[El-errata] ELSA-2024-8935 Moderate: Oracle Linux 9 edk2 security update

Fri Nov 8 09:45:41 UTC 2024

Oracle Linux Security Advisory ELSA-2024-8935

http://linux.oracle.com/errata/ELSA-2024-8935.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
edk2-ovmf-20231122-6.0.1.el9_4.4.noarch.rpm
edk2-aarch64-20231122-6.0.1.el9_4.4.noarch.rpm
edk2-tools-20231122-6.0.1.el9_4.4.x86_64.rpm
edk2-tools-doc-20231122-6.0.1.el9_4.4.noarch.rpm

aarch64:
edk2-aarch64-20231122-6.0.1.el9_4.4.noarch.rpm
edk2-ovmf-20231122-6.0.1.el9_4.4.noarch.rpm
edk2-tools-20231122-6.0.1.el9_4.4.aarch64.rpm
edk2-tools-doc-20231122-6.0.1.el9_4.4.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//edk2-20231122-6.0.1.el9_4.4.src.rpm

Related CVEs:

CVE-2024-6119

Description of changes:

[20231122-6.0.1.el9_4.4]
- Replace upstream references [Orabug:36569119]

[20231122-6.el9_4.4]
- edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch [RHEL-55337]
- Resolves: RHEL-55337
  (CVE-2024-6119 edk2/openssl: Possible denial of service in X.509 name checks [rhel-9.4.z])