From el-errata at oss.oracle.com Sat Mar 1 12:22:53 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Sat, 1 Mar 2025 12:22:53 +0000
Subject: [El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8
(ELSA-2025-20100)
References: <d4f8c45bd487860fba221923d02e879a.apache@ksplice.com>
Message-ID: <mailman.15.1740831784.18.el-errata@oss.oracle.com>
Synopsis: ELSA-2025-20100 can now be patched using Ksplice
CVEs: CVE-2024-38538 CVE-2024-49996 CVE-2024-50264 CVE-2024-50265 CVE-2024-50273 CVE-2024-50278 CVE-2024-50279 CVE-2024-50301 CVE-2024-53103 CVE-2024-53104 CVE-2024-53112 CVE-2024-53140 CVE-2024-53141 CVE-2024-53146 CVE-2024-53155 CVE-2024-53173 CVE-2024-53174 CVE-2024-53680 CVE-2024-56558 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603 CVE-2024-56605 CVE-2024-56606 CVE-2024-56637 CVE-2024-56650 CVE-2024-56739 CVE-2024-56770 CVE-2024-57850 CVE-2024-57901 CVE-2024-57902
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2025-20100.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2025-20100.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on
OL7 and OL8 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2024-38538: Data corruption in 802.1d Ethernet Bridging.
A missing check when sending a short skb in the 802.1d Ethernet
Bridging driver could lead to use of uninitialized memory. An
attacker could use this flaw to cause data corruption.
* CVE-2024-49996: Privilege escalation in SMB3 and CIFS driver.
A missing check when parsing NFS reparse points in the SMB3 and CIFS
driver could lead to an out-of-bounds memory access. A remote attacker
could use this flaw to escalate privileges.
* CVE-2024-50264: Privilege escalation in Virtual Socket protocol driver.
A missing variable initialization during loopback communication in the
Virtual Socket protocol driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.
* CVE-2024-50265: Denial-of-service in OCFS2 filesystem.
A logic error when setting extended attributes in the OCFS2 filesystem
could lead to a NULL pointer dereference. A local attacker could use
this flaw to cause a denial-of-service.
* CVE-2024-50273: Denial-of-service in Btrfs filesystem driver.
A logic error when handling delayed reference counting in the Btrfs
filesystem driver could lead to a use-after-free. A local attacker could
use this flaw to cause a denial-of-service.
* CVE-2024-50278, CVE-2024-50279: Privilege escalation in Cache target driver.
Logic errors when manipulating cache in the Cache target driver could
lead to an out-of-bounds memory access. A local attacker could use this
flaw to escalate privileges.
* CVE-2024-50301: Privilege escalation in Keyring subsystem.
A missing check when checking if a key can be used in the Keyring
subsystem could lead to an out-of-bounds memory access. A local attacker
could use this flaw to escalate privileges.
* CVE-2024-53103: Privilege escalation in Virtual Socket protocol driver.
A missing variable initialization when destroying socket in the Virtual
Socket protocol driver could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.
* CVE-2024-53104: Privilege escalation in USB Video Class driver.
A missing check when using the UVC driver could lead to an out-of-bounds
memory write. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-53112: Denial-of-service in OCFS2 filesystem.
A missing check when using OCFS2_IOC_GROUP_ADD ioctl in the OCFS2
filesystem could lead to a kernel assertion failure. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2024-53140: Privilege escalation in netlink driver.
A logic error when using the netlink driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-53141: Privilege escalation in netfilter (IP set) subsystem.
A missing check when updating the bitmap for IP addresses in the
netfilter subsystem could lead to an out-of-bounds memory access.
A local attacker could use this flaw to escalate privileges.
* CVE-2024-53146: Information leak in NFS server driver.
A logic error when using the NFS server driver could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
extract sensitive information.
* CVE-2024-53155: Information leak in OCFS2 filesystem.
A missing variable initialization when using the OCFS2 filesystem could
lead to use of uninitialized memory. A local attacker could use this
flaw to extract sensitive information.
* CVE-2024-53173: Privilege escalation in NFS client driver.
A logic error when opening multiple files concurrently in the NFS client
driver could lead to a use-after-free. A local attacker could use this
flaw to escalate privileges.
* CVE-2024-53174: Privilege escalation in SUNRPC networking stack.
A missing check when using the SUNRPC networking stack could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-53680: Denial-of-service in IP virtual server driver.
Undefined behaviour in the IP virtual server driver could lead to a
kernel panic. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-56558: Privilege escalation in NFS server driver.
A missing check when using the NFS server driver could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-56600: Privilege escalation in IPv6 networking stack.
A missing variable initialization when creating a socket fails in the
IPv6 networking stack could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.
* CVE-2024-56601: Privilege escalation in IPv4 networking stack.
A missing variable initialization when creating a socket fails in the
IPv4 networking stack could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.
* CVE-2024-56602: Privilege escalation in IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver.
A missing variable initialization when creating a socket fails in the
IEEE Std 802.15.4 Low-Rate Wireless Personal Area Networks driver could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-56603: Privilege escalation in CAN bus subsystem driver.
A missing variable initialization when creating a CAN socket fails in
the CAN bus subsystem driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.
* CVE-2024-56605: Privilege escalation in Bluetooth subsystem driver.
A missing variable initialization when creating a l2cap socket fails in
the Bluetooth subsystem driver could lead to a use-after-free. A local
attacker could use this flaw to escalate privileges.
* CVE-2024-56606: Privilege escalation in packet protocol networking stack.
A logic error when using the packet protocol networking stack could lead
to a use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-56637: Denial-of-service in netfilter (IP set) subsystem.
A logic error when using the netfilter (IP set) subsystem could lead to
a kernel crash. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-56650: Privilege escalation in netfilter subsystem.
A missing check when using the netfilter subsystem could lead to an
out-of-bounds memory access. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-56739: Denial-of-service in RTC subsystem.
A locking error when using the RTC subsystem could lead to kernel
soft-lockup. A local attacker could use this flaw to cause a
denial-of-service.
* CVE-2024-56770: Privilege escalation in network emulator.
A logic error when using the network emulator could lead to an integer
overflow. A local attacker could use this flaw to escalate privileges.
* CVE-2024-57850: Memory corruption in JFFS2 filesystem.
A missing check when using the JFFS2 filesystem could lead to an
out-of-bounds memory write. A local attacker could use this flaw to
cause memory corruption.
* CVE-2024-57901, CVE-2024-57902: Remote denial-of-service in packet protocol networking stack.
A logic error when receiving a message using the packet protocol
networking stack could lead to a kernel panic. A remote attacker
could use this flaw to cause a denial-of-service.
* Denial-of-service in Mellanox network adapter driver.
A logic error in the Mellanox network adapter driver code causes
truncation of the user access region (UAR) page index when using
the dynamic UAR feature if there are more than 35,000 completion
queues, leading to severe performance degradation and eventually
a denial-of-service.
Orabug: 37029739
* Note: Oracle has determined some CVEs are not applicable.
The kernel is not affected by the following CVEs
since the code under consideration is not compiled.
CVE-2022-49034, CVE-2024-43098, CVE-2024-50051, CVE-2024-50269,
CVE-2024-50287, CVE-2024-50296, CVE-2024-53130, CVE-2024-53131,
CVE-2024-53145, CVE-2024-53148, CVE-2024-53158, CVE-2024-53161,
CVE-2024-53165, CVE-2024-53181, CVE-2024-53183, CVE-2024-53184,
CVE-2024-56548, CVE-2024-56562, CVE-2024-56567, CVE-2024-56572,
CVE-2024-56581, CVE-2024-56586, CVE-2024-56595, CVE-2024-56596,
CVE-2024-56597, CVE-2024-56598, CVE-2024-56619, CVE-2024-56634,
CVE-2024-56643, CVE-2024-56645, CVE-2024-56659, CVE-2024-56691,
CVE-2024-56700, CVE-2024-56704, CVE-2024-56723, CVE-2024-56724,
CVE-2024-56746, CVE-2024-56766, CVE-2024-56781, CVE-2024-57849
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
From el-errata at oss.oracle.com Mon Mar 3 13:22:49 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 03 Mar 2025 05:22:49 -0800
Subject: [El-errata] ELSA-2025-1659 Moderate: Oracle Linux 9 kernel security
update
Message-ID: <mailman.16.1741008181.18.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1659
http://linux.oracle.com/errata/ELSA-2025-1659.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-7.4.0-503.26.1.el9_5.x86_64.rpm
kernel-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-abi-stablelists-5.14.0-503.26.1.el9_5.noarch.rpm
kernel-core-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-cross-headers-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-debug-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-debug-core-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-debug-devel-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-debug-devel-matched-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-debug-modules-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-debug-modules-core-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-debug-modules-extra-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-debug-uki-virt-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-devel-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-devel-matched-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-doc-5.14.0-503.26.1.el9_5.noarch.rpm
kernel-headers-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-modules-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-modules-core-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-modules-extra-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-tools-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-tools-libs-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-tools-libs-devel-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-uki-virt-5.14.0-503.26.1.el9_5.x86_64.rpm
kernel-uki-virt-addons-5.14.0-503.26.1.el9_5.x86_64.rpm
libperf-5.14.0-503.26.1.el9_5.x86_64.rpm
perf-5.14.0-503.26.1.el9_5.x86_64.rpm
python3-perf-5.14.0-503.26.1.el9_5.x86_64.rpm
rtla-5.14.0-503.26.1.el9_5.x86_64.rpm
rv-5.14.0-503.26.1.el9_5.x86_64.rpm
aarch64:
bpftool-7.4.0-503.26.1.el9_5.aarch64.rpm
kernel-cross-headers-5.14.0-503.26.1.el9_5.aarch64.rpm
kernel-headers-5.14.0-503.26.1.el9_5.aarch64.rpm
kernel-tools-5.14.0-503.26.1.el9_5.aarch64.rpm
kernel-tools-libs-5.14.0-503.26.1.el9_5.aarch64.rpm
kernel-tools-libs-devel-5.14.0-503.26.1.el9_5.aarch64.rpm
perf-5.14.0-503.26.1.el9_5.aarch64.rpm
python3-perf-5.14.0-503.26.1.el9_5.aarch64.rpm
rtla-5.14.0-503.26.1.el9_5.aarch64.rpm
rv-5.14.0-503.26.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-503.26.1.el9_5.src.rpm
Related CVEs:
CVE-2023-52490
Description of changes:
- [5.14.0-503.26.1.el9_5.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
[5.14.0-503.26.1.el9_5]
- redhat: drop Y issues from changelog (Jan Stancek)
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (CKI Backport Bot) [RHEL-78075] {CVE-2024-53104}
[5.14.0-503.25.1.el9_5]
- md/md-bitmap: fix writing non bitmap pages (CKI Backport Bot) [RHEL-76800]
[5.14.0-503.24.1.el9_5]
- smb: client: fix potential race in cifs_put_tcon() (Jay Shin) [RHEL-73594 RHEL-70959]
- smb: client: don't try following DFS links in cifs_tree_connect() (Jay Shin) [RHEL-73594 RHEL-70959]
- smb: client: allow reconnect when sending ioctl (Jay Shin) [RHEL-73594 RHEL-70959]
- smb: client: get rid of @nlsc param in cifs_tree_connect() (Jay Shin) [RHEL-73594 RHEL-70959]
- smb: client: allow more DFS referrals to be cached (Jay Shin) [RHEL-73594 RHEL-70959]
- smb3: fix broken reconnect when password changing on the server by allowing password rotation (Jay Shin) [RHEL-73594 RHEL-57983]
- i40e: Fix handling changed priv flags (Kamal Heib) [RHEL-69857 RHEL-30524]
- mm: migrate: fix getting incorrect page mapping during page migration (Rafael Aquini) [RHEL-70898 RHEL-27742 RHEL-28873] {CVE-2023-52490}
- mm: migrate: record the mlocked page status to remove unnecessary lru drain (Rafael Aquini) [RHEL-70898 RHEL-27742]
- mm: convert migrate_pages() to work on folios (Rafael Aquini) [RHEL-70898 RHEL-27742]
- migrate_pages_batch: simplify retrying and failure counting of large folios (Rafael Aquini) [RHEL-70898 RHEL-27742]
From el-errata at oss.oracle.com Mon Mar 3 13:22:50 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 03 Mar 2025 05:22:50 -0800
Subject: [El-errata] ELSA-2025-1915 Important: Oracle Linux 9 emacs security
update
Message-ID: <mailman.17.1741008183.18.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1915
http://linux.oracle.com/errata/ELSA-2025-1915.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
emacs-27.2-11.el9_5.1.x86_64.rpm
emacs-common-27.2-11.el9_5.1.x86_64.rpm
emacs-filesystem-27.2-11.el9_5.1.noarch.rpm
emacs-lucid-27.2-11.el9_5.1.x86_64.rpm
emacs-nox-27.2-11.el9_5.1.x86_64.rpm
aarch64:
emacs-27.2-11.el9_5.1.aarch64.rpm
emacs-common-27.2-11.el9_5.1.aarch64.rpm
emacs-filesystem-27.2-11.el9_5.1.noarch.rpm
emacs-lucid-27.2-11.el9_5.1.aarch64.rpm
emacs-nox-27.2-11.el9_5.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//emacs-27.2-11.el9_5.1.src.rpm
Related CVEs:
CVE-2025-1244
Description of changes:
[1:27.2-11.1]
- Eliminate use of obsolete patch syntax (RHEL-80443)
[1:27.2-11]
- Fix man.el shell injection vulnerability (RHEL-79025)
From el-errata at oss.oracle.com Mon Mar 3 13:23:09 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 03 Mar 2025 05:23:09 -0800
Subject: [El-errata] ELBA-2025-20130 Oracle Linux 8 adaptived bug fix update
Message-ID: <mailman.18.1741008200.18.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20130
http://linux.oracle.com/errata/ELBA-2025-20130.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
adaptived-1.0.1-1.el8.x86_64.rpm
aarch64:
adaptived-1.0.1-1.el8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//adaptived-1.0.1-1.el8.src.rpm
Description of changes:
[1.0.1]
- Update to v1.0.1 of upstream adaptived
[1.0.0]
- Initial release
- Delete the devel build RPM
- Disable the automated tests in the spec file
From el-errata at oss.oracle.com Mon Mar 3 13:22:47 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 03 Mar 2025 05:22:47 -0800
Subject: [El-errata] ELBA-2025-20141 Oracle Linux 9 mcelog bug fix update
Message-ID: <mailman.19.1741008201.18.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20141
http://linux.oracle.com/errata/ELBA-2025-20141.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
mcelog-204-1.0.1.el9.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//mcelog-204-1.0.1.el9.src.rpm
Description of changes:
[3:204-1.0.1]
- Rebase to version 204 [Orabug: 37632539]
From el-errata at oss.oracle.com Mon Mar 3 13:23:03 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 03 Mar 2025 05:23:03 -0800
Subject: [El-errata] ELBA-2025-20139 Oracle Linux 9 adaptived bug fix update
Message-ID: <mailman.20.1741008201.18.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20139
http://linux.oracle.com/errata/ELBA-2025-20139.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
adaptived-1.0.1-1.el9.x86_64.rpm
aarch64:
adaptived-1.0.1-1.el9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//adaptived-1.0.1-1.el9.src.rpm
Description of changes:
[1.0.1]
- Initial release of adaptived on OL9
- Utilize v1.0.1 of upstream adaptived
From el-errata at oss.oracle.com Mon Mar 3 13:22:57 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 03 Mar 2025 05:22:57 -0800
Subject: [El-errata] ELBA-2025-1817 Oracle Linux 8 kmod-redhat-oracleasm bug
fix and enhancement update
Message-ID: <mailman.23.1741008203.18.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-1817
http://linux.oracle.com/errata/ELBA-2025-1817.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
kmod-redhat-oracleasm-2.0.8-18.2.0.1.el8_10.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kmod-redhat-oracleasm-2.0.8-18.2.0.1.el8_10.src.rpm
Description of changes:
[2.0.8-18.2.0.1]
- fix Release string. [Orabug: 35011371]
- add OL signature
[2.0.8-18.2]
- Add Obsoletes: tags for 8.4.z kernel-specific sub-packages (RHEL-76082).
- Rebuild against kernel-4.18.0-553.el8_10.
From el-errata at oss.oracle.com Mon Mar 3 13:22:55 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 03 Mar 2025 05:22:55 -0800
Subject: [El-errata] ELBA-2025-20141 Oracle Linux 8 mcelog bug fix update
Message-ID: <mailman.24.1741008209.18.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20141
http://linux.oracle.com/errata/ELBA-2025-20141.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
mcelog-204-1.0.1.el8.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//mcelog-204-1.0.1.el8.src.rpm
Description of changes:
[3:204-1.0.1]
- Rebase to version 204 [Orabug: 37632649]
From el-errata at oss.oracle.com Mon Mar 3 13:22:58 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 03 Mar 2025 05:22:58 -0800
Subject: [El-errata] ELSA-2025-1917 Important: Oracle Linux 8 emacs security
update
Message-ID: <mailman.25.1741008212.18.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1917
http://linux.oracle.com/errata/ELSA-2025-1917.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
emacs-26.1-13.el8_10.x86_64.rpm
emacs-common-26.1-13.el8_10.x86_64.rpm
emacs-filesystem-26.1-13.el8_10.noarch.rpm
emacs-lucid-26.1-13.el8_10.x86_64.rpm
emacs-nox-26.1-13.el8_10.x86_64.rpm
emacs-terminal-26.1-13.el8_10.noarch.rpm
aarch64:
emacs-26.1-13.el8_10.aarch64.rpm
emacs-common-26.1-13.el8_10.aarch64.rpm
emacs-filesystem-26.1-13.el8_10.noarch.rpm
emacs-lucid-26.1-13.el8_10.aarch64.rpm
emacs-nox-26.1-13.el8_10.aarch64.rpm
emacs-terminal-26.1-13.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//emacs-26.1-13.el8_10.src.rpm
Related CVEs:
CVE-2025-1244
Description of changes:
[1:26.1-13]
- Fix man.el shell injection vulnerability (RHEL-79016)
From el-errata at oss.oracle.com Fri Mar 7 12:56:51 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:56:51 -0800
Subject: [El-errata] ELBA-2025-20142 Oracle Linux 9 cockpit bug fix update
Message-ID: <mailman.3.1741352222.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20142
http://linux.oracle.com/errata/ELBA-2025-20142.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
cockpit-323.1-1.0.3.el9_5.x86_64.rpm
cockpit-bridge-323.1-1.0.3.el9_5.x86_64.rpm
cockpit-doc-323.1-1.0.3.el9_5.noarch.rpm
cockpit-system-323.1-1.0.3.el9_5.noarch.rpm
cockpit-ws-323.1-1.0.3.el9_5.x86_64.rpm
cockpit-packagekit-323.1-1.0.3.el9_5.noarch.rpm
cockpit-pcp-323.1-1.0.3.el9_5.x86_64.rpm
cockpit-storaged-323.1-1.0.3.el9_5.noarch.rpm
aarch64:
cockpit-323.1-1.0.3.el9_5.aarch64.rpm
cockpit-bridge-323.1-1.0.3.el9_5.aarch64.rpm
cockpit-doc-323.1-1.0.3.el9_5.noarch.rpm
cockpit-system-323.1-1.0.3.el9_5.noarch.rpm
cockpit-ws-323.1-1.0.3.el9_5.aarch64.rpm
cockpit-packagekit-323.1-1.0.3.el9_5.noarch.rpm
cockpit-pcp-323.1-1.0.3.el9_5.aarch64.rpm
cockpit-storaged-323.1-1.0.3.el9_5.noarch.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//cockpit-323.1-1.0.3.el9_5.src.rpm
Description of changes:
[323.1-1.0.3]
- Moved update-motd out of cockpit_ws_t selinux context [Orabug: 37578946]
From el-errata at oss.oracle.com Fri Mar 7 12:56:52 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:56:52 -0800
Subject: [El-errata] ELBA-2025-20145 Oracle Linux 9 openssh bug fix update
Message-ID: <mailman.4.1741352224.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20145
http://linux.oracle.com/errata/ELBA-2025-20145.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
openssh-8.7p1-43.0.2.el9.x86_64.rpm
openssh-askpass-8.7p1-43.0.2.el9.x86_64.rpm
openssh-clients-8.7p1-43.0.2.el9.x86_64.rpm
openssh-keycat-8.7p1-43.0.2.el9.x86_64.rpm
openssh-server-8.7p1-43.0.2.el9.x86_64.rpm
pam_ssh_agent_auth-0.10.4-5.43.0.2.el9.x86_64.rpm
aarch64:
openssh-8.7p1-43.0.2.el9.aarch64.rpm
openssh-askpass-8.7p1-43.0.2.el9.aarch64.rpm
openssh-clients-8.7p1-43.0.2.el9.aarch64.rpm
openssh-keycat-8.7p1-43.0.2.el9.aarch64.rpm
openssh-server-8.7p1-43.0.2.el9.aarch64.rpm
pam_ssh_agent_auth-0.10.4-5.43.0.2.el9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//openssh-8.7p1-43.0.2.el9.src.rpm
Description of changes:
[8.7p1-43.0.2]
- upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand [Orabug: 37647064]
From el-errata at oss.oracle.com Fri Mar 7 12:56:54 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:56:54 -0800
Subject: [El-errata] ELBA-2025-2263 Oracle Linux 9 kernel bug fix and
enhancement update
Message-ID: <mailman.5.1741352224.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2263
http://linux.oracle.com/errata/ELBA-2025-2263.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-7.4.0-503.29.1.el9_5.x86_64.rpm
kernel-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-abi-stablelists-5.14.0-503.29.1.el9_5.noarch.rpm
kernel-core-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-debug-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-debug-core-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-debug-devel-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-debug-devel-matched-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-debug-modules-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-debug-modules-core-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-debug-modules-extra-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-debug-uki-virt-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-devel-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-devel-matched-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-doc-5.14.0-503.29.1.el9_5.noarch.rpm
kernel-headers-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-modules-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-modules-core-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-modules-extra-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-tools-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-tools-libs-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-uki-virt-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-uki-virt-addons-5.14.0-503.29.1.el9_5.x86_64.rpm
perf-5.14.0-503.29.1.el9_5.x86_64.rpm
python3-perf-5.14.0-503.29.1.el9_5.x86_64.rpm
rtla-5.14.0-503.29.1.el9_5.x86_64.rpm
rv-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-cross-headers-5.14.0-503.29.1.el9_5.x86_64.rpm
kernel-tools-libs-devel-5.14.0-503.29.1.el9_5.x86_64.rpm
libperf-5.14.0-503.29.1.el9_5.x86_64.rpm
aarch64:
bpftool-7.4.0-503.29.1.el9_5.aarch64.rpm
kernel-tools-5.14.0-503.29.1.el9_5.aarch64.rpm
kernel-tools-libs-5.14.0-503.29.1.el9_5.aarch64.rpm
perf-5.14.0-503.29.1.el9_5.aarch64.rpm
python3-perf-5.14.0-503.29.1.el9_5.aarch64.rpm
rtla-5.14.0-503.29.1.el9_5.aarch64.rpm
rv-5.14.0-503.29.1.el9_5.aarch64.rpm
kernel-cross-headers-5.14.0-503.29.1.el9_5.aarch64.rpm
kernel-tools-libs-devel-5.14.0-503.29.1.el9_5.aarch64.rpm
kernel-headers-5.14.0-503.29.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-503.29.1.el9_5.src.rpm
Description of changes:
- [5.14.0-503.29.1.el9_5.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
[5.14.0-503.29.1.el9_5]
- rhel-9.5: gate on kernel-qe tests results not cki ones (Bruno Goncalves)
- ice: implement low latency PHY timer updates (Petr Oros) [RHEL-75466]
- ice: check low latency PHY timer update firmware capability (Petr Oros) [RHEL-75466]
- ice: add lock to protect low latency interface (Petr Oros) [RHEL-75466]
- ice: rename TS_LL_READ* macros to REG_LL_PROXY_H_* (Petr Oros) [RHEL-75466]
- ice: use read_poll_timeout_atomic in ice_read_phy_tstamp_ll_e810 (Petr Oros) [RHEL-75466]
- smb: client: get rid of kstrdup() in get_ses_refpath() (Paulo Alcantara) [RHEL-72875]
- smb: client: fix noisy when tree connecting to DFS interlink targets (Paulo Alcantara) [RHEL-72875]
- smb: client: don't trust DFSREF_STORAGE_SERVER bit (Paulo Alcantara) [RHEL-72875]
- smb: client: don't check for @leaf_fullpath in match_server() (Paulo Alcantara) [RHEL-72875]
- smb: client: get rid of TCP_Server_Info::refpath_lock (Paulo Alcantara) [RHEL-72875]
- smb: client: don't retry DFS targets on server shutdown (Paulo Alcantara) [RHEL-72875]
- smb: client: fix return value of parse_dfs_referrals() (Paulo Alcantara) [RHEL-72875]
- smb: client: optimize referral walk on failed link targets (Paulo Alcantara) [RHEL-72875]
- smb: client: provide dns_resolve_{unc,name} helpers (Paulo Alcantara) [RHEL-72875]
- smb: client: parse DNS domain name from domain= option (Paulo Alcantara) [RHEL-72875]
- smb: client: fix DFS mount against old servers with NTLMSSP (Paulo Alcantara) [RHEL-72875]
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (Paulo Alcantara) [RHEL-72875]
- smb: client: introduce av_for_each_entry() helper (Paulo Alcantara) [RHEL-72875]
- smb: client: fix double free of TCP_Server_Info::hostname (Paulo Alcantara) [RHEL-72875]
- cifs: support mounting with alternate password to allow password rotation (Paulo Alcantara) [RHEL-72875]
- cifs: support reconnect with alternate password for SMB1 (Paulo Alcantara) [RHEL-72875]
- smb: client: sync the root session and superblock context passwords before automounting (Paulo Alcantara) [RHEL-72875]
- cifs: unlock on error in smb3_reconfigure() (Paulo Alcantara) [RHEL-72875]
- cifs: during remount, make sure passwords are in sync (Paulo Alcantara) [RHEL-72875]
- smb: client: Handle kstrdup failures for passwords (Paulo Alcantara) [RHEL-72875] {CVE-2024-50120}
- smb: client: fix TCP timers deadlock after rmmod (Paulo Alcantara) [RHEL-72875] {CVE-2024-54680}
- smb: client: Fix use-after-free of network namespace. (Paulo Alcantara) [RHEL-72875] {CVE-2024-53095}
- Fix spelling errors in Server Message Block (Paulo Alcantara) [RHEL-72875]
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (CKI Backport Bot) [RHEL-78423]
[5.14.0-503.28.1.el9_5]
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (CKI Backport Bot) [RHEL-73726]
- intel_idle: Disable promotion to C1E on Jasper Lake and Elkhart Lake (David Arcari) [RHEL-62985]
- intel_idle: add Granite Rapids Xeon support (David Arcari) [RHEL-62985]
- intel_idle: Switch to new Intel CPU model defines (David Arcari) [RHEL-62985]
- x86/resctrl: Remove redundant variable in mbm_config_write_domain() (David Arcari) [RHEL-59001]
- x86/resctrl: Read supported bandwidth sources from CPUID (David Arcari) [RHEL-59001]
- x86/resctrl: Remove hard-coded memory bandwidth limit (David Arcari) [RHEL-59001]
- mei: me: disable RPL-S on SPS and IGN firmwares (CKI Backport Bot) [RHEL-60895]
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (Jay Shin) [RHEL-75935]
- smb: client: disable directory caching when dir_cache_timeout is zero (Jay Shin) [RHEL-75935]
- smb: client: remove unnecessary checks in open_cached_dir() (Jay Shin) [RHEL-75935]
- smb: prevent use-after-free due to open_cached_dir error paths (Jay Shin) [RHEL-75935] {CVE-2024-53177}
- smb: Don't leak cfid when reconnect races with open_cached_dir (Jay Shin) [RHEL-75935] {CVE-2024-53178}
- smb3: request handle caching when caching directories (Jay Shin) [RHEL-75935]
- bnxt_en: Unregister PTP during PCI shutdown and suspend (Michal Schmidt) [RHEL-69514]
- bnxt_en: Refactor bnxt_ptp_init() (Michal Schmidt) [RHEL-69514]
- smb: client: ignore unhandled reparse tags (Jay Shin) [RHEL-77743]
- smb: client: fix oops due to unset link speed (Jay Shin) [RHEL-77359]
[5.14.0-503.27.1.el9_5]
- NFS: enable nconnect for RDMA (Benjamin Coddington) [RHEL-77179]
- Revert "scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo" (Dick Kennedy) [RHEL-70933]
- idpf: fix idpf_vc_core_init error path (CKI Backport Bot) [RHEL-70191]
- idpf: avoid vport access in idpf_get_link_ksettings (CKI Backport Bot) [RHEL-70191]
- ip6mr: fix tables suspicious RCU usage (Andrea Claudi) [RHEL-71730]
- ipmr: tune the ipmr_can_free_table() checks. (Andrea Claudi) [RHEL-71730]
- ipmr: add debug check for mr table cleanup (Andrea Claudi) [RHEL-71730]
- net: ip6mr: add RTM_GETROUTE netlink op (Andrea Claudi) [RHEL-71730]
- i40e: add ability to reset VF for Tx and Rx MDD events (Michal Schmidt) [RHEL-75972]
- tcp: fix mptcp DSS corruption due to large pmtu xmit (Paolo Abeni) [RHEL-62215]
- mptcp: handle consistently DSS corruption (Paolo Abeni) [RHEL-62215]
From el-errata at oss.oracle.com Fri Mar 7 12:56:55 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:56:55 -0800
Subject: [El-errata] ELSA-2025-2035 Important: Oracle Linux 9 webkit2gtk3
security update
Message-ID: <mailman.6.1741352225.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2035
http://linux.oracle.com/errata/ELSA-2025-2035.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
webkit2gtk3-2.46.6-1.el9_5.i686.rpm
webkit2gtk3-2.46.6-1.el9_5.x86_64.rpm
webkit2gtk3-devel-2.46.6-1.el9_5.i686.rpm
webkit2gtk3-devel-2.46.6-1.el9_5.x86_64.rpm
webkit2gtk3-jsc-2.46.6-1.el9_5.i686.rpm
webkit2gtk3-jsc-2.46.6-1.el9_5.x86_64.rpm
webkit2gtk3-jsc-devel-2.46.6-1.el9_5.i686.rpm
webkit2gtk3-jsc-devel-2.46.6-1.el9_5.x86_64.rpm
aarch64:
webkit2gtk3-2.46.6-1.el9_5.aarch64.rpm
webkit2gtk3-devel-2.46.6-1.el9_5.aarch64.rpm
webkit2gtk3-jsc-2.46.6-1.el9_5.aarch64.rpm
webkit2gtk3-jsc-devel-2.46.6-1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//webkit2gtk3-2.46.6-1.el9_5.src.rpm
Related CVEs:
CVE-2024-54543
CVE-2025-24143
CVE-2025-24150
CVE-2025-24158
CVE-2025-24162
Description of changes:
[2.46.6-1]
- Update to 2.46.6
From el-errata at oss.oracle.com Fri Mar 7 12:56:57 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:56:57 -0800
Subject: [El-errata] ELSA-2025-2359 Important: Oracle Linux 9 firefox
security update
Message-ID: <mailman.7.1741352225.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2359
http://linux.oracle.com/errata/ELSA-2025-2359.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
firefox-128.8.0-1.0.1.el9_5.x86_64.rpm
firefox-x11-128.8.0-1.0.1.el9_5.x86_64.rpm
aarch64:
firefox-128.8.0-1.0.1.el9_5.aarch64.rpm
firefox-x11-128.8.0-1.0.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//firefox-128.8.0-1.0.1.el9_5.src.rpm
Related CVEs:
CVE-2025-1930
CVE-2025-1931
CVE-2025-1932
CVE-2025-1933
CVE-2025-1934
CVE-2025-1935
CVE-2025-1936
CVE-2025-1937
CVE-2025-1938
Description of changes:
[128.8.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file
[128.8.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)
[128.8.0-1]
- Update to 128.8.0 build1
From el-errata at oss.oracle.com Fri Mar 7 12:57:01 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:57:01 -0800
Subject: [El-errata] ELBA-2025-20129 Oracle Linux 8
oracle-database-preinstall-23ai bug fix update
Message-ID: <mailman.8.1741352229.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20129
http://linux.oracle.com/errata/ELBA-2025-20129.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
oracle-database-preinstall-23ai-1.0-4.el8.x86_64.rpm
aarch64:
oracle-database-preinstall-23ai-1.0-4.el8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//oracle-database-preinstall-23ai-1.0-4.el8.src.rpm
Description of changes:
[[1.0-4.el8]]
- Added minimum versions for some of the dependencies [Orabug: 37001816]
- Added minimum versions for aarch64 [Orabug: 37187987]
- Remove ethtool from dependencies [Orabug: 37222009]
[[1.0-3.el8]]
- Add gcc, libgfortran and libnsl2 to the dependencies [Orabug: 37068703]
From el-errata at oss.oracle.com Fri Mar 7 12:57:03 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:57:03 -0800
Subject: [El-errata] ELBA-2025-20144 Oracle Linux 8 mokutil bug fix update
Message-ID: <mailman.9.1741352231.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20144
http://linux.oracle.com/errata/ELBA-2025-20144.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
mokutil-0.6.0-1.0.2.el8.x86_64.rpm
aarch64:
mokutil-0.6.0-1.0.2.el8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//mokutil-0.6.0-1.0.2.el8.src.rpm
Description of changes:
[0.6.0-1.0.2]
- Show usage instead of aborting on bad flags [Orabug: 37565815]
[0.6.0-1.0.1]
- Update to 0.6.0 [Orabug: 33770149]
- Fix build with keyutils [Orabug: 33770149]
From el-errata at oss.oracle.com Fri Mar 7 12:57:04 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:57:04 -0800
Subject: [El-errata] ELBA-2025-2352 Oracle Linux 8 kernel bug fix and
enhancement update
Message-ID: <mailman.10.1741352232.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2352
http://linux.oracle.com/errata/ELBA-2025-2352.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.42.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.42.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.42.1.el8_10.x86_64.rpm
perf-4.18.0-553.42.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.42.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.42.1.el8_10.x86_64.rpm
aarch64:
bpftool-4.18.0-553.42.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.42.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.42.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.42.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.42.1.el8_10.aarch64.rpm
perf-4.18.0-553.42.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.42.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.42.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.42.1.el8_10.src.rpm
Description of changes:
[4.18.0-553.42.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
[4.18.0-553.42.1.el8_10]
- net: skb: exclude the single page frag cache for too small alloc (Paolo Abeni) [RHEL-66261]
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Olga Kornievskaia) [RHEL-79458]
- mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa) [RHEL-64950]
- scsi: st: Don't set pos_unknown just after device recognition (John Meneghini) [RHEL-78415]
- ovl: fix use inode directly in rcu-walk mode (Miklos Szeredi) [RHEL-76161]
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (Kamal Heib) [RHEL-75826]
[4.18.0-553.41.1.el8_10]
- virtio-net: correctly enable callback during start_xmit (Laurent Vivier) [RHEL-72886]
- dm snapshot: fix lockup in dm_exception_table_exit (Benjamin Marzinski) [RHEL-76230 RHEL-34599]
From el-errata at oss.oracle.com Fri Mar 7 12:57:05 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:57:05 -0800
Subject: [El-errata] ELSA-2025-2034 Important: Oracle Linux 8 webkit2gtk3
security update
Message-ID: <mailman.11.1741352234.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2034
http://linux.oracle.com/errata/ELSA-2025-2034.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
webkit2gtk3-2.46.6-1.el8_10.i686.rpm
webkit2gtk3-2.46.6-1.el8_10.x86_64.rpm
webkit2gtk3-devel-2.46.6-1.el8_10.i686.rpm
webkit2gtk3-devel-2.46.6-1.el8_10.x86_64.rpm
webkit2gtk3-jsc-2.46.6-1.el8_10.i686.rpm
webkit2gtk3-jsc-2.46.6-1.el8_10.x86_64.rpm
webkit2gtk3-jsc-devel-2.46.6-1.el8_10.i686.rpm
webkit2gtk3-jsc-devel-2.46.6-1.el8_10.x86_64.rpm
aarch64:
webkit2gtk3-2.46.6-1.el8_10.aarch64.rpm
webkit2gtk3-devel-2.46.6-1.el8_10.aarch64.rpm
webkit2gtk3-jsc-2.46.6-1.el8_10.aarch64.rpm
webkit2gtk3-jsc-devel-2.46.6-1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//webkit2gtk3-2.46.6-1.el8_10.src.rpm
Related CVEs:
CVE-2024-54543
CVE-2025-24143
CVE-2025-24150
CVE-2025-24158
CVE-2025-24162
Description of changes:
[2.46.6-1]
- Update to 2.46.6
From el-errata at oss.oracle.com Fri Mar 7 12:57:07 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:57:07 -0800
Subject: [El-errata] ELSA-2025-2452 Important: Oracle Linux 8 firefox
security update
Message-ID: <mailman.14.1741352235.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2452
http://linux.oracle.com/errata/ELSA-2025-2452.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
firefox-128.8.0-1.0.1.el8_10.x86_64.rpm
aarch64:
firefox-128.8.0-1.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//firefox-128.8.0-1.0.1.el8_10.src.rpm
Related CVEs:
CVE-2025-1930
CVE-2025-1931
CVE-2025-1932
CVE-2025-1933
CVE-2025-1934
CVE-2025-1935
CVE-2025-1936
CVE-2025-1937
CVE-2025-1938
Description of changes:
[128.8.0-1.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789]
[128.8.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)
[128.8.0-1]
- Update to 128.8.0 build1
From el-errata at oss.oracle.com Fri Mar 7 12:57:12 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:57:12 -0800
Subject: [El-errata] ELSA-2024-11049 Important: Oracle Linux 7 squid
security update
Message-ID: <mailman.15.1741352241.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2024-11049
http://linux.oracle.com/errata/ELSA-2024-11049.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
squid-3.5.20-17.0.5.el7_9.13.x86_64.rpm
squid-migration-script-3.5.20-17.0.5.el7_9.13.x86_64.rpm
squid-sysvinit-3.5.20-17.0.5.el7_9.13.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//squid-3.5.20-17.0.5.el7_9.13.src.rpm
Related CVEs:
CVE-2023-46846
Description of changes:
[7:3.5.20-17.0.5.13]
- Fixed cve 2023-46846 for http and icap request/response smuggling [Orabug: 37326730]
From el-errata at oss.oracle.com Fri Mar 7 12:57:14 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:57:14 -0800
Subject: [El-errata] ELSA-2025-1250 Moderate: Oracle Linux 7 python-jinja2
security update
Message-ID: <mailman.16.1741352244.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1250
http://linux.oracle.com/errata/ELSA-2025-1250.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
python-jinja2-2.7.2-4.0.1.el7.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//python-jinja2-2.7.2-4.0.1.el7.src.rpm
Related CVEs:
CVE-2024-56326
Description of changes:
[2.7.2-4.0.1]
- Fix for CVE-2024-56326 [Orabug: 37576737]
From el-errata at oss.oracle.com Fri Mar 7 12:57:15 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 04:57:15 -0800
Subject: [El-errata] ELSA-2025-1255 Moderate: Oracle Linux 7 doxygen
security update
Message-ID: <mailman.17.1741352244.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1255
http://linux.oracle.com/errata/ELSA-2025-1255.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
doxygen-1.8.5-4.0.1.el7.x86_64.rpm
doxygen-doxywizard-1.8.5-4.0.1.el7.x86_64.rpm
doxygen-latex-1.8.5-4.0.1.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//doxygen-1.8.5-4.0.1.el7.src.rpm
Related CVEs:
CVE-2020-11023
Description of changes:
[1:1.8.5-4.0.1]
- Fix CVE-2020-11022 and CVE-2022-11023 in vendored jQuery [Orabug: 37577394]
From el-errata at oss.oracle.com Fri Mar 7 16:49:31 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 07 Mar 2025 08:49:31 -0800
Subject: [El-errata] ELSA-2025-1352 Moderate: Oracle Linux 7 krb5 security
update
Message-ID: <mailman.18.1741366179.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1352
http://linux.oracle.com/errata/ELSA-2025-1352.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
krb5-devel-1.15.1-55.0.9.el7_9.i686.rpm
krb5-devel-1.15.1-55.0.9.el7_9.x86_64.rpm
krb5-libs-1.15.1-55.0.9.el7_9.i686.rpm
krb5-libs-1.15.1-55.0.9.el7_9.x86_64.rpm
krb5-pkinit-1.15.1-55.0.9.el7_9.x86_64.rpm
krb5-server-1.15.1-55.0.9.el7_9.x86_64.rpm
krb5-server-ldap-1.15.1-55.0.9.el7_9.x86_64.rpm
krb5-workstation-1.15.1-55.0.9.el7_9.x86_64.rpm
libkadm5-1.15.1-55.0.9.el7_9.i686.rpm
libkadm5-1.15.1-55.0.9.el7_9.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//krb5-1.15.1-55.0.9.el7_9.src.rpm
Related CVEs:
CVE-2025-24528
Description of changes:
[1.15.1-55.0.9]
- Fixes CVE-2025-24528 , Prevent overflow when calculating ulog block size [Orabug: 37587301]
From el-errata at oss.oracle.com Mon Mar 10 11:32:46 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 10 Mar 2025 04:32:46 -0700
Subject: [El-errata] ELBA-2025-20146 Oracle Linux 8 oracle-common-release
bug fix update
Message-ID: <mailman.54.1741606378.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20146
http://linux.oracle.com/errata/ELBA-2025-20146.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
oracle-java-jdk-release-el8-1.0-5.el8.x86_64.rpm
aarch64:
oracle-java-jdk-release-el8-1.0-5.el8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//oracle-common-release-1.0-5.el8.src.rpm
Description of changes:
[1.0-5]
- Initial release
From el-errata at oss.oracle.com Mon Mar 10 11:32:51 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Mon, 10 Mar 2025 04:32:51 -0700
Subject: [El-errata] ELBA-2025-20147 Oracle Linux 9 oracle-common-release
bug fix update
Message-ID: <mailman.55.1741606380.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20147
http://linux.oracle.com/errata/ELBA-2025-20147.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
oracle-java-jdk-release-el9-1.0-5.el9.x86_64.rpm
aarch64:
oracle-java-jdk-release-el9-1.0-5.el9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//oracle-common-release-1.0-5.el9.src.rpm
Description of changes:
[1.0-5]
- Initial release
From el-errata at oss.oracle.com Tue Mar 11 12:06:00 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 05:06:00 -0700
Subject: [El-errata] ELSA-2025-20152 Important: Oracle Linux 9 Unbreakable
Enterprise kernel security update
Message-ID: <mailman.60.1741694773.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-20152
http://linux.oracle.com/errata/ELSA-2025-20152.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
aarch64:
bpftool-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-306.177.4.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-306.177.4.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-306.177.4.el9uek.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-306.177.4.el9uek.src.rpm
Related CVEs:
CVE-2024-36899
CVE-2024-47687
CVE-2024-47707
CVE-2024-53110
CVE-2024-53124
CVE-2024-53162
CVE-2024-56631
CVE-2024-56672
CVE-2024-57804
Description of changes:
[5.15.0-306.177.4.el9uek]
- Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (Greg Kroah-Hartman)
- drm/v3d: Assign job pointer to NULL before signaling the fence (Ma?ra Canal)
- scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (Ranjan Kumar) [Orabug: 37472354] {CVE-2024-57804}
[5.15.0-306.177.3.el9uek]
- uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530219]
- mm, madvise: fix potential workingset node list_lru leaks (Kairui Song) [Orabug: 37464586]
- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (Dan Carpenter) [Orabug: 37427536] {CVE-2024-53162}
- vdpa/mlx5: Fix error path during device add (Dragos Tatulea) [Orabug: 37296163]
- vp_vdpa: fix id_table array not null terminated error (Xiaoguang Wang) [Orabug: 37296163] {CVE-2024-53110}
- vdpa/mlx5: Postpone MR deletion (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce init/destroy for MR resources (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename mr_mtx -> lock (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Extract mr members in own resource struct (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename function (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Delete direct MKEYs in parallel (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Create direct MKEYs in parallel (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize VQ suspend/resume for CVQ MQ command (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Small improvement for change_num_qps() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Keep notifiers during suspend but ignore (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize device resume (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize device suspend (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use async API for vq modify commands (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use async API for vq query command (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce async fw command wrapper (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce error logging function (Dragos Tatulea) [Orabug: 37296163]
- net/mlx5: Support throttled commands from async API (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add the support of set mac address (Cindy Lu) [Orabug: 37296163]
- vdpa_sim_net: Add the support of set mac address (Cindy Lu) [Orabug: 37296163]
- vdpa: support set mac address from vdpa tool (Cindy Lu) [Orabug: 37296163]
- vdpa/mlx5: Fix invalid mr resource destroy (Dragos Tatulea) [Orabug: 37296163] {CVE-2024-47687}
- vdpa/mlx5: Don't enable non-active VQs in .set_vq_ready() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Don't reset VQs more than necessary (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Re-create HW VQs under certain conditions (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Pre-create hardware VQs at vdpa .dev_add time (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use suspend/resume during VQP change (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Forward error in suspend/resume device (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Consolidate all VQ modify to Ready to use resume_vq() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add error code for suspend/resume VQ (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Accept Init -> Ready VQ transition in resume_vq() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Allow creation of blank VQs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Set mkey modified flags on all VQs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Start off rqt_size with max VQPs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Set an initial size on the VQ (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add support for modifying the VQ features field (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add support for modifying the virtio_version VQ field (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename init_mvqs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Clear and reinitialize software VQ data on reset (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Initialize and reset device with one queue pair (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Remove duplicate suspend code (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Iterate over active VQs during suspend/resume (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Drop redundant check in teardown_virtqueues() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Drop redundant code (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Make setup/teardown_vq_resources() symmetrical (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Clarify meaning thorough function rename (Dragos Tatulea) [Orabug: 37296163]
- vhost-vdpa: Remove usage of the deprecated ida_simple_xx() API (Christophe JAILLET) [Orabug: 37296163]
- vp_vdpa: don't allocate unused msix vectors (Yuxue Liu) [Orabug: 37296163]
- vdpa: Convert sprintf/snprintf to sysfs_emit (Li Zhijian) [Orabug: 37296163]
- vp_vdpa: Fix return value check vp_vdpa_request_irq (Yuxue Liu) [Orabug: 37296163]
- vhost-vdpa: change ioctl # for VDPA_GET_VRING_SIZE (Michael S. Tsirkin) [Orabug: 37296163]
- virtio_vdpa: create vqs with the actual size (Zhu Lingshan) [Orabug: 37296163]
- vdpa_sim: implement vdpa_config_ops.get_vq_size for vDPA simulator (Zhu Lingshan) [Orabug: 37296163]
- vp_vdpa: implement vdpa_config_ops.get_vq_size (Zhu Lingshan) [Orabug: 37296163]
- vDPA: introduce get_vq_size to vdpa_config_ops (Zhu Lingshan) [Orabug: 37296163]
- vhost-vdpa: uapi to support reporting per vq size (Zhu Lingshan) [Orabug: 37296163]
- vdpa: skip suspend/resume ops if not DRIVER_OK (Steve Sistare) [Orabug: 37296163]
- vdpa_sim: reset must not run (Steve Sistare) [Orabug: 37296163]
- vdpa: Block vq property changes in DRIVER_OK (Dragos Tatulea) [Orabug: 37296163]
- vdpa: Track device suspended state (Dragos Tatulea) [Orabug: 37296163]
- vdpa: Remove usage of the deprecated ida_simple_xx() API (Christophe JAILLET) [Orabug: 37296163]
- SUNRPC: do not retry on EKEYEXPIRED when user TGT ticket expired (Dai Ngo) [Orabug: 34162493]
[5.15.0-306.177.2.el9uek]
- LTS version: v5.15.177 (Vijayendra Suman)
- Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos)
- xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann)
- net: fix data-races around sk->sk_forward_alloc (Wang Liang) [Orabug: 37388795] {CVE-2024-53124}
- scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane) [Orabug: 37434117] {CVE-2024-56631}
- x86/xen: fix SLS mitigation in xen_hypercall_iret() (Juergen Gross)
- nfsd: add list_head nf_gc to struct nfsd_file (Youzhong Yang)
- ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet) [Orabug: 37200706] {CVE-2024-47707}
- vsock/virtio: discard packets if the transport changes (Stefano Garzarella)
- blk-cgroup: Fix UAF in blkcg_unpin_online() (Tejun Heo) [Orabug: 37434276] {CVE-2024-56672}
- iio: adc: rockchip_saradc: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (Jean-Baptiste Maneyrol)
- iio: imu: inv_icm42600: fix spi burst write not supported (Jean-Baptiste Maneyrol)
- drm/i915/fb: Relax clear color alignment to 64 bytes (Ville Syrj?l?)
- irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal)
- gpiolib: cdev: Fix use after free in lineinfo_changed_notify (Zhongqiu Han) [Orabug: 36683269] {CVE-2024-36899}
- fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel)
- filemap: avoid truncating 64-bit offset to 32 bits (Marco Nelissen)
- vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (Stefano Garzarella)
- vsock: reset socket state when de-assigning the transport (Stefano Garzarella)
- vsock/virtio: cancel close work in the destructor (Stefano Garzarella)
- net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit)
- nvmet: propagate npwg topology (Luis Chamberlain)
- poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov)
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last (Hans de Goede)
- kheaders: Ignore silly-rename files (David Howells)
- fs: fix missing declaration of init_files (Zhang Kunbo)
- hfs: Sanity check the root record (Leo Stone)
- mac802154: check local interfaces before deleting sdata list (Lizhi Xu)
- i2c: rcar: fix NACK handling when being a target (Wolfram Sang)
- i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang)
- drm/v3d: Ensure job pointer is set to NULL after job completion (Ma?ra Canal)
- net/mlx5: Fix RDMA TX steering prio (Patrisious Haddad)
- net: xilinx: axienet: Fix IRQ coalescing packet count overflow (Sean Anderson)
- nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter)
- pktgen: Avoid out-of-bounds access in get_imix_entries (Artem Chernyshev)
- bpf: Fix bpf_sk_select_reuseport() memory leak (Michal Luczaj)
- net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla)
- phy: usb: Fix clock imbalance for suspend/resume (Justin Chen)
- phy: usb: Use slow clock for wake enabled suspend (Justin Chen)
- mptcp: fix TCP options overflow. (Paolo Abeni)
- mptcp: drop port parameter of mptcp_pm_add_addr_signal (Geliang Tang)
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam)
- ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi)
- phy: usb: Toggle the PHY power during init (Justin Chen)
- phy: usb: Add "wake on" functionality for newer Synopsis XHCI controllers (Al Cooper)
- of: address: Preserve the flags portion on 1:1 dma-ranges mapping (Andrea della Porta)
- of: address: Store number of bus flag cells rather than bool (Rob Herring)
- of: address: Remove duplicated functions (Herve Codina)
- of: address: Fix address translation when address-size is greater than 2 (Herve Codina)
- of/address: Add support for 3 address cell bus (Rob Herring)
- of: unittest: Add bus address range parsing tests (Rob Herring)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis)
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (Yu Kuai)
- iio: adc: ad7124: Disable all channels at probe time (Uwe Kleine-K?nig)
- iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori)
- iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori)
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam)
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song)
- iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco)
- iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco)
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco)
- iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco)
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M)
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (Prashanth K)
- usb: fix reference leak in usb_new_device() (Ma Ke)
- USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng)
- USB: usblp: return error when setting unsupported protocol (Jun Yan)
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu)
- topology: Keep the cpumask unchanged when printing cpumap (Li Huafei)
- usb: dwc3: gadget: fix writing NYET threshold (Andr? Draszik)
- USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold)
- usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel)
- staging: iio: ad9832: Correct phase range check (Zicheng Qu)
- staging: iio: ad9834: Correct phase range check (Zicheng Qu)
- USB: serial: option: add Neoway N723-EA support (Michal Hrusecky)
- USB: serial: option: add MeiG Smart SRM815 (Chukun Pan)
- md/raid5: fix atomicity violation in raid5_cache_count (Gui-Dong Han)
- scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity (Kuan-Wei Chiu)
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen)
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede)
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede)
- riscv: Fix sleeping in invalid context in die() (Nam Cao)
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li)
- sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: udp_port: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY (Mikulas Patocka)
- dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen)
- afs: Fix the maximum cell name length (David Howells)
- ksmbd: fix a missing return value check bug (Wentao Liang)
- drm/mediatek: Add support for 180-degree rotation in the display driver (Jason-JH.Lin)
- netfilter: conntrack: clamp maximum hashtable size to INT_MAX (Pablo Neira Ayuso)
- netfilter: nf_tables: imbalance in flowtable binding (Pablo Neira Ayuso)
- tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington)
- cxgb4: Avoid removal of uninserted tid (Anumula Murali Mohan Reddy)
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (Kalesh AP)
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet)
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan)
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing)
- net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor)
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura)
- ASoC: mediatek: disable buffer pre-allocation (Chen-Yu Tsai)
- exfat: fix the infinite loop in __exfat_free_cluster() (Yuezhang Mo)
- exfat: fix the infinite loop in exfat_readdir() (Yuezhang Mo)
- dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai)
- dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai)
- dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai)
- jbd2: flush filesystem device before updating tail sequence (Zhang Yi)
- ceph: give up on paths longer than PATH_MAX (Max Kellermann)
[5.15.0-306.176.1.el9uek]
- mm/page_alloc: fix min_free_kbytes calculation regarding ZONE_MOVABLE (liuq) [Orabug: 37503579]
- mm: Limit warning message in vmemmap_verify() to once (Ma Wupeng) [Orabug: 37503579]
- assoc_array: fix the return value in assoc_array_insert_mid_shortcut() (Roman Smirnov) [Orabug: 37503579]
- assoc_array: Avoid open coded arithmetic in allocator arguments (Len Baker) [Orabug: 37503579]
- mm/page_alloc: use accumulated load when building node fallback list (Krupa Ramakrishnan) [Orabug: 37503525]
- mm/page_alloc: print node fallback order (Bharata B Rao) [Orabug: 37503525]
- PCI: Support BAR sizes up to 8TB (Dongdong Liu) [Orabug: 37503525]
- uek-rpm: Enable USB_XHCI_PCI_RENESAS as a module for aarch64 platforms (Harshit Mogalapalli) [Orabug: 37552080]
- cifs: use correct lock type in cifs_reconnect() (Paulo Alcantara) [Orabug: 37535421]
- cifs: fix NULL ptr dereference in refresh_mounts() (Paulo Alcantara) [Orabug: 37535421]
From el-errata at oss.oracle.com Tue Mar 11 12:06:08 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 05:06:08 -0700
Subject: [El-errata] ELSA-2025-20152 Important: Oracle Linux 9 Unbreakable
Enterprise kernel security update
Message-ID: <mailman.61.1741694777.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-20152
http://linux.oracle.com/errata/ELSA-2025-20152.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-306.177.4.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-306.177.4.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-306.177.4.el9uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-306.177.4.el9uek.src.rpm
Related CVEs:
CVE-2024-36899
CVE-2024-47687
CVE-2024-47707
CVE-2024-53110
CVE-2024-53124
CVE-2024-53162
CVE-2024-56631
CVE-2024-56672
CVE-2024-57804
Description of changes:
[5.15.0-306.177.4.el9uek]
- Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (Greg Kroah-Hartman)
- drm/v3d: Assign job pointer to NULL before signaling the fence (Ma?ra Canal)
- scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (Ranjan Kumar) [Orabug: 37472354] {CVE-2024-57804}
[5.15.0-306.177.3.el9uek]
- uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530219]
- mm, madvise: fix potential workingset node list_lru leaks (Kairui Song) [Orabug: 37464586]
- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (Dan Carpenter) [Orabug: 37427536] {CVE-2024-53162}
- vdpa/mlx5: Fix error path during device add (Dragos Tatulea) [Orabug: 37296163]
- vp_vdpa: fix id_table array not null terminated error (Xiaoguang Wang) [Orabug: 37296163] {CVE-2024-53110}
- vdpa/mlx5: Postpone MR deletion (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce init/destroy for MR resources (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename mr_mtx -> lock (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Extract mr members in own resource struct (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename function (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Delete direct MKEYs in parallel (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Create direct MKEYs in parallel (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize VQ suspend/resume for CVQ MQ command (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Small improvement for change_num_qps() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Keep notifiers during suspend but ignore (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize device resume (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize device suspend (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use async API for vq modify commands (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use async API for vq query command (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce async fw command wrapper (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce error logging function (Dragos Tatulea) [Orabug: 37296163]
- net/mlx5: Support throttled commands from async API (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add the support of set mac address (Cindy Lu) [Orabug: 37296163]
- vdpa_sim_net: Add the support of set mac address (Cindy Lu) [Orabug: 37296163]
- vdpa: support set mac address from vdpa tool (Cindy Lu) [Orabug: 37296163]
- vdpa/mlx5: Fix invalid mr resource destroy (Dragos Tatulea) [Orabug: 37296163] {CVE-2024-47687}
- vdpa/mlx5: Don't enable non-active VQs in .set_vq_ready() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Don't reset VQs more than necessary (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Re-create HW VQs under certain conditions (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Pre-create hardware VQs at vdpa .dev_add time (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use suspend/resume during VQP change (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Forward error in suspend/resume device (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Consolidate all VQ modify to Ready to use resume_vq() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add error code for suspend/resume VQ (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Accept Init -> Ready VQ transition in resume_vq() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Allow creation of blank VQs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Set mkey modified flags on all VQs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Start off rqt_size with max VQPs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Set an initial size on the VQ (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add support for modifying the VQ features field (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add support for modifying the virtio_version VQ field (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename init_mvqs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Clear and reinitialize software VQ data on reset (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Initialize and reset device with one queue pair (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Remove duplicate suspend code (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Iterate over active VQs during suspend/resume (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Drop redundant check in teardown_virtqueues() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Drop redundant code (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Make setup/teardown_vq_resources() symmetrical (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Clarify meaning thorough function rename (Dragos Tatulea) [Orabug: 37296163]
- vhost-vdpa: Remove usage of the deprecated ida_simple_xx() API (Christophe JAILLET) [Orabug: 37296163]
- vp_vdpa: don't allocate unused msix vectors (Yuxue Liu) [Orabug: 37296163]
- vdpa: Convert sprintf/snprintf to sysfs_emit (Li Zhijian) [Orabug: 37296163]
- vp_vdpa: Fix return value check vp_vdpa_request_irq (Yuxue Liu) [Orabug: 37296163]
- vhost-vdpa: change ioctl # for VDPA_GET_VRING_SIZE (Michael S. Tsirkin) [Orabug: 37296163]
- virtio_vdpa: create vqs with the actual size (Zhu Lingshan) [Orabug: 37296163]
- vdpa_sim: implement vdpa_config_ops.get_vq_size for vDPA simulator (Zhu Lingshan) [Orabug: 37296163]
- vp_vdpa: implement vdpa_config_ops.get_vq_size (Zhu Lingshan) [Orabug: 37296163]
- vDPA: introduce get_vq_size to vdpa_config_ops (Zhu Lingshan) [Orabug: 37296163]
- vhost-vdpa: uapi to support reporting per vq size (Zhu Lingshan) [Orabug: 37296163]
- vdpa: skip suspend/resume ops if not DRIVER_OK (Steve Sistare) [Orabug: 37296163]
- vdpa_sim: reset must not run (Steve Sistare) [Orabug: 37296163]
- vdpa: Block vq property changes in DRIVER_OK (Dragos Tatulea) [Orabug: 37296163]
- vdpa: Track device suspended state (Dragos Tatulea) [Orabug: 37296163]
- vdpa: Remove usage of the deprecated ida_simple_xx() API (Christophe JAILLET) [Orabug: 37296163]
- SUNRPC: do not retry on EKEYEXPIRED when user TGT ticket expired (Dai Ngo) [Orabug: 34162493]
[5.15.0-306.177.2.el9uek]
- LTS version: v5.15.177 (Vijayendra Suman)
- Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos)
- xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann)
- net: fix data-races around sk->sk_forward_alloc (Wang Liang) [Orabug: 37388795] {CVE-2024-53124}
- scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane) [Orabug: 37434117] {CVE-2024-56631}
- x86/xen: fix SLS mitigation in xen_hypercall_iret() (Juergen Gross)
- nfsd: add list_head nf_gc to struct nfsd_file (Youzhong Yang)
- ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet) [Orabug: 37200706] {CVE-2024-47707}
- vsock/virtio: discard packets if the transport changes (Stefano Garzarella)
- blk-cgroup: Fix UAF in blkcg_unpin_online() (Tejun Heo) [Orabug: 37434276] {CVE-2024-56672}
- iio: adc: rockchip_saradc: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (Jean-Baptiste Maneyrol)
- iio: imu: inv_icm42600: fix spi burst write not supported (Jean-Baptiste Maneyrol)
- drm/i915/fb: Relax clear color alignment to 64 bytes (Ville Syrj?l?)
- irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal)
- gpiolib: cdev: Fix use after free in lineinfo_changed_notify (Zhongqiu Han) [Orabug: 36683269] {CVE-2024-36899}
- fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel)
- filemap: avoid truncating 64-bit offset to 32 bits (Marco Nelissen)
- vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (Stefano Garzarella)
- vsock: reset socket state when de-assigning the transport (Stefano Garzarella)
- vsock/virtio: cancel close work in the destructor (Stefano Garzarella)
- net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit)
- nvmet: propagate npwg topology (Luis Chamberlain)
- poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov)
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last (Hans de Goede)
- kheaders: Ignore silly-rename files (David Howells)
- fs: fix missing declaration of init_files (Zhang Kunbo)
- hfs: Sanity check the root record (Leo Stone)
- mac802154: check local interfaces before deleting sdata list (Lizhi Xu)
- i2c: rcar: fix NACK handling when being a target (Wolfram Sang)
- i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang)
- drm/v3d: Ensure job pointer is set to NULL after job completion (Ma?ra Canal)
- net/mlx5: Fix RDMA TX steering prio (Patrisious Haddad)
- net: xilinx: axienet: Fix IRQ coalescing packet count overflow (Sean Anderson)
- nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter)
- pktgen: Avoid out-of-bounds access in get_imix_entries (Artem Chernyshev)
- bpf: Fix bpf_sk_select_reuseport() memory leak (Michal Luczaj)
- net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla)
- phy: usb: Fix clock imbalance for suspend/resume (Justin Chen)
- phy: usb: Use slow clock for wake enabled suspend (Justin Chen)
- mptcp: fix TCP options overflow. (Paolo Abeni)
- mptcp: drop port parameter of mptcp_pm_add_addr_signal (Geliang Tang)
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam)
- ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi)
- phy: usb: Toggle the PHY power during init (Justin Chen)
- phy: usb: Add "wake on" functionality for newer Synopsis XHCI controllers (Al Cooper)
- of: address: Preserve the flags portion on 1:1 dma-ranges mapping (Andrea della Porta)
- of: address: Store number of bus flag cells rather than bool (Rob Herring)
- of: address: Remove duplicated functions (Herve Codina)
- of: address: Fix address translation when address-size is greater than 2 (Herve Codina)
- of/address: Add support for 3 address cell bus (Rob Herring)
- of: unittest: Add bus address range parsing tests (Rob Herring)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis)
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (Yu Kuai)
- iio: adc: ad7124: Disable all channels at probe time (Uwe Kleine-K?nig)
- iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori)
- iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori)
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam)
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song)
- iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco)
- iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco)
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco)
- iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco)
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M)
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (Prashanth K)
- usb: fix reference leak in usb_new_device() (Ma Ke)
- USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng)
- USB: usblp: return error when setting unsupported protocol (Jun Yan)
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu)
- topology: Keep the cpumask unchanged when printing cpumap (Li Huafei)
- usb: dwc3: gadget: fix writing NYET threshold (Andr? Draszik)
- USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold)
- usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel)
- staging: iio: ad9832: Correct phase range check (Zicheng Qu)
- staging: iio: ad9834: Correct phase range check (Zicheng Qu)
- USB: serial: option: add Neoway N723-EA support (Michal Hrusecky)
- USB: serial: option: add MeiG Smart SRM815 (Chukun Pan)
- md/raid5: fix atomicity violation in raid5_cache_count (Gui-Dong Han)
- scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity (Kuan-Wei Chiu)
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen)
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede)
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede)
- riscv: Fix sleeping in invalid context in die() (Nam Cao)
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li)
- sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: udp_port: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY (Mikulas Patocka)
- dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen)
- afs: Fix the maximum cell name length (David Howells)
- ksmbd: fix a missing return value check bug (Wentao Liang)
- drm/mediatek: Add support for 180-degree rotation in the display driver (Jason-JH.Lin)
- netfilter: conntrack: clamp maximum hashtable size to INT_MAX (Pablo Neira Ayuso)
- netfilter: nf_tables: imbalance in flowtable binding (Pablo Neira Ayuso)
- tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington)
- cxgb4: Avoid removal of uninserted tid (Anumula Murali Mohan Reddy)
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (Kalesh AP)
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet)
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan)
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing)
- net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor)
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura)
- ASoC: mediatek: disable buffer pre-allocation (Chen-Yu Tsai)
- exfat: fix the infinite loop in __exfat_free_cluster() (Yuezhang Mo)
- exfat: fix the infinite loop in exfat_readdir() (Yuezhang Mo)
- dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai)
- dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai)
- dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai)
- jbd2: flush filesystem device before updating tail sequence (Zhang Yi)
- ceph: give up on paths longer than PATH_MAX (Max Kellermann)
[5.15.0-306.176.1.el9uek]
- mm/page_alloc: fix min_free_kbytes calculation regarding ZONE_MOVABLE (liuq) [Orabug: 37503579]
- mm: Limit warning message in vmemmap_verify() to once (Ma Wupeng) [Orabug: 37503579]
- assoc_array: fix the return value in assoc_array_insert_mid_shortcut() (Roman Smirnov) [Orabug: 37503579]
- assoc_array: Avoid open coded arithmetic in allocator arguments (Len Baker) [Orabug: 37503579]
- mm/page_alloc: use accumulated load when building node fallback list (Krupa Ramakrishnan) [Orabug: 37503525]
- mm/page_alloc: print node fallback order (Bharata B Rao) [Orabug: 37503525]
- PCI: Support BAR sizes up to 8TB (Dongdong Liu) [Orabug: 37503525]
- uek-rpm: Enable USB_XHCI_PCI_RENESAS as a module for aarch64 platforms (Harshit Mogalapalli) [Orabug: 37552080]
- cifs: use correct lock type in cifs_reconnect() (Paulo Alcantara) [Orabug: 37535421]
- cifs: fix NULL ptr dereference in refresh_mounts() (Paulo Alcantara) [Orabug: 37535421]
From el-errata at oss.oracle.com Tue Mar 11 12:06:14 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 05:06:14 -0700
Subject: [El-errata] ELSA-2025-20152 Important: Oracle Linux 8 Unbreakable
Enterprise kernel security update
Message-ID: <mailman.64.1741694784.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-20152
http://linux.oracle.com/errata/ELSA-2025-20152.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-core-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-debug-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-devel-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-doc-5.15.0-306.177.4.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-container-5.15.0-306.177.4.el8uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-306.177.4.el8uek.x86_64.rpm
aarch64:
bpftool-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-core-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-debug-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-devel-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-doc-5.15.0-306.177.4.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-container-5.15.0-306.177.4.el8uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-306.177.4.el8uek.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-306.177.4.el8uek.src.rpm
Related CVEs:
CVE-2024-36899
CVE-2024-47687
CVE-2024-47707
CVE-2024-53110
CVE-2024-53124
CVE-2024-53162
CVE-2024-56631
CVE-2024-56672
CVE-2024-57804
Description of changes:
[5.15.0-306.177.4.el8uek]
- Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (Greg Kroah-Hartman)
- drm/v3d: Assign job pointer to NULL before signaling the fence (Ma?ra Canal)
- scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (Ranjan Kumar) [Orabug: 37472354] {CVE-2024-57804}
[5.15.0-306.177.3.el8uek]
- uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530219]
- mm, madvise: fix potential workingset node list_lru leaks (Kairui Song) [Orabug: 37464586]
- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (Dan Carpenter) [Orabug: 37427536] {CVE-2024-53162}
- vdpa/mlx5: Fix error path during device add (Dragos Tatulea) [Orabug: 37296163]
- vp_vdpa: fix id_table array not null terminated error (Xiaoguang Wang) [Orabug: 37296163] {CVE-2024-53110}
- vdpa/mlx5: Postpone MR deletion (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce init/destroy for MR resources (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename mr_mtx -> lock (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Extract mr members in own resource struct (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename function (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Delete direct MKEYs in parallel (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Create direct MKEYs in parallel (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize VQ suspend/resume for CVQ MQ command (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Small improvement for change_num_qps() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Keep notifiers during suspend but ignore (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize device resume (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Parallelize device suspend (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use async API for vq modify commands (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use async API for vq query command (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce async fw command wrapper (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Introduce error logging function (Dragos Tatulea) [Orabug: 37296163]
- net/mlx5: Support throttled commands from async API (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add the support of set mac address (Cindy Lu) [Orabug: 37296163]
- vdpa_sim_net: Add the support of set mac address (Cindy Lu) [Orabug: 37296163]
- vdpa: support set mac address from vdpa tool (Cindy Lu) [Orabug: 37296163]
- vdpa/mlx5: Fix invalid mr resource destroy (Dragos Tatulea) [Orabug: 37296163] {CVE-2024-47687}
- vdpa/mlx5: Don't enable non-active VQs in .set_vq_ready() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Don't reset VQs more than necessary (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Re-create HW VQs under certain conditions (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Pre-create hardware VQs at vdpa .dev_add time (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Use suspend/resume during VQP change (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Forward error in suspend/resume device (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Consolidate all VQ modify to Ready to use resume_vq() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add error code for suspend/resume VQ (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Accept Init -> Ready VQ transition in resume_vq() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Allow creation of blank VQs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Set mkey modified flags on all VQs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Start off rqt_size with max VQPs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Set an initial size on the VQ (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add support for modifying the VQ features field (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Add support for modifying the virtio_version VQ field (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Rename init_mvqs (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Clear and reinitialize software VQ data on reset (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Initialize and reset device with one queue pair (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Remove duplicate suspend code (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Iterate over active VQs during suspend/resume (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Drop redundant check in teardown_virtqueues() (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Drop redundant code (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Make setup/teardown_vq_resources() symmetrical (Dragos Tatulea) [Orabug: 37296163]
- vdpa/mlx5: Clarify meaning thorough function rename (Dragos Tatulea) [Orabug: 37296163]
- vhost-vdpa: Remove usage of the deprecated ida_simple_xx() API (Christophe JAILLET) [Orabug: 37296163]
- vp_vdpa: don't allocate unused msix vectors (Yuxue Liu) [Orabug: 37296163]
- vdpa: Convert sprintf/snprintf to sysfs_emit (Li Zhijian) [Orabug: 37296163]
- vp_vdpa: Fix return value check vp_vdpa_request_irq (Yuxue Liu) [Orabug: 37296163]
- vhost-vdpa: change ioctl # for VDPA_GET_VRING_SIZE (Michael S. Tsirkin) [Orabug: 37296163]
- virtio_vdpa: create vqs with the actual size (Zhu Lingshan) [Orabug: 37296163]
- vdpa_sim: implement vdpa_config_ops.get_vq_size for vDPA simulator (Zhu Lingshan) [Orabug: 37296163]
- vp_vdpa: implement vdpa_config_ops.get_vq_size (Zhu Lingshan) [Orabug: 37296163]
- vDPA: introduce get_vq_size to vdpa_config_ops (Zhu Lingshan) [Orabug: 37296163]
- vhost-vdpa: uapi to support reporting per vq size (Zhu Lingshan) [Orabug: 37296163]
- vdpa: skip suspend/resume ops if not DRIVER_OK (Steve Sistare) [Orabug: 37296163]
- vdpa_sim: reset must not run (Steve Sistare) [Orabug: 37296163]
- vdpa: Block vq property changes in DRIVER_OK (Dragos Tatulea) [Orabug: 37296163]
- vdpa: Track device suspended state (Dragos Tatulea) [Orabug: 37296163]
- vdpa: Remove usage of the deprecated ida_simple_xx() API (Christophe JAILLET) [Orabug: 37296163]
- SUNRPC: do not retry on EKEYEXPIRED when user TGT ticket expired (Dai Ngo) [Orabug: 34162493]
[5.15.0-306.177.2.el8uek]
- LTS version: v5.15.177 (Vijayendra Suman)
- Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos)
- xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann)
- net: fix data-races around sk->sk_forward_alloc (Wang Liang) [Orabug: 37388795] {CVE-2024-53124}
- scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane) [Orabug: 37434117] {CVE-2024-56631}
- x86/xen: fix SLS mitigation in xen_hypercall_iret() (Juergen Gross)
- nfsd: add list_head nf_gc to struct nfsd_file (Youzhong Yang)
- ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet) [Orabug: 37200706] {CVE-2024-47707}
- vsock/virtio: discard packets if the transport changes (Stefano Garzarella)
- blk-cgroup: Fix UAF in blkcg_unpin_online() (Tejun Heo) [Orabug: 37434276] {CVE-2024-56672}
- iio: adc: rockchip_saradc: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on (Jean-Baptiste Maneyrol)
- iio: imu: inv_icm42600: fix spi burst write not supported (Jean-Baptiste Maneyrol)
- drm/i915/fb: Relax clear color alignment to 64 bytes (Ville Syrj?l?)
- irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal)
- gpiolib: cdev: Fix use after free in lineinfo_changed_notify (Zhongqiu Han) [Orabug: 36683269] {CVE-2024-36899}
- fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel)
- filemap: avoid truncating 64-bit offset to 32 bits (Marco Nelissen)
- vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (Stefano Garzarella)
- vsock: reset socket state when de-assigning the transport (Stefano Garzarella)
- vsock/virtio: cancel close work in the destructor (Stefano Garzarella)
- net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit)
- nvmet: propagate npwg topology (Luis Chamberlain)
- poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov)
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last (Hans de Goede)
- kheaders: Ignore silly-rename files (David Howells)
- fs: fix missing declaration of init_files (Zhang Kunbo)
- hfs: Sanity check the root record (Leo Stone)
- mac802154: check local interfaces before deleting sdata list (Lizhi Xu)
- i2c: rcar: fix NACK handling when being a target (Wolfram Sang)
- i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang)
- drm/v3d: Ensure job pointer is set to NULL after job completion (Ma?ra Canal)
- net/mlx5: Fix RDMA TX steering prio (Patrisious Haddad)
- net: xilinx: axienet: Fix IRQ coalescing packet count overflow (Sean Anderson)
- nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter)
- pktgen: Avoid out-of-bounds access in get_imix_entries (Artem Chernyshev)
- bpf: Fix bpf_sk_select_reuseport() memory leak (Michal Luczaj)
- net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla)
- phy: usb: Fix clock imbalance for suspend/resume (Justin Chen)
- phy: usb: Use slow clock for wake enabled suspend (Justin Chen)
- mptcp: fix TCP options overflow. (Paolo Abeni)
- mptcp: drop port parameter of mptcp_pm_add_addr_signal (Geliang Tang)
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam)
- ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi)
- phy: usb: Toggle the PHY power during init (Justin Chen)
- phy: usb: Add "wake on" functionality for newer Synopsis XHCI controllers (Al Cooper)
- of: address: Preserve the flags portion on 1:1 dma-ranges mapping (Andrea della Porta)
- of: address: Store number of bus flag cells rather than bool (Rob Herring)
- of: address: Remove duplicated functions (Herve Codina)
- of: address: Fix address translation when address-size is greater than 2 (Herve Codina)
- of/address: Add support for 3 address cell bus (Rob Herring)
- of: unittest: Add bus address range parsing tests (Rob Herring)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis)
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (Yu Kuai)
- iio: adc: ad7124: Disable all channels at probe time (Uwe Kleine-K?nig)
- iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori)
- iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori)
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam)
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song)
- iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco)
- iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco)
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco)
- iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco)
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M)
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (Prashanth K)
- usb: fix reference leak in usb_new_device() (Ma Ke)
- USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng)
- USB: usblp: return error when setting unsupported protocol (Jun Yan)
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu)
- topology: Keep the cpumask unchanged when printing cpumap (Li Huafei)
- usb: dwc3: gadget: fix writing NYET threshold (Andr? Draszik)
- USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold)
- usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel)
- staging: iio: ad9832: Correct phase range check (Zicheng Qu)
- staging: iio: ad9834: Correct phase range check (Zicheng Qu)
- USB: serial: option: add Neoway N723-EA support (Michal Hrusecky)
- USB: serial: option: add MeiG Smart SRM815 (Chukun Pan)
- md/raid5: fix atomicity violation in raid5_cache_count (Gui-Dong Han)
- scripts/sorttable: fix orc_sort_cmp() to maintain symmetry and transitivity (Kuan-Wei Chiu)
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen)
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede)
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede)
- riscv: Fix sleeping in invalid context in die() (Nam Cao)
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li)
- sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: udp_port: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY (Mikulas Patocka)
- dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen)
- afs: Fix the maximum cell name length (David Howells)
- ksmbd: fix a missing return value check bug (Wentao Liang)
- drm/mediatek: Add support for 180-degree rotation in the display driver (Jason-JH.Lin)
- netfilter: conntrack: clamp maximum hashtable size to INT_MAX (Pablo Neira Ayuso)
- netfilter: nf_tables: imbalance in flowtable binding (Pablo Neira Ayuso)
- tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington)
- cxgb4: Avoid removal of uninserted tid (Anumula Murali Mohan Reddy)
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (Kalesh AP)
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet)
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan)
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing)
- net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor)
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura)
- ASoC: mediatek: disable buffer pre-allocation (Chen-Yu Tsai)
- exfat: fix the infinite loop in __exfat_free_cluster() (Yuezhang Mo)
- exfat: fix the infinite loop in exfat_readdir() (Yuezhang Mo)
- dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai)
- dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai)
- dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai)
- jbd2: flush filesystem device before updating tail sequence (Zhang Yi)
- ceph: give up on paths longer than PATH_MAX (Max Kellermann)
[5.15.0-306.176.1.el8uek]
- mm/page_alloc: fix min_free_kbytes calculation regarding ZONE_MOVABLE (liuq) [Orabug: 37503579]
- mm: Limit warning message in vmemmap_verify() to once (Ma Wupeng) [Orabug: 37503579]
- assoc_array: fix the return value in assoc_array_insert_mid_shortcut() (Roman Smirnov) [Orabug: 37503579]
- assoc_array: Avoid open coded arithmetic in allocator arguments (Len Baker) [Orabug: 37503579]
- mm/page_alloc: use accumulated load when building node fallback list (Krupa Ramakrishnan) [Orabug: 37503525]
- mm/page_alloc: print node fallback order (Bharata B Rao) [Orabug: 37503525]
- PCI: Support BAR sizes up to 8TB (Dongdong Liu) [Orabug: 37503525]
- uek-rpm: Enable USB_XHCI_PCI_RENESAS as a module for aarch64 platforms (Harshit Mogalapalli) [Orabug: 37552080]
- cifs: use correct lock type in cifs_reconnect() (Paulo Alcantara) [Orabug: 37535421]
- cifs: fix NULL ptr dereference in refresh_mounts() (Paulo Alcantara) [Orabug: 37535421]
From el-errata at oss.oracle.com Tue Mar 11 19:52:44 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:52:44 -0700
Subject: [El-errata] ELBA-2025-20154 Oracle Linux 9 iscsi-initiator-utils
bug fix update
Message-ID: <mailman.65.1741722774.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20154
http://linux.oracle.com/errata/ELBA-2025-20154.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.2.el9.i686.rpm
iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.2.el9.x86_64.rpm
iscsi-initiator-utils-iscsiuio-6.2.1.9-1.gita65a472.0.2.el9.x86_64.rpm
python3-iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.2.el9.x86_64.rpm
aarch64:
iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.2.el9.aarch64.rpm
iscsi-initiator-utils-iscsiuio-6.2.1.9-1.gita65a472.0.2.el9.aarch64.rpm
python3-iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.2.el9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.2.el9.src.rpm
Description of changes:
[6.2.1.9-18.gita65a472.0.2]
- Remove incorrect keyword from install section in iscsi-init [Orabug: 37544462]
[6.2.1.9-18.gita65a472.0.1]
- Add python3-rpm-macros to BuildRequires
- Allow systemd-remount-fs complete before iscsi-init.service [Orabug: 34325406]
- Allow iscsi-init.service to start after local-fs.target [Orabug: 33930979]
- Rename 0008-use-red-hat-name.patch to 0008-use-oracle-for-name.patch
and use com.oracle in prefix
- Complete the following tasks to address [Orabug: 29311709]
The following patches address [Orabug: 29128380] (Jianchao Wang)
Add 0032-Add-Requires-iscsid.service-in-iscsi.service.patch
The following patch addresses [Orabug: 29306329]
Add 0033-Update-systemd-to-always-restart-iscsid-service.patch
- Print vital iscsid messages on console using rsyslog facility. This
is particularly useful when using iscsi boot and there is a connection
or session issue. [Orabug: 29503805]
- Modify iscsi-mark-root-nodes script to only update node.startup to onboot
for iscsi sessions that are active during boot. [Orabug: 29653342]
- Modify iscsi-mark-root nodes script to not mark nodes when iscsi.service
is restarted. [Orabug: 29851447]
- Modify patches 0007 and 0032-0035 to apply cleanly
- Tune TimeoutSec of iscsid service to 10 minutes [Orabug: 29869817]
[6.2.1.9-18.gita65a472]
- rebase to upstream 2.1.9+ with iscsiuio 0.7.8.8
- new meson build system, sync with fedora packaging
From el-errata at oss.oracle.com Tue Mar 11 19:52:45 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:52:45 -0700
Subject: [El-errata] ELBA-2025-20157 Oracle Linux 9 mdadm bug fix update
Message-ID: <mailman.66.1741722774.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20157
http://linux.oracle.com/errata/ELBA-2025-20157.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
mdadm-4.3-3.0.2.el9.x86_64.rpm
aarch64:
mdadm-4.3-3.0.2.el9.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//mdadm-4.3-3.0.2.el9.src.rpm
Description of changes:
[4.3-3.0.2]
- mdmon: imsm: fix metadata corruption when managing new array. [Orabug: 37635990]
From el-errata at oss.oracle.com Tue Mar 11 19:52:47 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:52:47 -0700
Subject: [El-errata] ELBA-2025-2472 Oracle Linux 9 glibc bug fix update
Message-ID: <mailman.67.1741722775.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2472
http://linux.oracle.com/errata/ELBA-2025-2472.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
glibc-2.34-125.0.1.el9_5.3.i686.rpm
glibc-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-all-langpacks-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-common-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-devel-2.34-125.0.1.el9_5.3.i686.rpm
glibc-devel-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-doc-2.34-125.0.1.el9_5.3.noarch.rpm
glibc-gconv-extra-2.34-125.0.1.el9_5.3.i686.rpm
glibc-gconv-extra-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-headers-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-aa-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-af-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-agr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ak-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-am-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-an-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-anp-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ar-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-as-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ast-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ayc-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-az-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-be-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-bem-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ber-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-bg-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-bhb-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-bho-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-bi-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-bn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-bo-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-br-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-brx-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-bs-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-byn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ca-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ce-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-chr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ckb-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-cmn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-crh-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-cs-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-csb-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-cv-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-cy-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-da-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-de-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-doi-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-dsb-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-dv-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-dz-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-el-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-en-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-eo-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-es-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-et-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-eu-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-fa-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ff-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-fi-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-fil-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-fo-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-fr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-fur-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-fy-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ga-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-gd-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-gez-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-gl-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-gu-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-gv-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ha-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-hak-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-he-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-hi-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-hif-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-hne-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-hr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-hsb-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ht-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-hu-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-hy-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ia-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-id-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ig-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ik-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-is-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-it-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-iu-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ja-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ka-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-kab-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-kk-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-kl-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-km-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-kn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ko-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-kok-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ks-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ku-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-kw-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ky-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-lb-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-lg-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-li-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-lij-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ln-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-lo-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-lt-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-lv-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-lzh-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mag-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mai-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mfe-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mg-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mhr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mi-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-miq-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mjw-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mk-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ml-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mni-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mnw-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ms-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-mt-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-my-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-nan-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-nb-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-nds-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ne-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-nhn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-niu-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-nl-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-nn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-nr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-nso-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-oc-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-om-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-or-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-os-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-pa-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-pap-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-pl-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ps-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-pt-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-quz-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-raj-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ro-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ru-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-rw-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sa-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sah-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sat-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sc-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sd-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-se-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sgs-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-shn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-shs-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-si-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sid-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sk-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sl-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sm-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-so-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sq-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ss-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-st-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sv-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-sw-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-szl-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ta-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tcy-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-te-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tg-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-th-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-the-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ti-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tig-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tk-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tl-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tn-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-to-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tpi-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tr-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ts-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-tt-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ug-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-uk-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-unm-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ur-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-uz-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-ve-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-vi-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-wa-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-wae-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-wal-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-wo-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-xh-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-yi-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-yo-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-yue-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-yuw-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-zh-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-langpack-zu-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-locale-source-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-minimal-langpack-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-utils-2.34-125.0.1.el9_5.3.x86_64.rpm
libnsl-2.34-125.0.1.el9_5.3.i686.rpm
libnsl-2.34-125.0.1.el9_5.3.x86_64.rpm
nscd-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-benchtests-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-nss-devel-2.34-125.0.1.el9_5.3.i686.rpm
glibc-nss-devel-2.34-125.0.1.el9_5.3.x86_64.rpm
glibc-static-2.34-125.0.1.el9_5.3.i686.rpm
glibc-static-2.34-125.0.1.el9_5.3.x86_64.rpm
nss_db-2.34-125.0.1.el9_5.3.i686.rpm
nss_db-2.34-125.0.1.el9_5.3.x86_64.rpm
nss_hesiod-2.34-125.0.1.el9_5.3.i686.rpm
nss_hesiod-2.34-125.0.1.el9_5.3.x86_64.rpm
aarch64:
glibc-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-all-langpacks-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-common-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-devel-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-doc-2.34-125.0.1.el9_5.3.noarch.rpm
glibc-gconv-extra-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-aa-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-af-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-agr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ak-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-am-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-an-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-anp-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ar-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-as-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ast-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ayc-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-az-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-be-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-bem-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ber-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-bg-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-bhb-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-bho-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-bi-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-bn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-bo-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-br-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-brx-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-bs-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-byn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ca-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ce-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-chr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ckb-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-cmn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-crh-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-cs-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-csb-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-cv-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-cy-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-da-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-de-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-doi-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-dsb-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-dv-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-dz-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-el-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-en-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-eo-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-es-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-et-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-eu-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-fa-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ff-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-fi-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-fil-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-fo-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-fr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-fur-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-fy-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ga-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-gd-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-gez-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-gl-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-gu-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-gv-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ha-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-hak-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-he-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-hi-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-hif-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-hne-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-hr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-hsb-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ht-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-hu-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-hy-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ia-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-id-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ig-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ik-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-is-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-it-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-iu-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ja-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ka-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-kab-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-kk-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-kl-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-km-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-kn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ko-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-kok-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ks-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ku-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-kw-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ky-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-lb-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-lg-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-li-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-lij-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ln-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-lo-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-lt-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-lv-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-lzh-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mag-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mai-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mfe-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mg-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mhr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mi-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-miq-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mjw-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mk-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ml-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mni-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mnw-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ms-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-mt-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-my-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-nan-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-nb-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-nds-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ne-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-nhn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-niu-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-nl-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-nn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-nr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-nso-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-oc-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-om-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-or-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-os-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-pa-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-pap-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-pl-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ps-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-pt-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-quz-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-raj-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ro-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ru-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-rw-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sa-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sah-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sat-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sc-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sd-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-se-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sgs-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-shn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-shs-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-si-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sid-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sk-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sl-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sm-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-so-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sq-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ss-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-st-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sv-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-sw-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-szl-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ta-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tcy-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-te-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tg-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-th-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-the-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ti-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tig-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tk-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tl-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tn-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-to-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tpi-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tr-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ts-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-tt-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ug-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-uk-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-unm-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ur-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-uz-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-ve-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-vi-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-wa-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-wae-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-wal-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-wo-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-xh-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-yi-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-yo-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-yue-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-yuw-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-zh-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-langpack-zu-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-locale-source-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-minimal-langpack-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-utils-2.34-125.0.1.el9_5.3.aarch64.rpm
libnsl-2.34-125.0.1.el9_5.3.aarch64.rpm
nscd-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-benchtests-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-nss-devel-2.34-125.0.1.el9_5.3.aarch64.rpm
glibc-static-2.34-125.0.1.el9_5.3.aarch64.rpm
nss_db-2.34-125.0.1.el9_5.3.aarch64.rpm
nss_hesiod-2.34-125.0.1.el9_5.3.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//glibc-2.34-125.0.1.el9_5.3.src.rpm
Description of changes:
[2.34-125.0.1.3]
- Forward-port Oracle patches for ol9-u5 (glibc-2.34-125.0.1.3)
Reviewed by: Jose E. Marchesi <jose.marchesi at oracle.com>
Oracle history:
From el-errata at oss.oracle.com Tue Mar 11 19:52:48 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:52:48 -0700
Subject: [El-errata] ELSA-2025-2500 Important: Oracle Linux 9 tigervnc
security update
Message-ID: <mailman.70.1741722776.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2500
http://linux.oracle.com/errata/ELSA-2025-2500.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
tigervnc-1.14.1-1.el9_5.1.x86_64.rpm
tigervnc-icons-1.14.1-1.el9_5.1.noarch.rpm
tigervnc-license-1.14.1-1.el9_5.1.noarch.rpm
tigervnc-selinux-1.14.1-1.el9_5.1.noarch.rpm
tigervnc-server-1.14.1-1.el9_5.1.x86_64.rpm
tigervnc-server-minimal-1.14.1-1.el9_5.1.x86_64.rpm
tigervnc-server-module-1.14.1-1.el9_5.1.x86_64.rpm
aarch64:
tigervnc-1.14.1-1.el9_5.1.aarch64.rpm
tigervnc-icons-1.14.1-1.el9_5.1.noarch.rpm
tigervnc-license-1.14.1-1.el9_5.1.noarch.rpm
tigervnc-selinux-1.14.1-1.el9_5.1.noarch.rpm
tigervnc-server-1.14.1-1.el9_5.1.aarch64.rpm
tigervnc-server-minimal-1.14.1-1.el9_5.1.aarch64.rpm
tigervnc-server-module-1.14.1-1.el9_5.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//tigervnc-1.14.1-1.el9_5.1.src.rpm
Related CVEs:
CVE-2025-26594
CVE-2025-26595
CVE-2025-26596
CVE-2025-26597
CVE-2025-26598
CVE-2025-26599
CVE-2025-26600
CVE-2025-26601
Description of changes:
[1.14.1-1.1]
- Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor
Resolves: RHEL-79406
- Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText()
Resolves: RHEL-80018
- Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms()
Resolves: RHEL-79391
- Fix CVE-2025-26597 xorg-x11-server Buffer overflow in XkbChangeTypesOfKey()
Resolves: RHEL-80029
- Fix CVE-2025-26598 xorg-x11-server Out-of-bounds write in CreatePointerBarrierClient()
Resolves: RHEL-79374
- Fix CVE-2025-26599 xorg-x11-server Use of uninitialized pointer in compRedirectWindow()
Resolves: RHEL-80043
- Fix CVE-2025-26600 xorg-x11-server Use-after-free in PlayReleasedEvents()
Resolves: RHEL-80037
- Fix CVE-2025-26601 xorg-x11-server Use-after-free in SyncInitTrigger()
Resolves: RHEL-79353
From el-errata at oss.oracle.com Tue Mar 11 19:53:06 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:06 -0700
Subject: [El-errata] ELSA-2025-20153 Important: Oracle Linux 8 Unbreakable
Enterprise kernel security update
Message-ID: <mailman.71.1741722803.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-20153
http://linux.oracle.com/errata/ELSA-2025-20153.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
aarch64:
kernel-uek-5.4.17-2136.341.3.1.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.341.3.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.341.3.1.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.341.3.1.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.341.3.1.el8uek.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.341.3.1.el8uek.src.rpm
Related CVEs:
CVE-2024-44986
CVE-2024-53164
CVE-2024-56767
CVE-2024-56769
Description of changes:
[5.4.17-2136.341.3.1.el8uek]
- Revert "NFSD: Limit the number of concurrent async COPY operations" (Sherry Yang) [Orabug: 37667080]
[5.4.17-2136.341.3.el8uek]
- io_uring: fix possible deadlock in io_register_iowq_max_workers() (Hagar Hemdan) [Orabug: 37565787]
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (Jens Axboe) [Orabug: 37565787]
- io_uring: use kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
- fs: create kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
- io_uring: rename kiocb_end_write() local helper (Amir Goldstein) [Orabug: 37565787]
- io_uring/sqpoll: close race on waiting for sqring entries (Jens Axboe) [Orabug: 37565787]
- io_uring/sqpoll: do not put cpumask on stack (Felix Moessbauer) [Orabug: 37565787]
- io_uring/sqpoll: retain test for whether the CPU is valid (Jens Axboe) [Orabug: 37565787]
- io_uring/sqpoll: do not allow pinning outside of cpuset (Felix Moessbauer) [Orabug: 37565787]
- io_uring/io-wq: limit retrying worker initialisation (Pavel Begunkov) [Orabug: 37565787]
- vfs: check dentry is still valid in get_link() (Ian Kent) [Orabug: 37536393]
- RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584]
- NFSD: Limit the number of concurrent async COPY operations (Chuck Lever) [Orabug: 37206187]
[5.4.17-2136.341.2.el8uek]
- LTS tag: v5.4.289 (Sherry Yang)
- mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa)
- drm: adv7511: Drop dsi single lane support (Biju Das)
- net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Nikolay Kuratov)
- sky2: Add device ID 11ab:4373 for Marvell 88E8075 (Pascal Hambourg)
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (Evgenii Shatokhin)
- RDMA/uverbs: Prevent integer overflow issue (Dan Carpenter)
- modpost: fix the missed iteration for the max bit in do_input() (Masahiro Yamada)
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (Masahiro Yamada)
- ARC: build: Try to guess GCC variant of cross compiler (Leon Romanovsky)
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (Uros Bizjak)
- net: usb: qmi_wwan: add Telit FE910C04 compositions (Daniele Palmas)
- bpf: fix potential error return (Anton Protopopov)
- sound: usb: format: don't warn that raw DSD is unsupported (Adrian Ratiu)
- wifi: mac80211: wake the queues in case of failure in resume (Emmanuel Grumbach)
- ila: serialize calls to nf_register_net_hooks() (Eric Dumazet)
- ALSA: usb-audio: US16x08: Initialize array before use (Tanya Agarwal)
- net: llc: reset skb->transport_header (Antonio Pastor)
- netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (Pablo Neira Ayuso)
- netfilter: Replace zero-length array with flexible-array member (Gustavo A. R. Silva)
- netrom: check buffer length before accessing it (Ilya Shchipletsov)
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly (Stefan Ekenberg)
- drm: bridge: adv7511: Enable SPDIF DAI (Bogdan Togorean)
- RDMA/bnxt_re: Fix max_qp_wrs reported (Selvin Xavier)
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (Kalesh AP)
- RDMA/bnxt_re: Add check for path mtu in modify_qp (Saravanan Vajravel)
- RDMA/mlx5: Enforce same type port association for multiport RoCE (Patrisious Haddad)
- net/mlx5: Make API mlx5_core_is_ecpf accept const pointer (Parav Pandit)
- IB/mlx5: Introduce and use mlx5_core_is_vf() (Parav Pandit)
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (Michael Kelley)
- selinux: ignore unknown extended permissions (Thi?baud Weksteen)
- ipv6: prevent possible UAF in ip6_xmit() (Eric Dumazet)
- skb_expand_head() adjust skb->truesize incorrectly (Vasily Averin)
- btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana)
- tracing: Constify string literal data member in struct trace_event_call (Christian G?ttsche)
- bpf: fix recursive lock when verdict program return SK_PASS (Jiayuan Chen)
- ipv6: fix possible UAF in ip6_finish_output2() (Eric Dumazet) [Orabug: 37029070] {CVE-2024-44986}
- ipv6: use skb_expand_head in ip6_xmit (Vasily Averin)
- ipv6: use skb_expand_head in ip6_finish_output2 (Vasily Averin)
- skbuff: introduce skb_expand_head() (Vasily Averin)
- MIPS: Probe toolchain support of -msym32 (Jiaxun Yang)
- epoll: Add synchronous wakeup support for ep_poll_callback (Xuewen Yan)
- virtio-blk: don't keep queue frozen during system suspend (Ming Lei)
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (Ranjan Kumar)
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (Armin Wolf)
- regmap: Use correct format specifier for logging range errors (Mark Brown)
- scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl)
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (Magnus Lindholm)
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (Masami Hiramatsu (Google))
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (Chen Ridong) [Orabug: 37452681] {CVE-2024-56767}
- dmaengine: mv_xor: fix child node refcount handling in early exit (Javier Carrasco)
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (Zijun Hu)
- phy: core: Fix that API devm_phy_put() fails to release the phy (Zijun Hu)
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (Zijun Hu)
- phy: core: Fix an OF node refcount leakage in _of_phy_get() (Zijun Hu)
- mtd: diskonchip: Cast an operand to prevent potential overflow (Zichen Xie)
- bpf: Check negative offsets in __bpf_skb_min_len() (Cong Wang)
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (Nikita Zhandarovich) [Orabug: 37452687] {CVE-2024-56769}
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (Zijun Hu)
- of: Fix error path in of_parse_phandle_with_args_map() (Herve Codina)
- udmabuf: also check for F_SEAL_FUTURE_WRITE (Jann Horn)
- nilfs2: prevent use of deleted inode (Edward Adam Davis)
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (Trond Myklebust)
- btrfs: tree-checker: reject inline extent items with 0 ref count (Qu Wenruo)
- zram: refuse to use zero sized block device as backing device (Kairui Song)
- sh: clk: Fix clk_enable() to return 0 on NULL clk (Geert Uytterhoeven)
- USB: serial: option: add Telit FE910C04 rmnet compositions (Daniele Palmas)
- USB: serial: option: add MediaTek T7XX compositions (Jack Wu)
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (Mank Wang)
- USB: serial: option: add MeiG Smart SLM770A (Michal Hrusecky)
- USB: serial: option: add TCL IK512 MBIM & ECM (Daniel Swanemar)
- efivarfs: Fix error on non-existent file (James Bottomley)
- i2c: riic: Always round-up when calculating bus period (Geert Uytterhoeven)
- chelsio/chtls: prevent potential integer overflow on 32bit (Dan Carpenter)
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (Prathamesh Shete)
- netfilter: ipset: Fix for recursive locking warning (Phil Sutter)
- net: ethernet: bgmac-platform: fix an OF node reference leak (Joe Hattori)
- net: hinic: Fix cleanup in create_rxqs/txqs() (Dan Carpenter)
- ionic: use ee->offset when returning sprom data (Shannon Nelson)
- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Guangguan Wang)
- erofs: fix incorrect symlink detection in fast symlink (Gao Xiang)
- erofs: fix order >= MAX_ORDER warning due to crafted negative i_size (Gao Xiang)
- drm/i915: Fix memory leak by correcting cache object name in error handler (Jiasheng Jiang)
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (Ajit Khaparde)
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (Takashi Iwai)
- PCI/AER: Disable AER service on suspend (Kai-Heng Feng)
- usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc with iommu enabled (Peng Hongchi)
- net: sched: fix ordering of qlen adjustment (Lion Ackermann) [Orabug: 37433383] {CVE-2024-53164}
[5.4.17-2136.341.1.el8uek]
- kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37525298]
- uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530220]
From el-errata at oss.oracle.com Tue Mar 11 19:53:14 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:14 -0700
Subject: [El-errata] ELSA-2025-2473 Important: Oracle Linux 8 kernel
security update
Message-ID: <mailman.72.1741722803.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2473
http://linux.oracle.com/errata/ELSA-2025-2473.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.44.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.44.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.44.1.el8_10.x86_64.rpm
perf-4.18.0-553.44.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.44.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.44.1.el8_10.x86_64.rpm
aarch64:
bpftool-4.18.0-553.44.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.44.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.44.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.44.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.44.1.el8_10.aarch64.rpm
perf-4.18.0-553.44.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.44.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.44.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.44.1.el8_10.src.rpm
Related CVEs:
CVE-2024-50302
CVE-2024-53197
CVE-2024-57807
CVE-2024-57979
Description of changes:
[4.18.0-553.44.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
[4.18.0-553.44.1.el8_10]
- HID: core: zero-initialize the report buffer (CKI Backport Bot) [RHEL-81825] {CVE-2024-50302}
- ALSA: usb-audio: Fix a DMA to stack memory bug (Jaroslav Kysela) [RHEL-81786]
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81786]
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Jaroslav Kysela) [RHEL-81786] {CVE-2024-53197}
- ALSA: usb-audio: Add sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81786]
[4.18.0-553.43.1.el8_10]
- s390/module: fix loading modules with a lot of relocations (Mete Durlu) [RHEL-78999]
- s390/module: Use s390_kernel_write() for late relocations (Mete Durlu) [RHEL-78999]
- locking/atomic: Make test_and_*_bit() ordered on failure (Herton R. Krzesinski) [RHEL-69894]
- pps: Fix a use-after-free (Michal Schmidt) [RHEL-77971]
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: gaccess: Check if guest address is in memslot (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (Thomas Huth) [RHEL-68323 RHEL-65229]
- s390/uv: Panic for set and remove shared access UVC errors (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: vsie: Use virt_to_phys for crypto control block (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: vsie: Use virt_to_phys for facility control block (Thomas Huth) [RHEL-68323 RHEL-65229]
- scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl) [RHEL-21984] {CVE-2024-57807}
- net/mlx5: Reload auxiliary devices in pci error handlers (Benjamin Poirier) [RHEL-78756]
- net/mlx5: Suspend auxiliary devices only in case of PCI device suspend (Benjamin Poirier) [RHEL-78756]
From el-errata at oss.oracle.com Tue Mar 11 19:53:08 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:08 -0700
Subject: [El-errata] ELBA-2025-2603 Oracle Linux 8 fence-agents bug fix
update
Message-ID: <mailman.73.1741722807.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2603
http://linux.oracle.com/errata/ELBA-2025-2603.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
fence-agents-all-4.2.1-129.el8_10.7.x86_64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.7.x86_64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.7.x86_64.rpm
fence-agents-lpar-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-mpath-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.7.x86_64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.7.noarch.rpm
aarch64:
fence-agents-all-4.2.1-129.el8_10.7.aarch64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.7.aarch64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.7.aarch64.rpm
fence-agents-mpath-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.7.aarch64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.7.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.7.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//fence-agents-4.2.1-129.el8_10.7.src.rpm
Description of changes:
[4.2.1-129.7]
- fence_azure_arm: use azure-identity instead of msrestazure, which has
been deprecated
Resolves: RHEL-76492
[4.2.1-129.5]
- fence_scsi: preempt clears all devices on the mpath device, so only
run it for the first device
Resolves: RHEL-56840
[4.2.1-129.4]
- bundled setuptools: fix CVE-2024-6345
Resolves: RHEL-50223
[4.2.1-129.3]
- bundled urllib3: fix CVE-2024-37891
Resolves: RHEL-43568
[4.2.1-129.2]
- fence_eps: add fence_epsr2 for ePowerSwitch R2 and newer
Resolves: RHEL-7734
- bundled jinja2: fix CVE-2024-34064
Resolves: RHEL-35655
From el-errata at oss.oracle.com Tue Mar 11 19:52:56 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:52:56 -0700
Subject: [El-errata] ELSA-2025-20153 Important: Oracle Linux 8 Unbreakable
Enterprise kernel security update
Message-ID: <mailman.74.1741722808.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-20153
http://linux.oracle.com/errata/ELSA-2025-20153.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-5.4.17-2136.341.3.1.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.341.3.1.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.341.3.1.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.341.3.1.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.341.3.1.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.341.3.1.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.341.3.1.el8uek.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.341.3.1.el8uek.src.rpm
Related CVEs:
CVE-2024-44986
CVE-2024-53164
CVE-2024-56767
CVE-2024-56769
Description of changes:
[5.4.17-2136.341.3.1.el8uek]
- Revert "NFSD: Limit the number of concurrent async COPY operations" (Sherry Yang) [Orabug: 37667080]
[5.4.17-2136.341.3.el8uek]
- io_uring: fix possible deadlock in io_register_iowq_max_workers() (Hagar Hemdan) [Orabug: 37565787]
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (Jens Axboe) [Orabug: 37565787]
- io_uring: use kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
- fs: create kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
- io_uring: rename kiocb_end_write() local helper (Amir Goldstein) [Orabug: 37565787]
- io_uring/sqpoll: close race on waiting for sqring entries (Jens Axboe) [Orabug: 37565787]
- io_uring/sqpoll: do not put cpumask on stack (Felix Moessbauer) [Orabug: 37565787]
- io_uring/sqpoll: retain test for whether the CPU is valid (Jens Axboe) [Orabug: 37565787]
- io_uring/sqpoll: do not allow pinning outside of cpuset (Felix Moessbauer) [Orabug: 37565787]
- io_uring/io-wq: limit retrying worker initialisation (Pavel Begunkov) [Orabug: 37565787]
- vfs: check dentry is still valid in get_link() (Ian Kent) [Orabug: 37536393]
- RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584]
- NFSD: Limit the number of concurrent async COPY operations (Chuck Lever) [Orabug: 37206187]
[5.4.17-2136.341.2.el8uek]
- LTS tag: v5.4.289 (Sherry Yang)
- mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa)
- drm: adv7511: Drop dsi single lane support (Biju Das)
- net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Nikolay Kuratov)
- sky2: Add device ID 11ab:4373 for Marvell 88E8075 (Pascal Hambourg)
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (Evgenii Shatokhin)
- RDMA/uverbs: Prevent integer overflow issue (Dan Carpenter)
- modpost: fix the missed iteration for the max bit in do_input() (Masahiro Yamada)
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (Masahiro Yamada)
- ARC: build: Try to guess GCC variant of cross compiler (Leon Romanovsky)
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (Uros Bizjak)
- net: usb: qmi_wwan: add Telit FE910C04 compositions (Daniele Palmas)
- bpf: fix potential error return (Anton Protopopov)
- sound: usb: format: don't warn that raw DSD is unsupported (Adrian Ratiu)
- wifi: mac80211: wake the queues in case of failure in resume (Emmanuel Grumbach)
- ila: serialize calls to nf_register_net_hooks() (Eric Dumazet)
- ALSA: usb-audio: US16x08: Initialize array before use (Tanya Agarwal)
- net: llc: reset skb->transport_header (Antonio Pastor)
- netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (Pablo Neira Ayuso)
- netfilter: Replace zero-length array with flexible-array member (Gustavo A. R. Silva)
- netrom: check buffer length before accessing it (Ilya Shchipletsov)
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly (Stefan Ekenberg)
- drm: bridge: adv7511: Enable SPDIF DAI (Bogdan Togorean)
- RDMA/bnxt_re: Fix max_qp_wrs reported (Selvin Xavier)
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (Kalesh AP)
- RDMA/bnxt_re: Add check for path mtu in modify_qp (Saravanan Vajravel)
- RDMA/mlx5: Enforce same type port association for multiport RoCE (Patrisious Haddad)
- net/mlx5: Make API mlx5_core_is_ecpf accept const pointer (Parav Pandit)
- IB/mlx5: Introduce and use mlx5_core_is_vf() (Parav Pandit)
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (Michael Kelley)
- selinux: ignore unknown extended permissions (Thi?baud Weksteen)
- ipv6: prevent possible UAF in ip6_xmit() (Eric Dumazet)
- skb_expand_head() adjust skb->truesize incorrectly (Vasily Averin)
- btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana)
- tracing: Constify string literal data member in struct trace_event_call (Christian G?ttsche)
- bpf: fix recursive lock when verdict program return SK_PASS (Jiayuan Chen)
- ipv6: fix possible UAF in ip6_finish_output2() (Eric Dumazet) [Orabug: 37029070] {CVE-2024-44986}
- ipv6: use skb_expand_head in ip6_xmit (Vasily Averin)
- ipv6: use skb_expand_head in ip6_finish_output2 (Vasily Averin)
- skbuff: introduce skb_expand_head() (Vasily Averin)
- MIPS: Probe toolchain support of -msym32 (Jiaxun Yang)
- epoll: Add synchronous wakeup support for ep_poll_callback (Xuewen Yan)
- virtio-blk: don't keep queue frozen during system suspend (Ming Lei)
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (Ranjan Kumar)
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (Armin Wolf)
- regmap: Use correct format specifier for logging range errors (Mark Brown)
- scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl)
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (Magnus Lindholm)
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (Masami Hiramatsu (Google))
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (Chen Ridong) [Orabug: 37452681] {CVE-2024-56767}
- dmaengine: mv_xor: fix child node refcount handling in early exit (Javier Carrasco)
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (Zijun Hu)
- phy: core: Fix that API devm_phy_put() fails to release the phy (Zijun Hu)
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (Zijun Hu)
- phy: core: Fix an OF node refcount leakage in _of_phy_get() (Zijun Hu)
- mtd: diskonchip: Cast an operand to prevent potential overflow (Zichen Xie)
- bpf: Check negative offsets in __bpf_skb_min_len() (Cong Wang)
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (Nikita Zhandarovich) [Orabug: 37452687] {CVE-2024-56769}
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (Zijun Hu)
- of: Fix error path in of_parse_phandle_with_args_map() (Herve Codina)
- udmabuf: also check for F_SEAL_FUTURE_WRITE (Jann Horn)
- nilfs2: prevent use of deleted inode (Edward Adam Davis)
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (Trond Myklebust)
- btrfs: tree-checker: reject inline extent items with 0 ref count (Qu Wenruo)
- zram: refuse to use zero sized block device as backing device (Kairui Song)
- sh: clk: Fix clk_enable() to return 0 on NULL clk (Geert Uytterhoeven)
- USB: serial: option: add Telit FE910C04 rmnet compositions (Daniele Palmas)
- USB: serial: option: add MediaTek T7XX compositions (Jack Wu)
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (Mank Wang)
- USB: serial: option: add MeiG Smart SLM770A (Michal Hrusecky)
- USB: serial: option: add TCL IK512 MBIM & ECM (Daniel Swanemar)
- efivarfs: Fix error on non-existent file (James Bottomley)
- i2c: riic: Always round-up when calculating bus period (Geert Uytterhoeven)
- chelsio/chtls: prevent potential integer overflow on 32bit (Dan Carpenter)
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (Prathamesh Shete)
- netfilter: ipset: Fix for recursive locking warning (Phil Sutter)
- net: ethernet: bgmac-platform: fix an OF node reference leak (Joe Hattori)
- net: hinic: Fix cleanup in create_rxqs/txqs() (Dan Carpenter)
- ionic: use ee->offset when returning sprom data (Shannon Nelson)
- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Guangguan Wang)
- erofs: fix incorrect symlink detection in fast symlink (Gao Xiang)
- erofs: fix order >= MAX_ORDER warning due to crafted negative i_size (Gao Xiang)
- drm/i915: Fix memory leak by correcting cache object name in error handler (Jiasheng Jiang)
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (Ajit Khaparde)
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (Takashi Iwai)
- PCI/AER: Disable AER service on suspend (Kai-Heng Feng)
- usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc with iommu enabled (Peng Hongchi)
- net: sched: fix ordering of qlen adjustment (Lion Ackermann) [Orabug: 37433383] {CVE-2024-53164}
[5.4.17-2136.341.1.el8uek]
- kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37525298]
- uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530220]
From el-errata at oss.oracle.com Tue Mar 11 19:53:15 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:15 -0700
Subject: [El-errata] ELSA-2025-2502 Important: Oracle Linux 8 tigervnc
security update
Message-ID: <mailman.77.1741722808.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2502
http://linux.oracle.com/errata/ELSA-2025-2502.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
tigervnc-1.13.1-15.el8_10.x86_64.rpm
tigervnc-icons-1.13.1-15.el8_10.noarch.rpm
tigervnc-license-1.13.1-15.el8_10.noarch.rpm
tigervnc-selinux-1.13.1-15.el8_10.noarch.rpm
tigervnc-server-1.13.1-15.el8_10.x86_64.rpm
tigervnc-server-minimal-1.13.1-15.el8_10.x86_64.rpm
tigervnc-server-module-1.13.1-15.el8_10.x86_64.rpm
aarch64:
tigervnc-1.13.1-15.el8_10.aarch64.rpm
tigervnc-icons-1.13.1-15.el8_10.noarch.rpm
tigervnc-license-1.13.1-15.el8_10.noarch.rpm
tigervnc-selinux-1.13.1-15.el8_10.noarch.rpm
tigervnc-server-1.13.1-15.el8_10.aarch64.rpm
tigervnc-server-minimal-1.13.1-15.el8_10.aarch64.rpm
tigervnc-server-module-1.13.1-15.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tigervnc-1.13.1-15.el8_10.src.rpm
Related CVEs:
CVE-2025-26594
CVE-2025-26595
CVE-2025-26596
CVE-2025-26597
CVE-2025-26598
CVE-2025-26599
CVE-2025-26600
CVE-2025-26601
Description of changes:
[1.13.1-15]
- Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor
Resolves: RHEL-79397
- Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText()
Resolves: RHEL-79401
- Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms()
Resolves: RHEL-79386
- Fix CVE-2025-26597 xorg-x11-server Buffer overflow in XkbChangeTypesOfKey()
Resolves: RHEL-79380
- Fix CVE-2025-26598 xorg-x11-server Out-of-bounds write in CreatePointerBarrierClient()
Resolves: RHEL-79369
- Fix CVE-2025-26599 xorg-x11-server Use of uninitialized pointer in compRedirectWindow()
Resolves: RHEL-79364
- Fix CVE-2025-26600 xorg-x11-server Use-after-free in PlayReleasedEvents()
Resolves: RHEL-79360
- Fix CVE-2025-26601 xorg-x11-server Use-after-free in SyncInitTrigger()
Resolves: RHEL-79348
From el-errata at oss.oracle.com Tue Mar 11 19:53:09 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:09 -0700
Subject: [El-errata] ELBA-2025-2605 Oracle Linux 8 geocode-glib bug fix
update
Message-ID: <mailman.78.1741722809.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2605
http://linux.oracle.com/errata/ELBA-2025-2605.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
geocode-glib-3.26.0-4.el8_10.i686.rpm
geocode-glib-3.26.0-4.el8_10.x86_64.rpm
geocode-glib-devel-3.26.0-4.el8_10.i686.rpm
geocode-glib-devel-3.26.0-4.el8_10.x86_64.rpm
aarch64:
geocode-glib-3.26.0-4.el8_10.aarch64.rpm
geocode-glib-devel-3.26.0-4.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//geocode-glib-3.26.0-4.el8_10.src.rpm
Description of changes:
[3.26.0-4]
- Resolves: RHEL-4090 (Fix Nominatim crasher)
From el-errata at oss.oracle.com Tue Mar 11 19:53:12 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:12 -0700
Subject: [El-errata] ELBA-2025-2617 Oracle Linux 8 libselinux bug fix update
Message-ID: <mailman.79.1741722809.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2617
http://linux.oracle.com/errata/ELBA-2025-2617.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
libselinux-2.9-10.el8_10.i686.rpm
libselinux-2.9-10.el8_10.x86_64.rpm
libselinux-devel-2.9-10.el8_10.i686.rpm
libselinux-devel-2.9-10.el8_10.x86_64.rpm
libselinux-ruby-2.9-10.el8_10.x86_64.rpm
libselinux-utils-2.9-10.el8_10.x86_64.rpm
python3-libselinux-2.9-10.el8_10.x86_64.rpm
libselinux-static-2.9-10.el8_10.i686.rpm
libselinux-static-2.9-10.el8_10.x86_64.rpm
aarch64:
libselinux-2.9-10.el8_10.aarch64.rpm
libselinux-devel-2.9-10.el8_10.aarch64.rpm
libselinux-ruby-2.9-10.el8_10.aarch64.rpm
libselinux-utils-2.9-10.el8_10.aarch64.rpm
python3-libselinux-2.9-10.el8_10.aarch64.rpm
libselinux-static-2.9-10.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libselinux-2.9-10.el8_10.src.rpm
Description of changes:
[2.9-10]
- Close old selabel handle when setting a new one (RHEL-73348)
- Fix NULL pointer use in selinux_restorecon_set_sehandle (RHEL-74252)
From el-errata at oss.oracle.com Tue Mar 11 19:53:22 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:22 -0700
Subject: [El-errata] ELSA-2025-1718 Important: Oracle Linux 7 bind security
update
Message-ID: <mailman.80.1741722812.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1718
http://linux.oracle.com/errata/ELSA-2025-1718.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
bind-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-chroot-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-devel-9.11.4-26.0.3.P2.el7_9.16.i686.rpm
bind-devel-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-export-devel-9.11.4-26.0.3.P2.el7_9.16.i686.rpm
bind-export-devel-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-export-libs-9.11.4-26.0.3.P2.el7_9.16.i686.rpm
bind-export-libs-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-libs-9.11.4-26.0.3.P2.el7_9.16.i686.rpm
bind-libs-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-libs-lite-9.11.4-26.0.3.P2.el7_9.16.i686.rpm
bind-libs-lite-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-license-9.11.4-26.0.3.P2.el7_9.16.noarch.rpm
bind-lite-devel-9.11.4-26.0.3.P2.el7_9.16.i686.rpm
bind-lite-devel-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-pkcs11-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-pkcs11-devel-9.11.4-26.0.3.P2.el7_9.16.i686.rpm
bind-pkcs11-devel-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-pkcs11-libs-9.11.4-26.0.3.P2.el7_9.16.i686.rpm
bind-pkcs11-libs-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-pkcs11-utils-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-sdb-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-sdb-chroot-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
bind-utils-9.11.4-26.0.3.P2.el7_9.16.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//bind-9.11.4-26.0.3.P2.el7_9.16.src.rpm
Related CVEs:
CVE-2024-11187
Description of changes:
[32:9.11.4-26.0.3.P2.16]
- Resolve CVE-2024-11187 [Orabug: 37616907]
From el-errata at oss.oracle.com Tue Mar 11 19:53:02 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:02 -0700
Subject: [El-errata] ELSA-2025-20153 Important: Oracle Linux 7 Unbreakable
Enterprise kernel security update
Message-ID: <mailman.81.1741722812.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-20153
http://linux.oracle.com/errata/ELSA-2025-20153.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-5.4.17-2136.341.3.1.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.341.3.1.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.341.3.1.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.341.3.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.341.3.1.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.341.3.1.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.341.3.1.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.341.3.1.el7uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.341.3.1.el7uek.src.rpm
Related CVEs:
CVE-2024-44986
CVE-2024-53164
CVE-2024-56767
CVE-2024-56769
Description of changes:
[5.4.17-2136.341.3.1.el7uek]
- Revert "NFSD: Limit the number of concurrent async COPY operations" (Sherry Yang) [Orabug: 37667080]
[5.4.17-2136.341.3.el7uek]
- io_uring: fix possible deadlock in io_register_iowq_max_workers() (Hagar Hemdan) [Orabug: 37565787]
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (Jens Axboe) [Orabug: 37565787]
- io_uring: use kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
- fs: create kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
- io_uring: rename kiocb_end_write() local helper (Amir Goldstein) [Orabug: 37565787]
- io_uring/sqpoll: close race on waiting for sqring entries (Jens Axboe) [Orabug: 37565787]
- io_uring/sqpoll: do not put cpumask on stack (Felix Moessbauer) [Orabug: 37565787]
- io_uring/sqpoll: retain test for whether the CPU is valid (Jens Axboe) [Orabug: 37565787]
- io_uring/sqpoll: do not allow pinning outside of cpuset (Felix Moessbauer) [Orabug: 37565787]
- io_uring/io-wq: limit retrying worker initialisation (Pavel Begunkov) [Orabug: 37565787]
- vfs: check dentry is still valid in get_link() (Ian Kent) [Orabug: 37536393]
- RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584]
- NFSD: Limit the number of concurrent async COPY operations (Chuck Lever) [Orabug: 37206187]
[5.4.17-2136.341.2.el7uek]
- LTS tag: v5.4.289 (Sherry Yang)
- mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa)
- drm: adv7511: Drop dsi single lane support (Biju Das)
- net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Nikolay Kuratov)
- sky2: Add device ID 11ab:4373 for Marvell 88E8075 (Pascal Hambourg)
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (Evgenii Shatokhin)
- RDMA/uverbs: Prevent integer overflow issue (Dan Carpenter)
- modpost: fix the missed iteration for the max bit in do_input() (Masahiro Yamada)
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (Masahiro Yamada)
- ARC: build: Try to guess GCC variant of cross compiler (Leon Romanovsky)
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (Uros Bizjak)
- net: usb: qmi_wwan: add Telit FE910C04 compositions (Daniele Palmas)
- bpf: fix potential error return (Anton Protopopov)
- sound: usb: format: don't warn that raw DSD is unsupported (Adrian Ratiu)
- wifi: mac80211: wake the queues in case of failure in resume (Emmanuel Grumbach)
- ila: serialize calls to nf_register_net_hooks() (Eric Dumazet)
- ALSA: usb-audio: US16x08: Initialize array before use (Tanya Agarwal)
- net: llc: reset skb->transport_header (Antonio Pastor)
- netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (Pablo Neira Ayuso)
- netfilter: Replace zero-length array with flexible-array member (Gustavo A. R. Silva)
- netrom: check buffer length before accessing it (Ilya Shchipletsov)
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly (Stefan Ekenberg)
- drm: bridge: adv7511: Enable SPDIF DAI (Bogdan Togorean)
- RDMA/bnxt_re: Fix max_qp_wrs reported (Selvin Xavier)
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (Kalesh AP)
- RDMA/bnxt_re: Add check for path mtu in modify_qp (Saravanan Vajravel)
- RDMA/mlx5: Enforce same type port association for multiport RoCE (Patrisious Haddad)
- net/mlx5: Make API mlx5_core_is_ecpf accept const pointer (Parav Pandit)
- IB/mlx5: Introduce and use mlx5_core_is_vf() (Parav Pandit)
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (Michael Kelley)
- selinux: ignore unknown extended permissions (Thi?baud Weksteen)
- ipv6: prevent possible UAF in ip6_xmit() (Eric Dumazet)
- skb_expand_head() adjust skb->truesize incorrectly (Vasily Averin)
- btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana)
- tracing: Constify string literal data member in struct trace_event_call (Christian G?ttsche)
- bpf: fix recursive lock when verdict program return SK_PASS (Jiayuan Chen)
- ipv6: fix possible UAF in ip6_finish_output2() (Eric Dumazet) [Orabug: 37029070] {CVE-2024-44986}
- ipv6: use skb_expand_head in ip6_xmit (Vasily Averin)
- ipv6: use skb_expand_head in ip6_finish_output2 (Vasily Averin)
- skbuff: introduce skb_expand_head() (Vasily Averin)
- MIPS: Probe toolchain support of -msym32 (Jiaxun Yang)
- epoll: Add synchronous wakeup support for ep_poll_callback (Xuewen Yan)
- virtio-blk: don't keep queue frozen during system suspend (Ming Lei)
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (Ranjan Kumar)
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (Armin Wolf)
- regmap: Use correct format specifier for logging range errors (Mark Brown)
- scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl)
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (Magnus Lindholm)
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (Masami Hiramatsu (Google))
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (Chen Ridong) [Orabug: 37452681] {CVE-2024-56767}
- dmaengine: mv_xor: fix child node refcount handling in early exit (Javier Carrasco)
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (Zijun Hu)
- phy: core: Fix that API devm_phy_put() fails to release the phy (Zijun Hu)
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (Zijun Hu)
- phy: core: Fix an OF node refcount leakage in _of_phy_get() (Zijun Hu)
- mtd: diskonchip: Cast an operand to prevent potential overflow (Zichen Xie)
- bpf: Check negative offsets in __bpf_skb_min_len() (Cong Wang)
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (Nikita Zhandarovich) [Orabug: 37452687] {CVE-2024-56769}
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (Zijun Hu)
- of: Fix error path in of_parse_phandle_with_args_map() (Herve Codina)
- udmabuf: also check for F_SEAL_FUTURE_WRITE (Jann Horn)
- nilfs2: prevent use of deleted inode (Edward Adam Davis)
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (Trond Myklebust)
- btrfs: tree-checker: reject inline extent items with 0 ref count (Qu Wenruo)
- zram: refuse to use zero sized block device as backing device (Kairui Song)
- sh: clk: Fix clk_enable() to return 0 on NULL clk (Geert Uytterhoeven)
- USB: serial: option: add Telit FE910C04 rmnet compositions (Daniele Palmas)
- USB: serial: option: add MediaTek T7XX compositions (Jack Wu)
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (Mank Wang)
- USB: serial: option: add MeiG Smart SLM770A (Michal Hrusecky)
- USB: serial: option: add TCL IK512 MBIM & ECM (Daniel Swanemar)
- efivarfs: Fix error on non-existent file (James Bottomley)
- i2c: riic: Always round-up when calculating bus period (Geert Uytterhoeven)
- chelsio/chtls: prevent potential integer overflow on 32bit (Dan Carpenter)
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (Prathamesh Shete)
- netfilter: ipset: Fix for recursive locking warning (Phil Sutter)
- net: ethernet: bgmac-platform: fix an OF node reference leak (Joe Hattori)
- net: hinic: Fix cleanup in create_rxqs/txqs() (Dan Carpenter)
- ionic: use ee->offset when returning sprom data (Shannon Nelson)
- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Guangguan Wang)
- erofs: fix incorrect symlink detection in fast symlink (Gao Xiang)
- erofs: fix order >= MAX_ORDER warning due to crafted negative i_size (Gao Xiang)
- drm/i915: Fix memory leak by correcting cache object name in error handler (Jiasheng Jiang)
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (Ajit Khaparde)
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (Takashi Iwai)
- PCI/AER: Disable AER service on suspend (Kai-Heng Feng)
- usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc with iommu enabled (Peng Hongchi)
- net: sched: fix ordering of qlen adjustment (Lion Ackermann) [Orabug: 37433383] {CVE-2024-53164}
[5.4.17-2136.341.1.el7uek]
- kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37525298]
- uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530220]
From el-errata at oss.oracle.com Tue Mar 11 19:53:17 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:17 -0700
Subject: [El-errata] ELSA-2025-2600 Moderate: Oracle Linux 8 rsync security
update
Message-ID: <mailman.82.1741722813.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2600
http://linux.oracle.com/errata/ELSA-2025-2600.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
rsync-3.1.3-21.el8_10.x86_64.rpm
rsync-daemon-3.1.3-21.el8_10.noarch.rpm
aarch64:
rsync-3.1.3-21.el8_10.aarch64.rpm
rsync-daemon-3.1.3-21.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//rsync-3.1.3-21.el8_10.src.rpm
Related CVEs:
CVE-2024-12087
CVE-2024-12088
CVE-2024-12747
Description of changes:
[3.1.3-21]
- Resolves: RHEL-70207 - Path traversal vulnerability in rsync
From el-errata at oss.oracle.com Tue Mar 11 19:53:11 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Tue, 11 Mar 2025 12:53:11 -0700
Subject: [El-errata] ELBA-2025-2606 Oracle Linux 8 grafana bug fix update
Message-ID: <mailman.83.1741722813.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2606
http://linux.oracle.com/errata/ELBA-2025-2606.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
grafana-9.2.10-22.el8_10.x86_64.rpm
grafana-selinux-9.2.10-22.el8_10.x86_64.rpm
aarch64:
grafana-9.2.10-22.el8_10.aarch64.rpm
grafana-selinux-9.2.10-22.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//grafana-9.2.10-22.el8_10.src.rpm
Description of changes:
[9.2.10-22]
- Resolves RHEL-75921: grafana selinux issue with autofs_t
From el-errata at oss.oracle.com Thu Mar 13 05:39:34 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 05:39:34 +0000
Subject: [El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8
(ELSA-2025-20153)
References: <26491b3feaab193268e8d9f6426cb513.apache@ksplice.com>
Message-ID: <mailman.104.1741844385.33.el-errata@oss.oracle.com>
Synopsis: ELSA-2025-20153 can now be patched using Ksplice
CVEs: CVE-2024-53164
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2025-20153.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2025-20153.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on
OL7 and OL8 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2024-53164: Privilege escalation in CAKE network scheduler.
A logic error when using the Common Applications Kept Enhanced (CAKE)
network scheduler could lead to a use-after-free. A local attacker could
use this flaw to escalate privileges.
* Remote denial-of-service in NFSv4.1 client driver.
A missing check when using the NFSv4.1 client driver could lead
to a livelock. A remote attacker could use this flaw to cause a
denial-of-service.
* Note: Oracle has determined some CVEs are not applicable.
The kernel is not affected by the following CVEs
since the code under consideration is not compiled.
CVE-2024-53690, CVE-2024-56767, CVE-2024-57802, CVE-2024-57889,
CVE-2024-57900
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://oss.oracle.com/pipermail/el-errata/attachments/20250313/d355bff3/attachment.sig>
From el-errata at oss.oracle.com Fri Mar 14 00:05:45 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:05:45 -0700
Subject: [El-errata] ELSA-2025-2627 Important: Oracle Linux 9 kernel
security update
Message-ID: <mailman.105.1741910756.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2627
http://linux.oracle.com/errata/ELSA-2025-2627.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-7.4.0-503.31.1.el9_5.x86_64.rpm
kernel-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-abi-stablelists-5.14.0-503.31.1.el9_5.noarch.rpm
kernel-core-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-debug-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-debug-core-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-debug-devel-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-debug-devel-matched-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-debug-modules-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-debug-modules-core-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-debug-modules-extra-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-debug-uki-virt-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-devel-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-devel-matched-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-doc-5.14.0-503.31.1.el9_5.noarch.rpm
kernel-headers-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-modules-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-modules-core-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-modules-extra-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-tools-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-tools-libs-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-uki-virt-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-uki-virt-addons-5.14.0-503.31.1.el9_5.x86_64.rpm
perf-5.14.0-503.31.1.el9_5.x86_64.rpm
python3-perf-5.14.0-503.31.1.el9_5.x86_64.rpm
rtla-5.14.0-503.31.1.el9_5.x86_64.rpm
rv-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-cross-headers-5.14.0-503.31.1.el9_5.x86_64.rpm
kernel-tools-libs-devel-5.14.0-503.31.1.el9_5.x86_64.rpm
libperf-5.14.0-503.31.1.el9_5.x86_64.rpm
aarch64:
bpftool-7.4.0-503.31.1.el9_5.aarch64.rpm
kernel-headers-5.14.0-503.31.1.el9_5.aarch64.rpm
kernel-tools-5.14.0-503.31.1.el9_5.aarch64.rpm
kernel-tools-libs-5.14.0-503.31.1.el9_5.aarch64.rpm
perf-5.14.0-503.31.1.el9_5.aarch64.rpm
python3-perf-5.14.0-503.31.1.el9_5.aarch64.rpm
rtla-5.14.0-503.31.1.el9_5.aarch64.rpm
rv-5.14.0-503.31.1.el9_5.aarch64.rpm
kernel-cross-headers-5.14.0-503.31.1.el9_5.aarch64.rpm
kernel-tools-libs-devel-5.14.0-503.31.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-503.31.1.el9_5.src.rpm
Related CVEs:
CVE-2023-52605
CVE-2023-52922
CVE-2024-50264
CVE-2024-50302
CVE-2024-53113
CVE-2024-53197
Description of changes:
[5.14.0-503.31.1.el9_5.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
[5.14.0-503.31.1.el9_5]
- HID: core: zero-initialize the report buffer (Benjamin Tissoires) [RHEL-81838] {CVE-2024-50302}
- x86/kaslr: Expose and use the end of the physical memory address space (Waiman Long) [RHEL-70002]
- ALSA: usb-audio: Fix a DMA to stack memory bug (Jaroslav Kysela) [RHEL-81799]
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81799]
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Jaroslav Kysela) [RHEL-81799] {CVE-2024-53197}
- ALSA: usb-audio: Add sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81799]
- x86/kexec: Add EFI config table identity mapping for kexec kernel (Jay Shin) [RHEL-74170]
- mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (Jay Shin) [RHEL-73210] {CVE-2024-53113}
- can: bcm: Fix UAF in bcm_proc_show() (CKI KWF BOT) [RHEL-80746] {CVE-2023-52922}
- smb: client: fix chmod(2) regression with ATTR_READONLY (Jay Shin) [RHEL-80526]
- hugetlb: prioritize surplus allocation from current node (Aristeu Rozanski) [RHEL-77488]
- dev: Acquire netdev_rename_lock before restoring dev->name in dev_change_name(). (Antoine Tenart) [RHEL-77338]
- net: add softirq safety to netdev_rename_lock (Antoine Tenart) [RHEL-77343]
- arp: Convert ioctl(SIOCGARP) to RCU. (Antoine Tenart) [RHEL-77343]
- net: Protect dev->name by seqlock. (Antoine Tenart) [RHEL-77343]
- net: Remove unused declaration dev_restart() (Antoine Tenart) [RHEL-77343]
- arp: Get dev after calling arp_req_(delete|set|get)(). (Antoine Tenart) [RHEL-77343]
- arp: Remove a nest in arp_req_get(). (Antoine Tenart) [RHEL-77343]
- arp: Factorise ip_route_output() call in arp_req_set() and arp_req_delete(). (Antoine Tenart) [RHEL-77343]
- arp: Validate netmask earlier for SIOCDARP and SIOCSARP in arp_ioctl(). (Antoine Tenart) [RHEL-77343]
- arp: Move ATF_COM setting in arp_req_set(). (Antoine Tenart) [RHEL-77343]
- ACPI: extlog: fix NULL pointer dereference check (Mark Langsdorf) [RHEL-75250] {CVE-2023-52605}
- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-75461] {CVE-2024-50264}
- x86/pci: Skip early E820 check for ECAM region (CKI Backport Bot) [RHEL-67065]
- cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids (Steve Best) [RHEL-64291]
[5.14.0-503.30.1.el9_5]
- can: bcm: Fix UAF in bcm_proc_show() (CKI KWF BOT) [RHEL-80746] {CVE-2023-52922}
- smb: client: fix chmod(2) regression with ATTR_READONLY (Jay Shin) [RHEL-80526]
- hugetlb: prioritize surplus allocation from current node (Aristeu Rozanski) [RHEL-77488]
- dev: Acquire netdev_rename_lock before restoring dev->name in dev_change_name(). (Antoine Tenart) [RHEL-77338]
- net: add softirq safety to netdev_rename_lock (Antoine Tenart) [RHEL-77343]
- arp: Convert ioctl(SIOCGARP) to RCU. (Antoine Tenart) [RHEL-77343]
- net: Protect dev->name by seqlock. (Antoine Tenart) [RHEL-77343]
- net: Remove unused declaration dev_restart() (Antoine Tenart) [RHEL-77343]
- arp: Get dev after calling arp_req_(delete|set|get)(). (Antoine Tenart) [RHEL-77343]
- arp: Remove a nest in arp_req_get(). (Antoine Tenart) [RHEL-77343]
- arp: Factorise ip_route_output() call in arp_req_set() and arp_req_delete(). (Antoine Tenart) [RHEL-77343]
- arp: Validate netmask earlier for SIOCDARP and SIOCSARP in arp_ioctl(). (Antoine Tenart) [RHEL-77343]
- arp: Move ATF_COM setting in arp_req_set(). (Antoine Tenart) [RHEL-77343]
- ACPI: extlog: fix NULL pointer dereference check (Mark Langsdorf) [RHEL-75250] {CVE-2023-52605}
- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-75461] {CVE-2024-50264}
- x86/pci: Skip early E820 check for ECAM region (CKI Backport Bot) [RHEL-67065]
- cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids (Steve Best) [RHEL-64291]
From el-errata at oss.oracle.com Fri Mar 14 00:05:47 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:05:47 -0700
Subject: [El-errata] ELSA-2025-2668 Important: Oracle Linux 9 .NET 9.0
security, bug fix, and enhancement update
Message-ID: <mailman.108.1741910757.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2668
http://linux.oracle.com/errata/ELSA-2025-2668.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
aspnetcore-runtime-9.0-9.0.3-1.0.1.el9_5.x86_64.rpm
aspnetcore-runtime-dbg-9.0-9.0.3-1.0.1.el9_5.x86_64.rpm
aspnetcore-targeting-pack-9.0-9.0.3-1.0.1.el9_5.x86_64.rpm
dotnet-apphost-pack-9.0-9.0.3-1.0.1.el9_5.x86_64.rpm
dotnet-host-9.0.3-1.0.1.el9_5.x86_64.rpm
dotnet-hostfxr-9.0-9.0.3-1.0.1.el9_5.x86_64.rpm
dotnet-runtime-9.0-9.0.3-1.0.1.el9_5.x86_64.rpm
dotnet-runtime-dbg-9.0-9.0.3-1.0.1.el9_5.x86_64.rpm
dotnet-sdk-9.0-9.0.104-1.0.1.el9_5.x86_64.rpm
dotnet-sdk-aot-9.0-9.0.104-1.0.1.el9_5.x86_64.rpm
dotnet-sdk-dbg-9.0-9.0.104-1.0.1.el9_5.x86_64.rpm
dotnet-targeting-pack-9.0-9.0.3-1.0.1.el9_5.x86_64.rpm
dotnet-templates-9.0-9.0.104-1.0.1.el9_5.x86_64.rpm
netstandard-targeting-pack-2.1-9.0.104-1.0.1.el9_5.x86_64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.104-1.0.1.el9_5.x86_64.rpm
aarch64:
aspnetcore-runtime-9.0-9.0.3-1.0.1.el9_5.aarch64.rpm
aspnetcore-runtime-dbg-9.0-9.0.3-1.0.1.el9_5.aarch64.rpm
aspnetcore-targeting-pack-9.0-9.0.3-1.0.1.el9_5.aarch64.rpm
dotnet-apphost-pack-9.0-9.0.3-1.0.1.el9_5.aarch64.rpm
dotnet-host-9.0.3-1.0.1.el9_5.aarch64.rpm
dotnet-hostfxr-9.0-9.0.3-1.0.1.el9_5.aarch64.rpm
dotnet-runtime-9.0-9.0.3-1.0.1.el9_5.aarch64.rpm
dotnet-runtime-dbg-9.0-9.0.3-1.0.1.el9_5.aarch64.rpm
dotnet-sdk-9.0-9.0.104-1.0.1.el9_5.aarch64.rpm
dotnet-sdk-aot-9.0-9.0.104-1.0.1.el9_5.aarch64.rpm
dotnet-sdk-dbg-9.0-9.0.104-1.0.1.el9_5.aarch64.rpm
dotnet-targeting-pack-9.0-9.0.3-1.0.1.el9_5.aarch64.rpm
dotnet-templates-9.0-9.0.104-1.0.1.el9_5.aarch64.rpm
netstandard-targeting-pack-2.1-9.0.104-1.0.1.el9_5.aarch64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.104-1.0.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet9.0-9.0.104-1.0.1.el9_5.src.rpm
Related CVEs:
CVE-2025-24070
Description of changes:
[9.0.104-1.0.1]
- Add support for Oracle Linux
[9.0.104-1]
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
- Resolves: RHEL-81649
From el-errata at oss.oracle.com Fri Mar 14 00:05:48 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:05:48 -0700
Subject: [El-errata] ELSA-2025-2669 Important: Oracle Linux 9 .NET 8.0
security, bug fix, and enhancement update
Message-ID: <mailman.109.1741910757.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2669
http://linux.oracle.com/errata/ELSA-2025-2669.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
aspnetcore-runtime-8.0-8.0.14-1.0.1.el9_5.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.14-1.0.1.el9_5.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.14-1.0.1.el9_5.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.14-1.0.1.el9_5.x86_64.rpm
dotnet-hostfxr-8.0-8.0.14-1.0.1.el9_5.x86_64.rpm
dotnet-runtime-8.0-8.0.14-1.0.1.el9_5.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.14-1.0.1.el9_5.x86_64.rpm
dotnet-sdk-8.0-8.0.114-1.0.1.el9_5.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.114-1.0.1.el9_5.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.14-1.0.1.el9_5.x86_64.rpm
dotnet-templates-8.0-8.0.114-1.0.1.el9_5.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.114-1.0.1.el9_5.x86_64.rpm
aarch64:
aspnetcore-runtime-8.0-8.0.14-1.0.1.el9_5.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.14-1.0.1.el9_5.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.14-1.0.1.el9_5.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.14-1.0.1.el9_5.aarch64.rpm
dotnet-hostfxr-8.0-8.0.14-1.0.1.el9_5.aarch64.rpm
dotnet-runtime-8.0-8.0.14-1.0.1.el9_5.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.14-1.0.1.el9_5.aarch64.rpm
dotnet-sdk-8.0-8.0.114-1.0.1.el9_5.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.114-1.0.1.el9_5.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.14-1.0.1.el9_5.aarch64.rpm
dotnet-templates-8.0-8.0.114-1.0.1.el9_5.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.114-1.0.1.el9_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet8.0-8.0.114-1.0.1.el9_5.src.rpm
Related CVEs:
CVE-2025-24070
Description of changes:
[8.0.114-1.0.1]
- Add support for Oracle Linux
[8.0.114-1]
- Update to .NET SDK 8.0.114 and Runtime 8.0.14
- Resolves: RHEL-81640
From el-errata at oss.oracle.com Fri Mar 14 00:05:49 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:05:49 -0700
Subject: [El-errata] ELSA-2025-2679 Important: Oracle Linux 9 libxml2
security update
Message-ID: <mailman.110.1741910757.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2679
http://linux.oracle.com/errata/ELSA-2025-2679.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
libxml2-2.9.13-6.el9_5.2.i686.rpm
libxml2-2.9.13-6.el9_5.2.x86_64.rpm
libxml2-devel-2.9.13-6.el9_5.2.i686.rpm
libxml2-devel-2.9.13-6.el9_5.2.x86_64.rpm
python3-libxml2-2.9.13-6.el9_5.2.x86_64.rpm
aarch64:
libxml2-2.9.13-6.el9_5.2.aarch64.rpm
libxml2-devel-2.9.13-6.el9_5.2.aarch64.rpm
python3-libxml2-2.9.13-6.el9_5.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//libxml2-2.9.13-6.el9_5.2.src.rpm
Related CVEs:
CVE-2024-56171
CVE-2025-24928
Description of changes:
[2.9.13-6.2]
- Fix CVE-2024-56171 (RHEL-80128)
- Fix CVE-2025-24928 (RHEL-80143)
From el-errata at oss.oracle.com Fri Mar 14 00:05:55 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:05:55 -0700
Subject: [El-errata] ELBA-2025-20156 Oracle Linux 8 mdadm bug fix update
Message-ID: <mailman.111.1741910763.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20156
http://linux.oracle.com/errata/ELBA-2025-20156.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
mdadm-4.2-16.0.2.el8_10.x86_64.rpm
aarch64:
mdadm-4.2-16.0.2.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//mdadm-4.2-16.0.2.el8_10.src.rpm
Description of changes:
[4.2-16.0.2]
- mdmon: imsm: fix metadata corruption when managing new array [Orabug: 37419014]
From el-errata at oss.oracle.com Fri Mar 14 00:05:56 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:05:56 -0700
Subject: [El-errata] ELBA-2025-20159 Oracle Linux 8 pcp bug fix update
Message-ID: <mailman.112.1741910765.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20159
http://linux.oracle.com/errata/ELBA-2025-20159.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
pcp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-conf-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-devel-5.3.7-22.0.3.el8_10.i686.rpm
pcp-devel-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-doc-5.3.7-22.0.3.el8_10.noarch.rpm
pcp-export-pcp2graphite-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-export-pcp2influxdb-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-export-pcp2json-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-export-pcp2xml-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-export-pcp2zabbix-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-export-zabbix-agent-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-gui-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-import-collectl2pcp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-import-ganglia2pcp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-import-iostat2pcp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-import-mrtg2pcp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-import-sar2pcp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-libs-5.3.7-22.0.3.el8_10.i686.rpm
pcp-libs-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-libs-devel-5.3.7-22.0.3.el8_10.i686.rpm
pcp-libs-devel-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-activemq-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-apache-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-bash-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-bcc-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-bind2-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-bonding-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-cifs-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-cisco-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-dbping-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-dm-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-docker-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-ds389-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-ds389log-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-elasticsearch-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-gfs2-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-gluster-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-gpfs-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-gpsd-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-haproxy-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-infiniband-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-json-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-libvirt-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-lio-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-lmsensors-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-logger-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-lustre-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-lustrecomm-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-mailq-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-memcache-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-mic-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-mounts-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-mysql-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-named-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-netfilter-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-news-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-nfsclient-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-nginx-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-nvidia-gpu-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-oracle-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-pdns-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-perfevent-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-podman-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-postfix-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-postgresql-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-redis-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-roomtemp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-rsyslog-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-samba-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-sendmail-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-shping-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-slurm-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-smart-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-snmp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-summary-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-systemd-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-trace-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-unbound-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-weblog-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-zimbra-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-zswap-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-selinux-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-system-tools-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-testsuite-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-zeroconf-5.3.7-22.0.3.el8_10.x86_64.rpm
perl-PCP-LogImport-5.3.7-22.0.3.el8_10.x86_64.rpm
perl-PCP-LogSummary-5.3.7-22.0.3.el8_10.x86_64.rpm
perl-PCP-MMV-5.3.7-22.0.3.el8_10.x86_64.rpm
perl-PCP-PMDA-5.3.7-22.0.3.el8_10.x86_64.rpm
python3-pcp-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-export-pcp2elasticsearch-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-export-pcp2spark-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-bpftrace-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-mssql-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-netcheck-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-openmetrics-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-openvswitch-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-rabbitmq-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-statsd-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-hacluster-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-sockets-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-denki-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-pmda-mongodb-5.3.7-22.0.3.el8_10.x86_64.rpm
pcp-testsuite-5.3.7-22.0.3.el8_10.i686.rpm
aarch64:
pcp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-conf-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-devel-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-doc-5.3.7-22.0.3.el8_10.noarch.rpm
pcp-export-pcp2graphite-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-export-pcp2influxdb-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-export-pcp2json-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-export-pcp2xml-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-export-pcp2zabbix-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-export-zabbix-agent-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-gui-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-import-collectl2pcp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-import-ganglia2pcp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-import-iostat2pcp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-import-mrtg2pcp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-import-sar2pcp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-libs-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-libs-devel-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-activemq-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-apache-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-bash-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-bind2-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-bonding-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-cifs-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-cisco-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-dbping-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-dm-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-docker-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-ds389-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-ds389log-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-elasticsearch-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-gfs2-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-gluster-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-gpfs-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-gpsd-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-haproxy-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-infiniband-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-json-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-libvirt-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-lio-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-lmsensors-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-logger-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-lustre-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-lustrecomm-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-mailq-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-memcache-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-mic-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-mounts-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-mysql-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-named-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-netfilter-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-news-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-nfsclient-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-nginx-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-nvidia-gpu-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-oracle-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-pdns-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-perfevent-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-podman-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-postfix-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-postgresql-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-redis-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-roomtemp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-rsyslog-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-samba-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-sendmail-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-shping-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-slurm-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-smart-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-snmp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-summary-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-systemd-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-trace-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-unbound-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-weblog-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-zimbra-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-zswap-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-selinux-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-system-tools-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-testsuite-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-zeroconf-5.3.7-22.0.3.el8_10.aarch64.rpm
perl-PCP-LogImport-5.3.7-22.0.3.el8_10.aarch64.rpm
perl-PCP-LogSummary-5.3.7-22.0.3.el8_10.aarch64.rpm
perl-PCP-MMV-5.3.7-22.0.3.el8_10.aarch64.rpm
perl-PCP-PMDA-5.3.7-22.0.3.el8_10.aarch64.rpm
python3-pcp-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-export-pcp2elasticsearch-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-export-pcp2spark-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-bcc-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-bpftrace-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-netcheck-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-openmetrics-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-openvswitch-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-rabbitmq-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-statsd-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-hacluster-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-sockets-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-denki-5.3.7-22.0.3.el8_10.aarch64.rpm
pcp-pmda-mongodb-5.3.7-22.0.3.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//pcp-5.3.7-22.0.3.el8_10.src.rpm
Description of changes:
[5.3.7-22.0.3]
- Fixed pmstat infinte loop issue in archive replay [Orabug: 37638447]
From el-errata at oss.oracle.com Fri Mar 14 00:05:59 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:05:59 -0700
Subject: [El-errata] ELBA-2025-2590 Oracle Linux 8 tuned bug fix update
Message-ID: <mailman.113.1741910768.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2590
http://linux.oracle.com/errata/ELBA-2025-2590.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
tuned-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-gtk-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-atomic-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-compat-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-cpu-partitioning-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-mssql-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-oracle-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-postgresql-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-utils-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-utils-systemtap-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-oci-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-oci-recommend-2.22.1-6.0.1.el8_10.noarch.rpm
aarch64:
tuned-profiles-oci-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-oci-recommend-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-gtk-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-atomic-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-compat-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-cpu-partitioning-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-mssql-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-oracle-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-profiles-postgresql-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-utils-2.22.1-6.0.1.el8_10.noarch.rpm
tuned-utils-systemtap-2.22.1-6.0.1.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tuned-2.22.1-6.0.1.el8_10.src.rpm
Description of changes:
[2.22.1-6.0.1]
- Fix RPS/XPS and busy polling optimization not getting applied [Orabug: 32153315]
- Fix error in uninstalling tuned [Orabug: 351528377]
- Updated patch with the more recent version [Orabug: 30730976]
- Set AMD CPU freq governor to ondemand when unapplying cpu tunings [Orabug: 30033199]
- Restored the system rules in recommend.conf [Orabug: 29962987]
- Added oci-nic profile and updated profiles-oci-recommend [Orabug: 29869969]
for increasing combined channels to 16 on NICs with bnxt_en driver on BM
- Do not access xps_cpus on single queue devices [Orabug: 29894296]
- OL8 does not support System Purpose [Orabug: 29443881]
Remove syspurpose_role option in recommend.conf.
- Added profiles-oci-recommend package [Orabug: 29632202]
- Modified the patch for ol8 [Orabug: 29560068] (james.cheng at oracle.com)
- Added iscsi plugin, and
- added oci-rps-xps profile [Orabug: 28397039]
- added oci-busy-polling profile [Orabug: 28748149]
- added oci-cpu-power profile
[2.22.1-6]
- Make hdparm device checks lazy
Resolves: RHEL-71457
- Disable the amd.scheduler plug-in instance in the postgresql profile
Resolves: RHEL-70470
From el-errata at oss.oracle.com Fri Mar 14 00:06:00 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:00 -0700
Subject: [El-errata] ELBA-2025-2591 Oracle Linux 8 autofs bug fix update
Message-ID: <mailman.114.1741910769.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2591
http://linux.oracle.com/errata/ELBA-2025-2591.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
autofs-5.1.4-114.0.1.el8_10.2.x86_64.rpm
aarch64:
autofs-5.1.4-114.0.1.el8_10.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//autofs-5.1.4-114.0.1.el8_10.2.src.rpm
Description of changes:
[5.1.4-114.0.1.2]
- Add autofs-5.0.5-lookup-mounts.patch [Orabug:12658280]
[5.1.4-114.el8_10.2]
- RHEL-72524 - autofs: deadlock between mnts_lookup_mount and mnts_remove_mount
- fix deadlock in master_notify_submount().
-Resolves: RHEL-72524
From el-errata at oss.oracle.com Fri Mar 14 00:06:02 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:02 -0700
Subject: [El-errata] ELBA-2025-2592 Oracle Linux 8 NetworkManager bug fix
and enhancement update
Message-ID: <mailman.115.1741910769.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2592
http://linux.oracle.com/errata/ELBA-2025-2592.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
NetworkManager-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-adsl-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-bluetooth-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-cloud-setup-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-config-connectivity-oracle-1.40.16-19.0.1.el8_10.noarch.rpm
NetworkManager-config-server-1.40.16-19.0.1.el8_10.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.40.16-19.0.1.el8_10.noarch.rpm
NetworkManager-initscripts-updown-1.40.16-19.0.1.el8_10.noarch.rpm
NetworkManager-libnm-1.40.16-19.0.1.el8_10.i686.rpm
NetworkManager-libnm-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-ovs-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-ppp-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-team-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-tui-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-wifi-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-wwan-1.40.16-19.0.1.el8_10.x86_64.rpm
NetworkManager-libnm-devel-1.40.16-19.0.1.el8_10.i686.rpm
NetworkManager-libnm-devel-1.40.16-19.0.1.el8_10.x86_64.rpm
aarch64:
NetworkManager-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-adsl-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-bluetooth-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-cloud-setup-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-config-connectivity-oracle-1.40.16-19.0.1.el8_10.noarch.rpm
NetworkManager-config-server-1.40.16-19.0.1.el8_10.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.40.16-19.0.1.el8_10.noarch.rpm
NetworkManager-initscripts-updown-1.40.16-19.0.1.el8_10.noarch.rpm
NetworkManager-libnm-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-ovs-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-ppp-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-team-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-tui-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-wifi-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-wwan-1.40.16-19.0.1.el8_10.aarch64.rpm
NetworkManager-libnm-devel-1.40.16-19.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//NetworkManager-1.40.16-19.0.1.el8_10.src.rpm
Description of changes:
[1:1.40.16-19.0.1]
- Drop 777 permissions from Networkmanager-dispatcher drop-in directory [Orabug: 37581862]
- Add a dropin file to make Networkmanager-dispatcher persistent [Orabug: 36989910]
- disable MPTCP handling by default [Orabug: 35081472]
- Fix ignore-carrier logic [Orabug: 34956744]
- Disable regeneration of the documentation [Orabug: 34712048]
- add connectivity check via Oracle servers [Orabug: 32051972]
- Disable the build of NetworkManager-config-connectivity-* subpackage for 8.3
- Revert "infiniband: avoid normalizing the p-key when reading from ifcfg"
[1:1.40.16-19]
- cloud-setup: azure: ensure that primary address is placed first (RHEL-69462)
From el-errata at oss.oracle.com Fri Mar 14 00:06:03 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:03 -0700
Subject: [El-errata] ELBA-2025-2593 Oracle Linux 8 openldap bug fix update
Message-ID: <mailman.116.1741910772.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2593
http://linux.oracle.com/errata/ELBA-2025-2593.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
openldap-2.4.46-21.el8_10.i686.rpm
openldap-2.4.46-21.el8_10.x86_64.rpm
openldap-clients-2.4.46-21.el8_10.x86_64.rpm
openldap-devel-2.4.46-21.el8_10.i686.rpm
openldap-devel-2.4.46-21.el8_10.x86_64.rpm
openldap-servers-2.4.46-21.el8_10.x86_64.rpm
aarch64:
openldap-2.4.46-21.el8_10.aarch64.rpm
openldap-clients-2.4.46-21.el8_10.aarch64.rpm
openldap-devel-2.4.46-21.el8_10.aarch64.rpm
openldap-servers-2.4.46-21.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//openldap-2.4.46-21.el8_10.src.rpm
Description of changes:
[2.4.46-21]
- Bump version to 2.4.46-21
- Resolves: RHEL-75823 - Fix double file close when first TLS connection fails
From el-errata at oss.oracle.com Fri Mar 14 00:06:05 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:05 -0700
Subject: [El-errata] ELBA-2025-2594 Oracle Linux 8 systemd bug fix update
Message-ID: <mailman.119.1741910772.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2594
http://linux.oracle.com/errata/ELBA-2025-2594.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
systemd-239-82.0.3.el8_10.4.i686.rpm
systemd-239-82.0.3.el8_10.4.x86_64.rpm
systemd-container-239-82.0.3.el8_10.4.i686.rpm
systemd-container-239-82.0.3.el8_10.4.x86_64.rpm
systemd-devel-239-82.0.3.el8_10.4.i686.rpm
systemd-devel-239-82.0.3.el8_10.4.x86_64.rpm
systemd-journal-remote-239-82.0.3.el8_10.4.x86_64.rpm
systemd-libs-239-82.0.3.el8_10.4.i686.rpm
systemd-libs-239-82.0.3.el8_10.4.x86_64.rpm
systemd-pam-239-82.0.3.el8_10.4.x86_64.rpm
systemd-tests-239-82.0.3.el8_10.4.x86_64.rpm
systemd-udev-239-82.0.3.el8_10.4.x86_64.rpm
aarch64:
systemd-239-82.0.3.el8_10.4.aarch64.rpm
systemd-container-239-82.0.3.el8_10.4.aarch64.rpm
systemd-devel-239-82.0.3.el8_10.4.aarch64.rpm
systemd-journal-remote-239-82.0.3.el8_10.4.aarch64.rpm
systemd-libs-239-82.0.3.el8_10.4.aarch64.rpm
systemd-pam-239-82.0.3.el8_10.4.aarch64.rpm
systemd-tests-239-82.0.3.el8_10.4.aarch64.rpm
systemd-udev-239-82.0.3.el8_10.4.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//systemd-239-82.0.3.el8_10.4.src.rpm
Description of changes:
[239-82.0.3.4]
- Fixes podman quadlet doesn't work in rootless mode [Orabug: 36076771]
- Drastically simplify caching of cgroups members mask
- drop IN_ATTRIB from parent directory inotify watches [Orabug: 36780432]
- Udevd: add an extra configurable timeout before udevd kills workers [Orabug: 36424686]
- Fixed deletion issue for symlink when device is opened [Orabug: 36228608]
- Fix local-fs and remote-fs targets during system boot (replaces old Orabug: 25897792) [Orabug: 35871376]
- 1A) Add "systemd-fstab-generator-reload-targets.service" file [Orabug: 35871376]
- 1B) Add required rpms for correct kickstart/systemd functionality within systemd.spec [Orabug: 35871376]
- 1C) Important: Review 1902-systemd-fstab-generator-reload-targets.patch for important build details/steps [Orabug: 35871376]
- Prevent duplicate uuid device to replace existing one in udev [Orabug: 35987487]
- Backport upstream pstore dmesg fix [Orabug: 34850699]
- mount: flush out cycle state on DEAD->MOUNTED only, not the other way round [Orabug: 35454661]
- core/mount: adjust deserialized state based on /proc/self/mountinfo [Orabug: 35454661]
- Prevent duplicate label to replace exsisting one in udev [Orabug: 34898273]
- Oracle-Redhat Errata ELSA-2023:3837 CVE-2023-26604 OLERRATA-43629
- Detect podman as separate container type [Orabug: 31922204]
- improve container detection logic [Orabug: 31922204]
- mount: flush out cycle state on DEAD->MOUNTED only, not the other way round [Orabug: 35454661]
- core/mount: adjust deserialized state based on /proc/self/mountinfo [Orabug: 35454661]
- Prevent duplicate label to replace existing one in udev [Orabug: 34898273]
- Standardize ioctl (BTRFS_IOC_QGROUP_CREATE) check and return -ENOTCONN, if quota is not enabled [Orabug: 34694253]
- Disable unprivileged BPF by default [Orabug: 32870980]
- udev rules: fix memory hot add and remove [Orabug: 31310273]
- fix to enable systemd-pstore.service [Orabug: 30951066]
- journal: change support URL shown in the catalog entries [Orabug: 30853009]
- set "RemoveIPC=no" in logind.conf as default for OL7.2 [Orabug: 22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]
- Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056]
- Removed unneeded patches (Already provided upstream or not required)
- 1902-Fix-missing-netdev-for-iscsi-entry-in-fstab.patch [Orabug: 25897792]
- 2002-orabug31420486-pstore-introduce-tmpfiles.d-systemd-pstore.conf.patch [Orabug: 31420486]
- 2009-login-add-a-missing-error-check-for-session_set_lead.patch (#2158167)
- 2010-logind-reset-session-leader-if-we-know-for-a-fact-th.patch (#2158167)
- 2011-sulogin-fix-control-lost-of-the-current-terminal-whe.patch (#2227769)
- systemd.spec: prevent 'myhostname' from being appended on upgrade (#2187761) (#2227769)
- Updated mod_nss() and readlink /etc/nsswitch.conf sections (#2187761)
- systemd.spec: mod_nss() and readlink /etc/nsswitch.conf sections (#2187761)
From el-errata at oss.oracle.com Fri Mar 14 00:06:07 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:07 -0700
Subject: [El-errata] ELBA-2025-2595 Oracle Linux 8 dnf bug fix update
Message-ID: <mailman.120.1741910775.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2595
http://linux.oracle.com/errata/ELBA-2025-2595.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
dnf-4.7.0-21.0.1.el8_10.noarch.rpm
dnf-automatic-4.7.0-21.0.1.el8_10.noarch.rpm
dnf-data-4.7.0-21.0.1.el8_10.noarch.rpm
python3-dnf-4.7.0-21.0.1.el8_10.noarch.rpm
yum-4.7.0-21.0.1.el8_10.noarch.rpm
aarch64:
dnf-4.7.0-21.0.1.el8_10.noarch.rpm
dnf-automatic-4.7.0-21.0.1.el8_10.noarch.rpm
dnf-data-4.7.0-21.0.1.el8_10.noarch.rpm
python3-dnf-4.7.0-21.0.1.el8_10.noarch.rpm
yum-4.7.0-21.0.1.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dnf-4.7.0-21.0.1.el8_10.src.rpm
Description of changes:
[4.7.0-21.0.1]
- Replaced bugzilla.oracle.com references [Orabug: 35475856]
- Fixed python stack trace with updateinfo list cves command [Orabug: 32749660]
- Replaced upstream bugzilla reporting reference. [Orabug: 32829849]
[4.7.0]
- Add OpenELA bugtracker
[4.7.0-21]
- automatic: catch OSError, not SMTPException on smtp errors (RHEL-71545)
- automatic: Check availability of config file (RHEL-71545)
From el-errata at oss.oracle.com Fri Mar 14 00:06:08 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:08 -0700
Subject: [El-errata] ELBA-2025-2596 Oracle Linux 8 lvm2 bug fix update
Message-ID: <mailman.121.1741910777.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2596
http://linux.oracle.com/errata/ELBA-2025-2596.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
device-mapper-1.02.181-15.0.1.el8_10.x86_64.rpm
device-mapper-event-1.02.181-15.0.1.el8_10.x86_64.rpm
device-mapper-event-libs-1.02.181-15.0.1.el8_10.i686.rpm
device-mapper-event-libs-1.02.181-15.0.1.el8_10.x86_64.rpm
device-mapper-libs-1.02.181-15.0.1.el8_10.i686.rpm
device-mapper-libs-1.02.181-15.0.1.el8_10.x86_64.rpm
lvm2-2.03.14-15.0.1.el8_10.x86_64.rpm
lvm2-dbusd-2.03.14-15.0.1.el8_10.noarch.rpm
lvm2-libs-2.03.14-15.0.1.el8_10.i686.rpm
lvm2-libs-2.03.14-15.0.1.el8_10.x86_64.rpm
lvm2-lockd-2.03.14-15.0.1.el8_10.x86_64.rpm
device-mapper-devel-1.02.181-15.0.1.el8_10.i686.rpm
device-mapper-devel-1.02.181-15.0.1.el8_10.x86_64.rpm
device-mapper-event-devel-1.02.181-15.0.1.el8_10.i686.rpm
device-mapper-event-devel-1.02.181-15.0.1.el8_10.x86_64.rpm
lvm2-devel-2.03.14-15.0.1.el8_10.i686.rpm
lvm2-devel-2.03.14-15.0.1.el8_10.x86_64.rpm
aarch64:
device-mapper-1.02.181-15.0.1.el8_10.aarch64.rpm
device-mapper-event-1.02.181-15.0.1.el8_10.aarch64.rpm
device-mapper-event-libs-1.02.181-15.0.1.el8_10.aarch64.rpm
device-mapper-libs-1.02.181-15.0.1.el8_10.aarch64.rpm
lvm2-2.03.14-15.0.1.el8_10.aarch64.rpm
lvm2-dbusd-2.03.14-15.0.1.el8_10.noarch.rpm
lvm2-libs-2.03.14-15.0.1.el8_10.aarch64.rpm
lvm2-lockd-2.03.14-15.0.1.el8_10.aarch64.rpm
device-mapper-devel-1.02.181-15.0.1.el8_10.aarch64.rpm
device-mapper-event-devel-1.02.181-15.0.1.el8_10.aarch64.rpm
lvm2-devel-2.03.14-15.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//lvm2-2.03.14-15.0.1.el8_10.src.rpm
Description of changes:
[2.03.14-15.0.1]
- Fixed deletion issue for symlink when device is opened [Orabug: 36228608]
- Prevent duplicate uuid device to replace existing one in udev [Orabug: 35987487]
- Prevent duplicate label to replace existing one in udev [Orabug: 34898273]
[2.03.14-15]
- Fix dmeventd blocking on shutdown.
- Force exit dmeventd when /run/nologin is present.
From el-errata at oss.oracle.com Fri Mar 14 00:06:10 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:10 -0700
Subject: [El-errata] ELBA-2025-2597 Oracle Linux 8 traceroute bug fix update
Message-ID: <mailman.122.1741910779.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2597
http://linux.oracle.com/errata/ELBA-2025-2597.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
traceroute-2.1.0-9.el8_10.x86_64.rpm
aarch64:
traceroute-2.1.0-9.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//traceroute-2.1.0-9.el8_10.src.rpm
Description of changes:
[3:2.1.0-9]
- avoid consuming 100% CPU when running traceroute in loop (RHEL-71510)
From el-errata at oss.oracle.com Fri Mar 14 00:06:11 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:11 -0700
Subject: [El-errata] ELBA-2025-2598 Oracle Linux 8 firewalld bug fix update
Message-ID: <mailman.123.1741910780.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2598
http://linux.oracle.com/errata/ELBA-2025-2598.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
firewall-applet-0.9.11-10.0.1.el8_10.noarch.rpm
firewall-config-0.9.11-10.0.1.el8_10.noarch.rpm
firewalld-0.9.11-10.0.1.el8_10.noarch.rpm
firewalld-filesystem-0.9.11-10.0.1.el8_10.noarch.rpm
python3-firewall-0.9.11-10.0.1.el8_10.noarch.rpm
aarch64:
firewall-applet-0.9.11-10.0.1.el8_10.noarch.rpm
firewall-config-0.9.11-10.0.1.el8_10.noarch.rpm
firewalld-0.9.11-10.0.1.el8_10.noarch.rpm
firewalld-filesystem-0.9.11-10.0.1.el8_10.noarch.rpm
python3-firewall-0.9.11-10.0.1.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//firewalld-0.9.11-10.0.1.el8_10.src.rpm
Description of changes:
[0.9.11-10.0.1]
- Remove capsule file as well, since it references removed config [Orabug: 33513329]
- discard empty RH-Satellite-6.xml [Orabug: 30328734]
- Red Hat Satellite and Red Hat high availaibility reference found in cockpit UI [Orabug: 30257573]
[0.9.11-10]
- fix(service): update highest port number for ceph
From el-errata at oss.oracle.com Fri Mar 14 00:06:13 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:13 -0700
Subject: [El-errata] ELBA-2025-2601 Oracle Linux 8 portreserve bug fix and
enhancement update
Message-ID: <mailman.124.1741910781.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2601
http://linux.oracle.com/errata/ELBA-2025-2601.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
portreserve-0.0.5-20.el8_10.x86_64.rpm
aarch64:
portreserve-0.0.5-20.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//portreserve-0.0.5-20.el8_10.src.rpm
Description of changes:
[0.0.5-20]
- RHEL-2863 - Creating tmp files for systemd on behalf of portreserve references legacy directory /var/run/ instead of /run
From el-errata at oss.oracle.com Fri Mar 14 00:06:15 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:15 -0700
Subject: [El-errata] ELBA-2025-2602 Oracle Linux 8 gcc bug fix update
Message-ID: <mailman.125.1741910783.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2602
http://linux.oracle.com/errata/ELBA-2025-2602.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
cpp-8.5.0-24.0.1.el8_10.x86_64.rpm
gcc-8.5.0-24.0.1.el8_10.x86_64.rpm
gcc-c++-8.5.0-24.0.1.el8_10.x86_64.rpm
gcc-gdb-plugin-8.5.0-24.0.1.el8_10.i686.rpm
gcc-gdb-plugin-8.5.0-24.0.1.el8_10.x86_64.rpm
gcc-gfortran-8.5.0-24.0.1.el8_10.x86_64.rpm
gcc-offload-nvptx-8.5.0-24.0.1.el8_10.x86_64.rpm
gcc-plugin-annobin-8.5.0-24.0.1.el8_10.x86_64.rpm
libasan-8.5.0-24.0.1.el8_10.i686.rpm
libasan-8.5.0-24.0.1.el8_10.x86_64.rpm
libatomic-8.5.0-24.0.1.el8_10.i686.rpm
libatomic-8.5.0-24.0.1.el8_10.x86_64.rpm
libatomic-static-8.5.0-24.0.1.el8_10.i686.rpm
libatomic-static-8.5.0-24.0.1.el8_10.x86_64.rpm
libgcc-8.5.0-24.0.1.el8_10.i686.rpm
libgcc-8.5.0-24.0.1.el8_10.x86_64.rpm
libgfortran-8.5.0-24.0.1.el8_10.i686.rpm
libgfortran-8.5.0-24.0.1.el8_10.x86_64.rpm
libgomp-8.5.0-24.0.1.el8_10.i686.rpm
libgomp-8.5.0-24.0.1.el8_10.x86_64.rpm
libgomp-offload-nvptx-8.5.0-24.0.1.el8_10.x86_64.rpm
libitm-8.5.0-24.0.1.el8_10.i686.rpm
libitm-8.5.0-24.0.1.el8_10.x86_64.rpm
libitm-devel-8.5.0-24.0.1.el8_10.i686.rpm
libitm-devel-8.5.0-24.0.1.el8_10.x86_64.rpm
liblsan-8.5.0-24.0.1.el8_10.x86_64.rpm
libquadmath-8.5.0-24.0.1.el8_10.i686.rpm
libquadmath-8.5.0-24.0.1.el8_10.x86_64.rpm
libquadmath-devel-8.5.0-24.0.1.el8_10.i686.rpm
libquadmath-devel-8.5.0-24.0.1.el8_10.x86_64.rpm
libstdc++-8.5.0-24.0.1.el8_10.i686.rpm
libstdc++-8.5.0-24.0.1.el8_10.x86_64.rpm
libstdc++-devel-8.5.0-24.0.1.el8_10.i686.rpm
libstdc++-devel-8.5.0-24.0.1.el8_10.x86_64.rpm
libstdc++-docs-8.5.0-24.0.1.el8_10.x86_64.rpm
libtsan-8.5.0-24.0.1.el8_10.x86_64.rpm
libubsan-8.5.0-24.0.1.el8_10.i686.rpm
libubsan-8.5.0-24.0.1.el8_10.x86_64.rpm
gcc-plugin-devel-8.5.0-24.0.1.el8_10.i686.rpm
gcc-plugin-devel-8.5.0-24.0.1.el8_10.x86_64.rpm
libgfortran-static-8.5.0-24.0.1.el8_10.i686.rpm
libgfortran-static-8.5.0-24.0.1.el8_10.x86_64.rpm
libquadmath-static-8.5.0-24.0.1.el8_10.i686.rpm
libquadmath-static-8.5.0-24.0.1.el8_10.x86_64.rpm
libstdc++-static-8.5.0-24.0.1.el8_10.i686.rpm
libstdc++-static-8.5.0-24.0.1.el8_10.x86_64.rpm
aarch64:
cpp-8.5.0-24.0.1.el8_10.aarch64.rpm
gcc-8.5.0-24.0.1.el8_10.aarch64.rpm
gcc-c++-8.5.0-24.0.1.el8_10.aarch64.rpm
gcc-gdb-plugin-8.5.0-24.0.1.el8_10.aarch64.rpm
gcc-gfortran-8.5.0-24.0.1.el8_10.aarch64.rpm
gcc-plugin-annobin-8.5.0-24.0.1.el8_10.aarch64.rpm
libasan-8.5.0-24.0.1.el8_10.aarch64.rpm
libatomic-8.5.0-24.0.1.el8_10.aarch64.rpm
libatomic-static-8.5.0-24.0.1.el8_10.aarch64.rpm
libgcc-8.5.0-24.0.1.el8_10.aarch64.rpm
libgfortran-8.5.0-24.0.1.el8_10.aarch64.rpm
libgomp-8.5.0-24.0.1.el8_10.aarch64.rpm
libitm-8.5.0-24.0.1.el8_10.aarch64.rpm
libitm-devel-8.5.0-24.0.1.el8_10.aarch64.rpm
liblsan-8.5.0-24.0.1.el8_10.aarch64.rpm
libstdc++-8.5.0-24.0.1.el8_10.aarch64.rpm
libstdc++-devel-8.5.0-24.0.1.el8_10.aarch64.rpm
libstdc++-docs-8.5.0-24.0.1.el8_10.aarch64.rpm
libtsan-8.5.0-24.0.1.el8_10.aarch64.rpm
libubsan-8.5.0-24.0.1.el8_10.aarch64.rpm
gcc-plugin-devel-8.5.0-24.0.1.el8_10.aarch64.rpm
libgfortran-static-8.5.0-24.0.1.el8_10.aarch64.rpm
libstdc++-static-8.5.0-24.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//gcc-8.5.0-24.0.1.el8_10.src.rpm
Description of changes:
[8.5.0-24.0.1]
- Merge Oracle patches to 8.5.0-24.
Oracle history:
February-11 2025 Qing Zhao <qing.zhao at oracle.com> 8.5.0-23.0.1
- Merge Oracle patches to 8.5.0-23.
May-22-2024 Qing Zhao <qing.zhao at oracle.com> 8.5.0-22.0.1
- Merge Oracle patches to 8.5.0-22.
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
March-27-2024 Qing Zhao <qing.zhao at oracle.com> 8.5.0-21.0.1
- Merge Oracle patches to 8.5.0-21.
January-19-2024 Qing Zhao <qing.zhao at oracle.com> 8.5.0-20.0.3
- Fix Orabug 35283123, i.e, the same bug as GCC PR111407.
gcc14-pr111407.patch
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
January-5-2024 Jose E. Marchesi <jose.marchesi at oracle.com> 8.5.0-20.0.2
- Restore support for -mpreserve-args in aarch64 targets, adapted to
new AArch64 stack frame layout.
Reviewed-by: Cupertino Miranda <cupertino.miranda at oracle.com>
October-4-2023 David Faust <david.faust at oracle.com> 8.5.0-20.0.1
- Forward-port Oracle patches
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
September-28-2023 David Faust <david.faust at oracle.com> 8.5.0-18.0.6
- Backport additional patches from gcc-9 to fix CVE-2023-4039 patches
interaction with backported aarch64 -fstack-clash-protection support.
[Orabug 35843962]
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
August-31-2023 Qing Zhao <qing.zhao at oracle.com> 8.5.0-18.0.5
- CVE-2023-4039 GCC mitigation.
Orabug 35751743.
Includes removal of aarch64-preserve-args.patch.
- CVE-2022-40982 "Intel Downfall" mitigation.
Orabug 35751810.
Add two patches originally from GCC upstream releases/gcc-11 branch.
with major adjustment.
gcc11-downfall-disable-gather-in-vec.patch
gcc11-downfall-support-mno-gather.patch
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
May-11-2023 Jose E. Marchesi <jose.marchesi at oracle.com> 8.5.0-18.0.2
- Support for -mpreserve-args in aarch64.
Orabug 35065765.
Reviewed-by: Qing Zhao <qing.zhao at oracle.com>.
March-28-2023 Qing Zhao <qing.zhao at oracle.com> 8.5.0-18.0.1
- Merge Oracle patches with gcc-8.5.0-18.
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
January-12-2023 Qing Zhao <qing.zhao at oracle.com> 8.5.0-16.0.1
- Merge oracle patches with gcc-8.5.0-16.
November-30-2022 Qing Zhao <qing.zhao at oracle.com> 8.5.0-15.0.2
- Fix Orabug 34679540 - PROFILE COLLECT BUILD AND WORK LOAD TEST
ISSUES IN LINUX ARM64.
Removing the buggy patch that has been removed from upstream gcc too:
gcc10-pr91971.patch
September-28-2022 Qing Zhao <qing.zhao at oracle.com> 8.5.0-15.0.1
- Merge oracle patches with gcc-8.5.0-15.
June-29-2022 Qing Zhao <qing.zhao at oracle.com> 8.5.0-10.1.0.1
- Merge oracle patches with gcc-8.5.0-10.1.el8_6.
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
May-4-2022 Qing Zhao <qing.zhao at oracle.com> 8.5.0-10.0.2
- Fix Orabug 34066706 only in OL GCC.
report error when there is no PROGRAM_SUMMARY section in .gcda file.
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
April-27-2022 Marek Polacek <polacek at redhat.com> 8.5.0-10.1
- backport Default widths with -fdec-format-defaults patch (#2079578)
March-22-2022 Qing Zhao <qing.zhao at oracle.com> 8.5.0-10.0.1
- Merge with oracle patches.
January-5-2022 Qing Zhao <qing.zhao at oracle.com> 8.5.0-4.0.2
- Add patches to support marvell on Arm:
gcc9-add-support-for-profile-extension.patch
gcc10-add-initial-octeontx2-support.patch
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
November-16-2021 Qing Zhao <qing.zhao at oracle.com> 8.5.0-4.0.1
- Merge oracle patches to security errata 8.5.0-4.
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
October-14-2021 Indu Bhagat <indu.bhagat at oracle.com> 8.5.0-3.0.2
- Fix Orabug 33451471 and backport CTF/BTF enhancements
ctfc: Free CTF container elements in ctfc_delete_container ()
ctf: Do not warn for CTF not supported for GNU GIMPLE
ICE in btf_finalize when compiling with -gbtf (PR debug/102507, Orabug
33451471)
Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
October-5-2021 Qing Zhao <qing.zhao at oracle.com> 8.5.0-3.0.1
- Merge the following oracle patches to OL8.5 beta:
- Fix an aarch64 compilation error triggered by the oracle patch
gcc9-multiple-changes-align.patch on OL8U5 source base.
gcc-fix-aarch64-tune-params.patch
- Fix Orabug 33281392 Update CTF and BTF support in OL8 GCC
This commit brings the support for CTF/BTF debug formats at par with
upstream. GCC now generates the CTF/BTF debug information by using the
internal DWARF representation.
For backward compatibility reasons, OL8 GCC continues to support -gt
command line option.
(Indu Bhagat <indu.bhagat at oracle.com> 8.4.1-1.0.3)
- Add complex divide improvement
backport of upstream commit 54f0224d55a1b56dde092460ddf76913670e6efc
(Patrick.McGehearty <patrick.mcgehearty at oracle.com> 8.4.1-1.0.2)
- Fix Orabug 32301371 - bug using gcov with preserve paths option
This is the same bug as GCC bug PR gcov-profile/88994
gcc9-pr88994.patch
(Qing Zhao <qing.zhao at oracle.com> 8.3.1-5.1.0.2)
- Fix generation of CTF type records for completed structs referred
thru pointers.
Orabug 31095790.
(Jose E. Marchesi <jose.marchesi at oracle.com> 8.3.1-5.0.4)
- Fix Orabug 29838827 - provide an option to adjust the maximum depth
of nested #include
This is the same bug as gcc upstream PR90581 from Gcc9:
gcc9-pr90581.patch
- Fix Orabug 29541051 - confusing error message when there is a problem
with ASAN_OPTIONS "ERROR: expected '='"
This is the same bug as gcc upstream PR89832 from Gcc9:
gcc9-pr89832.patch
(Qing Zhao <qing.zhao at oracle.com> 8.3.1-5.0.3)
- Update support for CTF
Fix Orabug 30833294 GCC generates incorrect CTF for single element arrays
Fix Orabug 30808764 CTF generation fails when __attribute__ ((mode (XX))) is
used
(Indu Bhagat <indu.bhagat at oracle.com> 8.3.1-5.0.2)
- Apply ares/neoverse support patches only ifarch aarch64.
(Qing Zhao <qing.zhao at oracle.com> 8.3.1-4.5.0.6)
- Add 4 patches from gcc9 to support Arm Ares and Neoverse-N1 for Aarch64
gcc9-add-vec-reverse.patch
gcc9-multiple-changes-align.patch
gcc9-initial-mcpu-ares-tuning.patch
gcc9-add-support-for-neoverse-n1.patch
(Indu Bhagat <indu.bhagat at oracle.com> 8.3.1-4.5.0.5)
- Update support for CTF
Fix Orabug 30778534 gcc should generate CTF for functions at file-scope only
Fix Orabug 30779193 CTF generation fails for some flavors of vla
Fix Orabug 30784275 Fix issues wtih CTF generation for typedef constructs
ctf-3-generation-and-emission-for-a-single-compilation.patch
ctf-4-update-ctf-testsuite.patch
(Indu Bhagat <indu.bhagat at oracle.com> 8.3.1-4.5.0.4)
- Add support for CTF in GCC
Fix Orabug 30102948 gcc: Add CTF generation to compiler
Fix Orabug 30102949 gcc: Add CTF generation to compiler (aarch64)
ctf-1-new-function-lang_GNU_GIMPLE.patch
ctf-2-command-line-options-gtLEVEL.patch
ctf-3-generation-and-emission-for-a-single-compilation.patch
ctf-4-update-ctf-testsuite.patch
ctf-5-handle-ctf-sections-when-lto-enabled.patch
(Qing Zhao <qing.zhao at oracle.com> 8.3.1-4.5.0.3)
- CVE-2018-12207 / Intel SKX102
OL8 gcc: Intel Mitigation for CVE: CVE-2018-12207
- Allow -flto -Wa,-mbranches-within-32B-boundaries to pass -mbranches-within-32B-boundaries
to GNU assembler. Without -lfto, -Wa,-mbranches-within-32B-boundaries to pass
-mbranches-within-32B-boundaries to GNU assembler using existing GCC binaries.
- Mitigation patch:
gcc8-Fix-Wa-with-flto.patch
(Qing Zhao <qing.zhao at oracle.com> 8.3.1-4.5.0.2)
- Fix Orabug 29968294 - Heap corruption with fprofile-dir=%p prevents
profiling parallel processes, needed for RDBMS:
Add patch to fix PR86057 from Gcc9:
gcc9-pr86057.patch
- Fix Orabug 30044244 - Profile directory concatenated with object file path
This is the same bug as gcc upstream PR91971:
gcc9-pr85759.patch
gcc10-pr91971.patch
(Indu Bhagat <indu.bhagat at oracle.com> 8.3.1-4.5.0.1)
- Fix Orabug 29599147 - Need -fprofile-dir=%q{VAR} backported to gcc8
This is the similar GCC PR47618, add the fix from GCC9:
gcc9-pr47618.patch
- Fix Orabug 29272977 - DB SUPPORT: Need way to dump inlining report from GCC
Add -fopt-info-inline support from GCC9:
gcc9-opt-info-inline.patch
- Fix Orabug 29273006 - DB SUPPORT: need way to turn off inlining of global functions
Add -flive-patching support from GCC9:
gcc9-fipa-reference-addressable.patch
gcc9-fipa-stack-alignment.patch
gcc9-add-fomit-frame-pointer-to-test.patch
gcc9-extend-live-patching-option-handling.patch
gcc9-ipa-stack-alignment-386-test.patch
- Introduce 'oracle_release' into .spec file. Echo it to gcc/DEV-PHASE.
- Backport 17 ampere patches from
https://git.theobroma-systems.com/ampere-computing/gcc.git/log/?h=gcc-8_2_0-amp3-branch
e18301133ea622f6d6796ded1d15466e70475cf8: Retpoline (Spectre-V2 mitigation) for
aarch64.
d735f3ae4712f66362326d179b4d7e9332c79677: Revert 2017-10-24 Richard Biener
271e2811e59c0c77fc022fa86a7030f20b4cac8e: Correct the maximum shift amount for
shifted
0512749950d927de3dd695f2f2aacdfd30cf32fd: Add CPU support for Ampere Computing's
eMAG.
c8b87078f9e0714cb9cab602e12a18ceb12df05a: eMAG/Xgene: Procedural cost-model for
X-Gene
74610471b3577c5d465c3fd095a65b796b1e074c: Updating cost table for xgene1.
ddba1553ac412be5596e6e2962c148032c4cf231: [AArch64] Add Xgene1 prefetch tunings.
b7ebb0a10a8900324074070188a0936ed81b28a4: [AArch64] Fix in xgene1_addrcost_table
393dc5c50d55d069f91627bf0be5bab812978850: X-Gene: Adapt tuning struct for GCC 8.
b9136d58824af2118c4969c3edb42cad3318b08f: tree-ssa-list-find-pipeline:
Add pipelining loads for list finds.
095496dd8a9491a17a9caec173281ad02e559df5: uncse: Added pass to undo common
subexpression elimination.
a7c8dc238e3656e9d2f9256ee76f933c8d7956fb: loop-prefetcher: Adapt defaults for
X-Gene cores.
256307f293f1750851576e14c8a42b696eced2da: tree-ssa-cpp: Don't crash on SSA names
without definition stmts.
6e32f53be4f6733f6bfe267ad2337aecaf4047f6: Introduce new option -funroll-more.
1ac2485a2fced091a5cce6343fe6a6337f850e73: New option to bypass aliasing-checks.
66d7d833bece61e58998ad53a609cd32e3ee4fad: cfgloopmanip: Allow forced creation
of loop preheaders.
c4f89d50e200538b1ac8889801705300e0b27ef2: Add new pass to optimise loops.
[8.5.0-24]
- don't reuse DEBUG_EXPRs with vector type (PR middle-end/100508, RHEL-79501)
From el-errata at oss.oracle.com Fri Mar 14 00:06:16 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:16 -0700
Subject: [El-errata] ELBA-2025-2604 Oracle Linux 8 valgrind bug fix update
Message-ID: <mailman.128.1741910785.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2604
http://linux.oracle.com/errata/ELBA-2025-2604.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
valgrind-3.22.0-3.el8_10.i686.rpm
valgrind-3.22.0-3.el8_10.x86_64.rpm
valgrind-devel-3.22.0-3.el8_10.i686.rpm
valgrind-devel-3.22.0-3.el8_10.x86_64.rpm
valgrind-docs-3.22.0-3.el8_10.i686.rpm
valgrind-docs-3.22.0-3.el8_10.x86_64.rpm
valgrind-gdb-3.22.0-3.el8_10.i686.rpm
valgrind-gdb-3.22.0-3.el8_10.x86_64.rpm
valgrind-scripts-3.22.0-3.el8_10.i686.rpm
valgrind-scripts-3.22.0-3.el8_10.x86_64.rpm
aarch64:
valgrind-3.22.0-3.el8_10.aarch64.rpm
valgrind-devel-3.22.0-3.el8_10.aarch64.rpm
valgrind-docs-3.22.0-3.el8_10.aarch64.rpm
valgrind-gdb-3.22.0-3.el8_10.aarch64.rpm
valgrind-scripts-3.22.0-3.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//valgrind-3.22.0-3.el8_10.src.rpm
Description of changes:
[3.22.0-3]
- Split main valgrind package into several subpackages:
- valgrind now contains just the core tools.
- valgrind-scripts contains the post-processing scripts for callgrind,
cachegrind, massif and dhat which depend on perl and python.
- valgrind-gdb contains the debuginfo client/server and (v)gdb support.
- valgrind-docs contains the man pages, html and pdf manual.
- Adjust Requires/Recommends to subpackages can be installed independently.
- valgrind-devel now Recommends, instead of Requires, valgrind.
- valgrind-gdb Requires valgrind
- valgrind-scripts Recommends valgrind-gdb
- valgrind-gdb Recommends gdb
From el-errata at oss.oracle.com Fri Mar 14 00:06:18 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:18 -0700
Subject: [El-errata] ELBA-2025-2607 Oracle Linux 8 virt-manager bug fix
update
Message-ID: <mailman.129.1741910786.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2607
http://linux.oracle.com/errata/ELBA-2025-2607.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
virt-install-3.2.0-4.1.0.1.el8_10.noarch.rpm
virt-manager-3.2.0-4.1.0.1.el8_10.noarch.rpm
virt-manager-common-3.2.0-4.1.0.1.el8_10.noarch.rpm
aarch64:
virt-install-3.2.0-4.1.0.1.el8_10.noarch.rpm
virt-manager-3.2.0-4.1.0.1.el8_10.noarch.rpm
virt-manager-common-3.2.0-4.1.0.1.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//virt-manager-3.2.0-4.1.0.1.el8_10.src.rpm
Description of changes:
[3.2.0-4.1.0.1]
- Add OL release support to virt-install for OL KVM guest creation [Orabug: 26135782]
[3.2.0-4.1.el8_10]
- cli: Add basic --audio type=XXX,id=Y support (RHEL-17435)
- virtinst: unify detection of duplicate console when removing device (RHEL-17435)
- virtinst: fix compare for audio devices (RHEL-17435)
- testsuite: add test-spice vm definition (RHEL-17435)
- virtinst: remove spice devices when removing last spice graphics (RHEL-17435)
- guest: add convert_to_vnc() (RHEL-17435)
- guest: remove spiceport devices when spice is removed (RHEL-17435)
- guest: convert_to_vnc: convert video device (RHEL-17435)
- virt-xml: Add --edit --convert-to-vnc (RHEL-17435)
From el-errata at oss.oracle.com Fri Mar 14 00:06:20 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:20 -0700
Subject: [El-errata] ELBA-2025-2608 Oracle Linux 8 tracker-miners bug fix
and enhancement update
Message-ID: <mailman.130.1741910787.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2608
http://linux.oracle.com/errata/ELBA-2025-2608.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
tracker-miners-2.1.5-3.el8_10.i686.rpm
tracker-miners-2.1.5-3.el8_10.x86_64.rpm
aarch64:
tracker-miners-2.1.5-3.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tracker-miners-2.1.5-3.el8_10.src.rpm
Description of changes:
[2.1.5-3]
- Backport seccomp rules
Resolves: RHEL-33587
From el-errata at oss.oracle.com Fri Mar 14 00:06:21 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:21 -0700
Subject: [El-errata] ELBA-2025-2609 Oracle Linux 8 gcc-toolset-13-annobin
bug fix and enhancement update
Message-ID: <mailman.131.1741910790.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2609
http://linux.oracle.com/errata/ELBA-2025-2609.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
gcc-toolset-13-annobin-annocheck-12.92-1.el8_10.x86_64.rpm
gcc-toolset-13-annobin-docs-12.92-1.el8_10.noarch.rpm
gcc-toolset-13-annobin-plugin-gcc-12.92-1.el8_10.x86_64.rpm
aarch64:
gcc-toolset-13-annobin-annocheck-12.92-1.el8_10.aarch64.rpm
gcc-toolset-13-annobin-docs-12.92-1.el8_10.noarch.rpm
gcc-toolset-13-annobin-plugin-gcc-12.92-1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//gcc-toolset-13-annobin-12.92-1.el8_10.src.rpm
Description of changes:
[12.92-1]
- Rebase to bring in improvements for locating string notes. (RHEL-79974)
- Annocheck: Do not rely upon libelf's ability to detect links to separate debuginfo files. (RHEL-79264)
- Annocheck: Fix resource leak. (RHEL-79253)
- Annocheck: Fix double free. Add special handling for COMBOOT modules.
- Annocheck: Improve diagnostics when a separate debug info file cannot be found.
- Annocheck: Look for -fstack-clash-protection in DW_AT_producer string. (RHEL-77328)
- Annocheck: Fix locating string notes (again). Add exception for glibc benchmark tests. (RHEL-76456)
- Annocheck: Add crtoffloadtableS.o to list of known gcc binaries. (RHEL-760404)
- Annocheck: Fix the --debug-dir option.
- Annocheck: Fix corrupt warning message when unable to locate separate debug info files.
- Annocheck: Remove spurious debugging messages.
- Annocheck: Always look for annobin notes in separate debug info files. (RHEL-75778)
- Annocheck: Support multiple --debug-rpm and --debug-file options. (RHEL-73349)
- Annocheck: Add support for sys-root'ed glibc packages. (RHEL-71296)
- GCC Plugin: Tidy up use of gcc's diagnoatic headers. (#32429)
- Testsuite: Use configured compiler when running tests.
- GCC Plugin: Fix building with gcc 15. (#32429)
- Annocheck: Fix overly long debug messages.
- Annocheck: Rename rwx-seg test to load-segments. Add more checks. Add check for gaps as a future fail.
- Annocheck: Add --no-allow-excpetions to disable exceptions for known special binaries.
- Annocheck: Add --enable-future to enable future fail components in normal tests.
- Annocheck: Fix bug preventing the inclusion of the rpm name in reports.
- Annocheck: Add more exceptions for gcc binaries. (RHEL-33365)
- Annocheck: Add --skip-passes option.
- Annocheck: Add exceptions for gcc binaries. (RHEL-33365)
- Annocheck: Skip property note test for i386 binaries created by LLVM. (#2323797)
- Annocheck: Skip FORTIFY and GLIBC_ASSERTIONS tests for LLVM produced binaries with unparseable DW_AT_producer attributes in their DWARF debug info. (RHEL-65411)
- GCC Plugin: Change type of the .annobin.notes section from SHT_STRTAB to SHT_PROGBITS.
[12.69-2]
- NVR bump to allow rebuilding against LLVM version 18. (RHEL-50803)
From el-errata at oss.oracle.com Fri Mar 14 00:06:23 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:23 -0700
Subject: [El-errata] ELBA-2025-2610 Oracle Linux 8 perl-CPAN bug fix update
Message-ID: <mailman.132.1741910792.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2610
http://linux.oracle.com/errata/ELBA-2025-2610.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
perl-CPAN-2.18-401.el8_10.noarch.rpm
aarch64:
perl-CPAN-2.18-401.el8_10.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//perl-CPAN-2.18-401.el8_10.src.rpm
Description of changes:
[2.18-401]
- Resolves: RHEL-77186 - Update man page
From el-errata at oss.oracle.com Fri Mar 14 00:06:24 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:24 -0700
Subject: [El-errata] ELBA-2025-2611 Oracle Linux 8 gvfs bug fix update
Message-ID: <mailman.133.1741910793.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2611
http://linux.oracle.com/errata/ELBA-2025-2611.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
gvfs-1.36.2-18.el8_10.x86_64.rpm
gvfs-afc-1.36.2-18.el8_10.x86_64.rpm
gvfs-afp-1.36.2-18.el8_10.x86_64.rpm
gvfs-archive-1.36.2-18.el8_10.x86_64.rpm
gvfs-client-1.36.2-18.el8_10.i686.rpm
gvfs-client-1.36.2-18.el8_10.x86_64.rpm
gvfs-devel-1.36.2-18.el8_10.i686.rpm
gvfs-devel-1.36.2-18.el8_10.x86_64.rpm
gvfs-fuse-1.36.2-18.el8_10.x86_64.rpm
gvfs-goa-1.36.2-18.el8_10.x86_64.rpm
gvfs-gphoto2-1.36.2-18.el8_10.x86_64.rpm
gvfs-mtp-1.36.2-18.el8_10.x86_64.rpm
gvfs-smb-1.36.2-18.el8_10.x86_64.rpm
gvfs-1.36.2-18.el8_10.i686.rpm
aarch64:
gvfs-1.36.2-18.el8_10.aarch64.rpm
gvfs-afc-1.36.2-18.el8_10.aarch64.rpm
gvfs-afp-1.36.2-18.el8_10.aarch64.rpm
gvfs-archive-1.36.2-18.el8_10.aarch64.rpm
gvfs-client-1.36.2-18.el8_10.aarch64.rpm
gvfs-devel-1.36.2-18.el8_10.aarch64.rpm
gvfs-fuse-1.36.2-18.el8_10.aarch64.rpm
gvfs-goa-1.36.2-18.el8_10.aarch64.rpm
gvfs-gphoto2-1.36.2-18.el8_10.aarch64.rpm
gvfs-mtp-1.36.2-18.el8_10.aarch64.rpm
gvfs-smb-1.36.2-18.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//gvfs-1.36.2-18.el8_10.src.rpm
Description of changes:
[1.36.2-18]
- Add edit mode support for smb backend (RHEL-45163)
From el-errata at oss.oracle.com Fri Mar 14 00:06:26 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:26 -0700
Subject: [El-errata] ELBA-2025-2618 Oracle Linux 8 libsemanage bug fix and
enhancement update
Message-ID: <mailman.134.1741910796.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-2618
http://linux.oracle.com/errata/ELBA-2025-2618.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
libsemanage-2.9-11.el8_10.i686.rpm
libsemanage-2.9-11.el8_10.x86_64.rpm
python3-libsemanage-2.9-11.el8_10.x86_64.rpm
libsemanage-devel-2.9-11.el8_10.i686.rpm
libsemanage-devel-2.9-11.el8_10.x86_64.rpm
aarch64:
libsemanage-2.9-11.el8_10.aarch64.rpm
python3-libsemanage-2.9-11.el8_10.aarch64.rpm
libsemanage-devel-2.9-11.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libsemanage-2.9-11.el8_10.src.rpm
Description of changes:
[2.9-11]
- Set new restorecon handle before doing restorecon (RHEL-73348)
- Mute error messages from selinux_restorecon
From el-errata at oss.oracle.com Fri Mar 14 00:06:29 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:29 -0700
Subject: [El-errata] ELSA-2025-2670 Important: Oracle Linux 8 .NET 8.0
security, bug fix, and enhancement update
Message-ID: <mailman.135.1741910798.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2670
http://linux.oracle.com/errata/ELSA-2025-2670.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
aspnetcore-runtime-8.0-8.0.14-1.0.1.el8_10.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.14-1.0.1.el8_10.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.14-1.0.1.el8_10.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.14-1.0.1.el8_10.x86_64.rpm
dotnet-hostfxr-8.0-8.0.14-1.0.1.el8_10.x86_64.rpm
dotnet-runtime-8.0-8.0.14-1.0.1.el8_10.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.14-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-8.0-8.0.114-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.114-1.0.1.el8_10.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.14-1.0.1.el8_10.x86_64.rpm
dotnet-templates-8.0-8.0.114-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.114-1.0.1.el8_10.x86_64.rpm
aarch64:
aspnetcore-runtime-8.0-8.0.14-1.0.1.el8_10.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.14-1.0.1.el8_10.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.14-1.0.1.el8_10.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.14-1.0.1.el8_10.aarch64.rpm
dotnet-hostfxr-8.0-8.0.14-1.0.1.el8_10.aarch64.rpm
dotnet-runtime-8.0-8.0.14-1.0.1.el8_10.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.14-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-8.0-8.0.114-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.114-1.0.1.el8_10.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.14-1.0.1.el8_10.aarch64.rpm
dotnet-templates-8.0-8.0.114-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.114-1.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet8.0-8.0.114-1.0.1.el8_10.src.rpm
Related CVEs:
CVE-2025-24070
Description of changes:
[8.0.114-1.0.1]
- Add support for Oracle Linux
[8.0.114-1]
- Update to .NET SDK 8.0.114 and Runtime 8.0.14
- Resolves: RHEL-81639
From el-errata at oss.oracle.com Fri Mar 14 00:06:30 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:30 -0700
Subject: [El-errata] ELSA-2025-2686 Important: Oracle Linux 8 libxml2
security update
Message-ID: <mailman.136.1741910798.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2686
http://linux.oracle.com/errata/ELSA-2025-2686.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
libxml2-2.9.7-19.el8_10.i686.rpm
libxml2-2.9.7-19.el8_10.x86_64.rpm
libxml2-devel-2.9.7-19.el8_10.i686.rpm
libxml2-devel-2.9.7-19.el8_10.x86_64.rpm
python3-libxml2-2.9.7-19.el8_10.x86_64.rpm
aarch64:
libxml2-2.9.7-19.el8_10.aarch64.rpm
libxml2-devel-2.9.7-19.el8_10.aarch64.rpm
python3-libxml2-2.9.7-19.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//libxml2-2.9.7-19.el8_10.src.rpm
Related CVEs:
CVE-2024-56171
CVE-2025-24928
Description of changes:
[2.9.7-19]
- Fix CVE-2024-56171 (RHEL-80122)
- Fix CVE-2025-24928 (RHEL-80137)
[2.9.7.18.2]
- Fix CVE-2022-49043 (RHEL-76289)
[2.9.7-18.1]
- Fix CVE-2024-25062 (RHEL-31056)
From el-errata at oss.oracle.com Fri Mar 14 00:06:27 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:06:27 -0700
Subject: [El-errata] ELSA-2025-2667 Important: Oracle Linux 8 .NET 9.0
security, bug fix, and enhancement update
Message-ID: <mailman.137.1741910801.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2667
http://linux.oracle.com/errata/ELSA-2025-2667.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
aspnetcore-runtime-9.0-9.0.3-1.0.1.el8_10.x86_64.rpm
aspnetcore-runtime-dbg-9.0-9.0.3-1.0.1.el8_10.x86_64.rpm
aspnetcore-targeting-pack-9.0-9.0.3-1.0.1.el8_10.x86_64.rpm
dotnet-9.0.104-1.0.1.el8_10.x86_64.rpm
dotnet-apphost-pack-9.0-9.0.3-1.0.1.el8_10.x86_64.rpm
dotnet-host-9.0.3-1.0.1.el8_10.x86_64.rpm
dotnet-hostfxr-9.0-9.0.3-1.0.1.el8_10.x86_64.rpm
dotnet-runtime-9.0-9.0.3-1.0.1.el8_10.x86_64.rpm
dotnet-runtime-dbg-9.0-9.0.3-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-9.0-9.0.104-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-aot-9.0-9.0.104-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-dbg-9.0-9.0.104-1.0.1.el8_10.x86_64.rpm
dotnet-targeting-pack-9.0-9.0.3-1.0.1.el8_10.x86_64.rpm
dotnet-templates-9.0-9.0.104-1.0.1.el8_10.x86_64.rpm
netstandard-targeting-pack-2.1-9.0.104-1.0.1.el8_10.x86_64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.104-1.0.1.el8_10.x86_64.rpm
aarch64:
aspnetcore-runtime-9.0-9.0.3-1.0.1.el8_10.aarch64.rpm
aspnetcore-runtime-dbg-9.0-9.0.3-1.0.1.el8_10.aarch64.rpm
aspnetcore-targeting-pack-9.0-9.0.3-1.0.1.el8_10.aarch64.rpm
dotnet-9.0.104-1.0.1.el8_10.aarch64.rpm
dotnet-apphost-pack-9.0-9.0.3-1.0.1.el8_10.aarch64.rpm
dotnet-host-9.0.3-1.0.1.el8_10.aarch64.rpm
dotnet-hostfxr-9.0-9.0.3-1.0.1.el8_10.aarch64.rpm
dotnet-runtime-9.0-9.0.3-1.0.1.el8_10.aarch64.rpm
dotnet-runtime-dbg-9.0-9.0.3-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-9.0-9.0.104-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-aot-9.0-9.0.104-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-dbg-9.0-9.0.104-1.0.1.el8_10.aarch64.rpm
dotnet-targeting-pack-9.0-9.0.3-1.0.1.el8_10.aarch64.rpm
dotnet-templates-9.0-9.0.104-1.0.1.el8_10.aarch64.rpm
netstandard-targeting-pack-2.1-9.0.104-1.0.1.el8_10.aarch64.rpm
dotnet-sdk-9.0-source-built-artifacts-9.0.104-1.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//dotnet9.0-9.0.104-1.0.1.el8_10.src.rpm
Related CVEs:
CVE-2025-24070
Description of changes:
[9.0.104-1.0.1]
- Add support for Oracle Linux
[9.0.104-1]
- Update to .NET SDK 9.0.104 and Runtime 9.0.3
- Resolves: RHEL-81645
From el-errata at oss.oracle.com Fri Mar 14 00:07:18 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:07:18 -0700
Subject: [El-errata] ELSA-2025-1601 Moderate: Oracle Linux 7 gcc security
update
Message-ID: <mailman.138.1741910846.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1601
http://linux.oracle.com/errata/ELSA-2025-1601.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
cpp-4.8.5-45.0.1.el7_9.x86_64.rpm
gcc-4.8.5-45.0.1.el7_9.x86_64.rpm
gcc-c++-4.8.5-45.0.1.el7_9.x86_64.rpm
gcc-gfortran-4.8.5-45.0.1.el7_9.x86_64.rpm
gcc-gnat-4.8.5-45.0.1.el7_9.x86_64.rpm
gcc-go-4.8.5-45.0.1.el7_9.x86_64.rpm
gcc-objc++-4.8.5-45.0.1.el7_9.x86_64.rpm
gcc-objc-4.8.5-45.0.1.el7_9.x86_64.rpm
gcc-plugin-devel-4.8.5-45.0.1.el7_9.x86_64.rpm
libasan-4.8.5-45.0.1.el7_9.i686.rpm
libasan-4.8.5-45.0.1.el7_9.x86_64.rpm
libasan-static-4.8.5-45.0.1.el7_9.i686.rpm
libasan-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libatomic-4.8.5-45.0.1.el7_9.i686.rpm
libatomic-4.8.5-45.0.1.el7_9.x86_64.rpm
libatomic-static-4.8.5-45.0.1.el7_9.i686.rpm
libatomic-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libgcc-4.8.5-45.0.1.el7_9.i686.rpm
libgcc-4.8.5-45.0.1.el7_9.x86_64.rpm
libgfortran-4.8.5-45.0.1.el7_9.i686.rpm
libgfortran-4.8.5-45.0.1.el7_9.x86_64.rpm
libgfortran-static-4.8.5-45.0.1.el7_9.i686.rpm
libgfortran-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libgnat-4.8.5-45.0.1.el7_9.i686.rpm
libgnat-4.8.5-45.0.1.el7_9.x86_64.rpm
libgnat-devel-4.8.5-45.0.1.el7_9.i686.rpm
libgnat-devel-4.8.5-45.0.1.el7_9.x86_64.rpm
libgnat-static-4.8.5-45.0.1.el7_9.i686.rpm
libgnat-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libgo-4.8.5-45.0.1.el7_9.i686.rpm
libgo-4.8.5-45.0.1.el7_9.x86_64.rpm
libgo-devel-4.8.5-45.0.1.el7_9.i686.rpm
libgo-devel-4.8.5-45.0.1.el7_9.x86_64.rpm
libgo-static-4.8.5-45.0.1.el7_9.i686.rpm
libgo-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libgomp-4.8.5-45.0.1.el7_9.i686.rpm
libgomp-4.8.5-45.0.1.el7_9.x86_64.rpm
libitm-4.8.5-45.0.1.el7_9.i686.rpm
libitm-4.8.5-45.0.1.el7_9.x86_64.rpm
libitm-devel-4.8.5-45.0.1.el7_9.i686.rpm
libitm-devel-4.8.5-45.0.1.el7_9.x86_64.rpm
libitm-static-4.8.5-45.0.1.el7_9.i686.rpm
libitm-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libmudflap-4.8.5-45.0.1.el7_9.i686.rpm
libmudflap-4.8.5-45.0.1.el7_9.x86_64.rpm
libmudflap-devel-4.8.5-45.0.1.el7_9.i686.rpm
libmudflap-devel-4.8.5-45.0.1.el7_9.x86_64.rpm
libmudflap-static-4.8.5-45.0.1.el7_9.i686.rpm
libmudflap-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libobjc-4.8.5-45.0.1.el7_9.i686.rpm
libobjc-4.8.5-45.0.1.el7_9.x86_64.rpm
libquadmath-4.8.5-45.0.1.el7_9.i686.rpm
libquadmath-4.8.5-45.0.1.el7_9.x86_64.rpm
libquadmath-devel-4.8.5-45.0.1.el7_9.i686.rpm
libquadmath-devel-4.8.5-45.0.1.el7_9.x86_64.rpm
libquadmath-static-4.8.5-45.0.1.el7_9.i686.rpm
libquadmath-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libstdc++-4.8.5-45.0.1.el7_9.i686.rpm
libstdc++-4.8.5-45.0.1.el7_9.x86_64.rpm
libstdc++-devel-4.8.5-45.0.1.el7_9.i686.rpm
libstdc++-devel-4.8.5-45.0.1.el7_9.x86_64.rpm
libstdc++-docs-4.8.5-45.0.1.el7_9.x86_64.rpm
libstdc++-static-4.8.5-45.0.1.el7_9.i686.rpm
libstdc++-static-4.8.5-45.0.1.el7_9.x86_64.rpm
libtsan-4.8.5-45.0.1.el7_9.x86_64.rpm
libtsan-static-4.8.5-45.0.1.el7_9.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//gcc-4.8.5-45.0.1.el7_9.src.rpm
Related CVEs:
CVE-2020-11023
Description of changes:
[4.8.5-45.0.1]
- [Orabug: 37603707]
ELSA-2025-1601 Moderate: gcc security update CVE-2020-11023
rebuild for CVE-2020-11023
- Reviewed-by: Jose E. Marchesi <jose.marchesi at oracle.com>
From el-errata at oss.oracle.com Fri Mar 14 00:07:24 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Thu, 13 Mar 2025 17:07:24 -0700
Subject: [El-errata] ELBA-2025-20158 Oracle Linux 8 oVirt 4.5 ovirt-engine
bug fix update
Message-ID: <mailman.139.1741910852.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20158
http://linux.oracle.com/errata/ELBA-2025-20158.html
The following updated rpms for Oracle Linux 8 oVirt 4.5 have been uploaded to the Unbreakable Linux Network:
x86_64:
ovirt-engine-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-backend-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-dbscripts-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-health-check-bundler-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-restapi-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-setup-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-setup-base-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-setup-plugin-cinderlib-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-setup-plugin-imageio-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-setup-plugin-ovirt-engine-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-setup-plugin-ovirt-engine-common-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-setup-plugin-websocket-proxy-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-tools-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-tools-backup-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-vmconsole-proxy-helper-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-webadmin-portal-4.5.5-1.37.el8.noarch.rpm
ovirt-engine-websocket-proxy-4.5.5-1.37.el8.noarch.rpm
python3-ovirt-engine-lib-4.5.5-1.37.el8.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//ovirt-engine-4.5.5-1.37.el8.src.rpm
Description of changes:
[4.5.5-1.37]
- Revert patch to install PCP(Perf Co-piolt) during host deployment
[4.5.5-1.36]
- Fix CPU and memory setting in Create Template
[4.5.5-1.35]
- Add task to install PCP(Perf Co-piolt) during host deployment
From el-errata at oss.oracle.com Fri Mar 14 10:48:19 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 14 Mar 2025 11:48:19 +0100
Subject: [El-errata] New Ksplice updates for UEKR7 5.15.0 on OL8 and OL9
(ELSA-2025-20152)
Message-ID: <mailman.140.1741949312.33.el-errata@oss.oracle.com>
Synopsis: ELSA-2025-20152 can now be patched using Ksplice
CVEs: CVE-2024-23307 CVE-2024-47687 CVE-2024-47707 CVE-2024-53124 CVE-2024-53685 CVE-2024-56631 CVE-2024-56672 CVE-2024-57892 CVE-2025-21631 CVE-2025-21636 CVE-2025-21637 CVE-2025-21638 CVE-2025-21639 CVE-2025-21640 CVE-2025-21669
Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2025-20152.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2025-20152.html
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running UEKR7 5.15.0 on
OL8 and OL9 install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2024-23307: Denial-of-service in RAID and LVM driver.
Incorrect checks on parameters passed from userspace when using RAID
or LVM filesystems could lead to an integer overflow. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2024-47687: Denial-of-service in Mellanox VDPA driver.
A missing check when adding a device in the Mellanox VDPA driver could
lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
Orabug: 37296163
* CVE-2024-47707: Denial-of-service in Linux INET6 driver.
A missing check when closing network interface in the Linux INET6 driver
could lead to a NULL pointer dereference. A local attacker could use this flaw
to cause a denial-of-service.
* CVE-2024-53124: Denial-of-service in IPv6 Networking driver.
A missing check when destroying a socket in the IPv6 Networking driver
could lead to a memory leak. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2024-53685: Denial-of-service in Ceph distributed file system driver.
A logic error when building a dentry path in the Ceph distributed file
system driver could lead to an infinite loop. A local attacker could use
this flaw to cause a denial-of-service.
* CVE-2024-56631: Privilege escalation in SCSI generic driver.
A locking error when releasing data in the SCSI generic driver could
lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.
* CVE-2024-56672: Privilege escalation in Common Block IO controller.
A logic error when using the Common Block IO controller could lead to a
use-after-free. A local attacker could use this flaw to escalate
privileges.
* CVE-2024-57892: Privilege escalation in OCFS2 file system driver.
A logic error when using quota_getnextquota() syscall in the OCFS2 file
system driver could lead to a use-after-free. A local attacker could use
this flaw to escalate privileges.
* CVE-2025-21631: Privilege escalation in Budget Fair Queueing (BFQ) I/O scheduler.
A missing check when using the Budget Fair Queueing (BFQ) I/O scheduler
could lead to a use-after-free. A local attacker could use this flaw to
escalate privileges.
* CVE-2025-21636, CVE-2025-21637, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640: Denial-of-service in The SCTP Protocol driver.
A logic error when using the The SCTP Protocol driver could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.
* CVE-2025-21669: Denial-of-service in Virtual Socket protocol driver.
A logic error when using the Virtual Socket protocol driver could lead
to a NULL pointer dereference. A local attacker could use this flaw to
cause a denial-of-service.
* Denial-of-service in SMB3 and CIFS driver.
A locking error when using the SMB3 and CIFS driver could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.
Orabug: 37535421
* Note: Oracle has determined some CVEs are not applicable.
The kernel is not affected by the following CVEs
since the code under consideration is not compiled.
CVE-2024-57904, CVE-2024-57906, CVE-2024-57908, CVE-2024-57910,
CVE-2024-57911, CVE-2024-57912, CVE-2024-57913, CVE-2024-57925,
CVE-2024-57939, CVE-2025-21646, CVE-2025-21697
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
From el-errata at oss.oracle.com Fri Mar 14 17:26:57 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 14 Mar 2025 10:26:57 -0700
Subject: [El-errata] ELSA-2025-1281 Important: Oracle Linux 7 kernel
security update
Message-ID: <mailman.145.1741973226.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-1281
http://linux.oracle.com/errata/ELSA-2025-1281.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
kernel-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1160.119.1.0.6.el7.noarch.rpm
kernel-debug-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
kernel-devel-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
kernel-doc-3.10.0-1160.119.1.0.6.el7.noarch.rpm
kernel-headers-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
kernel-tools-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
perf-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
python-perf-3.10.0-1160.119.1.0.6.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-3.10.0-1160.119.1.0.6.el7.src.rpm
Related CVEs:
CVE-2024-53104
Description of changes:
[3.10.0-1160.119.1.0.6.el7.OL7]
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Benoit Sevens) {CVE-2024-53104} [Orabug: 37584712]
From el-errata at oss.oracle.com Fri Mar 14 17:27:02 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 14 Mar 2025 10:27:02 -0700
Subject: [El-errata] ELBA-2025-20169 Oracle Linux 8 annobin bug fix update
Message-ID: <mailman.146.1741973230.33.el-errata@oss.oracle.com>
Oracle Linux Bug Fix Advisory ELBA-2025-20169
http://linux.oracle.com/errata/ELBA-2025-20169.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
annobin-11.13-2.0.5.el8.x86_64.rpm
annobin-annocheck-11.13-2.0.5.el8.x86_64.rpm
annobin-annocheck-11.13-2.0.5.el8.i686.rpm
aarch64:
annobin-11.13-2.0.5.el8.aarch64.rpm
annobin-annocheck-11.13-2.0.5.el8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//annobin-11.13-2.0.5.el8.src.rpm
Description of changes:
[11.13-2.0.5]
- Rebuild to match latest GCC.
Oracle history:
From el-errata at oss.oracle.com Fri Mar 14 17:27:04 2025
From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux)
Date: Fri, 14 Mar 2025 10:27:04 -0700
Subject: [El-errata] ELSA-2025-2722 Moderate: Oracle Linux 8 krb5 security
update
Message-ID: <mailman.147.1741973232.33.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2025-2722
http://linux.oracle.com/errata/ELSA-2025-2722.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
krb5-devel-1.18.2-31.0.1.el8_10.i686.rpm
krb5-devel-1.18.2-31.0.1.el8_10.x86_64.rpm
krb5-libs-1.18.2-31.0.1.el8_10.i686.rpm
krb5-libs-1.18.2-31.0.1.el8_10.x86_64.rpm
krb5-pkinit-1.18.2-31.0.1.el8_10.i686.rpm
krb5-pkinit-1.18.2-31.0.1.el8_10.x86_64.rpm
krb5-server-1.18.2-31.0.1.el8_10.i686.rpm
krb5-server-1.18.2-31.0.1.el8_10.x86_64.rpm
krb5-server-ldap-1.18.2-31.0.1.el8_10.i686.rpm
krb5-server-ldap-1.18.2-31.0.1.el8_10.x86_64.rpm
krb5-workstation-1.18.2-31.0.1.el8_10.x86_64.rpm
libkadm5-1.18.2-31.0.1.el8_10.i686.rpm
libkadm5-1.18.2-31.0.1.el8_10.x86_64.rpm
aarch64:
krb5-devel-1.18.2-31.0.1.el8_10.aarch64.rpm
krb5-libs-1.18.2-31.0.1.el8_10.aarch64.rpm
krb5-pkinit-1.18.2-31.0.1.el8_10.aarch64.rpm
krb5-server-1.18.2-31.0.1.el8_10.aarch64.rpm
krb5-server-ldap-1.18.2-31.0.1.el8_10.aarch64.rpm
krb5-workstation-1.18.2-31.0.1.el8_10.aarch64.rpm
libkadm5-1.18.2-31.0.1.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//krb5-1.18.2-31.0.1.el8_10.src.rpm
Related CVEs:
CVE-2025-24528
Description of changes:
[1.18.2-31.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]
[1.18.2-31]
- Prevent overflow when calculating ulog block size (CVE-2025-24528)
Resolves: RHEL-78248
- kdb5_util: fix DB entry flags on modification
Resolves: RHEL-56060