the force_noio parameter be writable. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- treewide: Sample foo_bar_force_noio before use (Haakon Bugge) [Orabug: 37163570]
- workqueue: Add Oracle specific code to modify the flags of tasks. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (Valentine Fatiev) [Orabug: 37160402]
- net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path (Valentine Fatiev) [Orabug: 37160405]
- RDMA/cma: Always set static rate to 0 for RoCE (Mark Zhang) [Orabug: 37160404]



ELBA-2024-12822 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12822

http://linux.oracle.com/errata/ELBA-2024-12822.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.337.5.1.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.337.5.1.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.337.5.1.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.337.5.1.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.337.5.1.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.337.5.1.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.337.5.1.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.337.5.1.el8uek.src.rpm

Description of changes:

[5.4.17-2136.337.5.1.el8uek]
- ACPI: ioremap: avoid redundant rounding to OS page size (Ard Biesheuvel) [Orabug: 37274316]



ELSA-2024-9689 Low: Oracle Linux 8 binutils security update


Oracle Linux Security Advisory ELSA-2024-9689

http://linux.oracle.com/errata/ELSA-2024-9689.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
binutils-2.30-125.0.1.el8_10.x86_64.rpm
binutils-devel-2.30-125.0.1.el8_10.i686.rpm
binutils-devel-2.30-125.0.1.el8_10.x86_64.rpm

aarch64:
binutils-2.30-125.0.1.el8_10.aarch64.rpm
binutils-devel-2.30-125.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//binutils-2.30-125.0.1.el8_10.src.rpm

Related CVEs:

CVE-2018-12699

Description of changes:

[2.30-125.0.1]
- Forward port Oracle patches from 2.30-125
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
Oracle history:



ELBA-2024-9685 Oracle Linux 8 evolution bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-9685

http://linux.oracle.com/errata/ELBA-2024-9685.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
evolution-3.28.5-27.el8_10.x86_64.rpm
evolution-bogofilter-3.28.5-27.el8_10.x86_64.rpm
evolution-help-3.28.5-27.el8_10.noarch.rpm
evolution-langpacks-3.28.5-27.el8_10.noarch.rpm
evolution-pst-3.28.5-27.el8_10.x86_64.rpm
evolution-spamassassin-3.28.5-27.el8_10.x86_64.rpm
evolution-devel-3.28.5-27.el8_10.i686.rpm
evolution-devel-3.28.5-27.el8_10.x86_64.rpm

aarch64:
evolution-3.28.5-27.el8_10.aarch64.rpm
evolution-bogofilter-3.28.5-27.el8_10.aarch64.rpm
evolution-help-3.28.5-27.el8_10.noarch.rpm
evolution-langpacks-3.28.5-27.el8_10.noarch.rpm
evolution-pst-3.28.5-27.el8_10.aarch64.rpm
evolution-spamassassin-3.28.5-27.el8_10.aarch64.rpm
evolution-devel-3.28.5-27.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//evolution-3.28.5-27.el8_10.src.rpm

Description of changes:

[3.28.5-27]
- Resolves: RHEL-62681 (WebKitGTK 2.46.1: Middle mouse button inserts primary clipboard twice)



ELSA-2024-9636 Important: Oracle Linux 8 webkit2gtk3 security update


Oracle Linux Security Advisory ELSA-2024-9636

http://linux.oracle.com/errata/ELSA-2024-9636.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
webkit2gtk3-2.46.3-1.el8_10.i686.rpm
webkit2gtk3-2.46.3-1.el8_10.x86_64.rpm
webkit2gtk3-devel-2.46.3-1.el8_10.i686.rpm
webkit2gtk3-devel-2.46.3-1.el8_10.x86_64.rpm
webkit2gtk3-jsc-2.46.3-1.el8_10.i686.rpm
webkit2gtk3-jsc-2.46.3-1.el8_10.x86_64.rpm
webkit2gtk3-jsc-devel-2.46.3-1.el8_10.i686.rpm
webkit2gtk3-jsc-devel-2.46.3-1.el8_10.x86_64.rpm

aarch64:
webkit2gtk3-2.46.3-1.el8_10.aarch64.rpm
webkit2gtk3-devel-2.46.3-1.el8_10.aarch64.rpm
webkit2gtk3-jsc-2.46.3-1.el8_10.aarch64.rpm
webkit2gtk3-jsc-devel-2.46.3-1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//webkit2gtk3-2.46.3-1.el8_10.src.rpm

Related CVEs:

CVE-2024-4558
CVE-2024-23271
CVE-2024-27820
CVE-2024-27838
CVE-2024-27851
CVE-2024-40779
CVE-2024-40780
CVE-2024-40782
CVE-2024-40789
CVE-2024-40866
CVE-2024-44185
CVE-2024-44187
CVE-2024-44244
CVE-2024-44296

Description of changes:

[2.46.3-1]
- Update to 2.46.3



ELBA-2024-9568 Oracle Linux 8 .NET 6.0 bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2024-9568

http://linux.oracle.com/errata/ELBA-2024-9568.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-6.0-6.0.36-1.0.1.el8_10.x86_64.rpm
aspnetcore-targeting-pack-6.0-6.0.36-1.0.1.el8_10.x86_64.rpm
dotnet-apphost-pack-6.0-6.0.36-1.0.1.el8_10.x86_64.rpm
dotnet-hostfxr-6.0-6.0.36-1.0.1.el8_10.x86_64.rpm
dotnet-runtime-6.0-6.0.36-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-6.0-6.0.136-1.0.1.el8_10.x86_64.rpm
dotnet-targeting-pack-6.0-6.0.36-1.0.1.el8_10.x86_64.rpm
dotnet-templates-6.0-6.0.136-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.136-1.0.1.el8_10.x86_64.rpm

aarch64:
aspnetcore-runtime-6.0-6.0.36-1.0.1.el8_10.aarch64.rpm
aspnetcore-targeting-pack-6.0-6.0.36-1.0.1.el8_10.aarch64.rpm
dotnet-apphost-pack-6.0-6.0.36-1.0.1.el8_10.aarch64.rpm
dotnet-hostfxr-6.0-6.0.36-1.0.1.el8_10.aarch64.rpm
dotnet-runtime-6.0-6.0.36-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-6.0-6.0.136-1.0.1.el8_10.aarch64.rpm
dotnet-targeting-pack-6.0-6.0.36-1.0.1.el8_10.aarch64.rpm
dotnet-templates-6.0-6.0.136-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.136-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet6.0-6.0.136-1.0.1.el8_10.src.rpm

Description of changes:

[6.0.136-1.0.1]
- Add support for Oracle Linux

[6.0.136-1]
- Update to .NET SDK 6.0.136 and Runtime 6.0.36
- Resolves: RHEL-65364



ELBA-2024-12826 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12826

http://linux.oracle.com/errata/ELBA-2024-12826.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.336.5.3.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.336.5.3.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.336.5.3.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.336.5.3.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.336.5.3.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.3.el8uek.src.rpm

Description of changes:

[5.4.17-2136.336.5.3]
- uek: Disable /proc/uek under Xen and under non-Exadata systems (Konrad Rzeszutek Wilk) [Orabug: 37190565]

[5.4.17-2136.336.5.2]
- uek: Add force_noio runtime option. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- treewide: Make the force_noio parameter be writable. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- treewide: Sample foo_bar_force_noio before use (Haakon Bugge) [Orabug: 37163570]
- workqueue: Add Oracle specific code to modify the flags of tasks. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (Valentine Fatiev) [Orabug: 37160402]
- net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path (Valentine Fatiev) [Orabug: 37160405]
- RDMA/cma: Always set static rate to 0 for RoCE (Mark Zhang) [Orabug: 37160404]



ELBA-2024-12822 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12822

http://linux.oracle.com/errata/ELBA-2024-12822.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.337.5.1.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.337.5.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.337.5.1.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.337.5.1.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.337.5.1.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.337.5.1.el8uek.src.rpm

Description of changes:

[5.4.17-2136.337.5.1.el8uek]
- ACPI: ioremap: avoid redundant rounding to OS page size (Ard Biesheuvel) [Orabug: 37274316]



ELBA-2024-12822 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12822

http://linux.oracle.com/errata/ELBA-2024-12822.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.337.5.1.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.337.5.1.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.337.5.1.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.337.5.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.337.5.1.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.337.5.1.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.337.5.1.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.337.5.1.el7uek.x86_64.rpm

aarch64:
kernel-uek-5.4.17-2136.337.5.1.el7uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.337.5.1.el7uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.337.5.1.el7uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.337.5.1.el7uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.337.5.1.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.337.5.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-5.4.17-2136.337.5.1.el7uek.aarch64.rpm
perf-5.4.17-2136.337.5.1.el7uek.aarch64.rpm
python-perf-5.4.17-2136.337.5.1.el7uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.337.5.1.el7uek.src.rpm

Description of changes:

[5.4.17-2136.337.5.1.el7uek]
- ACPI: ioremap: avoid redundant rounding to OS page size (Ard Biesheuvel) [Orabug: 37274316]



ELBA-2024-12826 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12826

http://linux.oracle.com/errata/ELBA-2024-12826.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.336.5.3.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.336.5.3.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.336.5.3.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.336.5.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.336.5.3.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.336.5.3.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.336.5.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.336.5.3.el7uek.x86_64.rpm

aarch64:
kernel-uek-5.4.17-2136.336.5.3.el7uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.336.5.3.el7uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.336.5.3.el7uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.336.5.3.el7uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.336.5.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.336.5.3.el7uek.aarch64.rpm
kernel-uek-tools-libs-5.4.17-2136.336.5.3.el7uek.aarch64.rpm
perf-5.4.17-2136.336.5.3.el7uek.aarch64.rpm
python-perf-5.4.17-2136.336.5.3.el7uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.3.el7uek.src.rpm

Description of changes:

[5.4.17-2136.336.5.3]
- uek: Disable /proc/uek under Xen and under non-Exadata systems (Konrad Rzeszutek Wilk) [Orabug: 37190565]

[5.4.17-2136.336.5.2]
- uek: Add force_noio runtime option. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- treewide: Make the force_noio parameter be writable. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- treewide: Sample foo_bar_force_noio before use (Haakon Bugge) [Orabug: 37163570]
- workqueue: Add Oracle specific code to modify the flags of tasks. (Konrad Rzeszutek Wilk) [Orabug: 37163570]
- net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (Valentine Fatiev) [Orabug: 37160402]
- net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path (Valentine Fatiev) [Orabug: 37160405]
- RDMA/cma: Always set static rate to 0 for RoCE (Mark Zhang) [Orabug: 37160404]



ELSA-2024-7553 Important: Oracle Linux 7 cups-filters security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-7553

http://linux.oracle.com/errata/ELSA-2024-7553.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
cups-filters-1.0.35-29.0.3.el7_9.aarch64.rpm
cups-filters-libs-1.0.35-29.0.3.el7_9.aarch64.rpm
cups-filters-devel-1.0.35-29.0.3.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//cups-filters-1.0.35-29.0.3.el7_9.src.rpm

Related CVEs:

CVE-2024-47076
CVE-2024-47175
CVE-2024-47176
CVE-2024-47850

Description of changes:

[1.0.35-29.0.3]
- Unsupport cups-browsed service
- CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 [Orabug: 37217141]



ELSA-2024-12825 Moderate: Oracle Linux 7 giflib security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-12825

http://linux.oracle.com/errata/ELSA-2024-12825.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
giflib-4.1.6-9.0.1.el7.aarch64.rpm
giflib-devel-4.1.6-9.0.1.el7.aarch64.rpm
giflib-utils-4.1.6-9.0.1.el7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//giflib-4.1.6-9.0.1.el7.src.rpm

Related CVEs:

CVE-2023-48161

Description of changes:

[4.1.6-9.0.1]
- Fixes giflib CVE-2023-48161 issue [Orabug: 37178930]



ELSA-2024-7553 Important: Oracle Linux 7 cups-filters security update


Oracle Linux Security Advisory ELSA-2024-7553

http://linux.oracle.com/errata/ELSA-2024-7553.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
cups-filters-1.0.35-29.0.3.el7_9.x86_64.rpm
cups-filters-devel-1.0.35-29.0.3.el7_9.i686.rpm
cups-filters-devel-1.0.35-29.0.3.el7_9.x86_64.rpm
cups-filters-libs-1.0.35-29.0.3.el7_9.i686.rpm
cups-filters-libs-1.0.35-29.0.3.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//cups-filters-1.0.35-29.0.3.el7_9.src.rpm

Related CVEs:

CVE-2024-47076
CVE-2024-47175
CVE-2024-47176
CVE-2024-47850

Description of changes:

[1.0.35-29.0.3]
- Unsupport cups-browsed service
- CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 [Orabug: 37217141]



ELSA-2024-12825 Moderate: Oracle Linux 7 giflib security update


Oracle Linux Security Advisory ELSA-2024-12825

http://linux.oracle.com/errata/ELSA-2024-12825.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
giflib-4.1.6-9.0.1.el7.i686.rpm
giflib-4.1.6-9.0.1.el7.x86_64.rpm
giflib-devel-4.1.6-9.0.1.el7.i686.rpm
giflib-devel-4.1.6-9.0.1.el7.x86_64.rpm
giflib-utils-4.1.6-9.0.1.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//giflib-4.1.6-9.0.1.el7.src.rpm

Related CVEs:

CVE-2023-48161

Description of changes:

[4.1.6-9.0.1]
- Fixes giflib CVE-2023-48161 issue [Orabug: 37178930]