[El-errata] ELSA-2024-11219 Moderate: Oracle Linux 9 edk2:20240524 security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Fri Dec 20 10:48:51 UTC 2024
Oracle Linux Security Advisory ELSA-2024-11219
http://linux.oracle.com/errata/ELSA-2024-11219.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
edk2-aarch64-20240524-6.0.1.el9_5.3.noarch.rpm
edk2-ovmf-20240524-6.0.1.el9_5.3.noarch.rpm
edk2-tools-20240524-6.0.1.el9_5.3.x86_64.rpm
edk2-tools-doc-20240524-6.0.1.el9_5.3.noarch.rpm
aarch64:
edk2-aarch64-20240524-6.0.1.el9_5.3.noarch.rpm
edk2-ovmf-20240524-6.0.1.el9_5.3.noarch.rpm
edk2-tools-20240524-6.0.1.el9_5.3.aarch64.rpm
edk2-tools-doc-20240524-6.0.1.el9_5.3.noarch.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//edk2-20240524-6.0.1.el9_5.3.src.rpm
Related CVEs:
CVE-2024-38796
Description of changes:
[20240524-6.0.1.el9_5.3]
- edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-58631]
- Resolves: RHEL-58631
([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater)
- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66230]
- Resolves: RHEL-66230
([Regression] [aarch64] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-65725]
- Resolves: RHEL-65725
([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
- edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
- edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
- edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60833]
- Resolves: RHEL-56248
(507x510 display resolution should not crash the firmware [edk2,rhel-9.6])
- Resolves: RHEL-60833
(CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-9.6])
More information about the El-errata
mailing list