[El-errata] ELSA-2024-3760 Important: Oracle Linux 7 ipa security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Jun 13 12:47:12 UTC 2024
Oracle Linux Security Advisory ELSA-2024-3760
http://linux.oracle.com/errata/ELSA-2024-3760.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
ipa-client-4.6.8-5.0.1.el7_9.17.x86_64.rpm
ipa-client-common-4.6.8-5.0.1.el7_9.17.noarch.rpm
ipa-common-4.6.8-5.0.1.el7_9.17.noarch.rpm
ipa-python-compat-4.6.8-5.0.1.el7_9.17.noarch.rpm
ipa-server-4.6.8-5.0.1.el7_9.17.x86_64.rpm
ipa-server-common-4.6.8-5.0.1.el7_9.17.noarch.rpm
ipa-server-dns-4.6.8-5.0.1.el7_9.17.noarch.rpm
ipa-server-trust-ad-4.6.8-5.0.1.el7_9.17.x86_64.rpm
python2-ipaclient-4.6.8-5.0.1.el7_9.17.noarch.rpm
python2-ipalib-4.6.8-5.0.1.el7_9.17.noarch.rpm
python2-ipaserver-4.6.8-5.0.1.el7_9.17.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//ipa-4.6.8-5.0.1.el7_9.17.src.rpm
Related CVEs:
CVE-2024-3183
Description of changes:
[4.6.8-5.0.1.el7_9.17]
- Blank out header-logo.png product-name.png
- Replace login-screen-logo.png [Orabug: 20362818]
[4.6.8-5.el7_9.17]
- Resolves: RHEL-29926 ipa: user can obtain a hash of the passwords of all domain users and perform offline brute force
More information about the El-errata
mailing list