Oracle Linux 6279 Published by

Oracle Linux has issued several security updates, such as an unbreakable Enterprise kernel security update for Oracle Linux 7, an e2fsprogs security update for Oracle Linux 9, an empathy bug fix and enhancement update for Oracle Linux 7, and an extended lifecycle support (ELS) unbreakable Enterprise kernel security update for Oracle Linux 6:

ELSA-2024-12714 Important: Oracle Linux 7 Important; Unbreakable Enterprise kernel security update
ELSA-2024-12713 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2024-12713 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2024-12713 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2024-12680 Important: Oracle Linux 8 Unbreakable Enterprise kernel-container security update
ELSA-2024-12679 Important: Oracle Linux 7 Unbreakable Enterprise kernel-container security update
ELBA-2024-12717 Oracle Linux 8 osbuild-composer bug fix update
ELSA-2024-12704 Moderate: Oracle Linux 7 e2fsprogs security update
ELSA-2024-12704 Moderate: Oracle Linux 7 e2fsprogs security update (aarch64)
ELEA-2024-5331 Oracle Linux 7 empathy bug fix and enhancement update (aarch64)
ELEA-2024-5331 Oracle Linux 7 empathy bug fix and enhancement update
ELSA-2024-12714 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update




ELSA-2024-12714 Important: Oracle Linux 7 Important; Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12714

http://linux.oracle.com/errata/ELSA-2024-12714.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.90.3.1.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.90.3.1.el7uek.noarch.rpm
kernel-uek-4.1.12-124.90.3.1.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.90.3.1.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.90.3.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.90.3.1.el7uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.1.12-124.90.3.1.el7uek.src.rpm

Description of changes:

[4.1.12-124.90.3.1.el7uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37132352]



ELSA-2024-12713 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12713

http://linux.oracle.com/errata/ELSA-2024-12713.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-300.163.18.1.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-300.163.18.1.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-300.163.18.1.el9uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-300.163.18.1.el9uek.src.rpm

Description of changes:

[5.15.0-300.163.18.1.el9uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37132350]



ELSA-2024-12713 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12713

http://linux.oracle.com/errata/ELSA-2024-12713.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
bpftool-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-300.163.18.1.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-300.163.18.1.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-300.163.18.1.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-300.163.18.1.el9uek.src.rpm

Description of changes:

[5.15.0-300.163.18.1.el9uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37132350]



ELSA-2024-12713 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12713

http://linux.oracle.com/errata/ELSA-2024-12713.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-core-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-debug-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-devel-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-doc-5.15.0-300.163.18.1.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-container-5.15.0-300.163.18.1.el8uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-300.163.18.1.el8uek.x86_64.rpm

aarch64:
bpftool-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-core-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-debug-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-devel-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-doc-5.15.0-300.163.18.1.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-container-5.15.0-300.163.18.1.el8uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-300.163.18.1.el8uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-300.163.18.1.el8uek.src.rpm

Description of changes:

[5.15.0-300.163.18.1.el8uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37132350]



ELSA-2024-12680 Important: Oracle Linux 8 Unbreakable Enterprise kernel-container security update


Oracle Linux Security Advisory ELSA-2024-12680

http://linux.oracle.com/errata/ELSA-2024-12680.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.335.4.1.el8.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.335.4.1.el8.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-container-5.4.17-2136.335.4.1.el8.src.rpm

Description of changes:

[5.4.17-2136.335.4.1.el8]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang)
[Orabug: 37035558]



ELSA-2024-12679 Important: Oracle Linux 7 Unbreakable Enterprise kernel-container security update


Oracle Linux Security Advisory ELSA-2024-12679

http://linux.oracle.com/errata/ELSA-2024-12679.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.335.4.1.el7.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.335.4.1.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-container-5.4.17-2136.335.4.1.el7.src.rpm

Description of changes:

[5.4.17-2136.335.4.1.el7]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang)
[Orabug: 37035558]



ELBA-2024-12717 Oracle Linux 8 osbuild-composer bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12717

http://linux.oracle.com/errata/ELBA-2024-12717.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-101-2.0.2.el8_10.x86_64.rpm
osbuild-composer-worker-101-2.0.2.el8_10.x86_64.rpm
osbuild-composer-core-101-2.0.2.el8_10.x86_64.rpm

aarch64:
osbuild-composer-101-2.0.2.el8_10.aarch64.rpm
osbuild-composer-worker-101-2.0.2.el8_10.aarch64.rpm
osbuild-composer-core-101-2.0.2.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//osbuild-composer-101-2.0.2.el8_10.src.rpm

Description of changes:

[101-2.0.2]
- Support using OCI variables inside built images [JIRA: OLDIS-35302]



ELSA-2024-12704 Moderate: Oracle Linux 7 e2fsprogs security update


Oracle Linux Security Advisory ELSA-2024-12704

http://linux.oracle.com/errata/ELSA-2024-12704.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
e2fsprogs-1.45.4-3.0.7.el7.x86_64.rpm
e2fsprogs-1.45.4-3.0.7.el7.i686.rpm
e2fsprogs-devel-1.45.4-3.0.7.el7.x86_64.rpm
e2fsprogs-devel-1.45.4-3.0.7.el7.i686.rpm
e2fsprogs-libs-1.45.4-3.0.7.el7.x86_64.rpm
e2fsprogs-libs-1.45.4-3.0.7.el7.i686.rpm
e2fsprogs-static-1.45.4-3.0.7.el7.x86_64.rpm
e2fsprogs-static-1.45.4-3.0.7.el7.i686.rpm
libcom_err-1.45.4-3.0.7.el7.x86_64.rpm
libcom_err-1.45.4-3.0.7.el7.i686.rpm
libcom_err-devel-1.45.4-3.0.7.el7.x86_64.rpm
libcom_err-devel-1.45.4-3.0.7.el7.i686.rpm
libss-1.45.4-3.0.7.el7.x86_64.rpm
libss-1.45.4-3.0.7.el7.i686.rpm
libss-devel-1.45.4-3.0.7.el7.x86_64.rpm
libss-devel-1.45.4-3.0.7.el7.i686.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//e2fsprogs-1.45.4-3.0.7.el7.src.rpm

Related CVEs:

CVE-2022-1304

Description of changes:

[1.45.4-3.0.7.el7]
- libext2fs: add sanity check to extent manipulation (Srivathsa Dara) [Orabug:
37095032] {CVE-2022-1304}



ELSA-2024-12704 Moderate: Oracle Linux 7 e2fsprogs security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-12704

http://linux.oracle.com/errata/ELSA-2024-12704.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
e2fsprogs-1.45.4-3.0.7.el7.aarch64.rpm
e2fsprogs-devel-1.45.4-3.0.7.el7.aarch64.rpm
e2fsprogs-libs-1.45.4-3.0.7.el7.aarch64.rpm
libcom_err-1.45.4-3.0.7.el7.aarch64.rpm
libcom_err-devel-1.45.4-3.0.7.el7.aarch64.rpm
libss-1.45.4-3.0.7.el7.aarch64.rpm
e2fsprogs-static-1.45.4-3.0.7.el7.aarch64.rpm
libss-devel-1.45.4-3.0.7.el7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//e2fsprogs-1.45.4-3.0.7.el7.src.rpm

Related CVEs:

CVE-2022-1304

Description of changes:

[1.45.4-3.0.7.el7]
- libext2fs: add sanity check to extent manipulation (Srivathsa Dara) [Orabug:
37095032] {CVE-2022-1304}



ELEA-2024-5331 Oracle Linux 7 empathy bug fix and enhancement update (aarch64)


Oracle Linux Enhancement Advisory ELEA-2024-5331

http://linux.oracle.com/errata/ELEA-2024-5331.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
empathy-3.12.13-1.0.1.el7.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//empathy-3.12.13-1.0.1.el7.src.rpm

Description of changes:

[3.12.13-1.0.1]
- Fixes ELEA-2024-5331 switches webkitgtk3 to webkitgtk4 [Orabug: 36948518]



ELEA-2024-5331 Oracle Linux 7 empathy bug fix and enhancement update


Oracle Linux Enhancement Advisory ELEA-2024-5331

http://linux.oracle.com/errata/ELEA-2024-5331.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
empathy-3.12.13-1.0.1.el7.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//empathy-3.12.13-1.0.1.el7.src.rpm

Description of changes:

[3.12.13-1.0.1]
- Fixes ELEA-2024-5331 switches webkitgtk3 to webkitgtk4 [Orabug: 36948518]



ELSA-2024-12714 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12714

http://linux.oracle.com/errata/ELSA-2024-12714.html

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.90.3.1.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.90.3.1.el6uek.noarch.rpm
kernel-uek-4.1.12-124.90.3.1.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.90.3.1.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.90.3.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.90.3.1.el6uek.x86_64.rpm

Description of changes:

[4.1.12-124.90.3.1.el6uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37132352]