Thunderbird, Firefox, .NET, and more updates for Oracle Linux

Oracle Linux 6231 Published 2024-08-16 08:18 by Philipp Esselbach

News

ELSA-2024-5402 Important: Oracle Linux 8 thunderbird security update

Oracle Linux Security Advisory ELSA-2024-5402

http://linux.oracle.com/errata/ELSA-2024-5402.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.14.0-1.0.1.el8_10.x86_64.rpm

aarch64:
thunderbird-115.14.0-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//thunderbird-115.14.0-1.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-7518
CVE-2024-7519
CVE-2024-7520
CVE-2024-7521
CVE-2024-7522
CVE-2024-7525
CVE-2024-7526
CVE-2024-7527
CVE-2024-7528
CVE-2024-7529

Description of changes:

[115.14.0-1.0.1]
- Add Oracle prefs file

[115.14.0]
- Add OpenELA debranding

[115.14.0-1]
- Update to 115.14.0 build1

ELSA-2024-5391 Important: Oracle Linux 8 firefox security update

Oracle Linux Security Advisory ELSA-2024-5391

http://linux.oracle.com/errata/ELSA-2024-5391.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.14.0-2.0.1.el8_10.x86_64.rpm

aarch64:
firefox-115.14.0-2.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//firefox-115.14.0-2.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-7518
CVE-2024-7519
CVE-2024-7520
CVE-2024-7521
CVE-2024-7522
CVE-2024-7524
CVE-2024-7525
CVE-2024-7526
CVE-2024-7527
CVE-2024-7528
CVE-2024-7529

Description of changes:

[115.14.0-2.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file

[115.14.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[115.14.0-2]
- Update to 115.14.0 build2

[115.14.0-1]
- Update to 115.14.0 build1

ELSA-2024-5390 Important: Oracle Linux 8 bind9.16 security update

Oracle Linux Security Advisory ELSA-2024-5390

http://linux.oracle.com/errata/ELSA-2024-5390.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind9.16-9.16.23-0.22.el8_10.x86_64.rpm
bind9.16-chroot-9.16.23-0.22.el8_10.x86_64.rpm
bind9.16-dnssec-utils-9.16.23-0.22.el8_10.x86_64.rpm
bind9.16-libs-9.16.23-0.22.el8_10.x86_64.rpm
bind9.16-license-9.16.23-0.22.el8_10.noarch.rpm
bind9.16-utils-9.16.23-0.22.el8_10.x86_64.rpm
python3-bind9.16-9.16.23-0.22.el8_10.noarch.rpm
bind9.16-devel-9.16.23-0.22.el8_10.i686.rpm
bind9.16-devel-9.16.23-0.22.el8_10.x86_64.rpm
bind9.16-doc-9.16.23-0.22.el8_10.noarch.rpm
bind9.16-libs-9.16.23-0.22.el8_10.i686.rpm

aarch64:
bind9.16-9.16.23-0.22.el8_10.aarch64.rpm
bind9.16-chroot-9.16.23-0.22.el8_10.aarch64.rpm
bind9.16-dnssec-utils-9.16.23-0.22.el8_10.aarch64.rpm
bind9.16-libs-9.16.23-0.22.el8_10.aarch64.rpm
bind9.16-license-9.16.23-0.22.el8_10.noarch.rpm
bind9.16-utils-9.16.23-0.22.el8_10.aarch64.rpm
python3-bind9.16-9.16.23-0.22.el8_10.noarch.rpm
bind9.16-devel-9.16.23-0.22.el8_10.aarch64.rpm
bind9.16-doc-9.16.23-0.22.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//bind9.16-9.16.23-0.22.el8_10.src.rpm

Related CVEs:

CVE-2024-1737
CVE-2024-1975
CVE-2024-4076

Description of changes:

[32:9.16.23-0.22]
- Minor fix of reclimit test backport (CVE-2024-1737)

[32:9.16.23-0.21]
- Backport addition of max-records-per-type and max-records-per-type options
(CVE-2024-1737)

[32:9.16.23-0.20]
- Resolve CVE-2024-1975
- Resolve CVE-2024-1737
- Resolve CVE-2024-4076
- Add ability to change runtime limits for max types and records per name

[32:9.16.23-0.19]
- Add few more explicit conflicts with bind subpackages (RHEL-2208)

[32:9.16.23-0.18]
- Prevent crashing at masterformat system test (CVE-2023-6516)

[32:9.16.23-0.17]
- Prevent increased CPU load on large DNS messages (CVE-2023-4408)
- Prevent assertion failure when nxdomain-redirect is used with
RFC 1918 reverse zones (CVE-2023-5517)
- Prevent assertion failure if DNS64 and serve-stale is used (CVE-2023-5679)
- Specific recursive query patterns may lead to an out-of-memory
condition (CVE-2023-6516)
- Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387
CVE-2023-50868)
- Import tests for large DNS messages fix
- Add downstream change complementing CVE-2023-50387

ELSA-2024-5337 Moderate: Oracle Linux 8 .NET 8.0 security update

Oracle Linux Security Advisory ELSA-2024-5337

http://linux.oracle.com/errata/ELSA-2024-5337.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-8.0-8.0.8-1.0.1.el8_10.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.8-1.0.1.el8_10.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.8-1.0.1.el8_10.x86_64.rpm
dotnet-8.0.108-1.0.1.el8_10.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.8-1.0.1.el8_10.x86_64.rpm
dotnet-host-8.0.8-1.0.1.el8_10.x86_64.rpm
dotnet-hostfxr-8.0-8.0.8-1.0.1.el8_10.x86_64.rpm
dotnet-runtime-8.0-8.0.8-1.0.1.el8_10.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.8-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-8.0-8.0.108-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.108-1.0.1.el8_10.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.8-1.0.1.el8_10.x86_64.rpm
dotnet-templates-8.0-8.0.108-1.0.1.el8_10.x86_64.rpm
netstandard-targeting-pack-2.1-8.0.108-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.108-1.0.1.el8_10.x86_64.rpm

aarch64:
aspnetcore-runtime-8.0-8.0.8-1.0.1.el8_10.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.8-1.0.1.el8_10.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.8-1.0.1.el8_10.aarch64.rpm
dotnet-8.0.108-1.0.1.el8_10.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.8-1.0.1.el8_10.aarch64.rpm
dotnet-host-8.0.8-1.0.1.el8_10.aarch64.rpm
dotnet-hostfxr-8.0-8.0.8-1.0.1.el8_10.aarch64.rpm
dotnet-runtime-8.0-8.0.8-1.0.1.el8_10.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.8-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-8.0-8.0.108-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.108-1.0.1.el8_10.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.8-1.0.1.el8_10.aarch64.rpm
dotnet-templates-8.0-8.0.108-1.0.1.el8_10.aarch64.rpm
netstandard-targeting-pack-2.1-8.0.108-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.108-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet8.0-8.0.108-1.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-38167

Description of changes:

[8.0.108-1.0.1]
- Add support for Oracle Linux

[8.0.108-1]
- Update to .NET SDK 8.0.108 and Runtime 8.0.8
- Resolves: RHEL-52388

ELSA-2024-5193 Important: Oracle Linux 8 httpd:2.4 security update

Oracle Linux Security Advisory ELSA-2024-5193

http://linux.oracle.com/errata/ELSA-2024-5193.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
httpd-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.x86_64.rpm
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.x86_64.rpm
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.noarch.rpm
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.noarch.rpm
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.x86_64.rpm
mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.x86_64.rpm
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.x86_64.rpm
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.x86_64.rpm
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.x86_64.rpm
mod_session-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.x86_64.rpm
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.x86_64.rpm

aarch64:
httpd-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.aarch64.rpm
httpd-devel-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.aarch64.rpm
httpd-filesystem-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.noarch.rpm
httpd-manual-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.noarch.rpm
httpd-tools-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.aarch64.rpm
mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.aarch64.rpm
mod_ldap-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.aarch64.rpm
mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.aarch64.rpm
mod_proxy_html-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.aarch64.rpm
mod_session-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.aarch64.rpm
mod_ssl-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//httpd-2.4.37-65.0.1.module+el8.10.0+90383+734f7ffb.2.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//mod_http2-1.15.7-10.module+el8.10.0+90327+96b8ea28.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//mod_md-2.0.8-8.module+el8.9.0+90011+2f9c6a23.src.rpm

Related CVEs:

CVE-2024-38476

Description of changes:

httpd
[2.4.37-65.2.0.1]
- Replace index.html with Oracle's index page oracle_index.html

[2.4.37-65.2]
- Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend
applications whose response headers are malicious or exploitable (CVE-2024-38476)
- Resolves: RHEL-53022 - Regression introduced by CVE-2024-38474 fix

mod_http2
[1.15.7-10]
- Resolves: RHEL-29817 - httpd:2.4/mod_http2: httpd: CONTINUATION frames
DoS (CVE-2024-27316)

mod_md

ELBA-2024-5401 Oracle Linux 8 .NET6.0 bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5401

http://linux.oracle.com/errata/ELBA-2024-5401.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-6.0-6.0.33-1.0.1.el8_10.x86_64.rpm
aspnetcore-targeting-pack-6.0-6.0.33-1.0.1.el8_10.x86_64.rpm
dotnet-apphost-pack-6.0-6.0.33-1.0.1.el8_10.x86_64.rpm
dotnet-hostfxr-6.0-6.0.33-1.0.1.el8_10.x86_64.rpm
dotnet-runtime-6.0-6.0.33-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-6.0-6.0.133-1.0.1.el8_10.x86_64.rpm
dotnet-targeting-pack-6.0-6.0.33-1.0.1.el8_10.x86_64.rpm
dotnet-templates-6.0-6.0.133-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.133-1.0.1.el8_10.x86_64.rpm

aarch64:
aspnetcore-runtime-6.0-6.0.33-1.0.1.el8_10.aarch64.rpm
aspnetcore-targeting-pack-6.0-6.0.33-1.0.1.el8_10.aarch64.rpm
dotnet-apphost-pack-6.0-6.0.33-1.0.1.el8_10.aarch64.rpm
dotnet-hostfxr-6.0-6.0.33-1.0.1.el8_10.aarch64.rpm
dotnet-runtime-6.0-6.0.33-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-6.0-6.0.133-1.0.1.el8_10.aarch64.rpm
dotnet-targeting-pack-6.0-6.0.33-1.0.1.el8_10.aarch64.rpm
dotnet-templates-6.0-6.0.133-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.133-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet6.0-6.0.133-1.0.1.el8_10.src.rpm

Description of changes:

[6.0.133-1.0.1]
- Add support for Oracle Linux

[6.0.133-1]
- Update to .NET SDK 6.0.133 and Runtime 6.0.33
- Resolves: RHEL-52384

ELBA-2024-5311 Oracle Linux 8 firewalld bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5311

http://linux.oracle.com/errata/ELBA-2024-5311.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
firewall-applet-0.9.11-8.0.1.el8_10.noarch.rpm
firewall-config-0.9.11-8.0.1.el8_10.noarch.rpm
firewalld-0.9.11-8.0.1.el8_10.noarch.rpm
firewalld-filesystem-0.9.11-8.0.1.el8_10.noarch.rpm
python3-firewall-0.9.11-8.0.1.el8_10.noarch.rpm

aarch64:
firewall-applet-0.9.11-8.0.1.el8_10.noarch.rpm
firewall-config-0.9.11-8.0.1.el8_10.noarch.rpm
firewalld-0.9.11-8.0.1.el8_10.noarch.rpm
firewalld-filesystem-0.9.11-8.0.1.el8_10.noarch.rpm
python3-firewall-0.9.11-8.0.1.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//firewalld-0.9.11-8.0.1.el8_10.src.rpm

Description of changes:

[0.9.11-8.0.1]
- Remove capsule file as well, since it references removed config [Orabug: 33513329]
- discard empty RH-Satellite-6.xml [Orabug: 30328734]
- Red Hat Satellite and Red Hat high availaibility reference found in cockpit UI [Orabug: 30257573]

[0.9.11-8]
- feat(rich): support "burst" attribute to limit in rich rules

[0.9.11-7]
- fix(rich): validate service name of rich rule

[0.9.11-6]
- feat(icmp): add ICMPv6 Multicast Listener Discovery (MLD) types

[0.9.11-5]
- feat(rich): support using ipset in destination

ELBA-2024-5310 Oracle Linux 8 openssh bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5310

http://linux.oracle.com/errata/ELBA-2024-5310.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
openssh-8.0p1-25.0.1.el8_10.x86_64.rpm
openssh-askpass-8.0p1-25.0.1.el8_10.x86_64.rpm
openssh-cavs-8.0p1-25.0.1.el8_10.x86_64.rpm
openssh-clients-8.0p1-25.0.1.el8_10.x86_64.rpm
openssh-keycat-8.0p1-25.0.1.el8_10.x86_64.rpm
openssh-ldap-8.0p1-25.0.1.el8_10.x86_64.rpm
openssh-server-8.0p1-25.0.1.el8_10.x86_64.rpm
pam_ssh_agent_auth-0.10.3-7.25.0.1.el8_10.x86_64.rpm

aarch64:
openssh-8.0p1-25.0.1.el8_10.aarch64.rpm
openssh-askpass-8.0p1-25.0.1.el8_10.aarch64.rpm
openssh-cavs-8.0p1-25.0.1.el8_10.aarch64.rpm
openssh-clients-8.0p1-25.0.1.el8_10.aarch64.rpm
openssh-keycat-8.0p1-25.0.1.el8_10.aarch64.rpm
openssh-ldap-8.0p1-25.0.1.el8_10.aarch64.rpm
openssh-server-8.0p1-25.0.1.el8_10.aarch64.rpm
pam_ssh_agent_auth-0.10.3-7.25.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//openssh-8.0p1-25.0.1.el8_10.src.rpm

Description of changes:

[8.0p1-25.0.1]
- Update upstream references [Orabug: 36587718]

[8.0p1-25]
- Upstream: Ignore SIGPIPE earlier in main()
Resolves: RHEL-37743

ELSA-2024-5334 Moderate: Oracle Linux 9 .NET 8.0 security update

Oracle Linux Security Advisory ELSA-2024-5334

http://linux.oracle.com/errata/ELSA-2024-5334.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-8.0-8.0.8-1.0.1.el9_4.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.8-1.0.1.el9_4.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.8-1.0.1.el9_4.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.8-1.0.1.el9_4.x86_64.rpm
dotnet-host-8.0.8-1.0.1.el9_4.x86_64.rpm
dotnet-hostfxr-8.0-8.0.8-1.0.1.el9_4.x86_64.rpm
dotnet-runtime-8.0-8.0.8-1.0.1.el9_4.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.8-1.0.1.el9_4.x86_64.rpm
dotnet-sdk-8.0-8.0.108-1.0.1.el9_4.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.108-1.0.1.el9_4.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.8-1.0.1.el9_4.x86_64.rpm
dotnet-templates-8.0-8.0.108-1.0.1.el9_4.x86_64.rpm
netstandard-targeting-pack-2.1-8.0.108-1.0.1.el9_4.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.108-1.0.1.el9_4.x86_64.rpm

aarch64:
aspnetcore-runtime-8.0-8.0.8-1.0.1.el9_4.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.8-1.0.1.el9_4.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.8-1.0.1.el9_4.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.8-1.0.1.el9_4.aarch64.rpm
dotnet-host-8.0.8-1.0.1.el9_4.aarch64.rpm
dotnet-hostfxr-8.0-8.0.8-1.0.1.el9_4.aarch64.rpm
dotnet-runtime-8.0-8.0.8-1.0.1.el9_4.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.8-1.0.1.el9_4.aarch64.rpm
dotnet-sdk-8.0-8.0.108-1.0.1.el9_4.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.108-1.0.1.el9_4.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.8-1.0.1.el9_4.aarch64.rpm
dotnet-templates-8.0-8.0.108-1.0.1.el9_4.aarch64.rpm
netstandard-targeting-pack-2.1-8.0.108-1.0.1.el9_4.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.108-1.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet8.0-8.0.108-1.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-38167

Description of changes:

[8.0.108-1.0.1]
- Add support for Oracle Linux

[8.0.108-1]
- Update to .NET SDK 8.0.108 and Runtime 8.0.8
- Resolves: RHEL-52389

[8.0.107-2]
- Fix ownership of some missed directories
- Resolves: RHEL-47080

ELSA-2024-5231 Important: Oracle Linux 9 bind and bind-dyndb-ldap security update

Oracle Linux Security Advisory ELSA-2024-5231

http://linux.oracle.com/errata/ELSA-2024-5231.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind-9.16.23-18.0.1.el9_4.6.x86_64.rpm
bind-chroot-9.16.23-18.0.1.el9_4.6.x86_64.rpm
bind-dnssec-doc-9.16.23-18.0.1.el9_4.6.noarch.rpm
bind-dnssec-utils-9.16.23-18.0.1.el9_4.6.x86_64.rpm
bind-dyndb-ldap-11.9-10.el9_4.x86_64.rpm
bind-libs-9.16.23-18.0.1.el9_4.6.x86_64.rpm
bind-license-9.16.23-18.0.1.el9_4.6.noarch.rpm
bind-utils-9.16.23-18.0.1.el9_4.6.x86_64.rpm
python3-bind-9.16.23-18.0.1.el9_4.6.noarch.rpm
bind-devel-9.16.23-18.0.1.el9_4.6.i686.rpm
bind-devel-9.16.23-18.0.1.el9_4.6.x86_64.rpm
bind-doc-9.16.23-18.0.1.el9_4.6.noarch.rpm
bind-libs-9.16.23-18.0.1.el9_4.6.i686.rpm

aarch64:
bind-9.16.23-18.0.1.el9_4.6.aarch64.rpm
bind-chroot-9.16.23-18.0.1.el9_4.6.aarch64.rpm
bind-dnssec-doc-9.16.23-18.0.1.el9_4.6.noarch.rpm
bind-dnssec-utils-9.16.23-18.0.1.el9_4.6.aarch64.rpm
bind-dyndb-ldap-11.9-10.el9_4.aarch64.rpm
bind-libs-9.16.23-18.0.1.el9_4.6.aarch64.rpm
bind-license-9.16.23-18.0.1.el9_4.6.noarch.rpm
bind-utils-9.16.23-18.0.1.el9_4.6.aarch64.rpm
python3-bind-9.16.23-18.0.1.el9_4.6.noarch.rpm
bind-devel-9.16.23-18.0.1.el9_4.6.aarch64.rpm
bind-doc-9.16.23-18.0.1.el9_4.6.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//bind-9.16.23-18.0.1.el9_4.6.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//bind-dyndb-ldap-11.9-10.el9_4.src.rpm

Related CVEs:

CVE-2024-1737
CVE-2024-1975
CVE-2024-4076

Description of changes:

bind
[9.16.23-18.0.1.6]
- Fix warning when changing device file permissions [Orabug: 36518580]

[32:9.16.23-18.6]
- Minor fix of reclimit test backport (CVE-2024-1737)

[32:9.16.23-18.5]
- Backport addition of max-records-per-type and max-records-per-type options

[32:9.16.23-18.2]
- Resolve CVE-2024-1975
- Resolve CVE-2024-1737
- Resolve CVE-2024-4076
- Add ability to change runtime limits for max types and records per name

[32:9.16.23-18.1]
- Rebuild with correct z-stream tag again

[32:9.16.23-18]
- Prevent crashing at masterformat system test (CVE-2023-6516)

[32:9.16.23-17]
- Import tests for large DNS messages fix
- Add downstream change complementing CVE-2023-50387

[32:9.16.23-16]
- Prevent increased CPU load on large DNS messages (CVE-2023-4408)
- Prevent assertion failure when nxdomain-redirect is used with
RFC 1918 reverse zones (CVE-2023-5517)
- Prevent assertion failure if DNS64 and serve-stale is used (CVE-2023-5679)
- Specific recursive query patterns may lead to an out-of-memory
condition (CVE-2023-6516)
- Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387
CVE-2023-50868)

[32:9.16.23-15]
- Update addresses of b.root-servers.net (RHEL-18188)

[32:9.16.23-14]
- Limit the amount of recursion possible in control channel (CVE-2023-3341)

[32:9.16.23-13]
- Prevent possible endless loop when refreshing stale data (CVE-2023-2911)

[32:9.16.23-12]
- Strengten cache cleaning to prevent overflowing configured limit
(CVE-2023-2828)

[32:9.16.23-11]
- Correct backport issue in statistics rendering fix (#2126912)

[32:9.16.23-10]
- Handle subtle difference between upstream and rhel (CVE-2022-3094)

[32:9.16.23-9]
- Prevent flooding with UPDATE requests (CVE-2022-3094)
- Handle RRSIG queries when server-stale is active (CVE-2022-3736)
- Fix crash when soft-quota is reached and serve-stale is active (CVE-2022-3924)

[32:9.16.23-8]
- Correct regression preventing bind-dyndb-ldap build (#2162795)

[32:9.16.23-7]
- Prevent freeing zone during statistics rendering (#2101712)

[32:9.16.23-6]
- Bound the amount of work performed for delegations (CVE-2022-2795)
- Add /usr/lib64/named to bind-chroot (#2129466)

[32:9.16.23-5]
- Fix possible serve-stale related crash (CVE-2022-3080)
- Fix memory leak in ECDSA verify processing (CVE-2022-38177)
- Fix memory leak in EdDSA verify processing (CVE-2022-38178)

bind-dyndb-ldap
[11.9-10]
- Rebuilt for BIND CVE-2024-1737 fixes (CVE-2024-1737)

ELBA-2024-5021 Oracle Linux 9 kexec-tools bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5021

http://linux.oracle.com/errata/ELBA-2024-5021.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kexec-tools-2.0.28-1.0.7.el9_4.x86_64.rpm

aarch64:
kexec-tools-2.0.28-1.0.7.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kexec-tools-2.0.28-1.0.7.el9_4.src.rpm

Description of changes:

[2.0.28-1.0.7]
- Fix KEXEC_KERNEL_CHECK IMA rule & valid PE signature regression [Orabug: 36567412]
- Include support for virt-what [Orabug: 36517679]
- backport of upstream crash hotplug support [Orabug: 35884469]
- Insert new udev rules for crash hotplug into 98-kexec.rules [Orabug: 35801595]
- Handle xen_netfront in dracut module setup [Orabug: 35615400]
- Update UEK aarch64 reserved sizes for UEK7 kernels [Orabug: 34663083]
- Correct UEK reserved size for x86_64 [Orabug: 34391412]
- Update UEK reserved sizes [Orabug: 34240246]
- fix saving vmcore-dmesg.txt failed on aarch64 with UEK7 [Orabug: 34003037]
- include OL8 patch for sysconfig, its needed on OL9 [Orabug: 33512440]
- Update makedumpfile to 1.7.2 [Orabug: 34219368]
- kdump: skip lvm private devices [Orabug: 33822070] [Orabug: 33574003]
- Added dracut module setup patches [Orabug: 29518713] [Orabug: 22780125]
- Added orabug30352094-makedumpfile-Mark-mem-usage-option-unsupported-for-a.patch [Orabug: 30352094]
- Added orabug30822387.kdumpctl-arm64-fast-boot.patch [Orabug: 30822387]
- Added orabug30832988.kdump.sysconfig.iommu_off.x86_64.aarch64.patch [Orabug: 30832988]
- Added orabug30928441.kdumpctl.no_timer_check.patch [Orabug: 30928441]
- Added orabug32127375-kdump.sysconfig.no.double.s.patch [Orabug: 32127375]
- Added orabug32258986-arm64-support-more-than-one-crash-kernel-regions.patch [Orabug: 32258986]
- Removed orabug32258986-arm64-support-more-than-one-crash-kernel-regions.patch [Orabug: 32258986]
- Removed orabug34003037-arm64-crashdump-deduce-paddr-of-_text-based-on-kerne.patch [Orabug: 34003037]
- Removed orabug34003037-arm64-make-phys_offset-signed.patch [Orabug: 34003037]
- Removed orabug34003037-arm64-crashdump-unify-routine-to-get-page_offset.patch [Orabug: 34003037]
- Removed orabug34003037-arm64-read-VA_BITS-from-kcore-for-52-bits-VA-kernel.patch [Orabug: 34003037]
- Removed orabug34003037-arm64-fix-PAGE_OFFSET-calc-for-flipped-mm.patch [Orabug: 34003037]
- Removed orabug34003037-kdump-kexec-fix-saving-vmcore-dmesg.txt-failed-on-aa.patch [Orabug: 34003037]
- Fix formatting for orabug33822070-kdump-skip-lvm-private-devices.patch [Orabug: 33822070]
- Rework orabug34663083-Update-UEK-reserved-sizes.patch [Orabug: 34240246]

ELSA-2024-5392 Important: Oracle Linux 9 thunderbird security update

Oracle Linux Security Advisory ELSA-2024-5392

http://linux.oracle.com/errata/ELSA-2024-5392.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-115.14.0-1.0.1.el9_4.x86_64.rpm

aarch64:
thunderbird-115.14.0-1.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-115.14.0-1.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-7518
CVE-2024-7519
CVE-2024-7520
CVE-2024-7521
CVE-2024-7522
CVE-2024-7525
CVE-2024-7526
CVE-2024-7527
CVE-2024-7528
CVE-2024-7529

Description of changes:

[115.14.0-1.0.1]
- Add Oracle prefs

[115.14.0]
- Add OpenELA debranding

[115.14.0-1]
- Update to 115.14.0 build1

ELSA-2024-5363 Important: Oracle Linux 9 kernel security update

Oracle Linux Security Advisory ELSA-2024-5363

http://linux.oracle.com/errata/ELSA-2024-5363.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-7.3.0-427.31.1.el9_4.x86_64.rpm
kernel-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-abi-stablelists-5.14.0-427.31.1.el9_4.noarch.rpm
kernel-core-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-debug-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-debug-core-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-debug-devel-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-debug-devel-matched-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-debug-modules-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-debug-modules-core-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-debug-modules-extra-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-debug-uki-virt-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-devel-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-devel-matched-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-doc-5.14.0-427.31.1.el9_4.noarch.rpm
kernel-headers-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-modules-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-modules-core-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-modules-extra-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-tools-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-tools-libs-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-uki-virt-5.14.0-427.31.1.el9_4.x86_64.rpm
perf-5.14.0-427.31.1.el9_4.x86_64.rpm
python3-perf-5.14.0-427.31.1.el9_4.x86_64.rpm
rtla-5.14.0-427.31.1.el9_4.x86_64.rpm
rv-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-cross-headers-5.14.0-427.31.1.el9_4.x86_64.rpm
kernel-tools-libs-devel-5.14.0-427.31.1.el9_4.x86_64.rpm
libperf-5.14.0-427.31.1.el9_4.x86_64.rpm

aarch64:
bpftool-7.3.0-427.31.1.el9_4.aarch64.rpm
kernel-headers-5.14.0-427.31.1.el9_4.aarch64.rpm
kernel-tools-5.14.0-427.31.1.el9_4.aarch64.rpm
kernel-tools-libs-5.14.0-427.31.1.el9_4.aarch64.rpm
perf-5.14.0-427.31.1.el9_4.aarch64.rpm
python3-perf-5.14.0-427.31.1.el9_4.aarch64.rpm
kernel-cross-headers-5.14.0-427.31.1.el9_4.aarch64.rpm
kernel-tools-libs-devel-5.14.0-427.31.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-427.31.1.el9_4.src.rpm

Related CVEs:

CVE-2021-47606
CVE-2023-52651
CVE-2023-52864
CVE-2024-21823
CVE-2024-26600
CVE-2024-26808
CVE-2024-26828
CVE-2024-26853
CVE-2024-26868
CVE-2024-26897
CVE-2024-27049
CVE-2024-27052
CVE-2024-27065
CVE-2024-27417
CVE-2024-27434
CVE-2024-33621
CVE-2024-35789
CVE-2024-35800
CVE-2024-35823
CVE-2024-35845
CVE-2024-35848
CVE-2024-35852
CVE-2024-35899
CVE-2024-35911
CVE-2024-35937
CVE-2024-35969
CVE-2024-36005
CVE-2024-36017
CVE-2024-36020
CVE-2024-36489
CVE-2024-36903
CVE-2024-36921
CVE-2024-36922
CVE-2024-36929
CVE-2024-36941
CVE-2024-36971
CVE-2024-37353
CVE-2024-37356
CVE-2024-38391
CVE-2024-38558
CVE-2024-38575
CVE-2024-39487
CVE-2024-40928
CVE-2024-40954
CVE-2024-40958
CVE-2024-40961

Description of changes:

[5.14.0-427.31.1.el9_4.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 sk_dst_pending_confirm (CKI Backport Bot) [RHEL-46798] {CVE-2024-36971}

[5.14.0-427.30.1.el9_4]
- dmaengine: idxd: add a write() method for applications to submit work (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
- dmaengine: idxd: add a new security check to deal with a hardware erratum (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (Mark Salter) [RHEL-49538 RHEL-39308]
- virtio: delete vq in vp_find_vqs_msix() when request_irq() fails (Jon Maloy) [RHEL-44467] {CVE-2024-37353}
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (Izabela Bakollari) [RHEL-36271 RHEL-26682] {CVE-2024-26600}
- eeprom: at24: fix memory corruption race condition (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- eeprom: at24: Use dev_err_probe for nvmem register failure (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- eeprom: at24: Add support for 24c1025 EEPROM (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- eeprom: at24: remove struct at24_client (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- at24: Support probing while in non-zero ACPI D state (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CKI Backport Bot) [RHEL-44439] {CVE-2024-37356}
- cxl/region: Fix cxlr_pmem leaks (cki-backport-bot) [RHEL-44486] {CVE-2024-38391}
- tls: fix missing memory barrier in tls_init (cki-backport-bot) [RHEL-44480] {CVE-2024-36489}
- igc: avoid returning frame twice in XDP_REDIRECT (Corinna Vinschen) [RHEL-42714 RHEL-33266] {CVE-2024-26853}
- ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Hangbin Liu) [RHEL-44404 RHEL-44402] {CVE-2024-33621}
- ipvlan: add ipvlan_route_v6_outbound() helper (Davide Caratti) [RHEL-44404 RHEL-32205]
- ipvlan: properly track tx_errors (Davide Caratti) [RHEL-44404 RHEL-32205]
- wifi: nl80211: don't free NULL coalescing rule (Jose Ignacio Tornos Martinez) [RHEL-41698 RHEL-39754] {CVE-2024-36941}
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (Jose Ignacio Tornos Martinez) [RHEL-41658 RHEL-37028] {CVE-2024-35845}
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (Ivan Vecera) [RHEL-41556 RHEL-37018] {CVE-2024-35852}
- net: openvswitch: fix overwriting ct original tuple for ICMPv6 (cki-backport-bot) [RHEL-44215] {CVE-2024-38558}
- wifi: iwlwifi: read txq->read_ptr under lock (Jose Ignacio Tornos Martinez) [RHEL-41520 RHEL-39799] {CVE-2024-36922}
- wifi: cfg80211: check A-MSDU format more carefully (Jose Ignacio Tornos Martinez) [RHEL-38754 RHEL-37345] {CVE-2024-35937}
- ice: fix memory corruption bug with suspend and rebuild (Petr Oros) [RHEL-49858 RHEL-17486] {CVE-2024-35911}
- ipv6: prevent possible NULL deref in fib6_nh_init() (Hangbin Liu) [RHEL-48182 RHEL-45826] {CVE-2024-40961}
- netns: Make get_net_ns() handle zero refcount net (Paolo Abeni) [RHEL-48117 RHEL-46610] {CVE-2024-40958}
- net: do not leave a dangling sk pointer, when socket creation fails (Paolo Abeni) [RHEL-48072 RHEL-46610] {CVE-2024-40954}
- net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (CKI Backport Bot) [RHEL-47902] {CVE-2024-40928}
- net: netlink: af_netlink: Prevent empty skb by adding a check on len. (Ivan Vecera) [RHEL-43619 RHEL-30344] {CVE-2021-47606}
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (CKI Backport Bot) [RHEL-46921] {CVE-2024-39487}
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (Benjamin Coddington) [RHEL-42732 RHEL-34875] {CVE-2024-26868}
- efi: fix panic in kdump kernel (Steve Best) [RHEL-42920 RHEL-36998] {CVE-2024-35800}
- ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() (Hangbin Liu) [RHEL-41735 RHEL-31050] {CVE-2024-27417}
- netfilter: nf_tables: do not compare internal table flags on updates (Florian Westphal) [RHEL-41682 RHEL-33985] {CVE-2024-27065}
- ipv6: Fix potential uninit-value access in __ip6_make_skb() (Antoine Tenart) [RHEL-41466 RHEL-39786] {CVE-2024-36903}
- netfilter: nf_tables: honor table dormant flag from netdev release event path (Florian Westphal) [RHEL-40056 RHEL-33985] {CVE-2024-36005}
- cifs: fix underflow in parse_server_interfaces() (Paulo Alcantara) [RHEL-34636 RHEL-31245] {CVE-2024-26828}
- drm/i915/audio: Fix audio time stamp programming for DP (CKI Backport Bot) [RHEL-45843]
- platform/x86: wmi: Fix opening of char device (David Arcari) [RHEL-42548 RHEL-38260] {CVE-2023-52864}
- platform/x86: wmi: remove unnecessary initializations (David Arcari) [RHEL-42548 RHEL-38260] {CVE-2023-52864}
- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CKI Backport Bot) [RHEL-43170] {CVE-2024-36017}
- netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (Florian Westphal) [RHEL-40062 RHEL-33985] {CVE-2024-26808}
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-39017 RHEL-32372] {CVE-2024-35969}
- netfilter: nf_tables: flush pending destroy work before exit_net release (Florian Westphal) [RHEL-38765 RHEL-33985] {CVE-2024-35899}
- vt: fix unicode buffer corruption when deleting characters (Andrew Halaney) [RHEL-42947 RHEL-24205] {CVE-2024-35823}

[5.14.0-427.29.1.el9_4]
- net: Avoid address overwrite in kernel_connect (Davide Caratti) [RHEL-45728 RHEL-30875]
- net: replace calls to sock->ops->connect() with kernel_connect() (Davide Caratti) [RHEL-45728 RHEL-33410]
- i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-41638 RHEL-39704] {CVE-2024-36020}
- cifs: translate network errors on send to -ECONNABORTED (Jay Shin) [RHEL-47047 RHEL-31245]
- wifi: brcmfmac: pcie: handle randbuf allocation failure (Jose Ignacio Tornos Martinez) [RHEL-44132] {CVE-2024-38575}
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (Jose Ignacio Tornos Martinez) [RHEL-43208 RHEL-39803] {CVE-2024-36921}
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (Jose Ignacio Tornos Martinez) [RHEL-42906 RHEL-36809] {CVE-2024-35789}
- wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (Jose Ignacio Tornos Martinez) [RHEL-42886 RHEL-36900] {CVE-2024-27434}
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (Jose Ignacio Tornos Martinez) [RHEL-42860 RHEL-35142] {CVE-2024-27052}
- wifi: mt76: mt7925e: fix use-after-free in free_irq() (Jose Ignacio Tornos Martinez) [RHEL-42856 RHEL-35148] {CVE-2024-27049}
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (Jose Ignacio Tornos Martinez) [RHEL-42743 RHEL-34187] {CVE-2024-26897}
- wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (Jose Ignacio Tornos Martinez) [RHEL-42383 RHEL-35199] {CVE-2023-52651}
- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-41402 RHEL-39781] {CVE-2024-36929}

ELSA-2024-5322 Important: Oracle Linux 9 firefox security update

Oracle Linux Security Advisory ELSA-2024-5322

http://linux.oracle.com/errata/ELSA-2024-5322.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.14.0-2.0.1.el9_4.x86_64.rpm
firefox-x11-115.14.0-2.0.1.el9_4.x86_64.rpm

aarch64:
firefox-115.14.0-2.0.1.el9_4.aarch64.rpm
firefox-x11-115.14.0-2.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//firefox-115.14.0-2.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-7518
CVE-2024-7519
CVE-2024-7520
CVE-2024-7521
CVE-2024-7522
CVE-2024-7524
CVE-2024-7525
CVE-2024-7526
CVE-2024-7527
CVE-2024-7528
CVE-2024-7529

Description of changes:

[115.14.0-2.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.14.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[115.14.0-2]
- Update to 115.14.0 build2

[115.14.0-1]
- Update to 115.14.0 build1

ELSA-2024-5279 Important: Oracle Linux 9 python3.11-setuptools security update

Oracle Linux Security Advisory ELSA-2024-5279

http://linux.oracle.com/errata/ELSA-2024-5279.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-setuptools-65.5.1-2.el9_4.1.noarch.rpm
python3.11-setuptools-wheel-65.5.1-2.el9_4.1.noarch.rpm

aarch64:
python3.11-setuptools-65.5.1-2.el9_4.1.noarch.rpm
python3.11-setuptools-wheel-65.5.1-2.el9_4.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python3.11-setuptools-65.5.1-2.el9_4.1.src.rpm

Related CVEs:

CVE-2024-6345

Description of changes:

[65.5.1-2.1]
- Security fix for CVE-2024-6345
Resolves: RHEL-50490

ELBA-2024-5463 Oracle Linux 9 virt-v2v bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5463

http://linux.oracle.com/errata/ELBA-2024-5463.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
virt-v2v-2.4.0-3.0.1.el9_4.x86_64.rpm
virt-v2v-bash-completion-2.4.0-3.0.1.el9_4.noarch.rpm
virt-v2v-man-pages-ja-2.4.0-3.0.1.el9_4.noarch.rpm
virt-v2v-man-pages-uk-2.4.0-3.0.1.el9_4.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//virt-v2v-2.4.0-3.0.1.el9_4.src.rpm

Description of changes:

[2.4.0-3.0.1]
- Replaced bugzilla.oracle.com references [Orabug: 34202300]
- replaced upstream references [Orabug:34089586]

[1:2.4.0-3]
- Fixes to improve installation of QEMU Guest Agent and removal
of VMware Tools
resolves: RHEL-54150, RHEL-54151
- Allow --mac gw and len fields to be optional
resolves: RHEL-54152

ELSA-2024-12582 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2024-12582

http://linux.oracle.com/errata/ELSA-2024-12582.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
bpftool-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-209.161.7.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-209.161.7.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-209.161.7.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-209.161.7.el9uek.src.rpm

Related CVEs:

CVE-2024-41090
CVE-2024-41091

Description of changes:

[5.15.0-209.161.7.el9uek]
- loop: Fix a race between loop detach and loop open (Gulam Mohamed) [Orabug: 36865975]

[5.15.0-209.161.6.el9uek]
- net/mlx5e: drop shorter ethernet frames (Manjunath Patil) [Orabug: 36879156] {CVE-2024-41090} {CVE-2024-41091}
- x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs (Alexandre Chartre) [Orabug: 36672479]
- KVM: SVM: fix build error when CONFIG_HYPERV is unset (Simran Singh) [Orabug: 36508934]
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation (Alexandre Chartre)
- Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Jan Kara)
- mm: prevent derefencing NULL ptr in pfn_section_valid() (Waiman Long)

[5.15.0-209.161.5.el9uek]
- rds/ib: decrement ib_rx_total_incs after releasing associated cache (Arumugam Kolappan) [Orabug: 36760266]

[5.15.0-209.161.4.el9uek]
- rds/rdma: Send info to userspace, even if connnection is down. (Juan Garcia) [Orabug: 36529561]
- KVM: x86: Advertise AVX-NE-CONVERT CPUID to user space (Jiaxi Chen) [Orabug: 36810714]
- KVM: x86: Advertise AVX-VNNI-INT8 CPUID to user space (Jiaxi Chen) [Orabug: 36810714]
- x86: KVM: Advertise AVX-IFMA CPUID to user space (Jiaxi Chen) [Orabug: 36810714]
- x86: KVM: Advertise AMX-FP16 CPUID to user space (Chang S. Bae) [Orabug: 36810714]
- x86: KVM: Advertise CMPccXADD CPUID to user space (Jiaxi Chen) [Orabug: 36810714]
- x86/cpufeatures: Put the AMX macros in the word 18 block (Jim Mattson) [Orabug: 36810714]
- intel_idle: add Sierra Forest SoC support (Artem Bityutskiy) [Orabug: 36810714]
- intel_idle: add Grand Ridge SoC support (Artem Bityutskiy) [Orabug: 36810714]
- perf/x86/intel/uncore: Support Sierra Forest and Grand Ridge (Kan Liang) [Orabug: 36810714]
- perf/x86/intel/uncore: Support IIO free-running counters on GNR (Kan Liang) [Orabug: 36810714]
- perf/x86/intel/uncore: Support Granite Rapids (Kan Liang) [Orabug: 36810714]
- perf/x86/uncore: Use u64 to replace unsigned for the uncore offsets array (Kan Liang) [Orabug: 36810714]
- perf/x86/intel/uncore: Generic uncore_get_uncores and MMIO format of SPR (Kan Liang) [Orabug: 36810714]
- Documentation/x86: Document resctrl's new sparse_masks (Fenghua Yu) [Orabug: 36810714]
- x86/resctrl: Add sparse_masks file in info (Fenghua Yu) [Orabug: 36810714]
- x86/resctrl: Enable non-contiguous CBMs in Intel CAT (Maciej Wieczor-Retman) [Orabug: 36810714]
- x86/resctrl: Rename arch_has_sparse_bitmaps (Maciej Wieczor-Retman) [Orabug: 36810714]
- x86/cpu: Fix Crestmont uarch (Peter Zijlstra) [Orabug: 36810714]
- x86/cpu: Fix Gracemont uarch (Peter Zijlstra) [Orabug: 36810714]
- powercap: RAPL: fix invalid initialization for pl4_supported field (Sumeet Pawnikar) [Orabug: 36810714]
- perf/x86/intel/uncore: Add events for Intel SPR IMC PMU (Stephane Eranian) [Orabug: 36810714]
- EDAC/i10nm: Add Intel Sierra Forest server support (Qiuxu Zhuo) [Orabug: 36810714]
- perf/x86/msr: Add Granite Rapids (Kan Liang) [Orabug: 36810714]
- platform/x86: ISST: Add support for MSR 0x54 (Srinivas Pandruvada) [Orabug: 36810714]
- powercap: RAPL: Add Power Limit4 support for Meteor Lake SoC (Sumeet Pawnikar) [Orabug: 36810714]
- EDAC/i10nm: Add Intel Granite Rapids server support (Qiuxu Zhuo) [Orabug: 36810714]
- EDAC/i10nm: Make more configurations CPU model specific (Qiuxu Zhuo) [Orabug: 36810714]
- powercap: intel_rapl: add support for Meteor Lake (Zhang Rui) [Orabug: 36810714]
- perf/x86/msr: Add Meteor Lake support (Kan Liang) [Orabug: 36810714]
- perf/x86: Add Meteor Lake support (Kan Liang) [Orabug: 36810714]
- perf: Add PMU_FORMAT_ATTR_SHOW (Kan Liang) [Orabug: 36810714]
- platform/x86: intel/pmc: Replace all the reg_map with init functions (Gayatri Kammela) [Orabug: 36810714]
- thermal: intel: intel_tcc_cooling: Add TCC cooling support for RaptorLake-S (Zhang Rui) [Orabug: 36810714]
- x86/intel_epb: Set Alder Lake N and Raptor Lake P normal EPB (Srinivas Pandruvada) [Orabug: 36810714]
- perf/x86/msr: Add new Raptor Lake S support (Kan Liang) [Orabug: 36810714]
- perf/x86: Add new Raptor Lake S support (Kan Liang) [Orabug: 36810714]
- x86/resctrl: Remove arch_has_empty_bitmaps (Babu Moger) [Orabug: 36810714]
- intel_idle: Add AlderLake-N support (Zhang Rui) [Orabug: 36810714]
- platform/x86/intel: pmc/core: Add Raptor Lake support to pmc core driver (Gayatri Kammela) [Orabug: 36810714]
- tools/power turbostat: Add support for RPL-S (Zhang Rui) [Orabug: 36810714]
- perf/x86/intel: Fix unchecked MSR access error for Alder Lake N (Kan Liang) [Orabug: 36810714]
- powercap: intel_rapl: Add support for RAPTORLAKE_S (Zhang Rui) [Orabug: 36810714]
- thermal: intel: Add TCC cooling support for Alder Lake-N and Raptor Lake-P (Sumeet Pawnikar) [Orabug: 36810714]
- powercap: RAPL: Add Power Limit4 support for Alder Lake-N and Raptor Lake-P (Sumeet Pawnikar) [Orabug: 36810714]
- EDAC/i10nm: Print an extra register set of retry_rd_err_log (Qiuxu Zhuo) [Orabug: 36810714]
- EDAC/i10nm: Retrieve and print retry_rd_err_log registers for HBM (Qiuxu Zhuo) [Orabug: 36810714]
- EDAC/skx_common: Add ChipSelect ADXL component (Qiuxu Zhuo) [Orabug: 36810714]
- perf/x86/intel: Fix PEBS data source encoding for ADL (Kan Liang) [Orabug: 36810714]
- perf/x86/intel: Fix PEBS memory access info encoding for ADL (Kan Liang) [Orabug: 36810714]
- platform/x86: intel/pmc: Add Alder Lake N support to PMC core driver (Gayatri Kammela) [Orabug: 36810714]
- platform/x86/intel: pmc: Support Intel Raptorlake P (George D Sworo) [Orabug: 36810714]
- tools/power turbostat: Support RAPTORLAKE P (George D Sworo) [Orabug: 36810714]
- powercap: intel_rapl: Add support for RAPTORLAKE_P (George D Sworo) [Orabug: 36810714]
- tools/power turbostat: add support for ALDERLAKE_N (Zhang Rui) [Orabug: 36810714]
- powercap: intel_rapl: add support for ALDERLAKE_N (Zhang Rui) [Orabug: 36810714]
- powercap: RAPL: Add Power Limit4 support for RaptorLake (Sumeet Pawnikar) [Orabug: 36810714]
- thermal: intel_tcc_cooling: Add TCC cooling support for RaptorLake (Sumeet Pawnikar) [Orabug: 36810714]
- perf/x86/uncore: Add new Alder Lake and Raptor Lake support (Kan Liang) [Orabug: 36810714]
- perf/x86/uncore: Clean up uncore_pci_ids[] (Kan Liang) [Orabug: 36810714]
- perf/x86/msr: Add new Alder Lake and Raptor Lake support (Kan Liang) [Orabug: 36810714]
- perf/x86: Add new Alder Lake and Raptor Lake support (Kan Liang) [Orabug: 36810714]
- powercap: intel_rapl: add support for RaptorLake (Zhang Rui) [Orabug: 36810714]
- tools/power turbostat: Introduce support for RaptorLake (Zhang Rui) [Orabug: 36810714]
- perf/x86/uncore: Add Raptor Lake uncore support (Kan Liang) [Orabug: 36810714]
- perf/x86/msr: Add Raptor Lake CPU support (Kan Liang) [Orabug: 36810714]
- perf/x86: Add Intel Raptor Lake support (Kan Liang) [Orabug: 36810714]
- perf/x86/intel/uncore: Add IMC uncore support for ADL (Kan Liang) [Orabug: 36810714]
- x86: intel_epb: Allow model specific normal EPB value (Srinivas Pandruvada) [Orabug: 36810714]
- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (Marek Szyprowski)
- netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Jozsef Kadlecsik)
- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (Yunseong Kim)
- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (Luiz Augusto von Dentz)
- vxlan: Fix regression when dropping packets due to invalid src addresses (Daniel Borkmann)

[5.15.0-209.161.3.el9uek]
- pci: add hotplug patch support for SOLIDIGM Aura10 AIC 0x025e:0x0b60 (Alan Adamson) [Orabug: 36771374]
- iommufd/iova_bitmap: Remove iterator logic (Joao Martins) [Orabug: 36785489]
- iommufd/iova_bitmap: Dynamic pinning on iova_bitmap_set() (Joao Martins) [Orabug: 36785489]
- iommufd/iova_bitmap: Consolidate iova_bitmap_set exit conditionals (Joao Martins) [Orabug: 36785489]
- iommufd/iova_bitmap: Move initial pinning to iova_bitmap_for_each() (Joao Martins) [Orabug: 36785489]
- iommufd/iova_bitmap: Cache mapped length in iova_bitmap_map struct (Joao Martins) [Orabug: 36785489]
- iommufd/iova_bitmap: Check iova_bitmap_done() after set ahead (Joao Martins) [Orabug: 36785489]

[5.15.0-209.161.2.el9uek]
- LTS version: v5.15.161 (Vijayendra Suman)
- scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW major version > 5 (Neil Armstrong)
- NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS (Anna Schumaker)
- nfs: fix undefined behavior in nfs_block_bits() (Sergey Shtylyov)
- EDAC/igen6: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (Frank Li)
- s390/cpacf: Make use of invalid opcode produce a link error (Harald Freudenberger)
- s390/cpacf: Split and rework cpacf query functions (Harald Freudenberger)
- s390/ap: Fix crash in AP internal function modify_bitmap() (Harald Freudenberger)
- ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (Baokun Li)
- ext4: set type of ac_groups_linear_remaining to __u32 to avoid overflow (Baokun Li)
- sparc: move struct termio to asm/termios.h (Mike Gilbert)
- net: fix __dst_negative_advice() race (Eric Dumazet)
- kdb: Use format-specifiers rather than memset() for padding in kdb_read() (Daniel Thompson)
- kdb: Merge identical case statements in kdb_read() (Daniel Thompson)
- kdb: Fix console handling when editing and tab-completing commands (Daniel Thompson)
- kdb: Use format-strings rather than '- kdb: Fix buffer overflow during tab-complete (Daniel Thompson)
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (Judith Mendez)
- sparc64: Fix number of online CPUs (Sam Ravnborg)
- intel_th: pci: Add Meteor Lake-S CPU support (Alexander Shishkin)
- net/9p: fix uninit-value in p9_client_rpc() (Nikita Zhandarovich)
- net/ipv6: Fix route deleting failure when metric equals 0 (xu xin)
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (Herbert Xu)
- crypto: ecrdsa - Fix module auto-load on add_key (Vitaly Chikunov)
- crypto: ecdsa - Fix module auto-load on add-key (Stefan Berger)
- KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (Marc Zyngier)
- KVM: arm64: Fix AArch32 register narrowing on userspace write (Marc Zyngier)
- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (Li Ma)
- fbdev: savage: Handle err return when savagefb_check_var failed (Cai Xinchen)
- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (Hans de Goede)
- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (Hans de Goede)
- mmc: sdhci-acpi: Sort DMI quirks alphabetically (Hans de Goede)
- mmc: core: Add mmc_gpiod_set_cd_config() function (Hans de Goede)
- media: v4l2-core: hold videodev_lock until dev reg, finishes (Hans Verkuil)
- media: mxl5xx: Move xpt structures off stack (Nathan Chancellor)
- media: mc: mark the media devnode as registered from the, start (Hans Verkuil)
- arm64: dts: hi3798cv200: fix the size of GICR (Yang Xiwen)
- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (Bitterblue Smith)
- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (Bitterblue Smith)
- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (Bitterblue Smith)
- arm64: dts: qcom: qcs404: fix bluetooth device address (Johan Hovold)
- arm64: tegra: Correct Tegra132 I2C alias (Krzysztof Kozlowski)
- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (Christoffer Sandberg)
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (Maulik Shah)
- thermal/drivers/qcom/lmh: Check for SCM availability at probe (Konrad Dybcio)
- ata: pata_legacy: make legacy_exit() work again (Sergey Shtylyov)
- drm/amdgpu: add error handle to avoid out-of-bounds (Bob Zhou)
- media: lgdt3306a: Add a check against null-pointer-def (Zheyu Ma)
- f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() (Chao Yu)
- sunrpc: exclude from freezer when waiting for requests: (NeilBrown)
- scripts/gdb: fix SB_* constants parsing (Florian Fainelli)
- net: dsa: tag_sja1105: always prefer source port information from INCL_SRCPT (Vladimir Oltean)
- net: dsa: sja1105: always enable the INCL_SRCPT option (Vladimir Oltean)
- mptcp: fix full TCP keep-alive support (Matthieu Baerts (NGI0))
- nilfs2: fix use-after-free of timer for log writer thread (Ryusuke Konishi)
- afs: Don't cross .backup mountpoint from backup volume (Marc Dionne)
- io_uring: fail NOP if non-zero op flags is passed in (Ming Lei)
- mmc: core: Do not force a retune before RPMB switch (Jorge Ramirez-Ortiz)
- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (Shradha Gupta)
- drm: Check output polling initialized before disabling (Shradha Gupta)
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Chuck Lever)
- media: cec: core: add adap_nb_transmit_canceled() callback (Hans Verkuil)
- net: ena: Fix DMA syncing in XDP path when SWIOTLB is on (David Arinzon)
- KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (Gerd Hoffmann)
- ALSA: timer: Set lower bound of start tick time (Takashi Iwai)
- hwmon: (shtc1) Fix property misspelling (Guenter Roeck)
- ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Yue Haibing)
- net: ena: Fix redundant device NUMA node override (Shay Agroskin)
- net: ena: Reduce lines with longer column width boundary (David Arinzon)
- net: ena: Add dynamic recycling mechanism for rx buffers (David Arinzon)
- net: ena: Do not waste napi skb cache (Hyeonggon Yoo)
- net: ena: Extract recurring driver reset code into a function (Arthur Kiyanovski)
- net: ena: Add capabilities field with support for ENI stats capability (Arthur Kiyanovski)
- spi: stm32: Don't warn about spurious interrupts (Uwe Kleine-König)
- kconfig: fix comparison to constant symbols, 'm', 'n' (Masahiro Yamada)
- netfilter: tproxy: bail out if IP has been disabled on the device (Florian Westphal)
- netfilter: nft_payload: skbuff vlan metadata mangle support (Pablo Neira Ayuso)
- netfilter: nft_payload: rebuild vlan header on h_proto access (Florian Westphal)
- netfilter: nft_payload: rebuild vlan header when needed (Pablo Neira Ayuso)
- netfilter: nft_payload: move struct nft_payload_set definition where it belongs (Pablo Neira Ayuso)
- net:fec: Add fec_enet_deinit() (Xiaolei Wang)
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (Parthiban Veerasooran)
- enic: Validate length of nl attributes in enic_set_vf_port (Roded Zats)
- bpf: Fix potential integer overflow in resolve_btfids (Friedrich Vock)
- dma-buf/sw-sync: don't enable IRQ from sync_print_obj() (Tetsuo Handa)
- net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (Carolina Jubran)
- net/mlx5e: Fix IPsec tunnel mode offload feature check (Rahul Rameshbabu)
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (Mathieu Othacehe)
- nvmet: fix ns enable/disable possible hang (Sagi Grimberg)
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (Fedor Pchelkin)
- dma-mapping: benchmark: fix node id validation (Fedor Pchelkin)
- spi: Don't mark message DMA mapped when no transfer in it is (Andy Shevchenko)
- netfilter: nft_payload: restore vlan q-in-q match support (Pablo Neira Ayuso)
- netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (Eric Dumazet)
- ice: Interpret .set_channels() input differently (Larysa Zaremba)
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (Ryosuke Yasuoka)
- nfc: nci: Fix kcov check in nci_rx_work() (Tetsuo Handa)
- tls: fix missing memory barrier in tls_init (Dae R. Jeong)
- net: fec: avoid lock evasion when reading pps_enable (Wei Fang)
- riscv: stacktrace: fixed walk_stackframe() (Matthew Bystrin)
- riscv: stacktrace: Make walk_stackframe cross pt_regs frame (Guo Ren)
- virtio: delete vq in vp_find_vqs_msix() when request_irq() fails (Jiri Pirko)
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (Jiangfeng Xiao)
- openvswitch: Set the skbuff pkt_type for proper pmtud support. (Aaron Conole)
- tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (Kuniyuki Iwashima)
- ipv6: sr: fix memleak in seg6_hmac_init_algo (Hangbin Liu)
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (Dan Aloni)
- sunrpc: fix NFSACL RPC retry on soft mount (Dan Aloni)
- NFSv4: Fixup smatch warning for ambiguous return (Benjamin Coddington)
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (Shenghao Ding)
- nfc: nci: Fix uninit-value in nci_rx_work (Ryosuke Yasuoka)
- ipv6: sr: fix missing sk_buff release in seg6_input_core (Andrea Mayer)
- net: Always descend into dsa/ folder with CONFIG_NET_DSA enabled (Florian Fainelli)
- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (Masahiro Yamada)
- regulator: bd71828: Don't overwrite runtime voltages (Matti Vaittinen)
- ASoC: mediatek: mt8192: fix register configuration for tdm (Hsin-Te Yuan)
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (Zhu Yanjun)
- media: cec: core: avoid confusing "transmit timed out" message (Hans Verkuil)
- media: cec: core: avoid recursive cec_claim_log_addrs (Hans Verkuil)
- media: cec-adap.c: drop activate_cnt, use state info instead (Hans Verkuil)
- media: cec: use call_op and check for !unregistered (Hans Verkuil)
- media: cec: correctly pass on reply results (Hans Verkuil)
- media: cec: abort if the current transmit was canceled (Hans Verkuil)
- media: cec: call enable_adap on s_log_addrs (Hans Verkuil)
- media: cec: cec-api: add locking in cec_release() (Hans Verkuil)
- media: cec: cec-adap: always cancel work in cec_transmit_msg_fh (Hans Verkuil)
- um: Fix the -Wmissing-prototypes warning for __switch_mm (Tiwei Bie)
- powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (Shrikanth Hegde)
- media: flexcop-usb: fix sanity check of bNumEndpoints (Dongliang Mu)
- media: flexcop-usb: clean up endpoint sanity checks (Johan Hovold)
- Input: cyapa - add missing input core locking to suspend/resume functions (Marek Szyprowski)
- media: stk1160: fix bounds checking in stk1160_copy_video() (Dan Carpenter)
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (Michael Walle)
- fs/ntfs3: Use variable length array instead of fixed size (Konstantin Komarov)
- fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow (Konstantin Komarov)
- um: vector: fix bpfflash parameter evaluation (Johannes Berg)
- um: Add winch to winch_handlers before registering winch IRQ (Roberto Sassu)
- um: Fix return value in ubd_init() (Duoming Zhou)
- drm/msm/dpu: Always flush the slave INTF on the CTL (Marijn Suijten)
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (Marijn Suijten)
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (Fenglin Wu)
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (Judith Mendez)
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (Judith Mendez)
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (Judith Mendez)
- mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (Vignesh Raghavendra)
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (Judith Mendez)
- mmc: sdhci_am654: Add tuning algorithm for delay chain (Judith Mendez)
- Input: ioc3kbd - add device table (Karel Balej)
- Input: ioc3kbd - convert to platform remove callback returning void (Uwe Kleine-König)
- Input: ims-pcu - fix printf string overflow (Arnd Bergmann)
- s390/boot: Remove alt_stfle_fac_list from decompressor (Sven Schnelle)
- s390/ipl: Fix incorrect initialization of nvme dump block (Alexander Egorenkov)
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (Alexander Egorenkov)
- s390/vdso: Use standard stack frame layout (Heiko Carstens)
- s390/vdso: Generate unwind information for C modules (Jens Remus)
- s390/vdso64: filter out munaligned-symbols flag for vdso (Sumanth Korikkar)
- s390/vdso: filter out mno-pic-data-is-text-relative cflag (Sumanth Korikkar)
- libsubcmd: Fix parse-options memory leak (Ian Rogers)
- serial: sh-sci: protect invalidating RXDMA on shutdown (Wolfram Sang)
- f2fs: compress: don't allow unaligned truncation on released compress inode (Chao Yu)
- f2fs: fix to release node block count in error path of f2fs_new_node_page() (Chao Yu)
- f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock (Chao Yu)
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (Kuppuswamy Sathyanarayanan)
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (Kuppuswamy Sathyanarayanan)
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (Randy Dunlap)
- ppdev: Add an error check in register_device (Huai-Yuan Liu)
- ppdev: Remove usage of the deprecated ida_simple_xx() API (Christophe JAILLET)
- stm class: Fix a double free in stm_register_device() (Dan Carpenter)
- usb: gadget: u_audio: Clear uac pointer when freed. (Chris Wulff)
- watchdog: bd9576: Drop "always-running" property (Matti Vaittinen)
- watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (Dmitry Torokhov)
- dt-bindings: pinctrl: mediatek: mt7622: fix array properties (Rafał Miłecki)
- microblaze: Remove early printk call from cpuinfo-static.c (Michal Simek)
- microblaze: Remove gcc flag for non existing early_printk.c file (Michal Simek)
- fpga: region: add owner module and take its refcount (Marco Pagani)
- fpga: region: Use standard dev_release for class driver (Russ Weight)
- coresight: etm4x: Fix access to resource selector registers (Suzuki K Poulose)
- coresight: etm4x: Safe access for TRCQCLTR (Suzuki K Poulose)
- coresight: etm4x: Cleanup TRCIDR0 register accesses (James Clark)
- coresight: no-op refactor to make INSTP0 check more idiomatic (James Clark)
- coresight: etm4x: Do not save/restore Data trace control registers (Suzuki K Poulose)
- coresight: etm4x: Do not hardcode IOMEM access for register restore (Suzuki K Poulose)
- iio: pressure: dps310: support negative temperature values (Thomas Haemmerle)
- coresight: etm4x: Fix unbalanced pm_runtime_enable() (Anshuman Khandual)
- f2fs: fix to check pinfile flag in f2fs_move_file_range() (Chao Yu)
- f2fs: fix to relocate check condition in f2fs_fallocate() (Chao Yu)
- f2fs: fix typos in comments (Jinyoung CHOI)
- f2fs: do not allow partial truncation on pinned file (Jaegeuk Kim)
- f2fs: compress: fix to relocate check condition in f2fs_ioc_{,de}compress_file() (Chao Yu)
- f2fs: convert to use sbi directly (Yangtao Li)
- f2fs: compress: fix to relocate check condition in f2fs_{release,reserve}_compress_blocks() (Chao Yu)
- dt-bindings: PCI: rcar-pci-host: Add missing IOMMU properties (Geert Uytterhoeven)
- dt-bindings: PCI: rcar-pci-host: Add optional regulators (Wolfram Sang)
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (Hugo Villeneuve)
- PCI: tegra194: Fix probe path for Endpoint mode (Vidya Sagar)
- greybus: arche-ctrl: move device table to its right location (Arnd Bergmann)
- serial: max3100: Fix bitwise types (Andy Shevchenko)
- serial: max3100: Update uart_driver_registered on driver removal (Andy Shevchenko)
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (Andy Shevchenko)
- firmware: dmi-id: add a release callback function (Arnd Bergmann)
- dmaengine: idma64: Add check for dma_set_max_seg_size (Chen Ni)
- soundwire: cadence: fix invalid PDI offset (Pierre-Louis Bossart)
- f2fs: fix to wait on page writeback in __clone_blkaddrs() (Chao Yu)
- f2fs: Delete f2fs_copy_page() and replace with memcpy_page() (Fabio M. De Francesco)
- greybus: lights: check return of get_channel_from_mode (Rui Miguel Silva)
- sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (Cheng Yu)
- sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level (Vitalii Bursov)
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (Eric Dumazet)
- netrom: fix possible dead-lock in nr_rt_ioctl() (Eric Dumazet)
- net: qrtr: ns: Fix module refcnt (Chris Lew)
- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (Nikolay Aleksandrov)
- RDMA/IPoIB: Fix format truncation compilation errors (Leon Romanovsky)
- selftests/kcmp: remove unused open mode (Edward Liaw)
- selftests/kcmp: Make the test output consistent and clear (Gautam Menghani)
- SUNRPC: Fix gss_free_in_token_pages() (Chuck Lever)
- ext4: fix potential unnitialized variable (Dan Carpenter)
- ext4: remove unused parameter from ext4_mb_new_blocks_simple() (Kemeng Shi)
- ext4: try all groups in ext4_mb_new_blocks_simple (Kemeng Shi)
- ext4: fix unit mismatch in ext4_mb_new_blocks_simple (Kemeng Shi)
- ext4: simplify calculation of blkoff in ext4_mb_new_blocks_simple (Kemeng Shi)
- sunrpc: removed redundant procp check (Aleksandr Aprelkov)
- drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (David Hildenbrand)
- virt: acrn: stop using follow_pfn (Christoph Hellwig)
- virt: acrn: Prefer array_size and struct_size over open coded arithmetic (Len Baker)
- ext4: avoid excessive credit estimate in ext4_tmpfile() (Jan Kara)
- x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (Adrian Hunter)
- clk: qcom: mmcc-msm8998: fix venus clock issue (Marc Gonzalez)
- RDMA/hns: Modify the print level of CQE error (Chengchang Tang)
- RDMA/hns: Use complete parentheses in macros (Chengchang Tang)
- RDMA/hns: Fix GMV table pagesize (Chengchang Tang)
- RDMA/hns: Fix deadlock on SRQ async events. (Chengchang Tang)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (Zhengchao Shao)
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (Or Har-Toov)
- drm/mipi-dsi: use correct return type for the DSC functions (Dmitry Baryshkov)
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (Marek Vasut)
- drm/bridge: tc358775: Don't log an error when DSI host can't be found (Nícolas F. R. A. Prado)
- drm/bridge: lt9611: Don't log an error when DSI host can't be found (Nícolas F. R. A. Prado)
- drm/bridge: lt8912b: Don't log an error when DSI host can't be found (Nícolas F. R. A. Prado)
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (Steven Rostedt)
- drm: vc4: Fix possible null pointer dereference (Aleksandr Mishin)
- drm/arm/malidp: fix a possible null pointer dereference (Huai-Yuan Liu)
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (Zhipeng Lu)
- fbdev: sh7760fb: allow modular build (Randy Dunlap)
- media: dt-bindings: ovti,ov2680: Fix the power supply names (Fabio Estevam)
- media: ipu3-cio2: Request IRQ earlier (Sakari Ailus)
- media: ipu3-cio2: Use temporary storage for struct device pointer (Andy Shevchenko)
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (Aleksandr Mishin)
- media: radio-shark2: Avoid led_names truncations (Ricardo Ribalda)
- media: ngene: Add dvb_ca_en50221_init return value check (Aleksandr Burakov)
- fbdev: sisfb: hide unused variables (Arnd Bergmann)
- powerpc/fsl-soc: hide unused const variable (Arnd Bergmann)
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (Justin Green)
- drm/meson: vclk: fix calculation of 59.94 fractional rates (Christian Hewitt)
- ASoC: kirkwood: Fix potential NULL dereference (Aleksandr Mishin)
- fbdev: shmobile: fix snprintf truncation (Arnd Bergmann)
- mtd: rawnand: hynix: fixed typo (Maxim Korotkov)
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (Aapo Vienamo)
- ASoC: Intel: Disable route checks for Skylake boards (Cezary Rojewski)
- drm/amd/display: Fix potential index out of bounds in color transformation function (Srinivasan Shanmugam)
- dev_printk: Add and use dev_no_printk() (Geert Uytterhoeven)
- printk: Let no_printk() use _printk() (Geert Uytterhoeven)
- mptcp: SO_KEEPALIVE: fix getsockopt support (Matthieu Baerts (NGI0))
- s390/bpf: Emit a barrier for BPF_FETCH instructions (Ilya Leoshkevich)
- net/mlx5: Discard command completions in internal error (Akiva Goldberger)
- ipv6: sr: fix invalid unregister error path (Hangbin Liu)
- ipv6: sr: add missing seg6_local_exit (Hangbin Liu)
- net: openvswitch: fix overwriting ct original tuple for ICMPv6 (Ilya Maximets)
- net: usb: smsc95xx: stop lying about skb->truesize (Eric Dumazet)
- af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (Breno Leitao)
- net: ethernet: cortina: Locking fixes (Linus Walleij)
- eth: sungem: remove .ndo_poll_controller to avoid deadlocks (Jakub Kicinski)
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (gaoxingwang)
- m68k: mac: Fix reboot hang on Mac IIci (Finn Thain)
- m68k: Fix spinlock race in kernel thread creation (Michael Schmitz)
- net: usb: sr9700: stop lying about skb->truesize (Eric Dumazet)
- usb: aqc111: stop lying about skb->truesize (Eric Dumazet)
- wifi: mwl8k: initialize cmd->addr[] properly (Dan Carpenter)
- scsi: qla2xxx: Fix debugfs output for fw_resource_count (Himanshu Madhani)
- scsi: qedf: Ensure the copied buf is NUL terminated (Bui Quang Minh)
- scsi: bfa: Ensure the copied buf is NUL terminated (Bui Quang Minh)
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (Chen Ni)
- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (John Hubbard)
- selftests/binderfs: use the Makefile's rules, not Make's implicit rules (John Hubbard)
- Revert "sh: Handle calling csum_partial with misaligned data" (Guenter Roeck)
- sh: kprobes: Merge arch_copy_kprobe() into arch_prepare_kprobe() (Geert Uytterhoeven)
- wifi: ar5523: enable proper endpoint verification (Nikita Zhandarovich)
- wifi: carl9170: add a proper sanity check for endpoints (Nikita Zhandarovich)
- macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" (Finn Thain)
- net: give more chances to rcu in netdev_wait_allrefs_any() (Eric Dumazet)
- pwm: sti: Simplify probe function using devm functions (Uwe Kleine-König)
- pwm: sti: Prepare removing pwm_chip from driver data (Uwe Kleine-König)
- pwm: sti: Convert to platform remove callback returning void (Uwe Kleine-König)
- tcp: avoid premature drops in tcp_add_backlog() (Eric Dumazet)
- net: dsa: mv88e6xxx: Avoid EEPROM timeout without EEPROM on 88E6250-family switches (Matthias Schiffer)
- net: dsa: mv88e6xxx: Add support for model-specific pre- and post-reset handlers (Matthias Schiffer)
- wifi: ath10k: populate board data for WCN3990 (Dmitry Baryshkov)
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (Su Hui)
- thermal/drivers/tsens: Fix null pointer dereference (Aleksandr Mishin)
- x86/purgatory: Switch to the position-independent small code model (Ard Biesheuvel)
- scsi: hpsa: Fix allocation size for Scsi_Host private data (Yuri Karpov)
- scsi: libsas: Fix the failure of adding phy with zero-address to port (Xingui Yang)
- cppc_cpufreq: Fix possible null pointer dereference (Aleksandr Mishin)
- udp: Avoid call to compute_score on multiple sites (Gabriel Krisman Bertazi)
- net: remove duplicate reuseport_lookup functions (Lorenz Bauer)
- net: export inet_lookup_reuseport and inet6_lookup_reuseport (Lorenz Bauer)
- cpufreq: exit() callback is optional (Viresh Kumar)
- cpufreq: Rearrange locking in cpufreq_remove_dev() (Rafael J. Wysocki)
- cpufreq: Split cpufreq_offline() (Rafael J. Wysocki)
- cpufreq: Reorganize checks in cpufreq_offline() (Rafael J. Wysocki)
- selftests/bpf: Fix umount cgroup2 error in test_sockmap (Geliang Tang)
- gfs2: Fix "ignore unlock failures after withdraw" (Andreas Gruenbacher)
- gfs2: Don't forget to complete delayed withdraw (Andreas Gruenbacher)
- ACPI: disable -Wstringop-truncation (Arnd Bergmann)
- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (Zenghui Yu)
- irqchip/alpine-msi: Fix off-by-one in allocation error path (Zenghui Yu)
- scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL (Andrew Halaney)
- scsi: ufs: core: Perform read back after disabling interrupts (Andrew Halaney)
- scsi: ufs: cdns-pltfrm: Perform read back after writing HCLKDIV (Andrew Halaney)
- scsi: ufs: qcom: Perform read back after writing CGC enable (Andrew Halaney)
- scsi: ufs: qcom: Perform read back after writing unipro mode (Andrew Halaney)
- scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW version major 5 (Abel Vesa)
- scsi: ufs: ufs-qcom: Fix the Qcom register name for offset 0xD0 (Manivannan Sadhasivam)
- scsi: ufs: qcom: Perform read back after writing REG_UFS_SYS1CLK_1US (Andrew Halaney)
- scsi: ufs: qcom: Perform read back after writing reset bit (Andrew Halaney)
- bpf: Pack struct bpf_fib_lookup (Anton Protopopov)
- qed: avoid truncating work queue length (Arnd Bergmann)
- sched/fair: Add EAS checks before updating root_domain::overutilized (Shrikanth Hegde)
- wifi: ath10k: poll service ready message before failing (Baochen Qiang)
- md: fix resync softlockup when bitmap size is less than array size (Yu Kuai)
- null_blk: Fix missing mutex_destroy() at module removal (Zhu Yanjun)
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (Chun-Kuang Hu)
- jffs2: prevent xattr node from overflowing the eraseblock (Ilya Denisyev)
- s390/cio: fix tracepoint subchannel type field (Peter Oberparleiter)
- crypto: x86/sha512-avx2 - add missing vzeroupper (Eric Biggers)
- crypto: x86/sha256-avx2 - add missing vzeroupper (Eric Biggers)
- crypto: x86/nh-avx2 - add missing vzeroupper (Eric Biggers)
- crypto: ccp - drop platform ifdef checks (Arnd Bergmann)
- parisc: add missing export of __cmpxchg_u8() (Al Viro)
- nilfs2: fix out-of-range warning (Arnd Bergmann)
- ecryptfs: Fix buffer size for tag 66 packet (Brian Kubisiak)
- firmware: raspberrypi: Use correct device for DMA mappings (Laurent Pinchart)
- mm/slub, kunit: Use inverted data to corrupt kmem cache (Guenter Roeck)
- crypto: bcm - Fix pointer arithmetic (Aleksandr Mishin)
- openpromfs: finish conversion to the new mount API (Eric Sandeen)
- epoll: be better about file lifetimes (Linus Torvalds)
- nvme: find numa distance only if controller has valid numa id (Nilay Shroff)
- x86/mm: Remove broken vsyscall emulation code from the page fault code (Linus Torvalds)
- drm/amdkfd: Flush the process wq before creating a kfd_process (Lancelot SIX)
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (Pierre-Louis Bossart)
- softirq: Fix suspicious RCU usage in __do_softirq() (Zqiang)
- ASoC: rt715-sdca: volume step modification (Jack Yu)
- ASoC: rt715: add vendor clear control register (Jack Yu)
- regulator: vqmmc-ipq4019: fix module autoloading (Krzysztof Kozlowski)
- ASoC: dt-bindings: rt5645: add cbj sleeve gpio property (Derek Fang)
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (Derek Fang)
- regulator: irq_helpers: duplicate IRQ name (Matti Vaittinen)
- selftests: sud_test: return correct emulated syscall value on RISC-V (Clément Léger)
- drm/amd/display: Set color_mgmt_changed to true on unsuspend (Joshua Ashton)
- net: usb: qmi_wwan: add Telit FN920C04 compositions (Daniele Palmas)
- dt-bindings: rockchip: grf: Add missing type to 'pcie-phy' node (Rob Herring)
- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (Igor Artemiev)
- ALSA: Fix deadlocks with kctl removals at disconnection (Takashi Iwai)
- ALSA: core: Fix NULL module pointer assignment at card init (Takashi Iwai)
- fs/ntfs3: Break dir enumeration if directory contents error (Konstantin Komarov)
- fs/ntfs3: Fix case when index is reused during tree transformation (Konstantin Komarov)
- fs/ntfs3: Taking DOS names into account during link counting (Konstantin Komarov)
- fs/ntfs3: Remove max link count info display during driver init (Konstantin Komarov)
- nilfs2: fix potential hang in nilfs_detach_log_writer() (Ryusuke Konishi)
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (Ryusuke Konishi)
- net: smc91x: Fix m68k kernel compilation for ColdFire CPU (Thorsten Blum)
- tools/latency-collector: Fix -Wformat-security compile warns (Shuah Khan)
- ring-buffer: Fix a race between readers and resize checks (Petr Pavlu)
- r8169: Fix possible ring buffer corruption on fragmented Tx packets. (Ken Milmore)
- Revert "r8169: don't try to disable interrupts if NAPI is, scheduled already" (Heiner Kallweit)
- serial: 8250_bcm7271: use default_mux_rate if possible (Doug Berger)
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (Dan Carpenter)
- tty: n_gsm: fix missing receive state reset after mode switch (Daniel Starke)
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Daniel Starke)
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (Daniel J Blueman)
- LTS version: v5.15.160 (Vijayendra Suman)
- docs: kernel_include.py: Cope with docutils 0.21 (Akira Yokosawa)
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (Thomas Weißschuh)
- KEYS: trusted: Do not use WARN when encode fails (Jarkko Sakkinen)
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (AngeloGioacchino Del Regno)
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (Daniel Thompson)
- usb: typec: ucsi: displayport: Fix potential deadlock (Heikki Krogerus)
- binder: fix max_thread type inconsistency (Carlos Llamas)
- drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() (Srinivasan Shanmugam)
- KVM: x86: Clear "has_error_code", not "error_code", for RM exception injection (Sean Christopherson)
- netlink: annotate data-races around sk->sk_err (Eric Dumazet)
- netlink: annotate lockless accesses to nlk->max_recvmsg_len (Eric Dumazet)
- net: tls: handle backlogging of crypto requests (Jakub Kicinski)
- tls: fix race between async notify and socket close (Jakub Kicinski)
- net: tls: factor out tls_*crypt_async_wait() (Jakub Kicinski)
- tls: extract context alloc/initialization out of tls_set_sw_offload (Sabrina Dubroca)
- tls: rx: simplify async wait (Jakub Kicinski)
- net: bcmgenet: synchronize UMAC_CMD access (Doug Berger)
- net: bcmgenet: synchronize EXT_RGMII_OOB_CTRL access (Doug Berger)
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (Jarkko Sakkinen)
- nfsd: don't allow nfsd threads to be signalled. (NeilBrown)
- pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin() (Sergey Shtylyov)
- drm/amd/display: Fix division by zero in setup_dsc_config (Jose Fernandez)

ELBA-2024-5336 Oracle Linux 9 .NET6.0 bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5336

http://linux.oracle.com/errata/ELBA-2024-5336.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-6.0-6.0.33-1.0.1.el9_4.x86_64.rpm
aspnetcore-targeting-pack-6.0-6.0.33-1.0.1.el9_4.x86_64.rpm
dotnet-apphost-pack-6.0-6.0.33-1.0.1.el9_4.x86_64.rpm
dotnet-hostfxr-6.0-6.0.33-1.0.1.el9_4.x86_64.rpm
dotnet-runtime-6.0-6.0.33-1.0.1.el9_4.x86_64.rpm
dotnet-sdk-6.0-6.0.133-1.0.1.el9_4.x86_64.rpm
dotnet-targeting-pack-6.0-6.0.33-1.0.1.el9_4.x86_64.rpm
dotnet-templates-6.0-6.0.133-1.0.1.el9_4.x86_64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.133-1.0.1.el9_4.x86_64.rpm

aarch64:
aspnetcore-runtime-6.0-6.0.33-1.0.1.el9_4.aarch64.rpm
aspnetcore-targeting-pack-6.0-6.0.33-1.0.1.el9_4.aarch64.rpm
dotnet-apphost-pack-6.0-6.0.33-1.0.1.el9_4.aarch64.rpm
dotnet-hostfxr-6.0-6.0.33-1.0.1.el9_4.aarch64.rpm
dotnet-runtime-6.0-6.0.33-1.0.1.el9_4.aarch64.rpm
dotnet-sdk-6.0-6.0.133-1.0.1.el9_4.aarch64.rpm
dotnet-targeting-pack-6.0-6.0.33-1.0.1.el9_4.aarch64.rpm
dotnet-templates-6.0-6.0.133-1.0.1.el9_4.aarch64.rpm
dotnet-sdk-6.0-source-built-artifacts-6.0.133-1.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet6.0-6.0.133-1.0.1.el9_4.src.rpm

Description of changes:

[6.0.133-1.0.1]
- Add support for Oracle Linux

[6.0.133-1]
- Update to .NET SDK 6.0.133 and Runtime 6.0.33
- Resolves: RHEL-52386

ELSA-2024-5309 Moderate: Oracle Linux 8 python-urllib3 security update

Oracle Linux Security Advisory ELSA-2024-5309

http://linux.oracle.com/errata/ELSA-2024-5309.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-urllib3-1.24.2-8.el8_10.noarch.rpm

aarch64:
python3-urllib3-1.24.2-8.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python-urllib3-1.24.2-8.el8_10.src.rpm

Related CVEs:

CVE-2024-37891

Description of changes:

[1.24.2-8]
- Security fix for CVE-2024-37891
Resolves: RHEL-45334

ELSA-2024-5306 Moderate: Oracle Linux 8 orc security update

Oracle Linux Security Advisory ELSA-2024-5306

http://linux.oracle.com/errata/ELSA-2024-5306.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
orc-0.4.28-4.el8_10.i686.rpm
orc-0.4.28-4.el8_10.x86_64.rpm
orc-compiler-0.4.28-4.el8_10.x86_64.rpm
orc-devel-0.4.28-4.el8_10.i686.rpm
orc-devel-0.4.28-4.el8_10.x86_64.rpm

aarch64:
orc-0.4.28-4.el8_10.aarch64.rpm
orc-compiler-0.4.28-4.el8_10.aarch64.rpm
orc-devel-0.4.28-4.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//orc-0.4.28-4.el8_10.src.rpm

Related CVEs:

CVE-2024-40897

Description of changes:

[0.4.28-4]
- Add patch for CVE-2024-40897
- Resolves: RHEL-50710

ELSA-2024-5305 Moderate: Oracle Linux 8 poppler security update

Oracle Linux Security Advisory ELSA-2024-5305

http://linux.oracle.com/errata/ELSA-2024-5305.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
poppler-20.11.0-12.el8_10.i686.rpm
poppler-20.11.0-12.el8_10.x86_64.rpm
poppler-glib-20.11.0-12.el8_10.i686.rpm
poppler-glib-20.11.0-12.el8_10.x86_64.rpm
poppler-qt5-20.11.0-12.el8_10.i686.rpm
poppler-qt5-20.11.0-12.el8_10.x86_64.rpm
poppler-utils-20.11.0-12.el8_10.x86_64.rpm
poppler-cpp-20.11.0-12.el8_10.i686.rpm
poppler-cpp-20.11.0-12.el8_10.x86_64.rpm
poppler-cpp-devel-20.11.0-12.el8_10.i686.rpm
poppler-cpp-devel-20.11.0-12.el8_10.x86_64.rpm
poppler-devel-20.11.0-12.el8_10.i686.rpm
poppler-devel-20.11.0-12.el8_10.x86_64.rpm
poppler-glib-devel-20.11.0-12.el8_10.i686.rpm
poppler-glib-devel-20.11.0-12.el8_10.x86_64.rpm
poppler-glib-doc-20.11.0-12.el8_10.noarch.rpm
poppler-qt5-devel-20.11.0-12.el8_10.i686.rpm
poppler-qt5-devel-20.11.0-12.el8_10.x86_64.rpm

aarch64:
poppler-20.11.0-12.el8_10.aarch64.rpm
poppler-glib-20.11.0-12.el8_10.aarch64.rpm
poppler-qt5-20.11.0-12.el8_10.aarch64.rpm
poppler-utils-20.11.0-12.el8_10.aarch64.rpm
poppler-cpp-20.11.0-12.el8_10.aarch64.rpm
poppler-cpp-devel-20.11.0-12.el8_10.aarch64.rpm
poppler-devel-20.11.0-12.el8_10.aarch64.rpm
poppler-glib-devel-20.11.0-12.el8_10.aarch64.rpm
poppler-glib-doc-20.11.0-12.el8_10.noarch.rpm
poppler-qt5-devel-20.11.0-12.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//poppler-20.11.0-12.el8_10.src.rpm

Related CVEs:

CVE-2024-6239

Description of changes:

[20.11.0-12]
- Fix crash in broken documents when using -dests
- Fix versions in changelog
- Resolves: RHEL-44330

ELBA-2024-5308 Oracle Linux 8 libdnf bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5308

http://linux.oracle.com/errata/ELBA-2024-5308.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libdnf-0.63.0-20.0.1.el8_10.i686.rpm
libdnf-0.63.0-20.0.1.el8_10.x86_64.rpm
python3-hawkey-0.63.0-20.0.1.el8_10.x86_64.rpm
python3-libdnf-0.63.0-20.0.1.el8_10.x86_64.rpm
libdnf-devel-0.63.0-20.0.1.el8_10.i686.rpm
libdnf-devel-0.63.0-20.0.1.el8_10.x86_64.rpm

aarch64:
libdnf-0.63.0-20.0.1.el8_10.aarch64.rpm
python3-hawkey-0.63.0-20.0.1.el8_10.aarch64.rpm
python3-libdnf-0.63.0-20.0.1.el8_10.aarch64.rpm
libdnf-devel-0.63.0-20.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libdnf-0.63.0-20.0.1.el8_10.src.rpm

Description of changes:

[0.63.0-20.0.1]
- Recognise new kernel-uek RPMs as multiversion and installonlypkg [Orabug: 36053872]
- Add support for apps that use libdnf to access yum url with 'ociregion' variable [Orabug: 30121584] (Frank Deng)
- Update OL8 dnf to recognise kernel-uek as installonlypkgs package [Orabug: 31018668]
- Disable rhsm [Orabug: 29901202]
- Replaced bugzilla.redhat.com with bugzilla.oracle.com in config [Orabug: 29656932]
- Update OL8 dnf to recognise UEK7 as installonlypkgs package [Orabug: 33861658]

[0.63.0]
- Add OpenELA bugtracker

[0.63.0-20]
- Do not set a default SELinux creation context if SELinux appears to be
disabled (RHEL-43231)

ELBA-2024-5307 Oracle Linux 8 sssd bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5307

http://linux.oracle.com/errata/ELBA-2024-5307.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libipa_hbac-2.9.4-4.0.1.el8_10.i686.rpm
libipa_hbac-2.9.4-4.0.1.el8_10.x86_64.rpm
libsss_autofs-2.9.4-4.0.1.el8_10.x86_64.rpm
libsss_certmap-2.9.4-4.0.1.el8_10.i686.rpm
libsss_certmap-2.9.4-4.0.1.el8_10.x86_64.rpm
libsss_idmap-2.9.4-4.0.1.el8_10.i686.rpm
libsss_idmap-2.9.4-4.0.1.el8_10.x86_64.rpm
libsss_nss_idmap-2.9.4-4.0.1.el8_10.i686.rpm
libsss_nss_idmap-2.9.4-4.0.1.el8_10.x86_64.rpm
libsss_simpleifp-2.9.4-4.0.1.el8_10.i686.rpm
libsss_simpleifp-2.9.4-4.0.1.el8_10.x86_64.rpm
libsss_sudo-2.9.4-4.0.1.el8_10.x86_64.rpm
python3-libipa_hbac-2.9.4-4.0.1.el8_10.x86_64.rpm
python3-libsss_nss_idmap-2.9.4-4.0.1.el8_10.x86_64.rpm
python3-sss-2.9.4-4.0.1.el8_10.x86_64.rpm
python3-sss-murmur-2.9.4-4.0.1.el8_10.x86_64.rpm
python3-sssdconfig-2.9.4-4.0.1.el8_10.noarch.rpm
sssd-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-ad-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-client-2.9.4-4.0.1.el8_10.i686.rpm
sssd-client-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-common-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-common-pac-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-dbus-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-idp-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-ipa-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-kcm-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-krb5-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-krb5-common-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-ldap-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-nfs-idmap-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-polkit-rules-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-proxy-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-tools-2.9.4-4.0.1.el8_10.x86_64.rpm
sssd-winbind-idmap-2.9.4-4.0.1.el8_10.x86_64.rpm
libsss_nss_idmap-devel-2.9.4-4.0.1.el8_10.i686.rpm
libsss_nss_idmap-devel-2.9.4-4.0.1.el8_10.x86_64.rpm

aarch64:
libipa_hbac-2.9.4-4.0.1.el8_10.aarch64.rpm
libsss_autofs-2.9.4-4.0.1.el8_10.aarch64.rpm
libsss_certmap-2.9.4-4.0.1.el8_10.aarch64.rpm
libsss_idmap-2.9.4-4.0.1.el8_10.aarch64.rpm
libsss_nss_idmap-2.9.4-4.0.1.el8_10.aarch64.rpm
libsss_simpleifp-2.9.4-4.0.1.el8_10.aarch64.rpm
libsss_sudo-2.9.4-4.0.1.el8_10.aarch64.rpm
python3-libipa_hbac-2.9.4-4.0.1.el8_10.aarch64.rpm
python3-libsss_nss_idmap-2.9.4-4.0.1.el8_10.aarch64.rpm
python3-sss-2.9.4-4.0.1.el8_10.aarch64.rpm
python3-sss-murmur-2.9.4-4.0.1.el8_10.aarch64.rpm
python3-sssdconfig-2.9.4-4.0.1.el8_10.noarch.rpm
sssd-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-ad-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-client-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-common-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-common-pac-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-dbus-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-idp-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-ipa-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-kcm-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-krb5-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-krb5-common-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-ldap-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-nfs-idmap-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-polkit-rules-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-proxy-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-tools-2.9.4-4.0.1.el8_10.aarch64.rpm
sssd-winbind-idmap-2.9.4-4.0.1.el8_10.aarch64.rpm
libsss_nss_idmap-devel-2.9.4-4.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//sssd-2.9.4-4.0.1.el8_10.src.rpm

Description of changes:

[2.9.4-4.0.1]
- Restore default debug level for sss_cache [Orabug: 32810448]

[2.9.4-4]
- Resolves: RHEL-33957 - ad: refresh root domain when read directly

ELBA-2024-5304 Oracle Linux 8 idm:client bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5304

http://linux.oracle.com/errata/ELBA-2024-5304.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind-dyndb-ldap-11.6-5.module+el8.10.0+90339+985471f7.x86_64.rpm
custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
ipa-client-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.x86_64.rpm
ipa-client-common-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-client-epn-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.x86_64.rpm
ipa-client-samba-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.x86_64.rpm
ipa-common-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-healthcheck-0.12-4.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-healthcheck-core-0.12-4.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-python-compat-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-selinux-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-server-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.x86_64.rpm
ipa-server-common-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-server-dns-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-server-trust-ad-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.x86_64.rpm
opendnssec-2.1.7-1.module+el8.9.0+90094+20819f5a.x86_64.rpm
python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-ipaclient-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-ipalib-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-ipaserver-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-ipatests-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-jwcrypto-0.5.0-2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.9.0+90122+3305dc1d.noarch.rpm
python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-qrcode-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-qrcode-core-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.x86_64.rpm
softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm
softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm

aarch64:
bind-dyndb-ldap-11.6-5.module+el8.10.0+90339+985471f7.aarch64.rpm
custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
ipa-client-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.aarch64.rpm
ipa-client-common-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-client-epn-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.aarch64.rpm
ipa-client-samba-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.aarch64.rpm
ipa-common-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-healthcheck-0.12-4.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-healthcheck-core-0.12-4.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-python-compat-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-selinux-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-server-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.aarch64.rpm
ipa-server-common-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-server-dns-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
ipa-server-trust-ad-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.aarch64.rpm
opendnssec-2.1.7-1.module+el8.9.0+90094+20819f5a.aarch64.rpm
python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-ipaclient-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-ipalib-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-ipaserver-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-ipatests-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-jwcrypto-0.5.0-2.module+el8.10.0+90388+5c50e971.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.9.0+90122+3305dc1d.noarch.rpm
python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-qrcode-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-qrcode-core-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.aarch64.rpm
softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm
softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//bind-dyndb-ldap-11.6-5.module+el8.10.0+90339+985471f7.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//ipa-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//ipa-healthcheck-0.12-4.module+el8.10.0+90388+5c50e971.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//opendnssec-2.1.7-1.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-jwcrypto-0.5.0-2.module+el8.10.0+90388+5c50e971.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-kdcproxy-0.4-5.module+el8.9.0+90122+3305dc1d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-qrcode-5.1-12.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.src.rpm

Description of changes:

bind-dyndb-ldap
custodia
ipa
[4.9.13-12.0.2]
- Rebuild

[4.9.13-12.0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]

[4.9.13-9]
- Allow the admin user to be disabled
Resolves: RHEL-34756
- ipa-otptoken-import: open the key file in binary mode
Resolves: RHEL-39616
- ipa-crlgen-manage: manage the cert status task execution time
Resolves: RHEL-30280
- idrange-add: add a warning because 389ds restart is required
Resolves: RHEL-28996
- PKINIT certificate: fix renewal on hidden replica
Resolves: RHEL-4913, RHEL-45908

[4.9.13-11]
- Add missing part of backported CVE-2024-3183 fix
Resolves: RHEL-29927

ipa-healthcheck
[0.12-4]
- Change log file permissions of IPA as per CIS benchmark (RHEL-38929)

opendnssec
python-jwcrypto
python-kdcproxy
python-qrcode
python-yubico
pyusb
slapi-nis
softhsm

ELBA-2024-5302 Oracle Linux 8 gcc-toolset-12-gcc bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5302

http://linux.oracle.com/errata/ELBA-2024-5302.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
gcc-toolset-12-gcc-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-gcc-c++-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-gcc-gfortran-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-gcc-plugin-annobin-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-gcc-plugin-devel-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-gcc-plugin-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libasan-devel-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-libasan-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libatomic-devel-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-libatomic-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libgccjit-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-libgccjit-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libgccjit-devel-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-libgccjit-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libgccjit-docs-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libitm-devel-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-libitm-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-liblsan-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libquadmath-devel-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-libquadmath-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libstdc++-devel-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-libstdc++-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libstdc++-docs-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libtsan-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-libubsan-devel-12.2.1-7.8.0.1.el8_10.i686.rpm
gcc-toolset-12-libubsan-devel-12.2.1-7.8.0.1.el8_10.x86_64.rpm
gcc-toolset-12-offload-nvptx-12.2.1-7.8.0.1.el8_10.x86_64.rpm
libasan8-12.2.1-7.8.0.1.el8_10.i686.rpm
libasan8-12.2.1-7.8.0.1.el8_10.x86_64.rpm
libtsan2-12.2.1-7.8.0.1.el8_10.x86_64.rpm

aarch64:
gcc-toolset-12-gcc-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-gcc-c++-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-gcc-gfortran-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-gcc-plugin-annobin-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-gcc-plugin-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libasan-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libatomic-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libgccjit-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libgccjit-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libgccjit-docs-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libitm-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-liblsan-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libstdc++-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libstdc++-docs-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libtsan-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
gcc-toolset-12-libubsan-devel-12.2.1-7.8.0.1.el8_10.aarch64.rpm
libasan8-12.2.1-7.8.0.1.el8_10.aarch64.rpm
libtsan2-12.2.1-7.8.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//gcc-toolset-12-gcc-12.2.1-7.8.0.1.el8_10.src.rpm

Description of changes:

[12.2.1-7.8.0.1]
- Merge oracle patches to 12.2.1-7.8.
Oracle history:
May-24-2024 Qing Zhao [qing.zhao@oracle.com] 12.2.1-7.6.0.1
- Merge oracle patches to 12.2.1-7.6.
Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
February-7-2024 Jose E. Marchesi [jose.marchesi@oracle.com] 12.2.1-7.4.0.4
- Add support for -mpreserve-args in aarch64.
Orabug 36399592.
- Reviewed-by: Elena Zannoni [elena.zannoni@oracle.com]
January-23-2024 Qing Zhao [qing.zhao@oracle.com] 12.2.1-7.4.0.3
- Fix Orabug 35283123, i.e, the same bug as GCC PR111407.
gcc14-pr111407.patch
- Reviewed-by: Jose E. Marchesi [jose.marchesi@oracle.com]
August-31-2023 2023 Qing Zhao [qing.zhao@oracle.com] 12.2.1-7.4.0.2
- CVE-2023-4039 GCC mitigation.
Orabug 35751931.
- CVE-2022-40982 "Intel Downfall" mitigation.
Orabug 35751938.
Add two patches originally from GCC upstream releases/gcc-11 branch.
gcc12-downfall-disable-gather-in-vec.patch
gcc12-downfall-support-mno-gather.patch
- Introduce 'oracle_release' into .spec file. Echo it to gcc/DEV-PHASE.

[12.2.1-7.8]
- bump NVR (RHEL-45189)

[12.2.1-7.7]
- fix wrong RTL patterns for vector merge high/low word on LE (RHEL-45189)

ELBA-2024-5303 Oracle Linux 8 tigervnc bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5303

http://linux.oracle.com/errata/ELBA-2024-5303.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
tigervnc-1.13.1-12.el8_10.x86_64.rpm
tigervnc-icons-1.13.1-12.el8_10.noarch.rpm
tigervnc-license-1.13.1-12.el8_10.noarch.rpm
tigervnc-selinux-1.13.1-12.el8_10.noarch.rpm
tigervnc-server-1.13.1-12.el8_10.x86_64.rpm
tigervnc-server-minimal-1.13.1-12.el8_10.x86_64.rpm
tigervnc-server-module-1.13.1-12.el8_10.x86_64.rpm

aarch64:
tigervnc-1.13.1-12.el8_10.aarch64.rpm
tigervnc-icons-1.13.1-12.el8_10.noarch.rpm
tigervnc-license-1.13.1-12.el8_10.noarch.rpm
tigervnc-selinux-1.13.1-12.el8_10.noarch.rpm
tigervnc-server-1.13.1-12.el8_10.aarch64.rpm
tigervnc-server-minimal-1.13.1-12.el8_10.aarch64.rpm
tigervnc-server-module-1.13.1-12.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tigervnc-1.13.1-12.el8_10.src.rpm

Description of changes:

[1.13.1-12]
- Fix FTBS: drop already applied Xorg patches
Resolves: RHEL-46696

ELBA-2024-5300 Oracle Linux 8 autoconf bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5300

http://linux.oracle.com/errata/ELBA-2024-5300.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
autoconf-2.69-29.el8_10.1.noarch.rpm

aarch64:
autoconf-2.69-29.el8_10.1.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//autoconf-2.69-29.el8_10.1.src.rpm

Description of changes:

[2.69-29.1]
- Fix issues with Fortran detection and oneAPI HPC Toolkit (RHEL-40719)

ELSA-2024-5294 Moderate: Oracle Linux 8 jose security update

Oracle Linux Security Advisory ELSA-2024-5294

http://linux.oracle.com/errata/ELSA-2024-5294.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
jose-10-2.el8_10.3.x86_64.rpm
libjose-10-2.el8_10.3.i686.rpm
libjose-10-2.el8_10.3.x86_64.rpm
libjose-devel-10-2.el8_10.3.i686.rpm
libjose-devel-10-2.el8_10.3.x86_64.rpm

aarch64:
jose-10-2.el8_10.3.aarch64.rpm
libjose-10-2.el8_10.3.aarch64.rpm
libjose-devel-10-2.el8_10.3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//jose-10-2.el8_10.3.src.rpm

Related CVEs:

CVE-2023-50967
CVE-2024-28176

Description of changes:

[10-2.3]
- Backport fix for CVE-2024-28176
Resolves: RHEL-28719

[10-2.2]
- Fix tests on s390x
Related: RHEL-29857

[10-2.1]
- Fixes CVE-2023-50967

ELEA-2024-5296 Oracle Linux 8 grafana-pcp bug fix and enhancement update

Oracle Linux Enhancement Advisory ELEA-2024-5296

http://linux.oracle.com/errata/ELEA-2024-5296.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-pcp-5.1.1-8.el8_10.x86_64.rpm

aarch64:
grafana-pcp-5.1.1-8.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//grafana-pcp-5.1.1-8.el8_10.src.rpm

Description of changes:

[5.1.1-8]
- Add a premade uwsgi dashboard for the vector datasource

ELSA-2024-5258 Important: Oracle Linux 8 container-tools:ol8 security update

Oracle Linux Security Advisory ELSA-2024-5258

http://linux.oracle.com/errata/ELSA-2024-5258.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aardvark-dns-1.10.0-1.module+el8.10.0+90384+a78ffc57.x86_64.rpm
buildah-1.33.8-4.module+el8.10.0+90384+a78ffc57.x86_64.rpm
buildah-tests-1.33.8-4.module+el8.10.0+90384+a78ffc57.x86_64.rpm
cockpit-podman-84.1-1.module+el8.10.0+90384+a78ffc57.noarch.rpm
conmon-2.1.10-1.module+el8.10.0+90384+a78ffc57.x86_64.rpm
containernetworking-plugins-1.4.0-5.module+el8.10.0+90384+a78ffc57.x86_64.rpm
containers-common-1-82.0.1.module+el8.10.0+90384+a78ffc57.x86_64.rpm
container-selinux-2.229.0-2.module+el8.10.0+90384+a78ffc57.noarch.rpm
crit-3.18-5.module+el8.10.0+90384+a78ffc57.x86_64.rpm
criu-3.18-5.module+el8.10.0+90384+a78ffc57.x86_64.rpm
criu-devel-3.18-5.module+el8.10.0+90384+a78ffc57.x86_64.rpm
criu-libs-3.18-5.module+el8.10.0+90384+a78ffc57.x86_64.rpm
crun-1.14.3-2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
fuse-overlayfs-1.13-1.module+el8.10.0+90384+a78ffc57.x86_64.rpm
libslirp-4.4.0-2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
libslirp-devel-4.4.0-2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
netavark-1.10.3-1.module+el8.10.0+90384+a78ffc57.x86_64.rpm
oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90384+a78ffc57.x86_64.rpm
podman-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
podman-catatonit-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
podman-docker-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.noarch.rpm
podman-gvproxy-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
podman-plugins-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
podman-remote-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
podman-tests-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.x86_64.rpm
python3-criu-3.18-5.module+el8.10.0+90384+a78ffc57.x86_64.rpm
python3-podman-4.9.0-2.module+el8.10.0+90384+a78ffc57.noarch.rpm
runc-1.1.12-4.module+el8.10.0+90384+a78ffc57.x86_64.rpm
skopeo-1.14.5-3.module+el8.10.0+90384+a78ffc57.x86_64.rpm
skopeo-tests-1.14.5-3.module+el8.10.0+90384+a78ffc57.x86_64.rpm
slirp4netns-1.2.3-1.module+el8.10.0+90384+a78ffc57.x86_64.rpm
udica-0.2.6-21.module+el8.10.0+90384+a78ffc57.noarch.rpm

aarch64:
aardvark-dns-1.10.0-1.module+el8.10.0+90384+a78ffc57.aarch64.rpm
buildah-1.33.8-4.module+el8.10.0+90384+a78ffc57.aarch64.rpm
buildah-tests-1.33.8-4.module+el8.10.0+90384+a78ffc57.aarch64.rpm
cockpit-podman-84.1-1.module+el8.10.0+90384+a78ffc57.noarch.rpm
conmon-2.1.10-1.module+el8.10.0+90384+a78ffc57.aarch64.rpm
containernetworking-plugins-1.4.0-5.module+el8.10.0+90384+a78ffc57.aarch64.rpm
containers-common-1-82.0.1.module+el8.10.0+90384+a78ffc57.aarch64.rpm
container-selinux-2.229.0-2.module+el8.10.0+90384+a78ffc57.noarch.rpm
crit-3.18-5.module+el8.10.0+90384+a78ffc57.aarch64.rpm
criu-3.18-5.module+el8.10.0+90384+a78ffc57.aarch64.rpm
criu-devel-3.18-5.module+el8.10.0+90384+a78ffc57.aarch64.rpm
criu-libs-3.18-5.module+el8.10.0+90384+a78ffc57.aarch64.rpm
crun-1.14.3-2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
fuse-overlayfs-1.13-1.module+el8.10.0+90384+a78ffc57.aarch64.rpm
libslirp-4.4.0-2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
libslirp-devel-4.4.0-2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
netavark-1.10.3-1.module+el8.10.0+90384+a78ffc57.aarch64.rpm
oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90384+a78ffc57.aarch64.rpm
podman-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
podman-catatonit-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
podman-docker-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.noarch.rpm
podman-gvproxy-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
podman-plugins-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
podman-remote-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
podman-tests-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.aarch64.rpm
python3-criu-3.18-5.module+el8.10.0+90384+a78ffc57.aarch64.rpm
python3-podman-4.9.0-2.module+el8.10.0+90384+a78ffc57.noarch.rpm
runc-1.1.12-4.module+el8.10.0+90384+a78ffc57.aarch64.rpm
skopeo-1.14.5-3.module+el8.10.0+90384+a78ffc57.aarch64.rpm
skopeo-tests-1.14.5-3.module+el8.10.0+90384+a78ffc57.aarch64.rpm
slirp4netns-1.2.3-1.module+el8.10.0+90384+a78ffc57.aarch64.rpm
udica-0.2.6-21.module+el8.10.0+90384+a78ffc57.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//aardvark-dns-1.10.0-1.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//buildah-1.33.8-4.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//cockpit-podman-84.1-1.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//conmon-2.1.10-1.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containernetworking-plugins-1.4.0-5.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containers-common-1-82.0.1.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//container-selinux-2.229.0-2.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//criu-3.18-5.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//crun-1.14.3-2.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//fuse-overlayfs-1.13-1.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//libslirp-4.4.0-2.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//netavark-1.10.3-1.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//podman-4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-podman-4.9.0-2.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//runc-1.1.12-4.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//skopeo-1.14.5-3.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//slirp4netns-1.2.3-1.module+el8.10.0+90384+a78ffc57.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//udica-0.2.6-21.module+el8.10.0+90384+a78ffc57.src.rpm

Related CVEs:

CVE-2023-45290
CVE-2024-1394
CVE-2024-3727
CVE-2024-6104
CVE-2024-24783
CVE-2024-24784
CVE-2024-24789
CVE-2024-37298

Description of changes:

aardvark-dns
buildah
[2:1.33.8-4]
- rebuild for golang fixes
- Related: RHEL-28452

cockpit-podman
[84.1-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1
- Related: Jira:RHEL-25557

conmon
[3:2.1.10-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.10
- Related: Jira:RHEL-2110

containernetworking-plugins
[1:1.4.0-5]
- rebuild for golang fixes
- Related: RHEL-28452

containers-common
[1-82.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)

container-selinux
[2:2.229.0-2]
- remove watch statements properly for RHEL8 and lower
- Related: Jira:RHEL-2110

criu
crun
[1.14.3-2]
- remove BR libgcrypt-devel, no longer needed
- Related: Jira:RHEL-2110

fuse-overlayfs
[1.13-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.13
- Related: Jira:RHEL-2110

libslirp
netavark
oci-seccomp-bpf-hook
[1.2.10-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.10
- Related: Jira:RHEL-2110

podman
[4.9.4-12.0.2]
- Fixes issue of podman execvp error while using podmansh [Orabug: 36756665]

python-podman
[4.9.0-2]
- depend directly on urllib3
- Resolves: RHEL-43567

runc
[1:1.1.12-4]
- rebuild for golang fixes
- Related: RHEL-28452

skopeo
[2:1.14.5-3]
- rebuild for golang fixes
- Related: RHEL-28452

slirp4netns
[1.2.3-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3
- Related: Jira:RHEL-2110

udica

ELSA-2024-5289 Moderate: Oracle Linux 8 mod_auth_openidc:2.3 security update

Oracle Linux Security Advisory ELSA-2024-5289

http://linux.oracle.com/errata/ELSA-2024-5289.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
cjose-0.6.1-4.module+el8.10.0+90385+c8f58f84.x86_64.rpm
cjose-devel-0.6.1-4.module+el8.10.0+90385+c8f58f84.x86_64.rpm
mod_auth_openidc-2.4.9.4-6.module+el8.10.0+90385+c8f58f84.x86_64.rpm

aarch64:
cjose-0.6.1-4.module+el8.10.0+90385+c8f58f84.aarch64.rpm
cjose-devel-0.6.1-4.module+el8.10.0+90385+c8f58f84.aarch64.rpm
mod_auth_openidc-2.4.9.4-6.module+el8.10.0+90385+c8f58f84.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//cjose-0.6.1-4.module+el8.10.0+90385+c8f58f84.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//mod_auth_openidc-2.4.9.4-6.module+el8.10.0+90385+c8f58f84.src.rpm

Related CVEs:

CVE-2024-24814

Description of changes:

cjose
mod_auth_openidc
[2.4.9.4-6]
- Resolves: RHEL-36492 Race condition in mod_auth_openidc filecache
- Resolves: RHEL-25421 mod_auth_openidc: DoS when using
OIDCSessionType client-cookie and manipulating cookies
(CVE-2024-24814)

ELBA-2024-5288 Oracle Linux 8 bind9.16 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5288

http://linux.oracle.com/errata/ELBA-2024-5288.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind9.16-9.16.23-0.19.el8_10.x86_64.rpm
bind9.16-chroot-9.16.23-0.19.el8_10.x86_64.rpm
bind9.16-dnssec-utils-9.16.23-0.19.el8_10.x86_64.rpm
bind9.16-libs-9.16.23-0.19.el8_10.x86_64.rpm
bind9.16-license-9.16.23-0.19.el8_10.noarch.rpm
bind9.16-utils-9.16.23-0.19.el8_10.x86_64.rpm
python3-bind9.16-9.16.23-0.19.el8_10.noarch.rpm
bind9.16-devel-9.16.23-0.19.el8_10.i686.rpm
bind9.16-devel-9.16.23-0.19.el8_10.x86_64.rpm
bind9.16-doc-9.16.23-0.19.el8_10.noarch.rpm
bind9.16-libs-9.16.23-0.19.el8_10.i686.rpm

aarch64:
bind9.16-9.16.23-0.19.el8_10.aarch64.rpm
bind9.16-chroot-9.16.23-0.19.el8_10.aarch64.rpm
bind9.16-dnssec-utils-9.16.23-0.19.el8_10.aarch64.rpm
bind9.16-libs-9.16.23-0.19.el8_10.aarch64.rpm
bind9.16-license-9.16.23-0.19.el8_10.noarch.rpm
bind9.16-utils-9.16.23-0.19.el8_10.aarch64.rpm
python3-bind9.16-9.16.23-0.19.el8_10.noarch.rpm
bind9.16-devel-9.16.23-0.19.el8_10.aarch64.rpm
bind9.16-doc-9.16.23-0.19.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//bind9.16-9.16.23-0.19.el8_10.src.rpm

Description of changes:

[32:9.16.23-0.19]
- Add few more explicit conflicts with bind subpackages (RHEL-2208)

[32:9.16.23-0.18]
- Prevent crashing at masterformat system test (CVE-2023-6516)

[32:9.16.23-0.17]
- Prevent increased CPU load on large DNS messages (CVE-2023-4408)
- Prevent assertion failure when nxdomain-redirect is used with
RFC 1918 reverse zones (CVE-2023-5517)
- Prevent assertion failure if DNS64 and serve-stale is used (CVE-2023-5679)
- Specific recursive query patterns may lead to an out-of-memory
condition (CVE-2023-6516)
- Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387
CVE-2023-50868)
- Import tests for large DNS messages fix
- Add downstream change complementing CVE-2023-50387

ELBA-2024-5260 Oracle Linux 8 pacemaker bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5260

http://linux.oracle.com/errata/ELBA-2024-5260.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pacemaker-cluster-libs-2.1.7-5.1.0.1.el8_10.i686.rpm
pacemaker-cluster-libs-2.1.7-5.1.0.1.el8_10.x86_64.rpm
pacemaker-libs-2.1.7-5.1.0.1.el8_10.i686.rpm
pacemaker-libs-2.1.7-5.1.0.1.el8_10.x86_64.rpm
pacemaker-schemas-2.1.7-5.1.0.1.el8_10.noarch.rpm

aarch64:
pacemaker-cluster-libs-2.1.7-5.1.0.1.el8_10.aarch64.rpm
pacemaker-libs-2.1.7-5.1.0.1.el8_10.aarch64.rpm
pacemaker-schemas-2.1.7-5.1.0.1.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pacemaker-2.1.7-5.1.0.1.el8_10.src.rpm

Description of changes:

[2.1.7-5.1.0.1]
- Upstream reference in pacemaker crm_report binary [Orabug: 32825154]
- Replace bug url [Orabug: 34202300]

[2.1.7-5.1]
- Fix a memory leak in the attribute daemon
- Resolves: RHEL-40145

ELBA-2024-5287 Oracle Linux 8 lldpd bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5287

http://linux.oracle.com/errata/ELBA-2024-5287.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
lldpd-1.0.17-2.el8_10.i686.rpm
lldpd-1.0.17-2.el8_10.x86_64.rpm
lldpd-devel-1.0.17-2.el8_10.i686.rpm
lldpd-devel-1.0.17-2.el8_10.x86_64.rpm

aarch64:
lldpd-1.0.17-2.el8_10.aarch64.rpm
lldpd-devel-1.0.17-2.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//lldpd-1.0.17-2.el8_10.src.rpm

Description of changes:

[1.0.17-2]
- Fix liblldpctl version [RHEL-2211]

[1.0.17-1]
- Rebased to 1.0.17 [RHEL-2211]

ELSA-2024-5297 Moderate: Oracle Linux 8 edk2 security update

Oracle Linux Security Advisory ELSA-2024-5297

http://linux.oracle.com/errata/ELSA-2024-5297.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
edk2-ovmf-20220126gitbb1bba3d77-13.el8_10.2.noarch.rpm

aarch64:
edk2-aarch64-20220126gitbb1bba3d77-13.el8_10.2.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//edk2-20220126gitbb1bba3d77-13.el8_10.2.src.rpm

Related CVEs:

CVE-2023-45236
CVE-2023-45237
CVE-2024-1298

Description of changes:

[20220126gitbb1bba3d77-13.el8_10.2]
[20220126gitbb1bba3d77-13.el8_10.1]
- edk2-MdeModulePkg-Change-use-of-EFI_D_-to-DEBUG_.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdeModulePkg-Potential-UINT32-overflow-in-S3-ResumeC.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdePkg-Apply-uncrustify-changes.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-NetworkPkg-Apply-uncrustify-changes.p2.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Rename-RdRandGenerateEntropy-to-g.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Remove-ArchGetSupportedRngAlgorit.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Documentation-include-parameter-c.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Check-before-advertising-Cpu-Rng-.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Add-AArch64-RawAlgorithm-support-.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Add-debug-warning-for-NULL-PcdCpu.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Rename-AArch64-RngDxe.c.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Add-Arm-support-of-RngDxe.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Correctly-update-mAvailableAlgoAr.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Conditionally-install-EFI_RNG_PRO.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdeModulePkg-Duplicate-BaseRngLibTimerLib-to-MdeModu.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdePkg-Add-deprecated-warning-to-BaseRngLibTimer.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-SecurityPkg.dec-Move-PcdCpuRngSupportedA.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdePkg-DxeRngLib-Request-raw-algorithm-instead-of-de.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdePkg-Rng-Add-GUID-to-describe-Arm-Rndr-Rng-algorit.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdeModulePkg-Rng-Add-GUID-to-describe-unsafe-Rng-alg.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdePkg-Rng-Add-GetRngGuid-to-RngLib.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Use-GetRngGuid-when-probing-RngLi.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-Simplify-Rng-algorithm-selection-.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-NetworkPkg-SECURITY-PATCH-CVE-2023-45237.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdePkg-BaseRngLib-Add-a-smoketest-for-RDRAND-and-che.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-SecurityPkg-RngDxe-add-rng-test.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-OvmfPkg-wire-up-RngDxe.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-CryptoPkg-Test-call-ProcessLibraryConstructorList.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-MdePkg-X86UnitTestHost-set-rdrand-cpuid-bit.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-NetworkPkg-TcpDxe-SECURITY-PATCH-CVE-2023-45236.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- edk2-NetworkPkg-TcpDxe-Fixed-system-stuck-on-PXE-boot-flo.patch [RHEL-21854 RHEL-21856 RHEL-40099]
- Resolves: RHEL-21854
(CVE-2023-45236 edk2: Predictable TCP Initial Sequence Numbers [rhel-8])
- Resolves: RHEL-21856
(CVE-2023-45237 edk2: Use of a Weak PseudoRandom Number Generator [rhel-8])
- Resolves: RHEL-40099
(CVE-2024-1298 edk2: Temporary DoS vulnerability [rhel-8.10.z])

ELSA-2024-5298 Moderate: Oracle Linux 8 gnome-shell security update

Oracle Linux Security Advisory ELSA-2024-5298

http://linux.oracle.com/errata/ELSA-2024-5298.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
gnome-shell-3.32.2-56.el8_10.x86_64.rpm

aarch64:
gnome-shell-3.32.2-56.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//gnome-shell-3.32.2-56.el8_10.src.rpm

Related CVEs:

CVE-2024-36472

Description of changes:

[3.32.2-56]
- Only open portal login in response to user action
Resolves: RHEL-39097

ELSA-2024-5299 Moderate: Oracle Linux 8 wget security update

Oracle Linux Security Advisory ELSA-2024-5299

http://linux.oracle.com/errata/ELSA-2024-5299.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
wget-1.19.5-12.0.1.el8_10.x86_64.rpm

aarch64:
wget-1.19.5-12.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//wget-1.19.5-12.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-38428

Description of changes:

[1.19.5-12.0.1]
- SSLv3 support dropped from openssl, v3 test certificates need to be replaced [Orabug: 29613455]

[1.19.5-12]
- Resolves: RHEL-43559 - Misinterpretation of input may lead to improper behavior

ELSA-2024-5291 Moderate: Oracle Linux 8 grafana security update

Oracle Linux Security Advisory ELSA-2024-5291

http://linux.oracle.com/errata/ELSA-2024-5291.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-9.2.10-17.el8_10.x86_64.rpm
grafana-selinux-9.2.10-17.el8_10.x86_64.rpm

aarch64:
grafana-9.2.10-17.el8_10.aarch64.rpm
grafana-selinux-9.2.10-17.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//grafana-9.2.10-17.el8_10.src.rpm

Related CVEs:

CVE-2024-24788
CVE-2024-24789
CVE-2024-24790

Description of changes:

[9.2.10-17]
- Allow for mssql datasource in selinux policy
- Resolves RHEL-43435

ELBA-2024-5295 Oracle Linux 8 mesa bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5295

http://linux.oracle.com/errata/ELBA-2024-5295.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
mesa-dri-drivers-23.1.4-3.el8_10.i686.rpm
mesa-dri-drivers-23.1.4-3.el8_10.x86_64.rpm
mesa-filesystem-23.1.4-3.el8_10.i686.rpm
mesa-filesystem-23.1.4-3.el8_10.x86_64.rpm
mesa-libEGL-23.1.4-3.el8_10.i686.rpm
mesa-libEGL-23.1.4-3.el8_10.x86_64.rpm
mesa-libEGL-devel-23.1.4-3.el8_10.i686.rpm
mesa-libEGL-devel-23.1.4-3.el8_10.x86_64.rpm
mesa-libGL-23.1.4-3.el8_10.i686.rpm
mesa-libGL-23.1.4-3.el8_10.x86_64.rpm
mesa-libGL-devel-23.1.4-3.el8_10.i686.rpm
mesa-libGL-devel-23.1.4-3.el8_10.x86_64.rpm
mesa-libOSMesa-23.1.4-3.el8_10.i686.rpm
mesa-libOSMesa-23.1.4-3.el8_10.x86_64.rpm
mesa-libgbm-23.1.4-3.el8_10.i686.rpm
mesa-libgbm-23.1.4-3.el8_10.x86_64.rpm
mesa-libglapi-23.1.4-3.el8_10.i686.rpm
mesa-libglapi-23.1.4-3.el8_10.x86_64.rpm
mesa-libxatracker-23.1.4-3.el8_10.i686.rpm
mesa-libxatracker-23.1.4-3.el8_10.x86_64.rpm
mesa-vdpau-drivers-23.1.4-3.el8_10.i686.rpm
mesa-vdpau-drivers-23.1.4-3.el8_10.x86_64.rpm
mesa-vulkan-devel-23.1.4-3.el8_10.i686.rpm
mesa-vulkan-devel-23.1.4-3.el8_10.x86_64.rpm
mesa-vulkan-drivers-23.1.4-3.el8_10.i686.rpm
mesa-vulkan-drivers-23.1.4-3.el8_10.x86_64.rpm
mesa-libOSMesa-devel-23.1.4-3.el8_10.i686.rpm
mesa-libOSMesa-devel-23.1.4-3.el8_10.x86_64.rpm
mesa-libgbm-devel-23.1.4-3.el8_10.i686.rpm
mesa-libgbm-devel-23.1.4-3.el8_10.x86_64.rpm

aarch64:
mesa-dri-drivers-23.1.4-3.el8_10.aarch64.rpm
mesa-filesystem-23.1.4-3.el8_10.aarch64.rpm
mesa-libEGL-23.1.4-3.el8_10.aarch64.rpm
mesa-libEGL-devel-23.1.4-3.el8_10.aarch64.rpm
mesa-libGL-23.1.4-3.el8_10.aarch64.rpm
mesa-libGL-devel-23.1.4-3.el8_10.aarch64.rpm
mesa-libOSMesa-23.1.4-3.el8_10.aarch64.rpm
mesa-libgbm-23.1.4-3.el8_10.aarch64.rpm
mesa-libglapi-23.1.4-3.el8_10.aarch64.rpm
mesa-libxatracker-23.1.4-3.el8_10.aarch64.rpm
mesa-vdpau-drivers-23.1.4-3.el8_10.aarch64.rpm
mesa-libOSMesa-devel-23.1.4-3.el8_10.aarch64.rpm
mesa-libgbm-devel-23.1.4-3.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//mesa-23.1.4-3.el8_10.src.rpm

Description of changes:

[23.1.4-3]
- Fix off-by-one error for newblock allocation in dlist_alloc
Resolves: https://issues.redhat.com/browse/RHEL-40566

ELBA-2024-5293 Oracle Linux 8 cyrus-imapd enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5293

http://linux.oracle.com/errata/ELBA-2024-5293.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
cyrus-imapd-3.0.7-26.el8_10.i686.rpm
cyrus-imapd-3.0.7-26.el8_10.x86_64.rpm
cyrus-imapd-utils-3.0.7-26.el8_10.x86_64.rpm
cyrus-imapd-vzic-3.0.7-26.el8_10.x86_64.rpm

aarch64:
cyrus-imapd-3.0.7-26.el8_10.aarch64.rpm
cyrus-imapd-utils-3.0.7-26.el8_10.aarch64.rpm
cyrus-imapd-vzic-3.0.7-26.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//cyrus-imapd-3.0.7-26.el8_10.src.rpm

Description of changes:

[3.0.7-26]
- Update fmf plans and gating for c8s

[3.0.7-25]
- ptclient: implement canonification across multiple domains
Resolves: RHEL-10710

ELBA-2024-5292 Oracle Linux 8 source-highlight bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-5292

http://linux.oracle.com/errata/ELBA-2024-5292.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
source-highlight-3.1.8-18.el8_10.i686.rpm
source-highlight-3.1.8-18.el8_10.x86_64.rpm
source-highlight-devel-3.1.8-18.el8_10.i686.rpm
source-highlight-devel-3.1.8-18.el8_10.x86_64.rpm

aarch64:
source-highlight-3.1.8-18.el8_10.aarch64.rpm
source-highlight-devel-3.1.8-18.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//source-highlight-3.1.8-18.el8_10.src.rpm

Description of changes:

[3.1.8-18]
- Rebuild for shipping devel subpackage in CRB (RHEL-38616)

ELBA-2024-5290 Oracle Linux 8 nmstate bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-5290

http://linux.oracle.com/errata/ELBA-2024-5290.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
nmstate-1.4.6-4.0.1.el8_10.x86_64.rpm
nmstate-libs-1.4.6-4.0.1.el8_10.i686.rpm
nmstate-libs-1.4.6-4.0.1.el8_10.x86_64.rpm
nmstate-plugin-ovsdb-1.4.6-4.0.1.el8_10.noarch.rpm
python3-libnmstate-1.4.6-4.0.1.el8_10.noarch.rpm
nmstate-devel-1.4.6-4.0.1.el8_10.i686.rpm
nmstate-devel-1.4.6-4.0.1.el8_10.x86_64.rpm

aarch64:
nmstate-1.4.6-4.0.1.el8_10.aarch64.rpm
nmstate-libs-1.4.6-4.0.1.el8_10.aarch64.rpm
nmstate-plugin-ovsdb-1.4.6-4.0.1.el8_10.noarch.rpm
python3-libnmstate-1.4.6-4.0.1.el8_10.noarch.rpm
nmstate-devel-1.4.6-4.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//nmstate-1.4.6-4.0.1.el8_10.src.rpm

Description of changes:

[1.4.6-4.0.1]
- Do not fail on unknown option of bond and vlan [Orabug: 35799030]

[1.4.6-4]
- Do not clear iface DNS if not desired. RHEL-31095

[1.4.6-3]
- Fix global DNS on second apply. RHEL-44623

ELSA-2024-5312 Moderate: Oracle Linux 8 krb5 security update

Oracle Linux Security Advisory ELSA-2024-5312

http://linux.oracle.com/errata/ELSA-2024-5312.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
krb5-devel-1.18.2-29.0.1.el8_10.i686.rpm
krb5-devel-1.18.2-29.0.1.el8_10.x86_64.rpm
krb5-libs-1.18.2-29.0.1.el8_10.i686.rpm
krb5-libs-1.18.2-29.0.1.el8_10.x86_64.rpm
krb5-pkinit-1.18.2-29.0.1.el8_10.i686.rpm
krb5-pkinit-1.18.2-29.0.1.el8_10.x86_64.rpm
krb5-server-1.18.2-29.0.1.el8_10.i686.rpm
krb5-server-1.18.2-29.0.1.el8_10.x86_64.rpm
krb5-server-ldap-1.18.2-29.0.1.el8_10.i686.rpm
krb5-server-ldap-1.18.2-29.0.1.el8_10.x86_64.rpm
krb5-workstation-1.18.2-29.0.1.el8_10.x86_64.rpm
libkadm5-1.18.2-29.0.1.el8_10.i686.rpm
libkadm5-1.18.2-29.0.1.el8_10.x86_64.rpm

aarch64:
krb5-devel-1.18.2-29.0.1.el8_10.aarch64.rpm
krb5-libs-1.18.2-29.0.1.el8_10.aarch64.rpm
krb5-pkinit-1.18.2-29.0.1.el8_10.aarch64.rpm
krb5-server-1.18.2-29.0.1.el8_10.aarch64.rpm
krb5-server-ldap-1.18.2-29.0.1.el8_10.aarch64.rpm
krb5-workstation-1.18.2-29.0.1.el8_10.aarch64.rpm
libkadm5-1.18.2-29.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//krb5-1.18.2-29.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-37370
CVE-2024-37371

Description of changes:

[1.18.2-29.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]

[1.18.2-29]
- CVE-2024-37370 CVE-2024-37371
Fix vulnerabilities in GSS message token handling
Resolves: RHEL-45398 RHEL-45386

ELBA-2024-12590 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-12590

http://linux.oracle.com/errata/ELBA-2024-12590.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.334.6.1.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.334.6.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.334.6.1.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.334.6.1.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.334.6.1.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.334.6.1.el8uek.src.rpm

Description of changes:

[5.4.17-2136.334.6.1.el8uek]
- fsnotify: clear PARENT_WATCHED flags lazily (Amir Goldstein) [Orabug: 36940602]

ELBA-2024-12587 Oracle Linux 8 perl-Data-Dump bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-12587

http://linux.oracle.com/errata/ELBA-2024-12587.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.noarch.rpm
perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.noarch.rpm
perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.noarch.rpm
perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.noarch.rpm
perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.x86_64.rpm
perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.x86_64.rpm
perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.x86_64.rpm
perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.x86_64.rpm
perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.noarch.rpm
perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.noarch.rpm
perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.noarch.rpm
perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.noarch.rpm
perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.noarch.rpm

aarch64:
perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.noarch.rpm
perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.noarch.rpm
perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.noarch.rpm
perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.noarch.rpm
perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.aarch64.rpm
perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.aarch64.rpm
perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.aarch64.rpm
perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.aarch64.rpm
perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.noarch.rpm
perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.noarch.rpm
perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.noarch.rpm
perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.noarch.rpm
perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.noarch.rpm
perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//perl-Data-Dump-1.23-7.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-Digest-HMAC-1.03-17.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-Encode-Locale-1.05-10.0.1.module+el8.3.0+90378+3cefc087.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-File-Listing-6.04-17.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-HTML-Parser-3.72-15.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-HTML-Tagset-3.20-34.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-HTTP-Cookies-6.04-2.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-HTTP-Date-6.02-19.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-HTTP-Message-6.18-1.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-HTTP-Negotiate-6.01-19.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-IO-HTML-1.001-11.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-libwww-perl-6.34-1.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-LWP-MediaTypes-6.02-15.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-LWP-Protocol-https-6.07-4.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-Mozilla-CA-20160104-7.0.1.module+el8.3.0+21136+b437fca9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-Net-HTTP-6.17-2.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-NTLM-1.09-17.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-TimeDate-2.30-15.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-Try-Tiny-0.30-7.module+el8.3.0+7692+542c56f9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//perl-WWW-RobotRules-6.02-18.module+el8.3.0+7692+542c56f9.src.rpm

Description of changes:

perl-Data-Dump
perl-Digest-HMAC
perl-Encode-Locale
[1.05-10.0.1]
- Bump release, rebuild

perl-File-Listing
perl-HTML-Parser
perl-HTML-Tagset
perl-HTTP-Cookies
perl-HTTP-Date
perl-HTTP-Message
perl-HTTP-Negotiate
perl-IO-HTML
perl-libwww-perl
perl-LWP-MediaTypes
perl-LWP-Protocol-https
perl-Mozilla-CA
[20160104-7.0.1]
- Bump release, rebuild

perl-Net-HTTP
perl-NTLM
perl-TimeDate
perl-Try-Tiny
perl-WWW-RobotRules

ELBA-2024-12586 Oracle Linux 8 dnf-plugin-spacewalk bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-12586

http://linux.oracle.com/errata/ELBA-2024-12586.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
dnf-plugin-spacewalk-2.8.5-11.0.3.module+el8.3.0+20070+f5719e00.noarch.rpm
python3-dnf-plugin-spacewalk-2.8.5-11.0.3.module+el8.3.0+20070+f5719e00.noarch.rpm
python3-dnf-plugin-ulninfo-0.3-3.module+el8.10.0+90380+96a02ce9.noarch.rpm
python3-rhn-check-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
python3-rhn-client-tools-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
python3-rhn-setup-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
python3-rhn-setup-gnome-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
rhn-check-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
rhn-client-tools-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
rhn-setup-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
rhn-setup-gnome-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.x86_64.rpm
python3-rhnlib-2.8.6-8.0.2.module+el8.7.0+21027+f0093b7a.noarch.rpm
rhnlib-2.8.6-8.0.2.module+el8.7.0+21027+f0093b7a.noarch.rpm
rhnsd-5.0.35-3.0.2.module+el8.10.0+90373+b70ceaf0.x86_64.rpm

aarch64:
dnf-plugin-spacewalk-2.8.5-11.0.3.module+el8.3.0+20070+f5719e00.noarch.rpm
python3-dnf-plugin-spacewalk-2.8.5-11.0.3.module+el8.3.0+20070+f5719e00.noarch.rpm
python3-dnf-plugin-ulninfo-0.3-3.module+el8.10.0+90380+96a02ce9.noarch.rpm
python3-rhn-check-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.aarch64.rpm
python3-rhn-client-tools-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.aarch64.rpm
python3-rhn-setup-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.aarch64.rpm
python3-rhn-setup-gnome-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.aarch64.rpm
rhn-check-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.aarch64.rpm
rhn-client-tools-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.aarch64.rpm
rhn-setup-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.aarch64.rpm
rhn-setup-gnome-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.aarch64.rpm
python3-rhnlib-2.8.6-8.0.2.module+el8.7.0+21027+f0093b7a.noarch.rpm
rhnlib-2.8.6-8.0.2.module+el8.7.0+21027+f0093b7a.noarch.rpm
rhnsd-5.0.35-3.0.2.module+el8.10.0+90373+b70ceaf0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dnf-plugin-spacewalk-2.8.5-11.0.3.module+el8.3.0+20070+f5719e00.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python3-dnf-plugin-ulninfo-0.3-3.module+el8.10.0+90380+96a02ce9.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//rhn-client-tools-2.8.16-13.0.6.module+el8.7.0+21032+057d0dfe.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//rhnlib-2.8.6-8.0.2.module+el8.7.0+21027+f0093b7a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//rhnsd-5.0.35-3.0.2.module+el8.10.0+90373+b70ceaf0.src.rpm

Description of changes:

dnf-plugin-spacewalk
[2.8.5-11.0.3]
- Add dependency on ulninfo plugin

python3-dnf-plugin-ulninfo
[0.3-3]
- Fixes dnf repolist for ULN failed issue [Orabug: 36854493]

rhn-client-tools
[2.8.16-13.0.6]
- Adding 4k Certificate in ULN-CA-CERT [Orabug: 35287654]

rhnlib
[2.8.6-8.0.2]
- Resolving issues while using 4k certs with ULN [OraBug: 34950241]

rhnsd
[5.0.35-3.0.2]
- Rebuild with higher release

ELBA-2024-12592 Oracle Linux 8 Unbreakable Enterprise kernel-container bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-12592

http://linux.oracle.com/errata/ELBA-2024-12592.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.334.6.1.el8.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.334.6.1.el8.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-container-5.4.17-2136.334.6.1.el8.src.rpm

Description of changes:

[5.4.17-2136.334.6.1.el8]
- fsnotify: clear PARENT_WATCHED flags lazily (Amir Goldstein) [Orabug: 36940602]

ELBA-2024-12590 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-12590

http://linux.oracle.com/errata/ELBA-2024-12590.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.334.6.1.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.334.6.1.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.334.6.1.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.334.6.1.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.334.6.1.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.334.6.1.el8uek.src.rpm

Description of changes:

[5.4.17-2136.334.6.1.el8uek]
- fsnotify: clear PARENT_WATCHED flags lazily (Amir Goldstein) [Orabug: 36940602]

ELBA-2024-12591 Oracle Linux 7 Unbreakable Enterprise kernel-container bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-12591

http://linux.oracle.com/errata/ELBA-2024-12591.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.334.6.1.el7.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.334.6.1.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-container-5.4.17-2136.334.6.1.el7.src.rpm

Description of changes:

[5.4.17-2136.334.6.1.el7]
- fsnotify: clear PARENT_WATCHED flags lazily (Amir Goldstein) [Orabug: 36940602]

ELBA-2024-12590 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-12590

http://linux.oracle.com/errata/ELBA-2024-12590.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.334.6.1.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.334.6.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.334.6.1.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.334.6.1.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.334.6.1.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.334.6.1.el7uek.x86_64.rpm

aarch64:
kernel-uek-5.4.17-2136.334.6.1.el7uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.334.6.1.el7uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.334.6.1.el7uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.334.6.1.el7uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.334.6.1.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.334.6.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-5.4.17-2136.334.6.1.el7uek.aarch64.rpm
perf-5.4.17-2136.334.6.1.el7uek.aarch64.rpm
python-perf-5.4.17-2136.334.6.1.el7uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.334.6.1.el7uek.src.rpm

Description of changes:

[5.4.17-2136.334.6.1.el7uek]
- fsnotify: clear PARENT_WATCHED flags lazily (Amir Goldstein) [Orabug: 36940602]

ELBA-2024-12588 Oracle Linux 7 chrony bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2024-12588

http://linux.oracle.com/errata/ELBA-2024-12588.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
chrony-3.4-1.0.3.el7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//chrony-3.4-1.0.3.el7.src.rpm

Description of changes:

[3.4-1.0.3]
- Fixed chrony starting before network-online service [Orabug: 36885862]

ELBA-2024-12588 Oracle Linux 7 chrony bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-12588

http://linux.oracle.com/errata/ELBA-2024-12588.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
chrony-3.4-1.0.3.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//chrony-3.4-1.0.3.el7.src.rpm

Description of changes:

[3.4-1.0.3]
- Fixed chrony starting before network-online service [Orabug: 36885862]

Red Hat JBoss Enterprise Application Platform, OpenShift, Fence, and updates for RHEL

Opera update for openSUSE Leap 15.6

ELSA-2024-5402 Important: Oracle Linux 8 thunderbird security update

ELSA-2024-5391 Important: Oracle Linux 8 firefox security update

ELSA-2024-5390 Important: Oracle Linux 8 bind9.16 security update

ELSA-2024-5337 Moderate: Oracle Linux 8 .NET 8.0 security update

ELSA-2024-5193 Important: Oracle Linux 8 httpd:2.4 security update

ELBA-2024-5401 Oracle Linux 8 .NET6.0 bug fix and enhancement update

ELBA-2024-5311 Oracle Linux 8 firewalld bug fix and enhancement update

ELBA-2024-5310 Oracle Linux 8 openssh bug fix update

ELSA-2024-5334 Moderate: Oracle Linux 9 .NET 8.0 security update

ELSA-2024-5231 Important: Oracle Linux 9 bind and bind-dyndb-ldap security update

ELBA-2024-5021 Oracle Linux 9 kexec-tools bug fix update

ELSA-2024-5392 Important: Oracle Linux 9 thunderbird security update

ELSA-2024-5363 Important: Oracle Linux 9 kernel security update

ELSA-2024-5322 Important: Oracle Linux 9 firefox security update

ELSA-2024-5279 Important: Oracle Linux 9 python3.11-setuptools security update

ELBA-2024-5463 Oracle Linux 9 virt-v2v bug fix update

ELSA-2024-12582 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

ELBA-2024-5336 Oracle Linux 9 .NET6.0 bug fix and enhancement update

ELSA-2024-5309 Moderate: Oracle Linux 8 python-urllib3 security update

ELSA-2024-5306 Moderate: Oracle Linux 8 orc security update

ELSA-2024-5305 Moderate: Oracle Linux 8 poppler security update

ELBA-2024-5308 Oracle Linux 8 libdnf bug fix update

ELBA-2024-5307 Oracle Linux 8 sssd bug fix update

ELBA-2024-5304 Oracle Linux 8 idm:client bug fix and enhancement update

ELBA-2024-5302 Oracle Linux 8 gcc-toolset-12-gcc bug fix update

ELBA-2024-5303 Oracle Linux 8 tigervnc bug fix update

ELBA-2024-5300 Oracle Linux 8 autoconf bug fix and enhancement update

ELSA-2024-5294 Moderate: Oracle Linux 8 jose security update

ELEA-2024-5296 Oracle Linux 8 grafana-pcp bug fix and enhancement update

ELSA-2024-5258 Important: Oracle Linux 8 container-tools:ol8 security update

ELSA-2024-5289 Moderate: Oracle Linux 8 mod_auth_openidc:2.3 security update

ELBA-2024-5288 Oracle Linux 8 bind9.16 bug fix update

ELBA-2024-5260 Oracle Linux 8 pacemaker bug fix update

ELBA-2024-5287 Oracle Linux 8 lldpd bug fix and enhancement update

ELSA-2024-5297 Moderate: Oracle Linux 8 edk2 security update

ELSA-2024-5298 Moderate: Oracle Linux 8 gnome-shell security update

ELSA-2024-5299 Moderate: Oracle Linux 8 wget security update

ELSA-2024-5291 Moderate: Oracle Linux 8 grafana security update

ELBA-2024-5295 Oracle Linux 8 mesa bug fix and enhancement update

ELBA-2024-5293 Oracle Linux 8 cyrus-imapd enhancement update

ELBA-2024-5292 Oracle Linux 8 source-highlight bug fix update

ELBA-2024-5290 Oracle Linux 8 nmstate bug fix and enhancement update

ELSA-2024-5312 Moderate: Oracle Linux 8 krb5 security update

ELBA-2024-12590 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update

ELBA-2024-12587 Oracle Linux 8 perl-Data-Dump bug fix update

ELBA-2024-12586 Oracle Linux 8 dnf-plugin-spacewalk bug fix update

ELBA-2024-12592 Oracle Linux 8 Unbreakable Enterprise kernel-container bug fix update

ELBA-2024-12590 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update

ELBA-2024-12591 Oracle Linux 7 Unbreakable Enterprise kernel-container bug fix update

ELBA-2024-12590 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update

ELBA-2024-12588 Oracle Linux 7 chrony bug fix update (aarch64)

ELBA-2024-12588 Oracle Linux 7 chrony bug fix update

Windows

Linux

macOS

Community