From el-errata at oss.oracle.com Thu May 1 20:29:46 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:46 -0700 Subject: [El-errata] ELBA-2025-20285 Oracle Linux 9 libxslt bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20285 http://linux.oracle.com/errata/ELBA-2025-20285.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libxslt-1.1.34-9.0.2.el9_5.2.i686.rpm libxslt-1.1.34-9.0.2.el9_5.2.x86_64.rpm libxslt-devel-1.1.34-9.0.2.el9_5.2.i686.rpm libxslt-devel-1.1.34-9.0.2.el9_5.2.x86_64.rpm aarch64: libxslt-1.1.34-9.0.2.el9_5.2.aarch64.rpm libxslt-devel-1.1.34-9.0.2.el9_5.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libxslt-1.1.34-9.0.2.el9_5.2.src.rpm Description of changes: [1.1.34-9.0.2.el9_5.2] - Fix memory leak in exclPrefixPush [Orabug: 37871881] From el-errata at oss.oracle.com Thu May 1 20:29:48 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:48 -0700 Subject: [El-errata] ELBA-2025-20299 Oracle Linux 9 scap-security-guide bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20299 http://linux.oracle.com/errata/ELBA-2025-20299.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: scap-security-guide-0.1.76-1.0.2.el9.noarch.rpm scap-security-guide-doc-0.1.76-1.0.2.el9.noarch.rpm aarch64: scap-security-guide-0.1.76-1.0.2.el9.noarch.rpm scap-security-guide-doc-0.1.76-1.0.2.el9.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//scap-security-guide-0.1.76-1.0.2.el9.src.rpm Description of changes: [0.1.76-1.0.2] - Update OL8 STIG to V2R4 [Orabug: 37867940] From el-errata at oss.oracle.com Thu May 1 20:29:50 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:50 -0700 Subject: [El-errata] ELBA-2025-20301 Oracle Linux 9 OpenIPMI bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20301 http://linux.oracle.com/errata/ELBA-2025-20301.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: OpenIPMI-2.0.36-1.0.2.el9.i686.rpm OpenIPMI-2.0.36-1.0.2.el9.x86_64.rpm OpenIPMI-lanserv-2.0.36-1.0.2.el9.i686.rpm OpenIPMI-lanserv-2.0.36-1.0.2.el9.x86_64.rpm OpenIPMI-libs-2.0.36-1.0.2.el9.i686.rpm OpenIPMI-libs-2.0.36-1.0.2.el9.x86_64.rpm OpenIPMI-devel-2.0.36-1.0.2.el9.i686.rpm OpenIPMI-devel-2.0.36-1.0.2.el9.x86_64.rpm OpenIPMI-perl-2.0.36-1.0.2.el9.x86_64.rpm python3-openipmi-2.0.36-1.0.2.el9.x86_64.rpm aarch64: OpenIPMI-2.0.36-1.0.2.el9.aarch64.rpm OpenIPMI-lanserv-2.0.36-1.0.2.el9.aarch64.rpm OpenIPMI-libs-2.0.36-1.0.2.el9.aarch64.rpm OpenIPMI-devel-2.0.36-1.0.2.el9.aarch64.rpm OpenIPMI-perl-2.0.36-1.0.2.el9.aarch64.rpm python3-openipmi-2.0.36-1.0.2.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//OpenIPMI-2.0.36-1.0.2.el9.src.rpm Description of changes: [2.0.36-1.0.2] - Correct the patch that fixes openipmi-helper with the right module name for modern kernels [Orabug: 37862189] [2.0.36-1.0.1] - IPMI SMB kernel module name is ipmi_ssif in all modern kernels. openipmi-helper script fixed. [Orabug: 27093288] (alexey.petrenko at oracle.com) [2.0.36-1] - Update to 2.0.36 From el-errata at oss.oracle.com Thu May 1 20:29:51 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:51 -0700 Subject: [El-errata] ELBA-2025-4245 Oracle Linux 9 libxslt bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4245 http://linux.oracle.com/errata/ELBA-2025-4245.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libxslt-1.1.34-9.0.2.el9_5.3.i686.rpm libxslt-1.1.34-9.0.2.el9_5.3.x86_64.rpm libxslt-devel-1.1.34-9.0.2.el9_5.3.i686.rpm libxslt-devel-1.1.34-9.0.2.el9_5.3.x86_64.rpm aarch64: libxslt-1.1.34-9.0.2.el9_5.3.aarch64.rpm libxslt-devel-1.1.34-9.0.2.el9_5.3.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libxslt-1.1.34-9.0.2.el9_5.3.src.rpm Description of changes: [1.1.34-9.0.2.el9_5.3] - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball [1.1.34-9.3] - Include alloc changes into previous patch (RHEL-83515) [1.1.34-9.2] - Fix CVE-2024-55549 (RHEL-83515) [1.1.34-9.1] - Fix CVE-2025-24855 (RHEL-83501) From el-errata at oss.oracle.com Thu May 1 20:29:52 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:52 -0700 Subject: [El-errata] ELBA-2025-4351 Oracle Linux 9 libguestfs bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4351 http://linux.oracle.com/errata/ELBA-2025-4351.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libguestfs-1.50.2-3.0.1.el9_5.x86_64.rpm libguestfs-appliance-1.50.2-3.0.1.el9_5.x86_64.rpm libguestfs-bash-completion-1.50.2-3.0.1.el9_5.noarch.rpm libguestfs-inspect-icons-1.50.2-3.0.1.el9_5.noarch.rpm libguestfs-rescue-1.50.2-3.0.1.el9_5.x86_64.rpm libguestfs-rsync-1.50.2-3.0.1.el9_5.x86_64.rpm libguestfs-xfs-1.50.2-3.0.1.el9_5.x86_64.rpm perl-Sys-Guestfs-1.50.2-3.0.1.el9_5.x86_64.rpm python3-libguestfs-1.50.2-3.0.1.el9_5.x86_64.rpm libguestfs-devel-1.50.2-3.0.1.el9_5.x86_64.rpm libguestfs-gobject-1.50.2-3.0.1.el9_5.x86_64.rpm libguestfs-gobject-devel-1.50.2-3.0.1.el9_5.x86_64.rpm libguestfs-man-pages-ja-1.50.2-3.0.1.el9_5.noarch.rpm libguestfs-man-pages-uk-1.50.2-3.0.1.el9_5.noarch.rpm lua-guestfs-1.50.2-3.0.1.el9_5.x86_64.rpm ocaml-libguestfs-1.50.2-3.0.1.el9_5.x86_64.rpm ocaml-libguestfs-devel-1.50.2-3.0.1.el9_5.x86_64.rpm php-libguestfs-1.50.2-3.0.1.el9_5.x86_64.rpm ruby-libguestfs-1.50.2-3.0.1.el9_5.x86_64.rpm aarch64: libguestfs-1.50.2-3.0.1.el9_5.aarch64.rpm libguestfs-appliance-1.50.2-3.0.1.el9_5.aarch64.rpm libguestfs-bash-completion-1.50.2-3.0.1.el9_5.noarch.rpm libguestfs-inspect-icons-1.50.2-3.0.1.el9_5.noarch.rpm libguestfs-rescue-1.50.2-3.0.1.el9_5.aarch64.rpm libguestfs-rsync-1.50.2-3.0.1.el9_5.aarch64.rpm libguestfs-xfs-1.50.2-3.0.1.el9_5.aarch64.rpm perl-Sys-Guestfs-1.50.2-3.0.1.el9_5.aarch64.rpm python3-libguestfs-1.50.2-3.0.1.el9_5.aarch64.rpm libguestfs-devel-1.50.2-3.0.1.el9_5.aarch64.rpm libguestfs-gobject-1.50.2-3.0.1.el9_5.aarch64.rpm libguestfs-gobject-devel-1.50.2-3.0.1.el9_5.aarch64.rpm libguestfs-man-pages-ja-1.50.2-3.0.1.el9_5.noarch.rpm libguestfs-man-pages-uk-1.50.2-3.0.1.el9_5.noarch.rpm lua-guestfs-1.50.2-3.0.1.el9_5.aarch64.rpm ocaml-libguestfs-1.50.2-3.0.1.el9_5.aarch64.rpm ocaml-libguestfs-devel-1.50.2-3.0.1.el9_5.aarch64.rpm php-libguestfs-1.50.2-3.0.1.el9_5.aarch64.rpm ruby-libguestfs-1.50.2-3.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libguestfs-1.50.2-3.0.1.el9_5.src.rpm Description of changes: [1.50.2-3.0.1] - Add btrfs-progs to the packages installed in the appliance [Orabug: 34137448] - Replace upstream references from a description tag - Fix build on Oracle Linux [Orabug: 29319324] - Set DISTRO_ORACLE_LINUX correspeonding to ol [1:1.50.2-3] - Fix virt-v2v conversion of split /usr Ubuntu 22+ resolves: RHEL-88803 From el-errata at oss.oracle.com Thu May 1 20:29:54 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:54 -0700 Subject: [El-errata] ELSA-2025-4229 Important: Oracle Linux 9 thunderbird security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4229 http://linux.oracle.com/errata/ELSA-2025-4229.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.9.2-1.0.1.el9_5.x86_64.rpm aarch64: thunderbird-128.9.2-1.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-128.9.2-1.0.1.el9_5.src.rpm Related CVEs: CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 Description of changes: [128.9.2-1.0.1] - Fix prefs for new nss [Orabug: 37079813] - Add Oracle prefs [128.9.2] - Add OpenELA debranding [128.9.2-1] - Update to 128.9.2 From el-errata at oss.oracle.com Thu May 1 20:29:55 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:55 -0700 Subject: [El-errata] ELSA-2025-4244 Moderate: Oracle Linux 9 glibc security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4244 http://linux.oracle.com/errata/ELSA-2025-4244.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: glibc-2.34-125.0.1.el9_5.8.i686.rpm glibc-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-all-langpacks-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-common-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-devel-2.34-125.0.1.el9_5.8.i686.rpm glibc-devel-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-doc-2.34-125.0.1.el9_5.8.noarch.rpm glibc-gconv-extra-2.34-125.0.1.el9_5.8.i686.rpm glibc-gconv-extra-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-headers-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-aa-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-af-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-agr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ak-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-am-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-an-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-anp-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ar-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-as-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ast-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ayc-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-az-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-be-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-bem-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ber-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-bg-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-bhb-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-bho-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-bi-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-bn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-bo-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-br-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-brx-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-bs-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-byn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ca-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ce-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-chr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ckb-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-cmn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-crh-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-cs-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-csb-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-cv-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-cy-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-da-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-de-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-doi-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-dsb-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-dv-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-dz-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-el-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-en-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-eo-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-es-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-et-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-eu-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-fa-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ff-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-fi-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-fil-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-fo-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-fr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-fur-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-fy-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ga-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-gd-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-gez-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-gl-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-gu-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-gv-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ha-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-hak-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-he-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-hi-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-hif-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-hne-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-hr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-hsb-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ht-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-hu-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-hy-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ia-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-id-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ig-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ik-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-is-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-it-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-iu-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ja-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ka-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-kab-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-kk-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-kl-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-km-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-kn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ko-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-kok-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ks-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ku-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-kw-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ky-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-lb-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-lg-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-li-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-lij-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ln-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-lo-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-lt-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-lv-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-lzh-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mag-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mai-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mfe-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mg-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mhr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mi-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-miq-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mjw-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mk-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ml-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mni-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mnw-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ms-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-mt-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-my-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-nan-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-nb-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-nds-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ne-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-nhn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-niu-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-nl-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-nn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-nr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-nso-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-oc-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-om-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-or-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-os-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-pa-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-pap-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-pl-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ps-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-pt-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-quz-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-raj-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ro-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ru-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-rw-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sa-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sah-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sat-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sc-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sd-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-se-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sgs-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-shn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-shs-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-si-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sid-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sk-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sl-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sm-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-so-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sq-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ss-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-st-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sv-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-sw-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-szl-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ta-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tcy-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-te-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tg-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-th-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-the-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ti-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tig-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tk-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tl-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tn-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-to-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tpi-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tr-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ts-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-tt-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ug-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-uk-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-unm-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ur-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-uz-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-ve-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-vi-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-wa-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-wae-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-wal-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-wo-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-xh-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-yi-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-yo-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-yue-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-yuw-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-zh-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-langpack-zu-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-locale-source-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-minimal-langpack-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-utils-2.34-125.0.1.el9_5.8.x86_64.rpm libnsl-2.34-125.0.1.el9_5.8.i686.rpm libnsl-2.34-125.0.1.el9_5.8.x86_64.rpm nscd-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-benchtests-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-nss-devel-2.34-125.0.1.el9_5.8.i686.rpm glibc-nss-devel-2.34-125.0.1.el9_5.8.x86_64.rpm glibc-static-2.34-125.0.1.el9_5.8.i686.rpm glibc-static-2.34-125.0.1.el9_5.8.x86_64.rpm nss_db-2.34-125.0.1.el9_5.8.i686.rpm nss_db-2.34-125.0.1.el9_5.8.x86_64.rpm nss_hesiod-2.34-125.0.1.el9_5.8.i686.rpm nss_hesiod-2.34-125.0.1.el9_5.8.x86_64.rpm aarch64: glibc-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-all-langpacks-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-common-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-devel-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-doc-2.34-125.0.1.el9_5.8.noarch.rpm glibc-gconv-extra-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-aa-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-af-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-agr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ak-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-am-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-an-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-anp-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ar-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-as-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ast-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ayc-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-az-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-be-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-bem-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ber-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-bg-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-bhb-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-bho-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-bi-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-bn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-bo-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-br-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-brx-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-bs-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-byn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ca-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ce-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-chr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ckb-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-cmn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-crh-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-cs-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-csb-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-cv-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-cy-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-da-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-de-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-doi-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-dsb-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-dv-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-dz-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-el-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-en-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-eo-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-es-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-et-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-eu-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-fa-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ff-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-fi-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-fil-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-fo-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-fr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-fur-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-fy-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ga-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-gd-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-gez-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-gl-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-gu-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-gv-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ha-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-hak-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-he-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-hi-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-hif-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-hne-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-hr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-hsb-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ht-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-hu-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-hy-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ia-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-id-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ig-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ik-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-is-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-it-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-iu-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ja-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ka-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-kab-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-kk-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-kl-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-km-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-kn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ko-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-kok-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ks-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ku-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-kw-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ky-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-lb-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-lg-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-li-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-lij-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ln-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-lo-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-lt-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-lv-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-lzh-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mag-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mai-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mfe-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mg-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mhr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mi-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-miq-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mjw-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mk-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ml-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mni-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mnw-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ms-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-mt-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-my-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-nan-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-nb-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-nds-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ne-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-nhn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-niu-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-nl-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-nn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-nr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-nso-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-oc-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-om-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-or-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-os-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-pa-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-pap-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-pl-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ps-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-pt-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-quz-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-raj-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ro-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ru-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-rw-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sa-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sah-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sat-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sc-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sd-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-se-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sgs-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-shn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-shs-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-si-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sid-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sk-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sl-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sm-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-so-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sq-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ss-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-st-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sv-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-sw-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-szl-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ta-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tcy-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-te-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tg-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-th-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-the-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ti-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tig-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tk-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tl-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tn-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-to-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tpi-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tr-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ts-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-tt-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ug-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-uk-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-unm-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ur-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-uz-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-ve-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-vi-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-wa-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-wae-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-wal-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-wo-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-xh-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-yi-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-yo-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-yue-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-yuw-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-zh-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-langpack-zu-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-locale-source-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-minimal-langpack-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-utils-2.34-125.0.1.el9_5.8.aarch64.rpm libnsl-2.34-125.0.1.el9_5.8.aarch64.rpm nscd-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-benchtests-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-nss-devel-2.34-125.0.1.el9_5.8.aarch64.rpm glibc-static-2.34-125.0.1.el9_5.8.aarch64.rpm nss_db-2.34-125.0.1.el9_5.8.aarch64.rpm nss_hesiod-2.34-125.0.1.el9_5.8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//glibc-2.34-125.0.1.el9_5.8.src.rpm Related CVEs: CVE-2025-0395 Description of changes: [2.34-125.0.1.8] - Forward-port Oracle patches for ol9-u5 (glibc-2.34-125.0.1.8) Reviewed by: David Faust Oracle history: From el-errata at oss.oracle.com Thu May 1 20:29:59 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:59 -0700 Subject: [El-errata] ELSA-2025-4341 Important: Oracle Linux 9 kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4341 http://linux.oracle.com/errata/ELSA-2025-4341.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-7.4.0-503.40.1.el9_5.x86_64.rpm kernel-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-abi-stablelists-5.14.0-503.40.1.el9_5.noarch.rpm kernel-core-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-debug-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-debug-core-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-debug-devel-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-debug-devel-matched-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-debug-modules-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-debug-modules-core-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-debug-modules-extra-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-debug-uki-virt-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-devel-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-devel-matched-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-doc-5.14.0-503.40.1.el9_5.noarch.rpm kernel-headers-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-modules-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-modules-core-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-modules-extra-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-tools-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-tools-libs-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-uki-virt-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-uki-virt-addons-5.14.0-503.40.1.el9_5.x86_64.rpm perf-5.14.0-503.40.1.el9_5.x86_64.rpm python3-perf-5.14.0-503.40.1.el9_5.x86_64.rpm rtla-5.14.0-503.40.1.el9_5.x86_64.rpm rv-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-cross-headers-5.14.0-503.40.1.el9_5.x86_64.rpm kernel-tools-libs-devel-5.14.0-503.40.1.el9_5.x86_64.rpm libperf-5.14.0-503.40.1.el9_5.x86_64.rpm aarch64: bpftool-7.4.0-503.40.1.el9_5.aarch64.rpm kernel-headers-5.14.0-503.40.1.el9_5.aarch64.rpm kernel-tools-5.14.0-503.40.1.el9_5.aarch64.rpm kernel-tools-libs-5.14.0-503.40.1.el9_5.aarch64.rpm perf-5.14.0-503.40.1.el9_5.aarch64.rpm python3-perf-5.14.0-503.40.1.el9_5.aarch64.rpm rtla-5.14.0-503.40.1.el9_5.aarch64.rpm rv-5.14.0-503.40.1.el9_5.aarch64.rpm kernel-cross-headers-5.14.0-503.40.1.el9_5.aarch64.rpm kernel-tools-libs-devel-5.14.0-503.40.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-503.40.1.el9_5.src.rpm Related CVEs: CVE-2024-42292 CVE-2024-42322 CVE-2024-44990 CVE-2024-46826 CVE-2025-21927 Description of changes: [5.14.0-503.40.1.el9_5.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5] - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535] - Add Oracle Linux IMA certificates [5.14.0-503.40.1.el9_5] - nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (Chris Leech) [RHEL-87479] {CVE-2025-21927} - ipvs: properly dereference pe in ip_vs_add_service (Phil Sutter) [RHEL-75438] {CVE-2024-42322} - bonding: fix null pointer deref in bond_ipsec_offload_ok (CKI Backport Bot) [RHEL-75453] {CVE-2024-44990} - smb: client: don't retry IO on failed negprotos with soft mounts (Jay Shin) [RHEL-85523] - bonding: Correctly support GSO ESP offload (CKI Backport Bot) [RHEL-73403] - team: prevent adding a device which is already a team device lower (Hangbin Liu) [RHEL-73403] - team: Fix feature exposure when no ports are present (Hangbin Liu) [RHEL-73403] - team: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL (Hangbin Liu) [RHEL-73403] - team: Fix initial vlan_feature set in __team_compute_features (Hangbin Liu) [RHEL-73403] - bonding: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL (Hangbin Liu) [RHEL-73403] - bonding: Fix initial {vlan,mpls}_feature set in bond_compute_features (Hangbin Liu) [RHEL-73403] - net, team, bonding: Add netdev_base_features helper (Hangbin Liu) [RHEL-73403] - bonding: add ESP offload features when slaves support (Hangbin Liu) [RHEL-73403] - net: team: rename team to team_core for linking (Hangbin Liu) [RHEL-73403] - netfilter: br_netfilter: fix panic with metadata_dst skb (Ivan Vecera) [RHEL-71956] - bridge: mcast: Fail MDB get request on empty entry (Ivan Vecera) [RHEL-71956] - net: stmmac: dwmac-tegra: Fix link bring-up sequence (Jose Ignacio Tornos Martinez) [RHEL-73478] - kobject_uevent: Fix OOB access within zap_modalias_env() (CKI KWF BOT) [RHEL-75435] {CVE-2024-42292} [5.14.0-503.39.1.el9_5] - igb: cope with large MAX_SKB_FRAGS (Corinna Vinschen) [RHEL-75552] - x86/sev: Ensure that RMP table fixups are reserved (Bandan Das) [RHEL-84716] - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-75456] {CVE-2024-46826} - smb: client: fix double put of @cfile in smb2_set_path_size() (Paulo Alcantara) [RHEL-79342] {CVE-2024-46796} - smb: client: fix double put of @cfile in smb2_rename_path() (Paulo Alcantara) [RHEL-79342] {CVE-2024-46736} - smb: client: fix FSCTL_GET_REPARSE_POINT against NetApp (Paulo Alcantara) [RHEL-79342] From el-errata at oss.oracle.com Thu May 1 20:29:57 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:29:57 -0700 Subject: [El-errata] ELSA-2025-4263 Moderate: Oracle Linux 9 php:8.1 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4263 http://linux.oracle.com/errata/ELSA-2025-4263.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: apcu-panel-5.1.21-1.module+el9.1.0+20776+c1b960c0.noarch.rpm php-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-bcmath-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-cli-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-common-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-dba-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-dbg-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-devel-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-embedded-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-enchant-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-ffi-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-fpm-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-gd-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-gmp-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-intl-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-ldap-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-mbstring-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-mysqlnd-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-odbc-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-opcache-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-pdo-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-pecl-apcu-5.1.21-1.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pecl-apcu-devel-5.1.21-1.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pecl-rrd-2.0.3-4.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pecl-xdebug3-3.1.4-1.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pecl-zip-1.20.1-1.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pgsql-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-process-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-snmp-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-soap-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-xml-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm aarch64: apcu-panel-5.1.21-1.module+el9.1.0+20776+c1b960c0.noarch.rpm php-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-bcmath-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-cli-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-common-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-dba-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-dbg-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-devel-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-embedded-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-enchant-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-ffi-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-fpm-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-gd-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-gmp-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-intl-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-ldap-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-mbstring-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-mysqlnd-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-odbc-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-opcache-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-pdo-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-pecl-apcu-5.1.21-1.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pecl-apcu-devel-5.1.21-1.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pecl-rrd-2.0.3-4.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pecl-xdebug3-3.1.4-1.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pecl-zip-1.20.1-1.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pgsql-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-process-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-snmp-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-soap-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-xml-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//php-8.1.32-1.module+el9.5.0+90557+5e9037e7.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-apcu-5.1.21-1.module+el9.1.0+20776+c1b960c0.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-rrd-2.0.3-4.module+el9.1.0+20776+c1b960c0.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-xdebug3-3.1.4-1.module+el9.1.0+20776+c1b960c0.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-zip-1.20.1-1.module+el9.1.0+20776+c1b960c0.src.rpm Related CVEs: CVE-2024-8929 CVE-2024-11233 CVE-2024-11234 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 Description of changes: php [8.1.32-1] - rebase to 8.1.32 php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip From el-errata at oss.oracle.com Thu May 1 20:30:06 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:06 -0700 Subject: [El-errata] ELBA-2025-20298 Oracle Linux 8 nfs-utils bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20298 http://linux.oracle.com/errata/ELBA-2025-20298.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libnfsidmap-2.3.3-59.0.4.el8.i686.rpm libnfsidmap-2.3.3-59.0.4.el8.x86_64.rpm libnfsidmap-devel-2.3.3-59.0.4.el8.i686.rpm libnfsidmap-devel-2.3.3-59.0.4.el8.x86_64.rpm nfs-utils-2.3.3-59.0.4.el8.x86_64.rpm aarch64: libnfsidmap-2.3.3-59.0.4.el8.aarch64.rpm libnfsidmap-devel-2.3.3-59.0.4.el8.aarch64.rpm nfs-utils-2.3.3-59.0.4.el8.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//nfs-utils-2.3.3-59.0.4.el8.src.rpm Description of changes: [2.3.3-59.0.4] - nfsd: allow more than 64 backlogged connections [Orabug: 37874709] [2.3.3-59.0.2] - Backport RPC with TLS patch from OL9 [Orabug: 36848873] From el-errata at oss.oracle.com Thu May 1 20:30:07 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:07 -0700 Subject: [El-errata] ELBA-2025-20302 Oracle Linux 8 xfsprogs bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20302 http://linux.oracle.com/errata/ELBA-2025-20302.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: xfsprogs-5.15.0-1.0.6.el8.x86_64.rpm xfsprogs-devel-5.15.0-1.0.6.el8.x86_64.rpm xfsprogs-5.15.0-1.0.6.el8.i686.rpm xfsprogs-devel-5.15.0-1.0.6.el8.i686.rpm aarch64: xfsprogs-5.15.0-1.0.6.el8.aarch64.rpm xfsprogs-devel-5.15.0-1.0.6.el8.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//xfsprogs-5.15.0-1.0.6.el8.src.rpm Description of changes: [5.15.0-1.0.6] - Introduce xfs_defrag to xfsprogs. From el-errata at oss.oracle.com Thu May 1 20:30:24 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:24 -0700 Subject: [El-errata] ELBA-2025-20283 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20283 http://linux.oracle.com/errata/ELBA-2025-20283.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2136.342.5.3.el8uek.x86_64.rpm kernel-uek-container-5.4.17-2136.342.5.3.el8uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.342.5.3.el8uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.342.5.3.el8uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.342.5.3.el8uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.342.5.3.el8uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.342.5.3.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.342.5.3.el8uek.src.rpm Description of changes: [5.4.17-2136.342.5.3.el8uek] - uek-rpm: remove .el7 from shim version (Samasth Norway Ananda) [Orabug: 37854210] [5.4.17-2136.342.5.2.el8uek] - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37851062] [5.4.17-2136.342.5.1.el8uek] - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37838449] - Revert "sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy" (Magali Lemes) [Orabug: 37838449] - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846696] - Revert "sctp: sysctl: auth_enable: avoid using current->nsproxy" (Magali Lemes) [Orabug: 37846696] From el-errata at oss.oracle.com Thu May 1 20:30:29 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:29 -0700 Subject: [El-errata] ELBA-2025-20283 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20283 http://linux.oracle.com/errata/ELBA-2025-20283.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-5.4.17-2136.342.5.3.el8uek.aarch64.rpm kernel-uek-debug-5.4.17-2136.342.5.3.el8uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2136.342.5.3.el8uek.aarch64.rpm kernel-uek-devel-5.4.17-2136.342.5.3.el8uek.aarch64.rpm kernel-uek-doc-5.4.17-2136.342.5.3.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.342.5.3.el8uek.src.rpm Description of changes: [5.4.17-2136.342.5.3.el8uek] - uek-rpm: remove .el7 from shim version (Samasth Norway Ananda) [Orabug: 37854210] [5.4.17-2136.342.5.2.el8uek] - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37851062] [5.4.17-2136.342.5.1.el8uek] - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37838449] - Revert "sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy" (Magali Lemes) [Orabug: 37838449] - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846696] - Revert "sctp: sysctl: auth_enable: avoid using current->nsproxy" (Magali Lemes) [Orabug: 37846696] From el-errata at oss.oracle.com Thu May 1 20:30:31 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:31 -0700 Subject: [El-errata] ELBA-2025-20295 Oracle Linux 8 leapp-repository bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20295 http://linux.oracle.com/errata/ELBA-2025-20295.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: leapp-upgrade-el8toel9-0.20.0-2.0.20.el8.noarch.rpm leapp-upgrade-el8toel9-deps-0.20.0-2.0.20.el8.noarch.rpm aarch64: leapp-upgrade-el8toel9-0.20.0-2.0.20.el8.noarch.rpm leapp-upgrade-el8toel9-deps-0.20.0-2.0.20.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//leapp-repository-0.20.0-2.0.20.el8.src.rpm Description of changes: [0.20.0-2.0.20] - Pre-set enabled repos variable [JIRA: OLDIS-43582], [JIRA: OLDIS-43583] [0.20.0-2.0.19] - Update conditions for OSMH upgrade [JIRA: OLDIS-43582], [JIRA: OLDIS-43583] From el-errata at oss.oracle.com Thu May 1 20:30:33 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:33 -0700 Subject: [El-errata] ELBA-2025-20297 Oracle Linux 8 nfs-utils bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20297 http://linux.oracle.com/errata/ELBA-2025-20297.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libnfsidmap-2.3.3-59.0.3.el8.i686.rpm libnfsidmap-2.3.3-59.0.3.el8.x86_64.rpm nfs-utils-2.3.3-59.0.3.el8.x86_64.rpm libnfsidmap-devel-2.3.3-59.0.3.el8.i686.rpm libnfsidmap-devel-2.3.3-59.0.3.el8.x86_64.rpm aarch64: libnfsidmap-2.3.3-59.0.3.el8.aarch64.rpm nfs-utils-2.3.3-59.0.3.el8.aarch64.rpm libnfsidmap-devel-2.3.3-59.0.3.el8.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//nfs-utils-2.3.3-59.0.3.el8.src.rpm Description of changes: [2.3.3-59.0.3] - nfsd: allow more than 64 backlogged connections [Orabug: 37874709] From el-errata at oss.oracle.com Thu May 1 20:30:34 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:34 -0700 Subject: [El-errata] ELBA-2025-20299 Oracle Linux 8 scap-security-guide bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20299 http://linux.oracle.com/errata/ELBA-2025-20299.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: scap-security-guide-0.1.76-1.0.2.el8.noarch.rpm scap-security-guide-doc-0.1.76-1.0.2.el8.noarch.rpm aarch64: scap-security-guide-0.1.76-1.0.2.el8.noarch.rpm scap-security-guide-doc-0.1.76-1.0.2.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//scap-security-guide-0.1.76-1.0.2.el8.src.rpm Description of changes: [0.1.76-1.0.2] - Update OL8 STIG to V2R4 [Orabug: 37863335] From el-errata at oss.oracle.com Thu May 1 20:30:36 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:36 -0700 Subject: [El-errata] ELBA-2025-4024 Oracle Linux 8 grub2 bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4024 http://linux.oracle.com/errata/ELBA-2025-4024.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: grub2-common-2.02-165.0.1.el8_10.noarch.rpm grub2-efi-aa64-modules-2.02-165.0.1.el8_10.noarch.rpm grub2-efi-ia32-2.02-165.0.1.el8_10.x86_64.rpm grub2-efi-ia32-cdboot-2.02-165.0.1.el8_10.x86_64.rpm grub2-efi-ia32-modules-2.02-165.0.1.el8_10.noarch.rpm grub2-efi-x64-2.02-165.0.1.el8_10.x86_64.rpm grub2-efi-x64-cdboot-2.02-165.0.1.el8_10.x86_64.rpm grub2-efi-x64-modules-2.02-165.0.1.el8_10.noarch.rpm grub2-pc-2.02-165.0.1.el8_10.x86_64.rpm grub2-pc-modules-2.02-165.0.1.el8_10.noarch.rpm grub2-tools-2.02-165.0.1.el8_10.x86_64.rpm grub2-tools-efi-2.02-165.0.1.el8_10.x86_64.rpm grub2-tools-extra-2.02-165.0.1.el8_10.x86_64.rpm grub2-tools-minimal-2.02-165.0.1.el8_10.x86_64.rpm aarch64: grub2-common-2.02-165.0.1.el8_10.noarch.rpm grub2-efi-aa64-2.02-165.0.1.el8_10.aarch64.rpm grub2-efi-aa64-cdboot-2.02-165.0.1.el8_10.aarch64.rpm grub2-efi-aa64-modules-2.02-165.0.1.el8_10.noarch.rpm grub2-efi-ia32-modules-2.02-165.0.1.el8_10.noarch.rpm grub2-efi-x64-modules-2.02-165.0.1.el8_10.noarch.rpm grub2-pc-modules-2.02-165.0.1.el8_10.noarch.rpm grub2-tools-2.02-165.0.1.el8_10.aarch64.rpm grub2-tools-extra-2.02-165.0.1.el8_10.aarch64.rpm grub2-tools-minimal-2.02-165.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//grub2-2.02-165.0.1.el8_10.src.rpm Description of changes: [2.02-165.0.1] - Update grub2 dependencies to match new Secure Boot certificate chain of trust [Orabug: 37766761] - Fix typo in SBAT metadata [Orabug: 37693946] - Allow installation of grub2 only with shim-aa64 that allows booting it [Orabug: 37693946] - net/dns: Fix removal of DNS server [Orabug: 37539625] - net/dns: Simplify error handling of recv_hook() function [Orabug: 37539625] - net/dns: Add debugging messages in recv_hook() function [Orabug: 37539625] - net/dns: Fix lookup error when no IPv6 is returned [Orabug: 37539625] - Use correct os_name on OL - Backport the support for setting custom kernels as default kernels [Orabug: 36690061] - Restore correct SBAT entries - Replaced bugzilla.oracle.com references [Orabug: 35475894] - efinet: Close and reopen card on failure [Orabug: 35126950] - Fix CVE-2022-3775 [Orabug: 34867710] - Bump SBAT metadata for grub to 3 [Orabug: 34871758] - Enable signing on aarch64 - Don't try to switch to a BLS config if GRUB_ENABLE_BLSCFG is already set (Javier Martinez Canillas) [Orabug: 34375996] - Enable back btrfs module by default [Orabug: 34377188] - Backport upstream SNP protocol fixes [Orabug: 34195100] - Rebase Fix EFI loader kernel image allocation patch, adapt it to new NX code [Orabug: 34352232] - enable multiboot2 [Orabug: 34285558] - backport arm64: Fix EFI loader kernel image allocation [Orabug: 33702462] - backport Arm: check for the PE magic for the compiled arch [Orabug: 33702462] - Backport some better script logic for BTRFS support [Orabug: 32448171] - Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033] - Update Oracle SBAT data [Orabug: 32670033] - Use new signing certificate [Orabug: 32670033] - Fix various coverity issues [Orabug: 32530657] - Set proper blsdir if /boot is on btrfs rootfs [Orabug: 32063327] - Add CVE-2020-15706, CVE-2020-15707 to the list [Orabug: 31225072] - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497] - set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597] - Update upstream references [Orabug: 26388226] - Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955] - fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481] - Fix comparison in patch for 18504756 - Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481] - Put "with" in menuentry instead of "using" [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.02-165] - fs/ext2: Rework of OOB read patch - Resolves: #RHEL-86553 From el-errata at oss.oracle.com Thu May 1 20:30:37 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:37 -0700 Subject: [El-errata] ELBA-2025-4053 Oracle Linux 8 cloud-init bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4053 http://linux.oracle.com/errata/ELBA-2025-4053.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: cloud-init-23.4-7.0.2.el8_10.9.noarch.rpm aarch64: cloud-init-23.4-7.0.2.el8_10.9.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//cloud-init-23.4-7.0.2.el8_10.9.src.rpm Description of changes: [23.4-7.0.2.el8_10.9] - Fixes regression in cloud-init with module cc_write_files_deferred [Orabug: 37382965] - Update IPv6 IMDS endpoint to ULA and drop NIC identifier [Orabug: 35965980] - Enable IPv6 [Orabug: 36502414] - Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938] - Increase retry value and add timeout for OCI [Orabug: 35329883] - Fix log file permissions [Orabug: 35302985] - Update detection logic for OL distros in config template [Orabug: 34845400] - Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938] - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672] - limit permissions [Orabug: 31352433] - Changes to ignore all enslaved interfaces [Orabug: 30092148] - Fix swap file size allocation logic to allocate maxsize [Orabug: 29952349] - Make Oracle datasource detect dracut based config files [Orabug: 29956753] - add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch: 1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 (Bugzilla) - added OL to list of known distros From el-errata at oss.oracle.com Thu May 1 20:30:39 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:39 -0700 Subject: [El-errata] ELBA-2025-4065 Oracle Linux 8 doxygen bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4065 http://linux.oracle.com/errata/ELBA-2025-4065.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: doxygen-1.8.14-14.el8_10.x86_64.rpm doxygen-doxywizard-1.8.14-14.el8_10.x86_64.rpm doxygen-latex-1.8.14-14.el8_10.x86_64.rpm aarch64: doxygen-1.8.14-14.el8_10.aarch64.rpm doxygen-doxywizard-1.8.14-14.el8_10.aarch64.rpm doxygen-latex-1.8.14-14.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//doxygen-1.8.14-14.el8_10.src.rpm Description of changes: [1:1.8.14-14] - Resolves: RHEL-81116, Treeview does not work [1:1.8.14-13] - Resolves: RHEL-78141, CVE-2020-11023, CVE-2020-11022 From el-errata at oss.oracle.com Thu May 1 20:30:41 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:41 -0700 Subject: [El-errata] ELSA-2025-4362 Moderate: Oracle Linux 8 ghostscript security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4362 http://linux.oracle.com/errata/ELSA-2025-4362.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: ghostscript-9.27-16.el8_10.x86_64.rpm ghostscript-x11-9.27-16.el8_10.x86_64.rpm libgs-9.27-16.el8_10.i686.rpm libgs-9.27-16.el8_10.x86_64.rpm ghostscript-doc-9.27-16.el8_10.noarch.rpm ghostscript-tools-dvipdf-9.27-16.el8_10.x86_64.rpm ghostscript-tools-fonts-9.27-16.el8_10.x86_64.rpm ghostscript-tools-printing-9.27-16.el8_10.x86_64.rpm libgs-devel-9.27-16.el8_10.i686.rpm libgs-devel-9.27-16.el8_10.x86_64.rpm aarch64: ghostscript-9.27-16.el8_10.aarch64.rpm ghostscript-x11-9.27-16.el8_10.aarch64.rpm libgs-9.27-16.el8_10.aarch64.rpm ghostscript-doc-9.27-16.el8_10.noarch.rpm ghostscript-tools-dvipdf-9.27-16.el8_10.aarch64.rpm ghostscript-tools-fonts-9.27-16.el8_10.aarch64.rpm ghostscript-tools-printing-9.27-16.el8_10.aarch64.rpm libgs-devel-9.27-16.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//ghostscript-9.27-16.el8_10.src.rpm Related CVEs: CVE-2020-27792 CVE-2023-46751 CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46954 CVE-2024-46956 Description of changes: [9.27-16] - RHEL-18396 CVE-2023-46751 ghostscript: dangling pointer in gdev_prn_open_printer_seekable() - RHEL-67046 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space - RHEL-15067 CVE-2020-27792 ghostscript: heap buffer over write vulnerability in GhostScript's lp8000_print_page() in gdevlp8k.c - RHEL-67051 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding - RHEL-67051 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript - RHEL-67051 CVE-2024-46956 ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution From el-errata at oss.oracle.com Thu May 1 20:30:54 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:54 -0700 Subject: [El-errata] ELBA-2025-20278 Oracle Linux 7 dtrace bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20278 http://linux.oracle.com/errata/ELBA-2025-20278.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: dtrace-2.0.2-5.el7.x86_64.rpm dtrace-devel-2.0.2-5.el7.x86_64.rpm dtrace-testsuite-2.0.2-5.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//dtrace-2.0.2-5.el7.src.rpm Description of changes: [2.0.2-1] - Translators to support kernels 6.10 and later. - FBT return probe argument support. - The print() action is augmented with type information. (Alan Maguire) - Support to discover and trace USDT probes after a tracing session has started. (Eugene Loh, Nick Alcock) - USDT probe argument support (translated types, mapping). (Nick Alcock) - Installation locations are now configurable. (Nick Alcock) - Valgrind is no longer a required build dependency. (Nick Alcock) - Self-grabs have been improved. (Nick Alcock) - New provider: rawfbt. (Kris Van Hees) - Various bug fixes. (Nick Alcock, Eugene Loh, Alan Maguire, Kris Van Hees) - Various testsuite fixes and improvements. (Nick Alcock, Sam James, Eugene Loh, Kris Van Hees) - Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees) [Orabug: 37274251] From el-errata at oss.oracle.com Thu May 1 20:30:55 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:30:55 -0700 Subject: [El-errata] ELBA-2025-20283 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20283 http://linux.oracle.com/errata/ELBA-2025-20283.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2136.342.5.3.el7uek.x86_64.rpm kernel-uek-container-5.4.17-2136.342.5.3.el7uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.342.5.3.el7uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.342.5.3.el7uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.342.5.3.el7uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.342.5.3.el7uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.342.5.3.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2136.342.5.3.el7uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.342.5.3.el7uek.src.rpm Description of changes: [5.4.17-2136.342.5.3.el7uek] - uek-rpm: remove .el7 from shim version (Samasth Norway Ananda) [Orabug: 37854210] [5.4.17-2136.342.5.2.el7uek] - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37851062] [5.4.17-2136.342.5.1.el7uek] - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37838449] - Revert "sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy" (Magali Lemes) [Orabug: 37838449] - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846696] - Revert "sctp: sysctl: auth_enable: avoid using current->nsproxy" (Magali Lemes) [Orabug: 37846696] [5.4.17-2136.342.5.el7uek] - ima: Fix use-after-free on a dentry's dname.name (Stefan Berger) [Orabug: 36835558] {CVE-2024-39494} [5.4.17-2136.342.4.el7uek] - sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke H?iland-J?rgensen) - udf: Fix use of check_add_overflow() with mixed type arguments (Ben Hutchings) - x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross) - xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik) - ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang) - ALSA: hda/realtek - Add type for ALC287 (Kailang Yang) - net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel) - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang) - ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao) - Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den) - gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). (Kuniyuki Iwashima) - Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin) - rds: Make sure transmit path and connection tear-down does not run concurrently (H?kon Bugge) [Orabug: 36308571] - NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (Yanjun Zhang) [Orabug: 37206487] [5.4.17-2136.342.3.el7uek] - LTS tag: v5.4.290 (Alok Tiwari) - Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos) - xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann) - drm/v3d: Assign job pointer to NULL before signaling the fence (Ma?ra Canal) - Input: xpad - add support for wooting two he (arm) (Jack Greiner) - Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto) - Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson) - Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (Greg Kroah-Hartman) - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz) - ext4: fix slab-use-after-free in ext4_split_extent_at() (Baokun Li) - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path (Theodore Ts'o) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - net/xen-netback: prevent UAF in xenvif_flush_hash() (Jeongjun Park) - net: xen-netback: hash.c: Use built-in RCU list checking (Madhuparna Bhowmik) - signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die (Eric W. Biederman) - m68k: Add missing mmap_read_lock() to sys_cacheflush() (Liam Howlett) - m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal (Al Viro) - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons) - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang) - ASoC: wm8994: Add depends on MFD core (Charles Keepax) - net: fix data-races around sk->sk_forward_alloc (Wang Liang) - scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane) - ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet) - irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal) - fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel) - net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit) - nvmet: propagate npwg topology (Luis Chamberlain) - poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov) - kheaders: Ignore silly-rename files (David Howells) - hfs: Sanity check the root record (Leo Stone) - mac802154: check local interfaces before deleting sdata list (Lizhi Xu) - i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang) - drm/v3d: Ensure job pointer is set to NULL after job completion (Ma?ra Canal) - nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter) - gtp: Destroy device along with udp socket's netns dismantle. (Kuniyuki Iwashima) - gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). (Kuniyuki Iwashima) - gtp: use exit_batch_rtnl() method (Eric Dumazet) - net: add exit_batch_rtnl() method (Eric Dumazet) - net: net_namespace: Optimize the code (Yajun Deng) - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla) - sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0)) - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam) - ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi) - phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (Zijun Hu) - phy: core: fix code style in devm_of_phy_provider_unregister (Vinod Koul) - arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis) - arm64: dts: rockchip: add #power-domain-cells to power domain nodes (Johan Jonker) - arm64: dts: rockchip: fix pd_tcpc0 and pd_tcpc1 node position on rk3399 (Johan Jonker) - arm64: dts: rockchip: fix defines in pd_vio node for rk3399 (Johan Jonker) - iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori) - iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori) - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam) - iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song) - iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco) - iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco) - iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco) - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco) - iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco) - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M) - usb: fix reference leak in usb_new_device() (Ma Ke) - USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng) - USB: usblp: return error when setting unsupported protocol (Jun Yan) - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu) - USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold) - usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel) - staging: iio: ad9832: Correct phase range check (Zicheng Qu) - staging: iio: ad9834: Correct phase range check (Zicheng Qu) - USB: serial: option: add Neoway N723-EA support (Michal Hrusecky) - USB: serial: option: add MeiG Smart SRM815 (Chukun Pan) - drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen) - ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede) - ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede) - drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li) - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) - dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen) - tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington) - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet) - tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan) - tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing) - net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor) - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura) - dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai) - dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai) - dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai) - jbd2: flush filesystem device before updating tail sequence (Zhang Yi) [5.4.17-2136.342.2.el7uek] - Revert "NFSD: Limit the number of concurrent async COPY operations" (Sherry Yang) [Orabug: 37660195] - rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (H?kon Bugge) [Orabug: 37586090] - dm rq: don't queue request to blk-mq during DM suspend (Ming Lei) [Orabug: 37010188] - dm: rearrange core declarations for extended use from dm-zone.c (Damien Le Moal) [Orabug: 37010188] [5.4.17-2136.342.1.el7uek] - cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621585] - uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619102] - oracleasm: Fix PI when use_logical_block_size is set (Martin K. Petersen) [Orabug: 37503280] - oracleasm: Add support for per-I/O block size selection (Martin K. Petersen) [Orabug: 37503280] - perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (Alexander Antonov) [Orabug: 36882938] From el-errata at oss.oracle.com Thu May 1 20:31:00 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 01 May 2025 13:31:00 -0700 Subject: [El-errata] ELSA-2025-3612 Important: Oracle Linux 7 libxslt security update Message-ID: Oracle Linux Security Advisory ELSA-2025-3612 http://linux.oracle.com/errata/ELSA-2025-3612.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libxslt-1.1.28-6.0.3.el7.i686.rpm libxslt-1.1.28-6.0.3.el7.x86_64.rpm libxslt-devel-1.1.28-6.0.3.el7.i686.rpm libxslt-devel-1.1.28-6.0.3.el7.x86_64.rpm libxslt-python-1.1.28-6.0.3.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//libxslt-1.1.28-6.0.3.el7.src.rpm Related CVEs: CVE-2024-55549 CVE-2025-24855 Description of changes: [1.1.28-6.0.3] - Fix CVE-2024-55549 issue due to memory leak [Orabug: 37795485] - Fix CVE-2025-24855 issue due to use after free. From el-errata at oss.oracle.com Mon May 12 18:22:30 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 22:22:30 +0400 Subject: [El-errata] New Ksplice updates for RHCK 9 (ELSA-2025-4341) Message-ID: Synopsis: ELSA-2025-4341 can now be patched using Ksplice CVEs: CVE-2024-42292 CVE-2024-44990 CVE-2024-46736 CVE-2024-46796 CVE-2024-46826 CVE-2024-50045 CVE-2025-21927 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2025-4341. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2025-4341.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running RHCK 9 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-42292: Information leak in kernel userspace event delivery library. A logic error when using the kernel userspace event delivery library could lead to an out-of-bounds memory access. A local attacker could use this flaw to extract sensitive information. * CVE-2024-44990: Denial-of-service in Bonding driver. A missing check when using the Bonding driver could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-46796, CVE-2024-46736: Memory corruption in SMB3 and CIFS driver. A double free error when using the SMB3 and CIFS driver could lead to use of uninitialized memory. An attacker could use this flaw to cause memory corruption or as a step in another kind of attack. * CVE-2024-46826: Undefined behavior in kernel ELF parsing subsystem. A logic error when using the kernel ELF parsing subsystem. could lead to an inconsistently loaded binary. The resulting loaded binary might exhibit undefined behavior. * CVE-2024-50045: Denial-of-service in bridge netfilter driver. A logic error when sending traffic using the bridge netfilter driver could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21927: Memory corruption in NVM Express over Fabrics FC driver. A missing check of a header length when using the NVM Express over Fabrics FC driver could lead to an out-of-bounds memory write access. An attacker could use this flaw to cause memory corruption. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Mon May 12 18:22:34 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 22:22:34 +0400 Subject: [El-errata] New Ksplice updates for RHCK 8 (ELSA-2025-3893) Message-ID: Synopsis: ELSA-2025-3893 can now be patched using Ksplice CVEs: CVE-2024-53150 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2025-3893. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2025-3893.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running RHCK 8 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-53150: Information leak in Advanced Linux Sound Architecture driver. A missing check when using the Advanced Linux Sound Architecture driver could lead to an out-of-bounds memory read. A local attacker could use this flaw to get sensitive information or as a step in another kind of attack. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Tue May 13 06:06:05 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:06:05 -0700 Subject: [El-errata] ELBA-2025-20321 Oracle Linux 7 linux-firmware bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20321 http://linux.oracle.com/errata/ELBA-2025-20321.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: iwl1000-firmware-39.31.5.1-999.40.el7.noarch.rpm iwl100-firmware-39.31.5.1-999.40.el7.noarch.rpm iwl105-firmware-18.168.6.1-999.40.el7.noarch.rpm iwl135-firmware-18.168.6.1-999.40.el7.noarch.rpm iwl2000-firmware-18.168.6.1-999.40.el7.noarch.rpm iwl2030-firmware-18.168.6.1-999.40.el7.noarch.rpm iwl3160-firmware-22.0.7.0-999.40.el7.noarch.rpm iwl3945-firmware-15.32.2.9-999.40.el7.noarch.rpm iwl4965-firmware-228.61.2.24-999.40.el7.noarch.rpm iwl5000-firmware-8.83.5.1_1-999.40.el7.noarch.rpm iwl5150-firmware-8.24.2.2-999.40.el7.noarch.rpm iwl6000-firmware-9.221.4.1-999.40.el7.noarch.rpm iwl6000g2a-firmware-17.168.5.3-999.40.el7.noarch.rpm iwl6000g2b-firmware-17.168.5.2-999.40.el7.noarch.rpm iwl6050-firmware-41.28.5.1-999.40.el7.noarch.rpm iwl7260-firmware-22.0.7.0-999.40.el7.noarch.rpm iwlax2xx-firmware-20250423-999.40.el7.noarch.rpm linux-firmware-20250423-999.40.git32f3227b.el7.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//linux-firmware-20250423-999.40.git32f3227b.el7.src.rpm Description of changes: [20250423-999.40.git32f3227b.el7] - Rebase to latest upstream [Orabug: 37868435] [20250319-999.39.git430633ec.el7] - Rebase to latest upstream [Orabug: 37729115] [20250203-999.38.git0fd450ee.el7] - Rebase to latest upstream [Orabug: 37535629] [20241213-999.36.git2cdfe09e.el7] - Rebase to latest upstream [Orabug: 37405529] From el-errata at oss.oracle.com Tue May 13 06:06:07 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:06:07 -0700 Subject: [El-errata] ELSA-2025-3844 Moderate: Oracle Linux 7 java-1.8.0-openjdk security update Message-ID: Oracle Linux Security Advisory ELSA-2025-3844 http://linux.oracle.com/errata/ELSA-2025-3844.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: java-1.8.0-openjdk-1.8.0.442.b06-1.0.3.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.442.b06-1.0.3.el7_9.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.442.b06-1.0.3.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.442.b06-1.0.3.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.442.b06-1.0.3.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.442.b06-1.0.3.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.442.b06-1.0.3.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.442.b06-1.0.3.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.442.b06-1.0.3.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.442.b06-1.0.3.el7_9.x86_64.rpm java-1.8.0-openjdk-javadoc-1.8.0.442.b06-1.0.3.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.442.b06-1.0.3.el7_9.noarch.rpm java-1.8.0-openjdk-src-1.8.0.442.b06-1.0.3.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.442.b06-1.0.3.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//java-1.8.0-openjdk-1.8.0.442.b06-1.0.3.el7_9.src.rpm Related CVEs: CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 Description of changes: [1:1.8.0.442.b06-1.0.3] - Fixed CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698 [Orabug: 37840723] From el-errata at oss.oracle.com Tue May 13 06:06:09 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:06:09 -0700 Subject: [El-errata] ELSA-2025-4098 Important: Oracle Linux 7 libxslt security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4098 http://linux.oracle.com/errata/ELSA-2025-4098.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libxslt-1.1.28-6.0.3.el7.i686.rpm libxslt-1.1.28-6.0.3.el7.x86_64.rpm libxslt-devel-1.1.28-6.0.3.el7.i686.rpm libxslt-devel-1.1.28-6.0.3.el7.x86_64.rpm libxslt-python-1.1.28-6.0.3.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//libxslt-1.1.28-6.0.3.el7.src.rpm Related CVEs: CVE-2024-55549 CVE-2025-24855 Description of changes: [1.1.28-6.0.3] - Fix CVE-2024-55549 issue due to memory leak [Orabug: 37795485] - Fix CVE-2025-24855 issue due to use after free. From el-errata at oss.oracle.com Tue May 13 06:06:08 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:06:08 -0700 Subject: [El-errata] ELSA-2025-4039 Important: Oracle Linux 7 virtuoso-opensource security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4039 http://linux.oracle.com/errata/ELSA-2025-4039.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: virtuoso-opensource-6.1.6-7.0.1.el7.x86_64.rpm virtuoso-opensource-utils-6.1.6-7.0.1.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//virtuoso-opensource-6.1.6-7.0.1.el7.src.rpm Related CVEs: CVE-2024-57656 Description of changes: [1:6.1.6-7.0.1] - Back port fix for CVE-2024-57656 [Orabug:37856848] From el-errata at oss.oracle.com Tue May 13 06:07:29 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:07:29 -0700 Subject: [El-errata] ELSA-2025-20319 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20319 http://linux.oracle.com/errata/ELSA-2025-20319.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2136.343.5.1.el7uek.x86_64.rpm kernel-uek-container-5.4.17-2136.343.5.1.el7uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.343.5.1.el7uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.343.5.1.el7uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.343.5.1.el7uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.343.5.1.el7uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.343.5.1.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2136.343.5.1.el7uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.343.5.1.el7uek.src.rpm Related CVEs: CVE-2023-52532 CVE-2024-36929 Description of changes: [5.4.17-2136.343.5.1.el7uek] - nvme: fix deadlock between reset and scan (Bitao Hu) [Orabug: 37920457] [5.4.17-2136.343.5.el7uek] - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846673] - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846668] - uek-rpm: remove .el7 from shim version (Samasth Norway Ananda) [Orabug: 37834734] [5.4.17-2136.343.4.el7uek] - bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao) - Revert "sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy" (Magali Lemes) - jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz) - serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping) - Revert "sctp: sysctl: auth_enable: avoid using current->nsproxy" (Magali Lemes) - net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet) - vlan: fix memory leak in vlan_newlink() (Eric Dumazet) - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (H?kon Bugge) [Orabug: 37747826] [5.4.17-2136.343.3.el7uek] - LTS tag: v5.4.291 (Sherry Yang) - eeprom: digsy_mtc: Make GPIO lookup table match the device (Andy Shevchenko) - slimbus: messaging: Free transaction ID in delayed interrupt scenario (Visweswara Tanuku) - intel_th: pci: Add Panther Lake-P/U support (Alexander Shishkin) - intel_th: pci: Add Panther Lake-H support (Alexander Shishkin) - intel_th: pci: Add Arrow Lake support (Pawel Chmielewski) - Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) - xhci: pci: Fix indentation in the PCI device ID definitions (Andy Shevchenko) - usb: gadget: Check bmAttributes only if configuration is valid (Prashanth K) - usb: gadget: Fix setting self-powered state on suspend (Marek Szyprowski) - usb: gadget: Set self-powered based on MaxPower and bmAttributes (Prashanth K) - usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (AngeloGioacchino Del Regno) - usb: typec: ucsi: increase timeout for PPM reset operations (Fedor Pchelkin) - usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich) - usb: renesas_usbhs: Flush the notify_hotplug_work (Claudiu Beznea) - usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (Miao Li) - usb: renesas_usbhs: Use devm_usb_get_phy() (Claudiu Beznea) - usb: renesas_usbhs: Call clk_put() (Claudiu Beznea) - Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (Christian Heusel) - gpio: rcar: Fix missing of_node_put() call (Fabrizio Castro) - net: ipv6: fix missing dst ref drop in ila lwtunnel (Justin Iurman) - net: ipv6: fix dst ref loop in ila lwtunnel (Justin Iurman) - net-timestamp: support TCP GSO case for a few missing flags (Jason Xing) - vlan: enforce underlying device type (Oscar Maes) - ppp: Fix KMSAN uninit-value warning with bpf (Jiayuan Chen) - be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink (Nikolay Aleksandrov) - drm/sched: Fix preprocessor guard (Philipp Stanner) - hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (Xinghuo Chen) - llc: do not use skb_get() before dev_queue_xmit() (Eric Dumazet) - hwmon: (ad7314) Validate leading zero bits and return error (Erik Schumacher) - hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (Maud Spierings) - hwmon: (pmbus) Initialise page count in pmbus_identify() (Titus Rwantare) - caif_virtio: fix wrong pointer check in cfv_probe() (Vitaliy Shevtsov) - net: gso: fix ownership in __udp_gso_segment (Antoine Tenart) - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (Zhang Lixu) - HID: google: fix unused variable warning under !CONFIG_ACPI (Yu-Chun Lin) - wifi: iwlwifi: limit printed string from FW file (Johannes Berg) - mm/page_alloc: fix uninitialized variable (Hao Zhang) - rapidio: fix an API misues when rio_add_net() fails (Haoxiang Li) - rapidio: add check for rio_add_net() in rio_scan_alloc_net() (Haoxiang Li) - wifi: nl80211: reject cooked mode if it is set along with other flags (Vitaliy Shevtsov) - wifi: cfg80211: regulatory: improve invalid hints checking (Nikita Zhandarovich) - x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 (Ahmed S. Darwish) - x86/cpu: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - x86/cacheinfo: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (Mingcong Bai) - drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (Richard Thier) - ALSA: hda/realtek: update ALC222 depop optimize (Kailang Yang) - ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (Hoku Ishibe) - HID: appleir: Fix potential NULL dereference at raw event handle (Daniil Dulov) - Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" (Rob Herring (Arm)) - drm/amdgpu: disable BAR resize on Dell G5 SE (Alex Deucher) - drm/amdgpu: Check extended configuration space register when system uses large bar (Ma Jun) - drm/amdgpu: skip BAR resizing if the bios already did it (Alex Deucher) - acct: perform last write from workqueue (Christian Brauner) - kernel/acct.c: use dedicated helper to access rlimit values (Yang Yang) - kernel/acct.c: use #elif instead of #end and #elif (Hui Su) - drop_monitor: fix incorrect initialization order (Gavrilov Ilia) - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (Quang Le) - sched/core: Prevent rescheduling when interrupts are disabled (Thomas Gleixner) - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (Kaustabh Chakraborty) - phy: tegra: xusb: reset VBUS & ID OVERRIDE (BH Hsieh) - usbnet: gl620a: fix endpoint checking in genelink_bind() (Nikita Zhandarovich) - perf/core: Fix low freq setting via IOC_PERIOD (Kan Liang) - ftrace: Avoid potential division by zero in function_stat_show() (Nikolay Kuratov) - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems (Russell Senior) - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. (Harshal Chaudhari) - ipvs: Always clear ipvs_property flag in skb_scrub_packet() (Philo Lu) - ASoC: es8328: fix route from DAC to output (Nicolas Frattaroli) - net: cadence: macb: Synchronize stats calculations (Sean Anderson) - sunrpc: suppress warnings for unused procfs functions (Arnd Bergmann) - batman-adv: Drop unmanaged ELP metric worker (Sven Eckelmann) - batman-adv: Ignore neighbor throughput metrics in error case (Sven Eckelmann) - acct: block access to kernel internal filesystems (Christian Brauner) - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (John Veness) - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (Haoxiang Li) - tee: optee: Fix supplicant wait loop (Sumit Garg) - power: supply: da9150-fg: fix potential overflow (Andrey Vatoropin) - flow_dissector: Fix port range key handling in BPF conversion (Cong Wang) - flow_dissector: Fix handling of mixed port and port-range keys (Cong Wang) - net: extract port range fields from fl_flow_key (Maksym Glubokiy) - geneve: Suppress list corruption splat in geneve_destroy_tunnels(). (Kuniyuki Iwashima) - geneve: Fix use-after-free in geneve_find_dev(). (Kuniyuki Iwashima) - powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (Christophe Leroy) - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (Christophe Leroy) - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (Michael Ellerman) - USB: gadget: f_midi: f_midi_complete to call queue_work (Jill Donahue) - usb/gadget: f_midi: Replace tasklet with work (Davidlohr Bueso) - usb/gadget: f_midi: convert tasklets to use new tasklet_setup() API (Allen Pais) - usb: dwc3: Fix timeout issue during controller enter/exit from halt state (Selvarasu Ganesan) - usb: dwc3: Increase DWC3 controller halt timeout (Wesley Cheng) - memcg: fix soft lockup in the OOM process (Chen Ridong) - mm: update mark_victim tracepoints fields (Carlos Galo) - crypto: testmgr - some more fixes to RSA test vectors (Ignat Korchagin) - crypto: testmgr - populate RSA CRT parameters in RSA test vectors (Ignat Korchagin) - crypto: testmgr - fix version number of RSA tests (lei he) - crypto: testmgr - Fix wrong test case of RSA (Lei He) - crypto: testmgr - fix wrong key length for pkcs1pad (Lei He) - driver core: bus: Fix double free in driver API bus_register() (Zijun Hu) - scsi: storvsc: Set correct data length for sending SCSI command without payload (Long Li) - vlan: move dev_put into vlan_dev_uninit (Xin Long) - vlan: introduce vlan_dev_free_egress_priority (Xin Long) - pps: Fix a use-after-free (Calvin Owens) - btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana) - x86/i8253: Disable PIT timer 0 when not in use (David Woodhouse) - parport_pc: add support for ASIX AX99100 (Jiaqing Zhao) - serial: 8250_pci: add support for ASIX AX99100 (Jiaqing Zhao) - can: ems_pci: move ASIX AX99100 ids to pci_ids.h (Jiaqing Zhao) - nilfs2: protect access to buffers with no active references (Ryusuke Konishi) - nilfs2: do not force clear folio if buffer is referenced (Ryusuke Konishi) - nilfs2: do not output warnings when clearing dirty buffers (Ryusuke Konishi) - alpha: replace hardcoded stack offsets with autogenerated ones (Ivan Kokshaysky) - ndisc: extend RCU protection in ndisc_send_skb() (Eric Dumazet) - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (Eric Dumazet) - arp: use RCU protection in arp_xmit() (Eric Dumazet) - neighbour: use RCU protection in __neigh_notify() (Eric Dumazet) - neighbour: delete redundant judgment statements (Li Zetao) - ndisc: use RCU protection in ndisc_alloc_skb() (Eric Dumazet) - ipv6: use RCU protection in ip6_default_advmss() (Eric Dumazet) - ipv4: use RCU protection in inet_select_addr() (Eric Dumazet) - ipv4: use RCU protection in rt_is_expired() (Eric Dumazet) - net: add dev_net_rcu() helper (Eric Dumazet) - net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu() (Jiri Pirko) - regmap-irq: Add missing kfree() (Jiasheng Jiang) - partitions: mac: fix handling of bogus partition table (Jann Horn) - gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (Wentao Liang) - alpha: align stack for page fault and user unaligned trap handlers (Ivan Kokshaysky) - serial: 8250: Fix fifo underflow on flush (John Keeping) - alpha: make stack 16-byte aligned (most cases) (Ivan Kokshaysky) - can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (Alexander H?lzl) - can: c_can: fix unbalanced runtime PM disable in error path (Krzysztof Kozlowski) - USB: serial: option: drop MeiG Smart defines (Johan Hovold) - USB: serial: option: fix Telit Cinterion FN990A name (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FN990B compositions (Fabio Porcedda) - USB: serial: option: add MeiG Smart SLM828 (Chester A. Unal) - usb: cdc-acm: Fix handling of oversized fragments (Jann Horn) - usb: cdc-acm: Check control transfer buffer size before access (Jann Horn) - USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (Marek Vasut) - USB: hub: Ignore non-compliant devices with too many configs or interfaces (Alan Stern) - usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (John Keeping) - USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (Mathias Nyman) - USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (Lei Huang) - USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (Huacai Chen) - usb: dwc2: gadget: remove of_node reference upon udc_stop (Fabrice Gasnier) - usb: gadget: udc: renesas_usb3: Fix compiler warning (Guo Ren) - usb: roles: set switch registered flag early on (Elson Roy Serrao) - batman-adv: fix panic during interface removal (Andy Strohman) - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (Hans de Goede) - orangefs: fix a oob in orangefs_debug_write (Mike Marshall) - Grab mm lock before grabbing pt lock (Maksym Planeta) - vfio/pci: Enable iowrite64 and ioread64 for vfio pci (Ramesh Thomas) - media: cxd2841er: fix 64-bit division on gcc-9 (Arnd Bergmann) - gpio: bcm-kona: Add missing newline to dev_err format string (Artur Weber) - gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (Artur Weber) - gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (Artur Weber) - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec) - team: better TEAM_OPTION_TYPE_STRING validation (Eric Dumazet) - vrf: use RCU protection in l3mdev_l3_out() (Eric Dumazet) - ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (Eric Dumazet) - HID: multitouch: Add NULL check in mt_input_configured (Charles Han) - ocfs2: check dir i_size in ocfs2_find_entry (Su Yue) - MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static (WangYuli) - ptp: Ensure info->enable callback is always set (Thomas Wei?schuh) - net/ncsi: wait for the last response to Deselect Package before configuring channel (Paul Fertser) - misc: fastrpc: Fix registered buffer page address (Ekansh Gupta) - mtd: onenand: Fix uninitialized retlen in do_otp_read() (Ivan Stepchenko) - NFC: nci: Add bounds checking in nci_hci_create_pipe() (Dan Carpenter) - nilfs2: fix possible int overflows in nilfs_fiemap() (Nikita Zhandarovich) - ocfs2: handle a symlink read error correctly (Matthew Wilcox (Oracle)) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - nvmem: core: improve range check for nvmem_cell_write() (Jennifer Berringer) - crypto: qce - unregister previously registered algos in error path (Bartosz Golaszewski) - crypto: qce - fix goto jump in error path (Bartosz Golaszewski) - media: uvcvideo: Remove redundant NULL assignment (Ricardo Ribalda) - media: uvcvideo: Fix event flags in uvc_ctrl_send_events (Ricardo Ribalda) - media: ov5640: fix get_light_freq on auto (Sam Bobrowicz) - soc: qcom: smem_state: fix missing of_node_put in error path (Krzysztof Kozlowski) - kbuild: Move -Wenum-enum-conversion to W=2 (Nathan Chancellor) - powerpc/pseries/eeh: Fix get PE state translation (Narayana Murty N) - serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (Claudiu Beznea) - serial: sh-sci: Drop __initdata macro for port_cfg (Claudiu Beznea) - soc: qcom: socinfo: Avoid out of bounds read of serial number (Stephan Gerhold) - usb: gadget: f_tcm: Don't prepare BOT write request twice (Thinh Nguyen) - usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (Thinh Nguyen) - usb: gadget: f_tcm: Decrement command ref count on cleanup (Thinh Nguyen) - usb: gadget: f_tcm: Translate error to sense (Thinh Nguyen) - wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (Marcel Hamer) - HID: hid-sensor-hub: don't use stale platform-data on remove (Heiko Stuebner) - of: reserved-memory: Fix using wrong number of cells to get property 'alignment' (Zijun Hu) - of: Fix of_find_node_opts_by_path() handling of alias+path+options (Zijun Hu) - of: Correct child specifier used as input of the 2nd nexus node (Zijun Hu) - perf bench: Fix undefined behavior in cmpworker() (Kuan-Wei Chiu) - clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (Anastasia Belova) - clk: qcom: clk-alpha-pll: fix alpha mode configuration (Gabor Juhos) - drm/komeda: Add check for komeda_get_layer_fourcc_list() (Haoxiang Li) - KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (David Hildenbrand) - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (Sean Christopherson) - arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (Jakob Unterwurzacher) - binfmt_flat: Fix integer overflow bug on 32 bit systems (Dan Carpenter) - m68k: vga: Fix I/O defines (Thomas Zimmermann) - s390/futex: Fix FUTEX_OP_ANDN implementation (Heiko Carstens) - leds: lp8860: Write full EEPROM, not only half of it (Alexander Sverdlin) - cpufreq: s3c64xx: Fix compilation warning (Viresh Kumar) - tun: revert fix group permission check (Willem de Bruijn) - net: rose: lock the socket in rose_bind() (Eric Dumazet) - udp: gso: do not drop small packets when PMTU reduces (Yan Zhai) - tg3: Disable tg3 PCIe AER on system reboot (Lenny Szubowicz) - gpu: drm_dp_cec: fix broken CEC adapter properties check (Hans Verkuil) - firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (Prasad Pandit) - nvme: handle connectivity loss in nvme_set_queue_count (Daniel Wagner) - usb: xhci: Fix NULL pointer dereference on certain command aborts (Michal Pecio) - usb: xhci: Add timeout argument in address_device USB HCD callback (Hardik Gajjar) - net: usb: rtl8150: enable basic endpoint checking (Nikita Zhandarovich) - net: usb: rtl8150: use new tasklet API (Emil Renner Berthing) - tasklet: Introduce new initialization API (Romain Perier) - kbuild: userprogs: use correct lld when linking through clang (Thomas Wei?schuh) - media: uvcvideo: Remove dangling pointers (Ricardo Ribalda) - media: uvcvideo: Only save async fh if success (Ricardo Ribalda) - nilfs2: handle errors that nilfs_prepare_chunk() may return (Ryusuke Konishi) - nilfs2: eliminate staggered calls to kunmap in nilfs_rename (Ryusuke Konishi) - nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link (Ryusuke Konishi) - spi-mxs: Fix chipselect glitch (Ralf Schlatterbeck) - x86/mm: Don't disable PCID when INVLPG has been fixed by microcode (Xi Ruoyao) - APEI: GHES: Have GHES honor the panic= setting (Borislav Petkov) - HID: Wacom: Add PCI Wacom device support (Even Xu) - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (Hans de Goede) - tomoyo: don't emit warning in tomoyo_write_control() (Tetsuo Handa) - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (Dmitry Antipov) - mmc: core: Respect quirk_max_rate for non-UHS SDIO card (Shawn Lin) - tun: fix group permission check (Stas Sergeev) - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (Kuan-Wei Chiu) - x86/amd_nb: Restrict init function to AMD-based systems (Yazen Ghannam) - sched: Don't try to catch up excess steal time. (Suleiman Souhlal) - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (Josef Bacik) - btrfs: fix use-after-free when attempting to join an aborted transaction (Filipe Manana) - btrfs: output the reason for open_ctree() failure (Qu Wenruo) - usb: gadget: f_tcm: Don't free command immediately (Thinh Nguyen) - media: uvcvideo: Fix double free in error path (Laurent Pinchart) - HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (Alan Stern) - usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (Jos Wang) - drivers/card_reader/rtsx_usb: Restore interrupt based detection (Sean Rhodes) - ktest.pl: Check kernelrelease return in get_version (Ricardo B. Marliere) - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Chuck Lever) - hexagon: Fix unbalanced spinlock in die() (Lin Yujun) - hexagon: fix using plain integer as NULL pointer warning in cmpxchg (Willem de Bruijn) - genksyms: fix memory leak when the same symbol is read from *.symref file (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is added from source (Masahiro Yamada) - net: sh_eth: Fix missing rtnl lock in suspend/resume path (Kory Maincent) - vsock: Allow retrying on connect() failure (Michal Luczaj) - perf trace: Fix runtime error of index out of bounds (Howard Chu) - net: davicom: fix UAF in dm9000_drv_remove (Chenyuan Yang) - net: rose: fix timer races against user threads (Eric Dumazet) - PM: hibernate: Add error handling for syscore_suspend() (Wentao Liang) - ipmr: do not call mr_mfc_uses_dev() for unres entries (Eric Dumazet) - net: fec: implement TSO descriptor cleanup (Dheeraj Reddy Jonnalagadda) - ubifs: skip dumping tnc tree when zroot is null (pangliyuan) - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (Oleksij Rempel) - dmaengine: ti: edma: fix OF node reference leaks in edma_driver (Joe Hattori) - module: Extend the preempt disabled section in dereference_symbol_descriptor(). (Sebastian Andrzej Siewior) - ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (Su Yue) - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (Guixin Liu) - scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1 (Paul Menzel) - staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (Joe Hattori) - media: uvcvideo: Propagate buf->error to userspace (Ricardo Ribalda) - media: camif-core: Add check for clk_enable() (Jiasheng Jiang) - media: mipi-csis: Add check for clk_enable() (Jiasheng Jiang) - PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (Zijun Hu) - media: lmedm04: Handle errors for lme2510_int_read (Chen Ni) - media: lmedm04: Use GFP_KERNEL for URB allocation/submission. (Malcolm Priestley) - media: rc: iguanair: handle timeouts (Oliver Neukum) - fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (Joe Hattori) - ARM: dts: mediatek: mt7623: fix IR nodename (Rafa? Mi?ecki) - arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property (Chen-Yu Tsai) - rdma/cxgb4: Prevent potential integer overflow on 32bit (Dan Carpenter) - RDMA/mlx4: Avoid false error about access to uninitialized gids array (Leon Romanovsky) - bpf: Send signals asynchronously if !preemptible (Puranjay Mohan) - perf report: Fix misleading help message about --demangle (Jiachen Zhang) - perf top: Don't complain about lack of vmlinux when not resolving some kernel samples (Arnaldo Carvalho de Melo) - padata: fix sysfs store callback check (Thomas Wei?schuh) - ktest.pl: Remove unused declarations in run_bisect_test function (Ba Jing) - perf header: Fix one memory leakage in process_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_btf() (Zhongqiu Han) - ASoC: sun4i-spdif: Add clock multiplier settings (George Lander) - tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande) - net: sched: Disallow replacing of child qdisc from one parent to another (Jamal Hadi Salim) - net/mlxfw: Drop hard coded max FW flash image size (Maher Sanalla) - net: let net.core.dev_weight always be non-zero (Liu Jian) - clk: analogbits: Fix incorrect calculation of vco rate delta (Bo Gan) - selftests: harness: fix printing of mismatch values in __EXPECT() (Dmitry V. Levin) - selftests/harness: Display signed values correctly (Kees Cook) - wifi: wlcore: fix unbalanced pm_runtime calls (Andreas Kemnade) - regulator: of: Implement the unwind path of of_regulator_match() (Joe Hattori) - team: prevent adding a device which is already a team device lower (Octavian Purdila) - cpupower: fix TSC MHz calculation (He Rongguang) - wifi: rtlwifi: pci: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix memory leaks and invalid access at probe error path (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused check_buddy_priv (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused dualmac control leftovers (Dmitry Antipov) - wifi: rtlwifi: remove unused timer and related code (Dmitry Antipov) - rtlwifi: replace usage of found with dedicated list iterator variable (Jakob Koschel) - dt-bindings: mmc: controller: clarify the address-cells description (Neil Armstrong) - wifi: rtlwifi: usb: fix workqueue leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (Thadeu Lima de Souza Cascardo) - rtlwifi: rtl8192se Rename RT_TRACE to rtl_dbg (Larry Finger) - wifi: rtlwifi: do not complete firmware loading needlessly (Thadeu Lima de Souza Cascardo) - ipmi: ipmb: Add check devm_kasprintf() returned value (Charles Han) - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (Ivan Stepchenko) - drm/etnaviv: Fix page property being used for non writecombine buffers (Sui Jingfeng) - partitions: ldm: remove the initial kernel-doc notation (Randy Dunlap) - nbd: don't allow reconnect after disconnect (Yu Kuai) - afs: Fix directory format encoding struct (David Howells) - overflow: Allow mixed type arguments (Kees Cook) - overflow: Correct check_shl_overflow() comment (Keith Busch) - overflow: Add __must_check attribute to check_*() helpers (Kees Cook) [5.4.17-2136.343.2.el7uek] - rds: ib: Do not attempt to insert RDMA exthdr twice (H?kon Bugge) [Orabug: 37721764] - net: mana: Fix TX CQE error handling (Haiyang Zhang) [Orabug: 36983924] {CVE-2023-52532} - net/mlx5: Stop waiting for PCI if pci channel is offline (Moshe Shemesh) [Orabug: 36929747] - rds: ib: Fix racy send affinity work cancellation (H?kon Bugge) [Orabug: 36605776] - uek-rpm: install the perf exec dir (Stephen Brennan) [Orabug: 35023180] - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37764002] [5.4.17-2136.343.1.el7uek] - rds: ib: Make traffic_class visible to user-space (H?kon Bugge) [Orabug: 37617866] - rds: ib: Remove incorrect update of the path record sl and qos_class fields (H?kon Bugge) [Orabug: 37617866] - net: core: reject skb_copy(_expand) for fraglist GSO skbs (Felix Fietkau) [Orabug: 36683418] {CVE-2024-36929} - udp: do not accept non-tunnel GSO skbs landing in a tunnel (Antoine Tenart) [Orabug: 36643088] - udp: never accept GSO_FRAGLIST packets (Paolo Abeni) [Orabug: 36643088] - udp: initialize is_flist with 0 in udp_gro_receive (Xin Long) [Orabug: 36643088] [5.4.17-2136.342.5.el7uek] - ima: Fix use-after-free on a dentry's dname.name (Stefan Berger) [Orabug: 36835558] {CVE-2024-39494} [5.4.17-2136.342.4.el7uek] - sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke H?iland-J?rgensen) - udf: Fix use of check_add_overflow() with mixed type arguments (Ben Hutchings) - x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross) - xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik) - ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang) - ALSA: hda/realtek - Add type for ALC287 (Kailang Yang) - net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel) - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang) - ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao) - Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den) - gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). (Kuniyuki Iwashima) - Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin) - rds: Make sure transmit path and connection tear-down does not run concurrently (H?kon Bugge) [Orabug: 36308571] - NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (Yanjun Zhang) [Orabug: 37206487] [5.4.17-2136.342.3.el7uek] - LTS tag: v5.4.290 (Alok Tiwari) - Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos) - xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann) - drm/v3d: Assign job pointer to NULL before signaling the fence (Ma?ra Canal) - Input: xpad - add support for wooting two he (arm) (Jack Greiner) - Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto) - Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson) - Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (Greg Kroah-Hartman) - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz) - ext4: fix slab-use-after-free in ext4_split_extent_at() (Baokun Li) - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path (Theodore Ts'o) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - net/xen-netback: prevent UAF in xenvif_flush_hash() (Jeongjun Park) - net: xen-netback: hash.c: Use built-in RCU list checking (Madhuparna Bhowmik) - signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die (Eric W. Biederman) - m68k: Add missing mmap_read_lock() to sys_cacheflush() (Liam Howlett) - m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal (Al Viro) - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons) - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang) - ASoC: wm8994: Add depends on MFD core (Charles Keepax) - net: fix data-races around sk->sk_forward_alloc (Wang Liang) - scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane) - ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet) - irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal) - fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel) - net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit) - nvmet: propagate npwg topology (Luis Chamberlain) - poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov) - kheaders: Ignore silly-rename files (David Howells) - hfs: Sanity check the root record (Leo Stone) - mac802154: check local interfaces before deleting sdata list (Lizhi Xu) - i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang) - drm/v3d: Ensure job pointer is set to NULL after job completion (Ma?ra Canal) - nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter) - gtp: Destroy device along with udp socket's netns dismantle. (Kuniyuki Iwashima) - gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). (Kuniyuki Iwashima) - gtp: use exit_batch_rtnl() method (Eric Dumazet) - net: add exit_batch_rtnl() method (Eric Dumazet) - net: net_namespace: Optimize the code (Yajun Deng) - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla) - sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0)) - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam) - ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi) - phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (Zijun Hu) - phy: core: fix code style in devm_of_phy_provider_unregister (Vinod Koul) - arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis) - arm64: dts: rockchip: add #power-domain-cells to power domain nodes (Johan Jonker) - arm64: dts: rockchip: fix pd_tcpc0 and pd_tcpc1 node position on rk3399 (Johan Jonker) - arm64: dts: rockchip: fix defines in pd_vio node for rk3399 (Johan Jonker) - iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori) - iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori) - iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam) - iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song) - iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco) - iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco) - iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco) - iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco) - iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco) - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M) - usb: fix reference leak in usb_new_device() (Ma Ke) - USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng) - USB: usblp: return error when setting unsupported protocol (Jun Yan) - usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu) - USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold) - usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel) - staging: iio: ad9832: Correct phase range check (Zicheng Qu) - staging: iio: ad9834: Correct phase range check (Zicheng Qu) - USB: serial: option: add Neoway N723-EA support (Michal Hrusecky) - USB: serial: option: add MeiG Smart SRM815 (Chukun Pan) - drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen) - ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede) - ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede) - drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li) - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) - dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen) - tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington) - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet) - tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan) - tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing) - net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor) - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura) - dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai) - dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai) - dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai) - jbd2: flush filesystem device before updating tail sequence (Zhang Yi) [5.4.17-2136.342.2.el7uek] - Revert "NFSD: Limit the number of concurrent async COPY operations" (Sherry Yang) [Orabug: 37660195] - rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (H?kon Bugge) [Orabug: 37586090] - dm rq: don't queue request to blk-mq during DM suspend (Ming Lei) [Orabug: 37010188] - dm: rearrange core declarations for extended use from dm-zone.c (Damien Le Moal) [Orabug: 37010188] [5.4.17-2136.342.1.el7uek] - cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621585] - uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619102] - oracleasm: Fix PI when use_logical_block_size is set (Martin K. Petersen) [Orabug: 37503280] - oracleasm: Add support for per-I/O block size selection (Martin K. Petersen) [Orabug: 37503280] - perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (Alexander Antonov) [Orabug: 36882938] [5.4.17-2136.341.3.el7uek] - io_uring: fix possible deadlock in io_register_iowq_max_workers() (Hagar Hemdan) [Orabug: 37565787] - io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (Jens Axboe) [Orabug: 37565787] - io_uring: use kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787] - fs: create kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787] - io_uring: rename kiocb_end_write() local helper (Amir Goldstein) [Orabug: 37565787] - io_uring/sqpoll: close race on waiting for sqring entries (Jens Axboe) [Orabug: 37565787] - io_uring/sqpoll: do not put cpumask on stack (Felix Moessbauer) [Orabug: 37565787] - io_uring/sqpoll: retain test for whether the CPU is valid (Jens Axboe) [Orabug: 37565787] - io_uring/sqpoll: do not allow pinning outside of cpuset (Felix Moessbauer) [Orabug: 37565787] - io_uring/io-wq: limit retrying worker initialisation (Pavel Begunkov) [Orabug: 37565787] - vfs: check dentry is still valid in get_link() (Ian Kent) [Orabug: 37536393] - RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584] - NFSD: Limit the number of concurrent async COPY operations (Chuck Lever) [Orabug: 37206187] [5.4.17-2136.341.2.el7uek] - LTS tag: v5.4.289 (Sherry Yang) - mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa) - drm: adv7511: Drop dsi single lane support (Biju Das) - net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Nikolay Kuratov) - sky2: Add device ID 11ab:4373 for Marvell 88E8075 (Pascal Hambourg) - pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (Evgenii Shatokhin) - RDMA/uverbs: Prevent integer overflow issue (Dan Carpenter) - modpost: fix the missed iteration for the max bit in do_input() (Masahiro Yamada) - modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (Masahiro Yamada) - ARC: build: Try to guess GCC variant of cross compiler (Leon Romanovsky) - irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (Uros Bizjak) - net: usb: qmi_wwan: add Telit FE910C04 compositions (Daniele Palmas) - bpf: fix potential error return (Anton Protopopov) - sound: usb: format: don't warn that raw DSD is unsupported (Adrian Ratiu) - wifi: mac80211: wake the queues in case of failure in resume (Emmanuel Grumbach) - ila: serialize calls to nf_register_net_hooks() (Eric Dumazet) - ALSA: usb-audio: US16x08: Initialize array before use (Tanya Agarwal) - net: llc: reset skb->transport_header (Antonio Pastor) - netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (Pablo Neira Ayuso) - netfilter: Replace zero-length array with flexible-array member (Gustavo A. R. Silva) - netrom: check buffer length before accessing it (Ilya Shchipletsov) - drm/bridge: adv7511_audio: Update Audio InfoFrame properly (Stefan Ekenberg) - drm: bridge: adv7511: Enable SPDIF DAI (Bogdan Togorean) - RDMA/bnxt_re: Fix max_qp_wrs reported (Selvin Xavier) - RDMA/bnxt_re: Fix reporting hw_ver in query_device (Kalesh AP) - RDMA/bnxt_re: Add check for path mtu in modify_qp (Saravanan Vajravel) - RDMA/mlx5: Enforce same type port association for multiport RoCE (Patrisious Haddad) - net/mlx5: Make API mlx5_core_is_ecpf accept const pointer (Parav Pandit) - IB/mlx5: Introduce and use mlx5_core_is_vf() (Parav Pandit) - Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (Michael Kelley) - selinux: ignore unknown extended permissions (Thi?baud Weksteen) - ipv6: prevent possible UAF in ip6_xmit() (Eric Dumazet) - skb_expand_head() adjust skb->truesize incorrectly (Vasily Averin) - btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana) - tracing: Constify string literal data member in struct trace_event_call (Christian G?ttsche) - bpf: fix recursive lock when verdict program return SK_PASS (Jiayuan Chen) - ipv6: fix possible UAF in ip6_finish_output2() (Eric Dumazet) [Orabug: 37029070] {CVE-2024-44986} - ipv6: use skb_expand_head in ip6_xmit (Vasily Averin) - ipv6: use skb_expand_head in ip6_finish_output2 (Vasily Averin) - skbuff: introduce skb_expand_head() (Vasily Averin) - MIPS: Probe toolchain support of -msym32 (Jiaxun Yang) - epoll: Add synchronous wakeup support for ep_poll_callback (Xuewen Yan) - virtio-blk: don't keep queue frozen during system suspend (Ming Lei) - scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (Ranjan Kumar) - platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (Armin Wolf) - regmap: Use correct format specifier for logging range errors (Mark Brown) - scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl) - scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (Magnus Lindholm) - tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (Masami Hiramatsu (Google)) - dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (Chen Ridong) [Orabug: 37452681] {CVE-2024-56767} - dmaengine: mv_xor: fix child node refcount handling in early exit (Javier Carrasco) - phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (Zijun Hu) - phy: core: Fix that API devm_phy_put() fails to release the phy (Zijun Hu) - phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (Zijun Hu) - phy: core: Fix an OF node refcount leakage in _of_phy_get() (Zijun Hu) - mtd: diskonchip: Cast an operand to prevent potential overflow (Zichen Xie) - bpf: Check negative offsets in __bpf_skb_min_len() (Cong Wang) - media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (Nikita Zhandarovich) [Orabug: 37452687] {CVE-2024-56769} - of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (Zijun Hu) - of: Fix error path in of_parse_phandle_with_args_map() (Herve Codina) - udmabuf: also check for F_SEAL_FUTURE_WRITE (Jann Horn) - nilfs2: prevent use of deleted inode (Edward Adam Davis) - NFS/pnfs: Fix a live lock between recalled layouts and layoutget (Trond Myklebust) - btrfs: tree-checker: reject inline extent items with 0 ref count (Qu Wenruo) - zram: refuse to use zero sized block device as backing device (Kairui Song) - sh: clk: Fix clk_enable() to return 0 on NULL clk (Geert Uytterhoeven) - USB: serial: option: add Telit FE910C04 rmnet compositions (Daniele Palmas) - USB: serial: option: add MediaTek T7XX compositions (Jack Wu) - USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (Mank Wang) - USB: serial: option: add MeiG Smart SLM770A (Michal Hrusecky) - USB: serial: option: add TCL IK512 MBIM & ECM (Daniel Swanemar) - efivarfs: Fix error on non-existent file (James Bottomley) - i2c: riic: Always round-up when calculating bus period (Geert Uytterhoeven) - chelsio/chtls: prevent potential integer overflow on 32bit (Dan Carpenter) - mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (Prathamesh Shete) - netfilter: ipset: Fix for recursive locking warning (Phil Sutter) - net: ethernet: bgmac-platform: fix an OF node reference leak (Joe Hattori) - net: hinic: Fix cleanup in create_rxqs/txqs() (Dan Carpenter) - ionic: use ee->offset when returning sprom data (Shannon Nelson) - net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Guangguan Wang) - erofs: fix incorrect symlink detection in fast symlink (Gao Xiang) - erofs: fix order >= MAX_ORDER warning due to crafted negative i_size (Gao Xiang) - drm/i915: Fix memory leak by correcting cache object name in error handler (Jiasheng Jiang) - PCI: Add ACS quirk for Broadcom BCM5760X NIC (Ajit Khaparde) - ALSA: usb: Fix UBSAN warning in parse_audio_unit() (Takashi Iwai) - PCI/AER: Disable AER service on suspend (Kai-Heng Feng) - usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc with iommu enabled (Peng Hongchi) - net: sched: fix ordering of qlen adjustment (Lion Ackermann) [Orabug: 37433383] {CVE-2024-53164} [5.4.17-2136.341.1.el7uek] - kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37525298] - uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530220] [5.4.17-2136.340.4.el7uek] - ftrace: use preempt_enable/disable notrace macros to avoid double fault (Koichiro Den) - nfsd: restore callback functionality for NFSv4.0 (NeilBrown) - i2c: pnx: Fix timeout in wait functions (Vladimir Riabchun) - of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (Zijun Hu) - af_packet: fix vlan_get_tci() vs MSG_PEEK (Eric Dumazet) - af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK (Eric Dumazet) - mtd: rawnand: fix double free in atmel_pmecc_create_user() (Dan Carpenter) [Orabug: 37506347] {CVE-2024-56766} [5.4.17-2136.340.3.el7uek] - Revert "xen/swiotlb: add alignment check for dma buffers" (Harshvardhan Jha) [Orabug: 37475435] - vfio/iommu_type1: Fix some sanity checks in detach group (Keqian Zhu) [Orabug: 37136890] - Revert "vfio/iommu_type1: Fix some sanity checks in detach group" (Dongli Zhang) [Orabug: 37136890] - rds: ib: Avoid UAF on RDS Socket's rs_trans_lock (H?kon Bugge) [Orabug: 36693622] - rds: ib: Fix blocked processes related to race in rds_rdma_free_dev_rs_worker() (H?kon Bugge) [Orabug: 36693622] - rds: ib: Fix deterministic UAF in rds_rdma_free_dev_rs_worker() (H?kon Bugge) [Orabug: 36693622] - Revert "KVM: SVM: Add a module parameter to override iommu AVIC usage" (Alejandro Jimenez) [Orabug: 35001679] [5.4.17-2136.340.2.el7uek] - LTS tag: v5.4.288 (Alok Tiwari) - ALSA: usb-audio: Fix a DMA to stack memory bug (Dan Carpenter) - xen/netfront: fix crash when removing device (Juergen Gross) [Orabug: 37427542] {CVE-2024-53240} - KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (Raghavendra Rao Ananta) - blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (Nathan Chancellor) - blk-iocost: fix weight updates of inner active iocgs (Tejun Heo) - blk-iocost: clamp inuse and skip noops in __propagate_weights() (Tejun Heo) - ACPICA: events/evxfregn: don't release the ContextMutex that was never acquired (Daniil Tatianin) - net/sched: netem: account for backlog updates from child qdisc (Martin Ottens) - qca_spi: Make driver probing reliable (Stefan Wahren) - qca_spi: Fix clock speed for multiple QCA7000 (Stefan Wahren) - ACPI: resource: Fix memory resource type union access (Ilpo J?rvinen) - net: lapb: increase LAPB_HEADER_LEN (Eric Dumazet) [Orabug: 37434237] {CVE-2024-56659} - tipc: fix NULL deref in cleanup_bearer() (Eric Dumazet) [Orabug: 37506456] {CVE-2024-56661} - batman-adv: Do not let TT changes list grows indefinitely (Remi Pommarel) - batman-adv: Remove uninitialized data in full table TT response (Remi Pommarel) - batman-adv: Do not send uninitialized TT changes (Remi Pommarel) - bpf, sockmap: Fix update element with same (Michal Luczaj) - xfs: don't drop errno values when we fail to ficlone the entire range (Darrick J. Wong) - usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (Lianqin Hu) [Orabug: 37434264] {CVE-2024-56670} - usb: ehci-hcd: fix call balance of clocks handling routines (Vitalii Mordan) - usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (Stefan Wahren) - ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (Joe Hattori) - usb: host: max3421-hcd: Correctly abort a USB request. (Mark Tomlinson) - LTS tag: v5.4.287 (Alok Tiwari) - bpf, xdp: Update devmap comments to reflect napi/rcu usage (John Fastabend) - ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Takashi Iwai) [Orabug: 37427489] {CVE-2024-53150} - PCI: rockchip-ep: Fix address translation unit programming (Damien Le Moal) - Revert "drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()" (Zhang Zekun) - modpost: Add .irqentry.text to OTHER_SECTIONS (Thomas Gleixner) - jffs2: Fix rtime decompressor (Richard Weinberger) - jffs2: Prevent rtime decompress memory corruption (Kinsey Moore) - KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (Kunkun Jiang) - KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (Kunkun Jiang) - KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (Jing Zhang) - perf/x86/intel/pt: Fix buffer full but size is 0 case (Adrian Hunter) - bpf: fix OOB devmap writes when deleting elements (Maciej Fijalkowski) [Orabug: 37434047] {CVE-2024-56615} - xdp: Simplify devmap cleanup (Bj?rn T?pel) - misc: eeprom: eeprom_93cx6: Add quirk for extra read clock cycle (Parker Newman) - powerpc/prom_init: Fixup missing powermac #size-cells (Michael Ellerman) - usb: chipidea: udc: handle USB Error Interrupt if IOC not set (Xu Yang) - i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock (Defa Li) - PCI: Add ACS quirk for Wangxun FF5xxx NICs (Mengyuan Lou) - PCI: Add 'reset_subordinate' to reset hierarchy below bridge (Keith Busch) - f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode. (Qi Han) [Orabug: 37433861] {CVE-2024-56586} - nvdimm: rectify the illogical code within nd_dax_probe() (Yi Yang) - pinctrl: qcom-pmic-gpio: add support for PM8937 (Barnab?s Cz?m?n) - scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (Kai M?kisara) - scsi: st: Don't modify unknown block number in MTIOCGET (Kai M?kisara) - leds: class: Protect brightness_show() with led_cdev->led_access mutex (Mukesh Ojha) [Orabug: 37433869] {CVE-2024-56587} - tracing: Use atomic64_inc_return() in trace_clock_counter() (Uros Bizjak) - netpoll: Use rcu_access_pointer() in __netpoll_setup (Breno Leitao) - net/neighbor: clear error in case strict check is not set (Jakub Kicinski) - rocker: fix link status detection in rocker_carrier_init() (Dmitry Antipov) - ASoC: hdmi-codec: reorder channel allocation list (Jonas Karlman) - Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (Hilda Wu) - wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (Norbert van Bolhuis) [Orabug: 37433908] {CVE-2024-56593} - wifi: ipw2x00: libipw_rx_any(): fix bad alignment (Jiapeng Chong) - drm/amdgpu: set the right AMDGPU sg segment limitation (Prike Liang) [Orabug: 37433914] {CVE-2024-56594} - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (Nihar Chaithanya) [Orabug: 37433920] {CVE-2024-56595} - jfs: fix array-index-out-of-bounds in jfs_readdir (Ghanshyam Agrawal) [Orabug: 37433928] {CVE-2024-56596} - jfs: fix shift-out-of-bounds in dbSplit (Ghanshyam Agrawal) [Orabug: 37433934] {CVE-2024-56597} - jfs: array-index-out-of-bounds fix in dtReadFirst (Ghanshyam Agrawal) [Orabug: 37433941] {CVE-2024-56598} - wifi: ath5k: add PCI ID for Arcadyan devices (Rosen Penev) - wifi: ath5k: add PCI ID for SX76X (Rosen Penev) - net: inet6: do not leave a dangling sk pointer in inet6_create() (Ignat Korchagin) [Orabug: 37433955] {CVE-2024-56600} - net: inet: do not leave a dangling sk pointer in inet_create() (Ignat Korchagin) [Orabug: 37433962] {CVE-2024-56601} - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (Ignat Korchagin) [Orabug: 37433970] {CVE-2024-56602} - net: af_can: do not leave a dangling sk pointer in can_create() (Ignat Korchagin) [Orabug: 37433977] {CVE-2024-56603} - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (Ignat Korchagin) [Orabug: 37433990] {CVE-2024-56605} - af_packet: avoid erroring out after sock_init_data() in packet_create() (Ignat Korchagin) [Orabug: 37433996] {CVE-2024-56606} - net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (Elena Salomatkina) - net: ethernet: fs_enet: Use %pa to format resource_size_t (Simon Horman) - net: fec_mpc52xx_phy: Use %pa to format resource_size_t (Simon Horman) - samples/bpf: Fix a resource leak (Zhu Jun) - drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (Igor Artemiev) - drm/mcde: Enable module autoloading (Liao Chen) - drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (Joaqu?n Ignacio Aramend?a) - media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (Rohan Barar) - media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (David Given) - s390/cpum_sf: Handle CPU hotplug remove during sampling (Thomas Richter) - mmc: core: Further prevent card detect during shutdown (Ulf Hansson) - regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav) - dma-buf: fix dma_fence_array_signaled v4 (Christian K?nig) - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (Liequan Che) - nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (Ryusuke Konishi) [Orabug: 37434065] {CVE-2024-56619} - scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (Saurav Kashyap) - scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (Anil Gurumurthy) - scsi: qla2xxx: Fix NVMe and NPIV connect issue (Quinn Tran) - ocfs2: update seq_file index in ocfs2_dlm_seq_next (Wengang Wang) - tracing: Fix cmp_entries_dup() to respect sort() comparison rules (Kuan-Wei Chiu) - HID: wacom: fix when get product name maybe null pointer (WangYuli) [Orabug: 37434108] {CVE-2024-56629} - bpf: Fix exact match conditions in trie_get_next_key() (Hou Tao) - bpf: Handle BPF_EXIST and BPF_NOEXIST for LPM trie (Hou Tao) - ocfs2: free inode when ocfs2_get_init_inode() fails (Tetsuo Handa) [Orabug: 37434113] {CVE-2024-56630} - spi: mpc52xx: Add cancel_work_sync before module remove (Pei Xiao) - tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg (Zijian Zhang) [Orabug: 37434127] {CVE-2024-56633} - drm/sti: Add __iomem for mixer_dbg_mxn's parameter (Pei Xiao) - gpio: grgpio: Add NULL check in grgpio_probe (Charles Han) [Orabug: 37434131] {CVE-2024-56634} - gpio: grgpio: use a helper variable to store the address of ofdev->dev (Bartosz Golaszewski) - crypto: x86/aegis128 - access 32-bit arguments as 32-bit (Eric Biggers) - x86/asm: Reorder early variables (Jiri Slaby) - xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (Qiu-ji Chen) [Orabug: 37433540] {CVE-2024-53198} - xen/xenbus: fix locking (Juergen Gross) - xenbus/backend: Protect xenbus callback with lock (SeongJae Park) - xenbus/backend: Add memory pressure handler callback (SeongJae Park) - xen/xenbus: reference count registered modules (Paul Durrant) - netfilter: nft_set_hash: skip duplicated elements pending gc run (Pablo Neira Ayuso) - netfilter: ipset: Hold module reference while requesting a module (Phil Sutter) [Orabug: 37434143] {CVE-2024-56637} - igb: Fix potential invalid memory access in igb_init_module() (Yuan Can) - net/qed: allow old cards not supporting "num_images" to work (Louis Leseur) - tipc: Fix use-after-free of kernel socket in cleanup_bearer(). (Kuniyuki Iwashima) [Orabug: 37434161] {CVE-2024-56642} - tipc: add new AEAD key structure for user API (Tuong Lien) - tipc: enable creating a "preliminary" node (Tuong Lien) - tipc: add reference counter to bearer (Tuong Lien) - dccp: Fix memory leak in dccp_feat_change_recv (Ivan Solodovnikov) [Orabug: 37434167] {CVE-2024-56643} - can: j1939: j1939_session_new(): fix skb reference counting (Dmitry Antipov) - net/sched: tbf: correct backlog statistic for GSO packets (Martin Ottens) - netfilter: x_tables: fix LED ID check in led_tg_check() (Dmitry Antipov) [Orabug: 37434200] {CVE-2024-56650} - ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (Jinghao Jia) - can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (Dario Binacchi) - can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (Dario Binacchi) - watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (Yassine Oudjana) - iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (Oleksandr Ocheretnyi) - drm/etnaviv: flush shader L1 cache after user commandstream (Lucas Stach) - nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (Yang Erkun) - nfsd: make sure exp active before svc_export_show (Yang Erkun) [Orabug: 37433745] {CVE-2024-56558} - dm thin: Add missing destroy_work_on_stack() (Yuan Can) - i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (Frank Li) [Orabug: 37433756] {CVE-2024-56562} - util_macros.h: fix/rework find_closest() macros (Alexandru Ardelean) - ad7780: fix division by zero in ad7780_write_raw() (Zicheng Qu) [Orabug: 37433772] {CVE-2024-56567} - clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (Gabor Juhos) - ftrace: Fix regression with module command in stack_trace_filter (guoweikang) [Orabug: 37433784] {CVE-2024-56569} - ovl: Filter invalid inodes with missing lookup function (Vasiliy Kovalev) [Orabug: 37433789] {CVE-2024-56570} - media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (Gaosheng Cui) [Orabug: 37433798] {CVE-2024-56572} - media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (Jinjie Ruan) - media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (Jinjie Ruan) - media: ts2020: fix null-ptr-deref in ts2020_probe() (Li Zetao) [Orabug: 37433805] {CVE-2024-56574} - media: i2c: tc358743: Fix crash in the probe error path when using polling (Alexander Shiyan) [Orabug: 37433817] {CVE-2024-56576} - btrfs: ref-verify: fix use-after-free after invalid ref action (Filipe Manana) [Orabug: 37433832] {CVE-2024-56581} - quota: flush quota_release_work upon quota writeback (Ojaswin Mujoo) - ASoC: fsl_micfil: fix the naming style for mask definition (Shengjiu Wang) - sh: intc: Fix use-after-free bug in register_intc_controller() (Dan Carpenter) [Orabug: 37433393] {CVE-2024-53165} - sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (Liu Jian) [Orabug: 37434314] {CVE-2024-56688} - SUNRPC: Replace internal use of SOCKWQ_ASYNC_NOSPACE (Trond Myklebust) - SUNRPC: correct error code comment in xs_tcp_setup_socket() (Calum Mackay) - modpost: remove incorrect code in do_eisa_entry() (Masahiro Yamada) - rtc: ab-eoz9: don't fail temperature reads on undervoltage notification (Maxime Chevallier) - 9p/xen: fix release of IRQ (Alex Zenla) [Orabug: 37434374] {CVE-2024-56704} - 9p/xen: fix init sequence (Alex Zenla) - block: return unsigned int from bdev_io_min (Christoph Hellwig) - jffs2: fix use of uninitialized variable (Qingfang Deng) - ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (Waqar Hameed) [Orabug: 37433414] {CVE-2024-53171} - ubi: fastmap: Fix duplicate slab cache names while attaching (Zhihao Cheng) [Orabug: 37433419] {CVE-2024-53172} - ubifs: Correct the total block count by deducting journal reservation (Zhihao Cheng) - rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (Yongliang Gao) [Orabug: 37434456] {CVE-2024-56739} - rtc: abx80x: Fix WDT bit position of the status register (Nobuhiro Iwamatsu) - rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan) - NFSv4.0: Fix a use-after-free problem in the asynchronous open() (Trond Myklebust) [Orabug: 37433426] {CVE-2024-53173} - um: Always dump trace for specified task in show_stack (Tiwei Bie) - um: Clean up stacktrace dump (Johannes Berg) - um: add show_stack_loglvl() (Dmitry Safonov) - um/sysrq: remove needless variable sp (Dmitry Safonov) - um: Fix the return value of elf_core_copy_task_fpregs (Tiwei Bie) - um: Fix potential integer overflow during physmem setup (Tiwei Bie) [Orabug: 37427464] {CVE-2024-53145} - rpmsg: glink: Propagate TX failures in intentless mode as well (Bjorn Andersson) - SUNRPC: make sure cache entry active before cache_show (Yang Erkun) [Orabug: 37433433] {CVE-2024-53174} - NFSD: Prevent a potential integer overflow (Chuck Lever) [Orabug: 37427470] {CVE-2024-53146} - lib: string_helpers: silence snprintf() output truncation warning (Bartosz Golaszewski) - usb: dwc3: gadget: Fix checking for number of TRBs left (Thinh Nguyen) - ALSA: hda/realtek: Apply quirk for Medion E15433 (Takashi Iwai) - ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (Dinesh Kumar) - ALSA: hda/realtek: Set PCBeep to default value for ALC274 (Kailang Yang) - ALSA: hda/realtek: Update ALC225 depop procedure (Kailang Yang) - media: wl128x: Fix atomicity violation in fmc_send_cmd() (Qiu-ji Chen) [Orabug: 37434358] {CVE-2024-56700} - HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (Jason Gerecke) - block: fix ordering between checking BLK_MQ_S_STOPPED request adding (Muchun Song) - arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (Will Deacon) - sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK (Huacai Chen) - um: vector: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433467] {CVE-2024-53181} - serial: 8250: omap: Move pm_runtime_get_sync (Bin Liu) - um: net: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433475] {CVE-2024-53183} - um: ubd: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433484] {CVE-2024-53184} - ubi: wl: Put source PEB into correct list if trying locking LEB failed (Zhihao Cheng) - spi: Fix acpi deferred irq probe (Stanislaw Gruszka) - netfilter: ipset: add missing range check in bitmap_ip_uadt (Jeongjun Park) [Orabug: 37388867] {CVE-2024-53141} - Revert "serial: sh-sci: Clean sci_ports[0] after at earlycon exit" (Greg Kroah-Hartman) - serial: sh-sci: Clean sci_ports[0] after at earlycon exit (Claudiu Beznea) - Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (Andrej Shadura) - tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler (Nicolas Bouchinet) - comedi: Flush partial mappings in error case (Jann Horn) [Orabug: 37427482] {CVE-2024-53148} - PCI: Fix use-after-free of slot->bus on hot remove (Lukas Wunner) [Orabug: 37433516] {CVE-2024-53194} - ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (Qiu-ji Chen) - jfs: xattr: check invalid xattr size more strictly (Artem Sadovnikov) - ext4: fix FS_IOC_GETFSMAP handling (Theodore Ts'o) - ext4: supress data-race warnings in ext4_free_inodes_{count,set}() (Jeongjun Park) - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Beno?t Sevens) [Orabug: 37433532] {CVE-2024-53197} - soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (Manikanta Mylavarapu) - usb: ehci-spear: fix call balance of sehci clk handling routines (Vitalii Mordan) - apparmor: fix 'Do simple duplicate message elimination' (chao liu) - staging: greybus: uart: clean up TIOCGSERIAL (Johan Hovold) - misc: apds990x: Fix missing pm_runtime_disable() (Jinjie Ruan) - USB: chaoskey: Fix possible deadlock chaoskey_list_lock (Edward Adam Davis) - USB: chaoskey: fail open after removal (Oliver Neukum) - usb: yurex: make waiting on yurex_write interruptible (Oliver Neukum) - usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (Jeongjun Park) - ipmr: fix tables suspicious RCU usage (Paolo Abeni) - ipmr: convert /proc handlers to rcu_read_lock() (Eric Dumazet) - net: stmmac: dwmac-socfpga: Set RX watchdog interrupt as broken (Maxime Chevallier) - marvell: pxa168_eth: fix call balance of pep->clk handling routines (Vitalii Mordan) - net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (Oleksij Rempel) - tg3: Set coherent DMA mask bits to 31 for BCM57766 chipsets (Pavan Chebbi) - net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (Oleksij Rempel) - power: supply: core: Remove might_sleep() from power_supply_put() (Bart Van Assche) - vfio/pci: Properly hide first-in-list PCIe extended capability (Avihai Horon) [Orabug: 37433578] {CVE-2024-53214} - NFSD: Fix nfsd4_shutdown_copy() (Chuck Lever) - NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (Chuck Lever) - NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (Chuck Lever) [Orabug: 37433594] {CVE-2024-53217} - rpmsg: glink: use only lower 16-bits of param2 for CMD_OPEN name length (Jonathan Marek) - rpmsg: glink: Fix GLINK command prefix (Bjorn Andersson) - rpmsg: glink: Send READ_NOTIFY command in FIFO full case (Arun Kumar Neelakantam) - rpmsg: glink: Add TX_DATA_CONT command while sending (Arun Kumar Neelakantam) - perf trace: Avoid garbage when not printing a syscall's arguments (Benjamin Peterson) - perf trace: Do not lose last events in a race (Benjamin Peterson) - m68k: coldfire/device.c: only build FEC when HW macros are defined (Antonio Quartulli) - m68k: mcfgpio: Fix incorrect register offset for CONFIG_M5441x (Jean-Michel Hautbois) - PCI: cpqphp: Fix PCIBIOS_* return value confusion (Ilpo J?rvinen) - PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (weiyufeng) - perf probe: Correct demangled symbols in C++ program (Leo Yan) - perf cs-etm: Don't flush when packet_queue fills up (James Clark) - clk: clk-axi-clkgen: make sure to enable the AXI bus clock (Nuno Sa) - clk: axi-clkgen: use devm_platform_ioremap_resource() short-hand (Alexandru Ardelean) - dt-bindings: clock: axi-clkgen: include AXI clk (Nuno Sa) - dt-bindings: clock: adi,axi-clkgen: convert old binding to yaml format (Alexandru Ardelean) - fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (Zhen Lei) [Orabug: 37434478] {CVE-2024-56746} - fbdev/sh7760fb: Alloc DMA memory from hardware device (Thomas Zimmermann) - powerpc/sstep: make emulate_vsx_load and emulate_vsx_store static (Michal Suchanek) - ocfs2: fix uninitialized value in ocfs2_file_read_iter() (Dmitry Antipov) [Orabug: 37427503] {CVE-2024-53155} - scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (Zhen Lei) [Orabug: 37434484] {CVE-2024-56747} - scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (Zhen Lei) [Orabug: 37434489] {CVE-2024-56748} - scsi: fusion: Remove unused variable 'rc' (Zeng Heng) - scsi: bfa: Fix use-after-free in bfad_im_module_exit() (Ye Bin) [Orabug: 37433630] {CVE-2024-53227} - mfd: rt5033: Fix missing regmap_del_irq_chip() (Zhang Changzhong) - mtd: rawnand: atmel: Fix possible memory leak (Miquel Raynal) - cpufreq: loongson2: Unregister platform_driver on failure (Yuan Can) - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (Andy Shevchenko) [Orabug: 37434429] {CVE-2024-56723} - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (Andy Shevchenko) [Orabug: 37434434] {CVE-2024-56724} - mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (Andy Shevchenko) [Orabug: 37434330] {CVE-2024-56691} - mfd: intel_soc_pmic_bxtwc: Use dev_err_probe() (Andy Shevchenko) - mfd: da9052-spi: Change read-mask to write-mask (Marcus Folkesson) - mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (Jinjie Ruan) - trace/trace_event_perf: remove duplicate samples on the first tracepoint event (Levi Yun) - netpoll: Use rcu_access_pointer() in netpoll_poll_lock (Breno Leitao) - ALSA: 6fire: Release resources at card release (Takashi Iwai) [Orabug: 37433660] {CVE-2024-53239} - ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (Takashi Iwai) [Orabug: 37433666] {CVE-2024-56531} - ALSA: us122l: Use snd_card_free_when_closed() at disconnection (Takashi Iwai) [Orabug: 37433672] {CVE-2024-56532} - net: rfkill: gpio: Add check for clk_enable() (Mingwei Zheng) - selftests: net: really check for bg process completion (Paolo Abeni) - bpf, sockmap: Fix sk_msg_reset_curr (Zijian Zhang) - bpf, sockmap: Several fixes to bpf_msg_pop_data (Zijian Zhang) - bpf, sockmap: Several fixes to bpf_msg_push_data (Zijian Zhang) - drm/etnaviv: hold GPU lock across perfmon sampling (Lucas Stach) - drm/etnaviv: fix power register offset on GC300 (Doug Brown) - drm/etnaviv: dump: fix sparse warnings (Marc Kleine-Budde) - drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan) - drm/panfrost: Remove unused id_mask from struct panfrost_model (Steven Price) - wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (Alper Nebi Yasak) [Orabug: 37433695] {CVE-2024-56539} - bpf: Fix the xdp_adjust_tail sample prog issue (Yuan Chen) - ASoC: fsl_micfil: fix regmap_write_bits usage (Shengjiu Wang) - ASoC: fsl_micfil: use GENMASK to define register bit fields (Sascha Hauer) - ASoC: fsl_micfil: do not define SHIFT/MASK for single bits (Sascha Hauer) - ASoC: fsl_micfil: Drop unnecessary register read (Sascha Hauer) - dt-bindings: vendor-prefixes: Add NeoFidelity, Inc (Igor Prusov) - drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan) - wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan) - wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan) - drm/omap: Fix locking in omap_gem_new_dmabuf() (Tomi Valkeinen) - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (Jeongjun Park) [Orabug: 37427509] {CVE-2024-53156} - drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (Andy Shevchenko) - firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (Luo Qiu) [Orabug: 37427515] {CVE-2024-53157} - regmap: irq: Set lockdep class for hierarchical IRQ domains (Andy Shevchenko) - ARM: dts: cubieboard4: Fix DCDC5 regulator constraints (Andre Przywara) - tpm: fix signed/unsigned bug when checking event logs (Gregory Price) - efi/tpm: Pass correct address to memblock_reserve (Jerry Snitselaar) - mmc: mmc_spi: drop buggy snprintf() (Bartosz Golaszewski) - soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (Dan Carpenter) [Orabug: 37427524] {CVE-2024-53158} - soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan) - time: Fix references to _msecs_to_jiffies() handling of values (Miguel Ojeda) - crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (Christophe JAILLET) - crypto: bcm - add error check in the ahash_hmac_init function (Chen Ridong) [Orabug: 37434298] {CVE-2024-56681} - crypto: cavium - Fix the if condition to exit loop after timeout (Everest K.C) - crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (Yi Yang) [Orabug: 37434323] {CVE-2024-56690} - EDAC/fsl_ddr: Fix bad bit shift operations (Priyanka Singh) - EDAC/bluefield: Fix potential integer overflow (David Thompson) [Orabug: 37427533] {CVE-2024-53161} - firmware: google: Unregister driver_info on failure (Yuan Can) - firmware: google: Unregister driver_info on failure and exit in gsmi (Arthur Heymans) - hfsplus: don't query the device logical block size multiple times (Thadeu Lima de Souza Cascardo) [Orabug: 37433720] {CVE-2024-56548} - s390/syscalls: Avoid creation of arch/arch/ directory (Masahiro Yamada) - acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (Aleksandr Mishin) - m68k: mvme147: Reinstate early console (Daniel Palmer) - m68k: mvme16x: Add and use "mvme16x.h" (Geert Uytterhoeven) - m68k: mvme147: Fix SCSI controller IRQ numbers (Daniel Palmer) - nvme-pci: fix freeing of the HMB descriptor table (Christoph Hellwig) [Orabug: 37434510] {CVE-2024-56756} - initramfs: avoid filename buffer overrun (David Disseldorp) [Orabug: 37388874] {CVE-2024-53142} - mips: asm: fix warning when disabling MIPS_FP_SUPPORT (Jonas Gorski) - x86/xen/pvh: Annotate indirect branch as safe (Josh Poimboeuf) - nvme: fix metadata handling in nvme-passthrough (Puranjay Mohan) - cifs: Fix buffer overflow when parsing NFS reparse points (Pali Roh?r) [Orabug: 37206284] {CVE-2024-49996} - ipmr: Fix access to mfc_cache_list without lock held (Breno Leitao) - proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (David Wang) - ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (Luo Yifan) - ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (Luo Yifan) - regulator: rk808: Add apply_bit for BUCK3 on RK809 (Mikhail Rudenko) - soc: qcom: Add check devm_kasprintf() returned value (Charles Han) - net: usb: qmi_wwan: add Quectel RG650V (Beno?t Monin) - x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (Arnd Bergmann) - ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (Piyush Raj Chouhan) - selftests/watchdog-test: Fix system accidentally reset after watchdog-test (Li Zhijian) - mac80211: fix user-power when emulating chanctx (Ben Greear) - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (Hans de Goede) - kbuild: Use uname for LINUX_COMPILE_HOST detection (Chris Down) - media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (Mauro Carvalho Chehab) - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (Ryusuke Konishi) [Orabug: 37388819] {CVE-2024-53130} - ocfs2: fix UBSAN warning in ocfs2_verify_volume() (Dmitry Antipov) - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (Ryusuke Konishi) [Orabug: 37388825] {CVE-2024-53131} - KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (Sean Christopherson) [Orabug: 37388846] {CVE-2024-53135} - ocfs2: uncache inode which has failed entering the group (Dmitry Antipov) [Orabug: 37388753] {CVE-2024-53112} - net/mlx5e: kTLS, Fix incorrect page refcounting (Dragos Tatulea) - net/mlx5: fs, lock FTE when checking if active (Mark Bloch) - netlink: terminate outstanding dump on socket close (Jakub Kicinski) [Orabug: 37388861] {CVE-2024-53140} - LTS tag: v5.4.286 (Alok Tiwari) - 9p: fix slab cache name creation for real (Linus Torvalds) - md/raid10: improve code of mrdev in raid10_sync_request (Li Nan) - net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (Reinhard Speyerer) - fs: Fix uninitialized value issue in from_kuid and from_kgid (Alessandro Zanni) [Orabug: 37331928] {CVE-2024-53101} - powerpc/powernv: Free name on error in opal_event_init() (Michael Ellerman) - sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML (Julian Vetter) - bpf: use kvzmalloc to allocate BPF verifier environment (Rik van Riel) - HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (WangYuli) - 9p: Avoid creating multiple slab caches with the same name (Pedro Falcato) - ALSA: usb-audio: Add endianness annotations (Jan Sch?r) - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Hyunwoo Kim) [Orabug: 37298681] {CVE-2024-50264} - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (Hyunwoo Kim) [Orabug: 37344480] {CVE-2024-53103} - ftrace: Fix possible use-after-free issue in ftrace_location() (Zheng Yejian) [Orabug: 36753574] {CVE-2024-38588} - NFSD: Fix NFSv4's PUTPUBFH operation (Chuck Lever) - ALSA: usb-audio: Add quirks for Dell WD19 dock (Jan Sch?r) - ALSA: usb-audio: Support jack detection on Dell dock (Jan Sch?r) - ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (Andrew Kanner) [Orabug: 37298685] {CVE-2024-50265} - irqchip/gic-v3: Force propagation of the active state with a read-back (Marc Zyngier) - USB: serial: option: add Quectel RG650V (Beno?t Monin) - USB: serial: option: add Fibocom FG132 0x0112 composition (Reinhard Speyerer) - USB: serial: qcserial: add support for Sierra Wireless EM86xx (Jack Wu) - USB: serial: io_edgeport: fix use after free in debug printk (Dan Carpenter) [Orabug: 37298695] {CVE-2024-50267} - usb: musb: sunxi: Fix accessing an released usb phy (Zijun Hu) [Orabug: 37298703] {CVE-2024-50269} - fs/proc: fix compile warning about variable 'vmcore_mmap_ops' (Qi Xi) - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Benoit Sevens) [Orabug: 37344485] {CVE-2024-53104} - net: bridge: xmit: make sure we have at least eth header len bytes (Nikolay Aleksandrov) [Orabug: 36753372] {CVE-2024-38538} - spi: fix use-after-free of the add_lock mutex (Michael Walle) - spi: Fix deadlock when adding SPI controllers on SPI buses (Mark Brown) - mtd: rawnand: protect access to rawnand devices while in suspend (Sean Nyekjaer) - btrfs: reinitialize delayed ref list after deleting it from the list (Filipe Manana) [Orabug: 37298715] {CVE-2024-50273} - nfs: Fix KMSAN warning in decode_getfattr_attrs() (Roberto Sassu) [Orabug: 37304779] {CVE-2024-53066} - dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (Zichen Xie) - dm cache: fix potential out-of-bounds access on the first resume (Ming-Hung Tsai) [Orabug: 37298732] {CVE-2024-50278} - dm cache: optimize dirty bit checking with find_next_bit when resizing (Ming-Hung Tsai) - dm cache: fix out-of-bounds access to the dirty bitset when resizing (Ming-Hung Tsai) [Orabug: 37298737] {CVE-2024-50279} - dm cache: correct the number of origin blocks to match the target length (Ming-Hung Tsai) - drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (Alex Deucher) [Orabug: 37298751] {CVE-2024-50282} - pwm: imx-tpm: Use correct MODULO value for EPWM mode (Erik Schumacher) - media: v4l2-tpg: prevent the risk of a division by zero (Mauro Carvalho Chehab) [Orabug: 37298782] {CVE-2024-50287} - media: cx24116: prevent overflows on SNR calculus (Mauro Carvalho Chehab) [Orabug: 37298797] {CVE-2024-50290} - media: s5p-jpeg: prevent buffer overflows (Mauro Carvalho Chehab) [Orabug: 37304763] {CVE-2024-53061} - ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (Murad Masimov) - media: adv7604: prevent underflow condition when reporting colorspace (Mauro Carvalho Chehab) - media: dvb_frontend: don't play tricks with underflow values (Mauro Carvalho Chehab) - media: dvbdev: prevent the risk of out of memory access (Mauro Carvalho Chehab) [Orabug: 37304769] {CVE-2024-53063} - media: stb0899_algo: initialize cfr before using it (Mauro Carvalho Chehab) - net: hns3: fix kernel crash when uninstalling driver (Peiyang Wang) [Orabug: 37298811] {CVE-2024-50296} - can: c_can: fix {rx,tx}_errors statistics (Dario Binacchi) - sctp: properly validate chunk size in sctp_sf_ootb() (Xin Long) [Orabug: 37298820] {CVE-2024-50299} - net: enetc: set MAC address to the VF net_device (Wei Fang) - enetc: simplify the return expression of enetc_vf_set_mac_addr() (Qinglang Miao) - security/keys: fix slab-out-of-bounds in key_task_permission (Chen Ridong) [Orabug: 37298827] {CVE-2024-50301} - HID: core: zero-initialize the report buffer (Jiri Kosina) [Orabug: 37298834] {CVE-2024-50302} - ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin (Heiko Stuebner) - ARM: dts: rockchip: Fix the spi controller on rk3036 (Heiko Stuebner) - ARM: dts: rockchip: drop grf reference from rk3036 hdmi (Heiko Stuebner) - ARM: dts: rockchip: fix rk3036 acodec node (Heiko Stuebner) - arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (Heiko Stuebner) - arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (Heiko Stuebner) - arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (Diederik de Haas) - arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (Geert Uytterhoeven) [5.4.17-2136.340.1.el7uek] - rds/ib: avoid scq/rcq polling during rds connection shutdown (Arumugam Kolappan) [Orabug: 37092563] - RDMA/mlx5: Send UAR page index as ioctl attribute (Akiva Goldberger) [Orabug: 37029739] - RDMA: Pass entire uverbs attr bundle to create cq function (Akiva Goldberger) [Orabug: 37029739] - IB/uverbs: Enable CQ ioctl commands by default (Yishai Hadas) [Orabug: 37029739] [5.4.17-2136.339.5.el7uek] - tracing/kprobes: Skip symbol counting logic for module symbols in create_local_trace_kprobe() (Nikolay Kuratov) - vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393533] - vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393533] [5.4.17-2136.339.4.el7uek] - RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai) - Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" (Aurelien Jarno) - mm: revert "mm: shmem: fix data-race in shmem_getattr()" (Andrew Morton) - net/ipv6: release expired exception dst cached in socket (Jiri Wiesner) [Orabug: 37434173] {CVE-2024-56644} - Revert "unicode: Don't special case ignorable code points" (Linus Torvalds) - powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy) - Revert "usb: gadget: composite: fix OS descriptors w_value logic" (Michal Vrastil) [5.4.17-2136.339.3.el7uek] - Revert "ocfs2: fix the la space leak when unmounting an ocfs2 volume" (Sherry Yang) [Orabug: 37364531] - rds: recv_payload_bad_checksum was not 0 after running rds-stress on UEK6 (William Kucharski) [Orabug: 37265127] - rds: If RDS Checksums are enabled for RDMA RDS operations, the extension headers will overflow causing incorrect operation (William Kucharski) [Orabug: 37265125] - rds: rds_message_alloc() needlessly zeroes m_used_sgs (William Kucharski) [Orabug: 37265123] - rds: tracepoint in rds_receive_csum_err() prints pointless information (William Kucharski) [Orabug: 37265121] - rds: rds_inc_init() should initialize the inc->i_conn_path field (William Kucharski) [Orabug: 37265117] - rds: Race condition in adding RDS payload checksum extension header may result in RDS header corruption (William Kucharski) [Orabug: 37265115] - md/raid10: fix task hung in raid10d (Li Nan) [Orabug: 37126683] - md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (Yu Kuai) [Orabug: 37126683] - md/raid10: avoid deadlock on recovery. (Vitaly Mayatskikh) [Orabug: 37126683] [5.4.17-2136.339.2.el7uek] - arm64/cpu_errata: Spectre-BHB mitigation for AMPERE1 expects a loop of 11 iterations. (Miguel Luis) [Orabug: 37027863] [5.4.17-2136.339.1.el7uek] - net/rds: report pending-messages count in RDS_INQ response (Devesh Sharma) [Orabug: 35596047] [Orabug: 35316633] - net/rds: Introduce RDS-INQ feature to RDS protocol (Devesh Sharma) [Orabug: 35316632] [Orabug: 37109336] - net/rds: Supporting SIOCOUTQ to read pending sends (Devesh Sharma) [Orabug: 34460809] [Orabug: 37072814] - mm/memory-failure: pass the folio and the page to collect_procs() (Matthew Wilcox (Oracle)) [Orabug: 37270264] - KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD (Sean Christopherson) [Orabug: 37273706] - KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding (Sean Christopherson) [Orabug: 37273706] - objtool: Default ignore INT3 for unreachable (Peter Zijlstra) [Orabug: 37273706] {CVE-2022-29901} - x86/spec_ctrl: AMD AutoIBRS cannot be dynamically enabled or disabled (Alexandre Chartre) [Orabug: 37310552] - x86/msr: Add functions to set/clear the bit of an MSR on all cpus (Alexandre Chartre) [Orabug: 37310552] From el-errata at oss.oracle.com Tue May 13 06:11:28 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:11:28 -0700 Subject: [El-errata] ELBA-2025-20309 Oracle Linux 8 pytz bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20309 http://linux.oracle.com/errata/ELBA-2025-20309.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: python3-pytz-2017.2-11.0.1.el8.noarch.rpm aarch64: python3-pytz-2017.2-11.0.1.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//pytz-2017.2-11.0.1.el8.src.rpm Description of changes: [2017.2-11.0.1] - Added support for Python 3.11 on OL8 [JIRA: OLDIS-44040] From el-errata at oss.oracle.com Tue May 13 06:11:31 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:11:31 -0700 Subject: [El-errata] ELBA-2025-20315 Oracle Linux 8 scap-security-guide bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20315 http://linux.oracle.com/errata/ELBA-2025-20315.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: scap-security-guide-0.1.76-1.0.3.el8.noarch.rpm scap-security-guide-doc-0.1.76-1.0.3.el8.noarch.rpm aarch64: scap-security-guide-0.1.76-1.0.3.el8.noarch.rpm scap-security-guide-doc-0.1.76-1.0.3.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//scap-security-guide-0.1.76-1.0.3.el8.src.rpm Description of changes: [0.1.76-1.0.3] - Implement OL9 DISA STIG V1R1 [Orabug: 37927511] From el-errata at oss.oracle.com Tue May 13 06:11:33 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:11:33 -0700 Subject: [El-errata] ELBA-2025-20321 Oracle Linux 8 linux-firmware bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20321 http://linux.oracle.com/errata/ELBA-2025-20321.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: iwl1000-firmware-39.31.5.1-999.40.el8.noarch.rpm iwl100-firmware-39.31.5.1-999.40.el8.noarch.rpm iwl105-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl135-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl2000-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl2030-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl3160-firmware-25.30.13.0-999.40.el8.noarch.rpm iwl3945-firmware-15.32.2.9-999.40.el8.noarch.rpm iwl4965-firmware-228.61.2.24-999.40.el8.noarch.rpm iwl5000-firmware-8.83.5.1_1-999.40.el8.noarch.rpm iwl5150-firmware-8.24.2.2-999.40.el8.noarch.rpm iwl6000-firmware-9.221.4.1-999.40.el8.noarch.rpm iwl6000g2a-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl6000g2b-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl6050-firmware-41.28.5.1-999.40.el8.noarch.rpm iwl7260-firmware-25.30.13.0-999.40.el8.noarch.rpm iwlax2xx-firmware-20250423-999.40.el8.noarch.rpm libertas-sd8686-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm libertas-sd8787-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm libertas-usb8388-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm libertas-usb8388-olpc-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm linux-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm linux-firmware-core-20250423-999.40.git32f3227b.el8.noarch.rpm aarch64: iwl1000-firmware-39.31.5.1-999.40.el8.noarch.rpm iwl100-firmware-39.31.5.1-999.40.el8.noarch.rpm iwl105-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl135-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl2000-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl2030-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl3160-firmware-25.30.13.0-999.40.el8.noarch.rpm iwl3945-firmware-15.32.2.9-999.40.el8.noarch.rpm iwl4965-firmware-228.61.2.24-999.40.el8.noarch.rpm iwl5000-firmware-8.83.5.1_1-999.40.el8.noarch.rpm iwl5150-firmware-8.24.2.2-999.40.el8.noarch.rpm iwl6000-firmware-9.221.4.1-999.40.el8.noarch.rpm iwl6000g2a-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl6000g2b-firmware-18.168.6.1-999.40.el8.noarch.rpm iwl6050-firmware-41.28.5.1-999.40.el8.noarch.rpm iwl7260-firmware-25.30.13.0-999.40.el8.noarch.rpm iwlax2xx-firmware-20250423-999.40.el8.noarch.rpm libertas-sd8686-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm libertas-sd8787-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm libertas-usb8388-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm libertas-usb8388-olpc-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm linux-firmware-20250423-999.40.git32f3227b.el8.noarch.rpm linux-firmware-core-20250423-999.40.git32f3227b.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//linux-firmware-20250423-999.40.git32f3227b.el8.src.rpm Description of changes: [20250423-999.40.git32f3227b.el8] - Rebase to latest upstream [Orabug: 37868435] - Avoid showing microcode reload error if it's up to date [Orabug: 37891376] From el-errata at oss.oracle.com Tue May 13 06:11:27 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:11:27 -0700 Subject: [El-errata] ELBA-2025-20303 Oracle Linux 8 openscap bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20303 http://linux.oracle.com/errata/ELBA-2025-20303.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: openscap-1.3.10-2.0.2.el8_9.i686.rpm openscap-1.3.10-2.0.2.el8_9.x86_64.rpm openscap-devel-1.3.10-2.0.2.el8_9.i686.rpm openscap-devel-1.3.10-2.0.2.el8_9.x86_64.rpm openscap-engine-sce-1.3.10-2.0.2.el8_9.i686.rpm openscap-engine-sce-1.3.10-2.0.2.el8_9.x86_64.rpm openscap-python3-1.3.10-2.0.2.el8_9.x86_64.rpm openscap-scanner-1.3.10-2.0.2.el8_9.x86_64.rpm openscap-utils-1.3.10-2.0.2.el8_9.x86_64.rpm openscap-engine-sce-devel-1.3.10-2.0.2.el8_9.i686.rpm openscap-engine-sce-devel-1.3.10-2.0.2.el8_9.x86_64.rpm aarch64: openscap-1.3.10-2.0.2.el8_9.aarch64.rpm openscap-devel-1.3.10-2.0.2.el8_9.aarch64.rpm openscap-engine-sce-1.3.10-2.0.2.el8_9.aarch64.rpm openscap-python3-1.3.10-2.0.2.el8_9.aarch64.rpm openscap-scanner-1.3.10-2.0.2.el8_9.aarch64.rpm openscap-utils-1.3.10-2.0.2.el8_9.aarch64.rpm openscap-engine-sce-devel-1.3.10-2.0.2.el8_9.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//openscap-1.3.10-2.0.2.el8_9.src.rpm Description of changes: [1.3.10-2.0.2] - Fix textfilecontent54 behaviour with negative numbers [Orabug: 37890231] From el-errata at oss.oracle.com Tue May 13 06:11:34 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:11:34 -0700 Subject: [El-errata] ELSA-2025-20319 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20319 http://linux.oracle.com/errata/ELSA-2025-20319.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-5.4.17-2136.343.5.1.el8uek.aarch64.rpm kernel-uek-debug-5.4.17-2136.343.5.1.el8uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2136.343.5.1.el8uek.aarch64.rpm kernel-uek-devel-5.4.17-2136.343.5.1.el8uek.aarch64.rpm kernel-uek-doc-5.4.17-2136.343.5.1.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.343.5.1.el8uek.src.rpm Related CVEs: CVE-2023-52532 CVE-2024-36929 Description of changes: [5.4.17-2136.343.5.1.el8uek] - nvme: fix deadlock between reset and scan (Bitao Hu) [Orabug: 37920457] [5.4.17-2136.343.5.el8uek] - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846673] - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846668] - uek-rpm: remove .el7 from shim version (Samasth Norway Ananda) [Orabug: 37834734] [5.4.17-2136.343.4.el8uek] - bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao) - Revert "sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy" (Magali Lemes) - jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz) - serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping) - Revert "sctp: sysctl: auth_enable: avoid using current->nsproxy" (Magali Lemes) - net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet) - vlan: fix memory leak in vlan_newlink() (Eric Dumazet) - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (H?kon Bugge) [Orabug: 37747826] [5.4.17-2136.343.3.el8uek] - LTS tag: v5.4.291 (Sherry Yang) - eeprom: digsy_mtc: Make GPIO lookup table match the device (Andy Shevchenko) - slimbus: messaging: Free transaction ID in delayed interrupt scenario (Visweswara Tanuku) - intel_th: pci: Add Panther Lake-P/U support (Alexander Shishkin) - intel_th: pci: Add Panther Lake-H support (Alexander Shishkin) - intel_th: pci: Add Arrow Lake support (Pawel Chmielewski) - Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) - xhci: pci: Fix indentation in the PCI device ID definitions (Andy Shevchenko) - usb: gadget: Check bmAttributes only if configuration is valid (Prashanth K) - usb: gadget: Fix setting self-powered state on suspend (Marek Szyprowski) - usb: gadget: Set self-powered based on MaxPower and bmAttributes (Prashanth K) - usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (AngeloGioacchino Del Regno) - usb: typec: ucsi: increase timeout for PPM reset operations (Fedor Pchelkin) - usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich) - usb: renesas_usbhs: Flush the notify_hotplug_work (Claudiu Beznea) - usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (Miao Li) - usb: renesas_usbhs: Use devm_usb_get_phy() (Claudiu Beznea) - usb: renesas_usbhs: Call clk_put() (Claudiu Beznea) - Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (Christian Heusel) - gpio: rcar: Fix missing of_node_put() call (Fabrizio Castro) - net: ipv6: fix missing dst ref drop in ila lwtunnel (Justin Iurman) - net: ipv6: fix dst ref loop in ila lwtunnel (Justin Iurman) - net-timestamp: support TCP GSO case for a few missing flags (Jason Xing) - vlan: enforce underlying device type (Oscar Maes) - ppp: Fix KMSAN uninit-value warning with bpf (Jiayuan Chen) - be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink (Nikolay Aleksandrov) - drm/sched: Fix preprocessor guard (Philipp Stanner) - hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (Xinghuo Chen) - llc: do not use skb_get() before dev_queue_xmit() (Eric Dumazet) - hwmon: (ad7314) Validate leading zero bits and return error (Erik Schumacher) - hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (Maud Spierings) - hwmon: (pmbus) Initialise page count in pmbus_identify() (Titus Rwantare) - caif_virtio: fix wrong pointer check in cfv_probe() (Vitaliy Shevtsov) - net: gso: fix ownership in __udp_gso_segment (Antoine Tenart) - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (Zhang Lixu) - HID: google: fix unused variable warning under !CONFIG_ACPI (Yu-Chun Lin) - wifi: iwlwifi: limit printed string from FW file (Johannes Berg) - mm/page_alloc: fix uninitialized variable (Hao Zhang) - rapidio: fix an API misues when rio_add_net() fails (Haoxiang Li) - rapidio: add check for rio_add_net() in rio_scan_alloc_net() (Haoxiang Li) - wifi: nl80211: reject cooked mode if it is set along with other flags (Vitaliy Shevtsov) - wifi: cfg80211: regulatory: improve invalid hints checking (Nikita Zhandarovich) - x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 (Ahmed S. Darwish) - x86/cpu: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - x86/cacheinfo: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (Mingcong Bai) - drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (Richard Thier) - ALSA: hda/realtek: update ALC222 depop optimize (Kailang Yang) - ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (Hoku Ishibe) - HID: appleir: Fix potential NULL dereference at raw event handle (Daniil Dulov) - Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" (Rob Herring (Arm)) - drm/amdgpu: disable BAR resize on Dell G5 SE (Alex Deucher) - drm/amdgpu: Check extended configuration space register when system uses large bar (Ma Jun) - drm/amdgpu: skip BAR resizing if the bios already did it (Alex Deucher) - acct: perform last write from workqueue (Christian Brauner) - kernel/acct.c: use dedicated helper to access rlimit values (Yang Yang) - kernel/acct.c: use #elif instead of #end and #elif (Hui Su) - drop_monitor: fix incorrect initialization order (Gavrilov Ilia) - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (Quang Le) - sched/core: Prevent rescheduling when interrupts are disabled (Thomas Gleixner) - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (Kaustabh Chakraborty) - phy: tegra: xusb: reset VBUS & ID OVERRIDE (BH Hsieh) - usbnet: gl620a: fix endpoint checking in genelink_bind() (Nikita Zhandarovich) - perf/core: Fix low freq setting via IOC_PERIOD (Kan Liang) - ftrace: Avoid potential division by zero in function_stat_show() (Nikolay Kuratov) - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems (Russell Senior) - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. (Harshal Chaudhari) - ipvs: Always clear ipvs_property flag in skb_scrub_packet() (Philo Lu) - ASoC: es8328: fix route from DAC to output (Nicolas Frattaroli) - net: cadence: macb: Synchronize stats calculations (Sean Anderson) - sunrpc: suppress warnings for unused procfs functions (Arnd Bergmann) - batman-adv: Drop unmanaged ELP metric worker (Sven Eckelmann) - batman-adv: Ignore neighbor throughput metrics in error case (Sven Eckelmann) - acct: block access to kernel internal filesystems (Christian Brauner) - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (John Veness) - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (Haoxiang Li) - tee: optee: Fix supplicant wait loop (Sumit Garg) - power: supply: da9150-fg: fix potential overflow (Andrey Vatoropin) - flow_dissector: Fix port range key handling in BPF conversion (Cong Wang) - flow_dissector: Fix handling of mixed port and port-range keys (Cong Wang) - net: extract port range fields from fl_flow_key (Maksym Glubokiy) - geneve: Suppress list corruption splat in geneve_destroy_tunnels(). (Kuniyuki Iwashima) - geneve: Fix use-after-free in geneve_find_dev(). (Kuniyuki Iwashima) - powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (Christophe Leroy) - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (Christophe Leroy) - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (Michael Ellerman) - USB: gadget: f_midi: f_midi_complete to call queue_work (Jill Donahue) - usb/gadget: f_midi: Replace tasklet with work (Davidlohr Bueso) - usb/gadget: f_midi: convert tasklets to use new tasklet_setup() API (Allen Pais) - usb: dwc3: Fix timeout issue during controller enter/exit from halt state (Selvarasu Ganesan) - usb: dwc3: Increase DWC3 controller halt timeout (Wesley Cheng) - memcg: fix soft lockup in the OOM process (Chen Ridong) - mm: update mark_victim tracepoints fields (Carlos Galo) - crypto: testmgr - some more fixes to RSA test vectors (Ignat Korchagin) - crypto: testmgr - populate RSA CRT parameters in RSA test vectors (Ignat Korchagin) - crypto: testmgr - fix version number of RSA tests (lei he) - crypto: testmgr - Fix wrong test case of RSA (Lei He) - crypto: testmgr - fix wrong key length for pkcs1pad (Lei He) - driver core: bus: Fix double free in driver API bus_register() (Zijun Hu) - scsi: storvsc: Set correct data length for sending SCSI command without payload (Long Li) - vlan: move dev_put into vlan_dev_uninit (Xin Long) - vlan: introduce vlan_dev_free_egress_priority (Xin Long) - pps: Fix a use-after-free (Calvin Owens) - btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana) - x86/i8253: Disable PIT timer 0 when not in use (David Woodhouse) - parport_pc: add support for ASIX AX99100 (Jiaqing Zhao) - serial: 8250_pci: add support for ASIX AX99100 (Jiaqing Zhao) - can: ems_pci: move ASIX AX99100 ids to pci_ids.h (Jiaqing Zhao) - nilfs2: protect access to buffers with no active references (Ryusuke Konishi) - nilfs2: do not force clear folio if buffer is referenced (Ryusuke Konishi) - nilfs2: do not output warnings when clearing dirty buffers (Ryusuke Konishi) - alpha: replace hardcoded stack offsets with autogenerated ones (Ivan Kokshaysky) - ndisc: extend RCU protection in ndisc_send_skb() (Eric Dumazet) - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (Eric Dumazet) - arp: use RCU protection in arp_xmit() (Eric Dumazet) - neighbour: use RCU protection in __neigh_notify() (Eric Dumazet) - neighbour: delete redundant judgment statements (Li Zetao) - ndisc: use RCU protection in ndisc_alloc_skb() (Eric Dumazet) - ipv6: use RCU protection in ip6_default_advmss() (Eric Dumazet) - ipv4: use RCU protection in inet_select_addr() (Eric Dumazet) - ipv4: use RCU protection in rt_is_expired() (Eric Dumazet) - net: add dev_net_rcu() helper (Eric Dumazet) - net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu() (Jiri Pirko) - regmap-irq: Add missing kfree() (Jiasheng Jiang) - partitions: mac: fix handling of bogus partition table (Jann Horn) - gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (Wentao Liang) - alpha: align stack for page fault and user unaligned trap handlers (Ivan Kokshaysky) - serial: 8250: Fix fifo underflow on flush (John Keeping) - alpha: make stack 16-byte aligned (most cases) (Ivan Kokshaysky) - can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (Alexander H?lzl) - can: c_can: fix unbalanced runtime PM disable in error path (Krzysztof Kozlowski) - USB: serial: option: drop MeiG Smart defines (Johan Hovold) - USB: serial: option: fix Telit Cinterion FN990A name (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FN990B compositions (Fabio Porcedda) - USB: serial: option: add MeiG Smart SLM828 (Chester A. Unal) - usb: cdc-acm: Fix handling of oversized fragments (Jann Horn) - usb: cdc-acm: Check control transfer buffer size before access (Jann Horn) - USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (Marek Vasut) - USB: hub: Ignore non-compliant devices with too many configs or interfaces (Alan Stern) - usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (John Keeping) - USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (Mathias Nyman) - USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (Lei Huang) - USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (Huacai Chen) - usb: dwc2: gadget: remove of_node reference upon udc_stop (Fabrice Gasnier) - usb: gadget: udc: renesas_usb3: Fix compiler warning (Guo Ren) - usb: roles: set switch registered flag early on (Elson Roy Serrao) - batman-adv: fix panic during interface removal (Andy Strohman) - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (Hans de Goede) - orangefs: fix a oob in orangefs_debug_write (Mike Marshall) - Grab mm lock before grabbing pt lock (Maksym Planeta) - vfio/pci: Enable iowrite64 and ioread64 for vfio pci (Ramesh Thomas) - media: cxd2841er: fix 64-bit division on gcc-9 (Arnd Bergmann) - gpio: bcm-kona: Add missing newline to dev_err format string (Artur Weber) - gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (Artur Weber) - gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (Artur Weber) - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec) - team: better TEAM_OPTION_TYPE_STRING validation (Eric Dumazet) - vrf: use RCU protection in l3mdev_l3_out() (Eric Dumazet) - ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (Eric Dumazet) - HID: multitouch: Add NULL check in mt_input_configured (Charles Han) - ocfs2: check dir i_size in ocfs2_find_entry (Su Yue) - MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static (WangYuli) - ptp: Ensure info->enable callback is always set (Thomas Wei?schuh) - net/ncsi: wait for the last response to Deselect Package before configuring channel (Paul Fertser) - misc: fastrpc: Fix registered buffer page address (Ekansh Gupta) - mtd: onenand: Fix uninitialized retlen in do_otp_read() (Ivan Stepchenko) - NFC: nci: Add bounds checking in nci_hci_create_pipe() (Dan Carpenter) - nilfs2: fix possible int overflows in nilfs_fiemap() (Nikita Zhandarovich) - ocfs2: handle a symlink read error correctly (Matthew Wilcox (Oracle)) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - nvmem: core: improve range check for nvmem_cell_write() (Jennifer Berringer) - crypto: qce - unregister previously registered algos in error path (Bartosz Golaszewski) - crypto: qce - fix goto jump in error path (Bartosz Golaszewski) - media: uvcvideo: Remove redundant NULL assignment (Ricardo Ribalda) - media: uvcvideo: Fix event flags in uvc_ctrl_send_events (Ricardo Ribalda) - media: ov5640: fix get_light_freq on auto (Sam Bobrowicz) - soc: qcom: smem_state: fix missing of_node_put in error path (Krzysztof Kozlowski) - kbuild: Move -Wenum-enum-conversion to W=2 (Nathan Chancellor) - powerpc/pseries/eeh: Fix get PE state translation (Narayana Murty N) - serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (Claudiu Beznea) - serial: sh-sci: Drop __initdata macro for port_cfg (Claudiu Beznea) - soc: qcom: socinfo: Avoid out of bounds read of serial number (Stephan Gerhold) - usb: gadget: f_tcm: Don't prepare BOT write request twice (Thinh Nguyen) - usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (Thinh Nguyen) - usb: gadget: f_tcm: Decrement command ref count on cleanup (Thinh Nguyen) - usb: gadget: f_tcm: Translate error to sense (Thinh Nguyen) - wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (Marcel Hamer) - HID: hid-sensor-hub: don't use stale platform-data on remove (Heiko Stuebner) - of: reserved-memory: Fix using wrong number of cells to get property 'alignment' (Zijun Hu) - of: Fix of_find_node_opts_by_path() handling of alias+path+options (Zijun Hu) - of: Correct child specifier used as input of the 2nd nexus node (Zijun Hu) - perf bench: Fix undefined behavior in cmpworker() (Kuan-Wei Chiu) - clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (Anastasia Belova) - clk: qcom: clk-alpha-pll: fix alpha mode configuration (Gabor Juhos) - drm/komeda: Add check for komeda_get_layer_fourcc_list() (Haoxiang Li) - KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (David Hildenbrand) - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (Sean Christopherson) - arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (Jakob Unterwurzacher) - binfmt_flat: Fix integer overflow bug on 32 bit systems (Dan Carpenter) - m68k: vga: Fix I/O defines (Thomas Zimmermann) - s390/futex: Fix FUTEX_OP_ANDN implementation (Heiko Carstens) - leds: lp8860: Write full EEPROM, not only half of it (Alexander Sverdlin) - cpufreq: s3c64xx: Fix compilation warning (Viresh Kumar) - tun: revert fix group permission check (Willem de Bruijn) - net: rose: lock the socket in rose_bind() (Eric Dumazet) - udp: gso: do not drop small packets when PMTU reduces (Yan Zhai) - tg3: Disable tg3 PCIe AER on system reboot (Lenny Szubowicz) - gpu: drm_dp_cec: fix broken CEC adapter properties check (Hans Verkuil) - firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (Prasad Pandit) - nvme: handle connectivity loss in nvme_set_queue_count (Daniel Wagner) - usb: xhci: Fix NULL pointer dereference on certain command aborts (Michal Pecio) - usb: xhci: Add timeout argument in address_device USB HCD callback (Hardik Gajjar) - net: usb: rtl8150: enable basic endpoint checking (Nikita Zhandarovich) - net: usb: rtl8150: use new tasklet API (Emil Renner Berthing) - tasklet: Introduce new initialization API (Romain Perier) - kbuild: userprogs: use correct lld when linking through clang (Thomas Wei?schuh) - media: uvcvideo: Remove dangling pointers (Ricardo Ribalda) - media: uvcvideo: Only save async fh if success (Ricardo Ribalda) - nilfs2: handle errors that nilfs_prepare_chunk() may return (Ryusuke Konishi) - nilfs2: eliminate staggered calls to kunmap in nilfs_rename (Ryusuke Konishi) - nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link (Ryusuke Konishi) - spi-mxs: Fix chipselect glitch (Ralf Schlatterbeck) - x86/mm: Don't disable PCID when INVLPG has been fixed by microcode (Xi Ruoyao) - APEI: GHES: Have GHES honor the panic= setting (Borislav Petkov) - HID: Wacom: Add PCI Wacom device support (Even Xu) - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (Hans de Goede) - tomoyo: don't emit warning in tomoyo_write_control() (Tetsuo Handa) - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (Dmitry Antipov) - mmc: core: Respect quirk_max_rate for non-UHS SDIO card (Shawn Lin) - tun: fix group permission check (Stas Sergeev) - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (Kuan-Wei Chiu) - x86/amd_nb: Restrict init function to AMD-based systems (Yazen Ghannam) - sched: Don't try to catch up excess steal time. (Suleiman Souhlal) - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (Josef Bacik) - btrfs: fix use-after-free when attempting to join an aborted transaction (Filipe Manana) - btrfs: output the reason for open_ctree() failure (Qu Wenruo) - usb: gadget: f_tcm: Don't free command immediately (Thinh Nguyen) - media: uvcvideo: Fix double free in error path (Laurent Pinchart) - HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (Alan Stern) - usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (Jos Wang) - drivers/card_reader/rtsx_usb: Restore interrupt based detection (Sean Rhodes) - ktest.pl: Check kernelrelease return in get_version (Ricardo B. Marliere) - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Chuck Lever) - hexagon: Fix unbalanced spinlock in die() (Lin Yujun) - hexagon: fix using plain integer as NULL pointer warning in cmpxchg (Willem de Bruijn) - genksyms: fix memory leak when the same symbol is read from *.symref file (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is added from source (Masahiro Yamada) - net: sh_eth: Fix missing rtnl lock in suspend/resume path (Kory Maincent) - vsock: Allow retrying on connect() failure (Michal Luczaj) - perf trace: Fix runtime error of index out of bounds (Howard Chu) - net: davicom: fix UAF in dm9000_drv_remove (Chenyuan Yang) - net: rose: fix timer races against user threads (Eric Dumazet) - PM: hibernate: Add error handling for syscore_suspend() (Wentao Liang) - ipmr: do not call mr_mfc_uses_dev() for unres entries (Eric Dumazet) - net: fec: implement TSO descriptor cleanup (Dheeraj Reddy Jonnalagadda) - ubifs: skip dumping tnc tree when zroot is null (pangliyuan) - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (Oleksij Rempel) - dmaengine: ti: edma: fix OF node reference leaks in edma_driver (Joe Hattori) - module: Extend the preempt disabled section in dereference_symbol_descriptor(). (Sebastian Andrzej Siewior) - ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (Su Yue) - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (Guixin Liu) - scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1 (Paul Menzel) - staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (Joe Hattori) - media: uvcvideo: Propagate buf->error to userspace (Ricardo Ribalda) - media: camif-core: Add check for clk_enable() (Jiasheng Jiang) - media: mipi-csis: Add check for clk_enable() (Jiasheng Jiang) - PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (Zijun Hu) - media: lmedm04: Handle errors for lme2510_int_read (Chen Ni) - media: lmedm04: Use GFP_KERNEL for URB allocation/submission. (Malcolm Priestley) - media: rc: iguanair: handle timeouts (Oliver Neukum) - fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (Joe Hattori) - ARM: dts: mediatek: mt7623: fix IR nodename (Rafa? Mi?ecki) - arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property (Chen-Yu Tsai) - rdma/cxgb4: Prevent potential integer overflow on 32bit (Dan Carpenter) - RDMA/mlx4: Avoid false error about access to uninitialized gids array (Leon Romanovsky) - bpf: Send signals asynchronously if !preemptible (Puranjay Mohan) - perf report: Fix misleading help message about --demangle (Jiachen Zhang) - perf top: Don't complain about lack of vmlinux when not resolving some kernel samples (Arnaldo Carvalho de Melo) - padata: fix sysfs store callback check (Thomas Wei?schuh) - ktest.pl: Remove unused declarations in run_bisect_test function (Ba Jing) - perf header: Fix one memory leakage in process_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_btf() (Zhongqiu Han) - ASoC: sun4i-spdif: Add clock multiplier settings (George Lander) - tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande) - net: sched: Disallow replacing of child qdisc from one parent to another (Jamal Hadi Salim) - net/mlxfw: Drop hard coded max FW flash image size (Maher Sanalla) - net: let net.core.dev_weight always be non-zero (Liu Jian) - clk: analogbits: Fix incorrect calculation of vco rate delta (Bo Gan) - selftests: harness: fix printing of mismatch values in __EXPECT() (Dmitry V. Levin) - selftests/harness: Display signed values correctly (Kees Cook) - wifi: wlcore: fix unbalanced pm_runtime calls (Andreas Kemnade) - regulator: of: Implement the unwind path of of_regulator_match() (Joe Hattori) - team: prevent adding a device which is already a team device lower (Octavian Purdila) - cpupower: fix TSC MHz calculation (He Rongguang) - wifi: rtlwifi: pci: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix memory leaks and invalid access at probe error path (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused check_buddy_priv (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused dualmac control leftovers (Dmitry Antipov) - wifi: rtlwifi: remove unused timer and related code (Dmitry Antipov) - rtlwifi: replace usage of found with dedicated list iterator variable (Jakob Koschel) - dt-bindings: mmc: controller: clarify the address-cells description (Neil Armstrong) - wifi: rtlwifi: usb: fix workqueue leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (Thadeu Lima de Souza Cascardo) - rtlwifi: rtl8192se Rename RT_TRACE to rtl_dbg (Larry Finger) - wifi: rtlwifi: do not complete firmware loading needlessly (Thadeu Lima de Souza Cascardo) - ipmi: ipmb: Add check devm_kasprintf() returned value (Charles Han) - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (Ivan Stepchenko) - drm/etnaviv: Fix page property being used for non writecombine buffers (Sui Jingfeng) - partitions: ldm: remove the initial kernel-doc notation (Randy Dunlap) - nbd: don't allow reconnect after disconnect (Yu Kuai) - afs: Fix directory format encoding struct (David Howells) - overflow: Allow mixed type arguments (Kees Cook) - overflow: Correct check_shl_overflow() comment (Keith Busch) - overflow: Add __must_check attribute to check_*() helpers (Kees Cook) [5.4.17-2136.343.2.el8uek] - rds: ib: Do not attempt to insert RDMA exthdr twice (H?kon Bugge) [Orabug: 37721764] - net: mana: Fix TX CQE error handling (Haiyang Zhang) [Orabug: 36983924] {CVE-2023-52532} - net/mlx5: Stop waiting for PCI if pci channel is offline (Moshe Shemesh) [Orabug: 36929747] - rds: ib: Fix racy send affinity work cancellation (H?kon Bugge) [Orabug: 36605776] - uek-rpm: install the perf exec dir (Stephen Brennan) [Orabug: 35023180] - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37764002] [5.4.17-2136.343.1.el8uek] - rds: ib: Make traffic_class visible to user-space (H?kon Bugge) [Orabug: 37617866] - rds: ib: Remove incorrect update of the path record sl and qos_class fields (H?kon Bugge) [Orabug: 37617866] - net: core: reject skb_copy(_expand) for fraglist GSO skbs (Felix Fietkau) [Orabug: 36683418] {CVE-2024-36929} - udp: do not accept non-tunnel GSO skbs landing in a tunnel (Antoine Tenart) [Orabug: 36643088] - udp: never accept GSO_FRAGLIST packets (Paolo Abeni) [Orabug: 36643088] - udp: initialize is_flist with 0 in udp_gro_receive (Xin Long) [Orabug: 36643088] From el-errata at oss.oracle.com Tue May 13 06:11:30 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 12 May 2025 23:11:30 -0700 Subject: [El-errata] ELBA-2025-20311 Oracle Linux 8 leapp-repository bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20311 http://linux.oracle.com/errata/ELBA-2025-20311.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: leapp-upgrade-el8toel9-0.20.0-2.0.21.el8.noarch.rpm leapp-upgrade-el8toel9-deps-0.20.0-2.0.21.el8.noarch.rpm aarch64: leapp-upgrade-el8toel9-0.20.0-2.0.21.el8.noarch.rpm leapp-upgrade-el8toel9-deps-0.20.0-2.0.21.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//leapp-repository-0.20.0-2.0.21.el8.src.rpm Description of changes: [0.20.0-2.0.21] - Produce alert on additional i686 problematic packages [Orabug: 37792372] [Orabug: 37809864] - Add additional mappings for OL9 upgrade [Orabug: 37792090] [Orabug: 37803309] From el-errata at oss.oracle.com Tue May 13 17:19:30 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:19:30 -0700 Subject: [El-errata] ELSA-2025-4458 Important: Oracle Linux 8 firefox security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4458 http://linux.oracle.com/errata/ELSA-2025-4458.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.10.0-1.0.1.el8_10.x86_64.rpm aarch64: firefox-128.10.0-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//firefox-128.10.0-1.0.1.el8_10.src.rpm Related CVEs: CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 Description of changes: [128.10.0-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789] - Force use of gcc-toolset-13 due to clang dependency [128.10.0] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.10.0-1] - Update to 128.10.0 build1 From el-errata at oss.oracle.com Tue May 13 17:19:29 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:19:29 -0700 Subject: [El-errata] ELBA-2025-4337 Oracle Linux 8 kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4337 http://linux.oracle.com/errata/ELBA-2025-4337.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.51.1.el8_10.noarch.rpm kernel-core-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.51.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.51.1.el8_10.x86_64.rpm perf-4.18.0-553.51.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.51.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.51.1.el8_10.x86_64.rpm aarch64: bpftool-4.18.0-553.51.1.el8_10.aarch64.rpm kernel-cross-headers-4.18.0-553.51.1.el8_10.aarch64.rpm kernel-headers-4.18.0-553.51.1.el8_10.aarch64.rpm kernel-tools-4.18.0-553.51.1.el8_10.aarch64.rpm kernel-tools-libs-4.18.0-553.51.1.el8_10.aarch64.rpm perf-4.18.0-553.51.1.el8_10.aarch64.rpm python3-perf-4.18.0-553.51.1.el8_10.aarch64.rpm kernel-tools-libs-devel-4.18.0-553.51.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.51.1.el8_10.src.rpm Description of changes: [4.18.0-553.51.1.el8_10.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] [4.18.0-553.51.1.el8_10] - x86/xen: use the whole RCX when picking the right hypercall function (Vitaly Kuznetsov) [RHEL-87072] - Revert "usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB" (Desnes Nunes) [RHEL-87280] From el-errata at oss.oracle.com Tue May 13 17:19:35 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:19:35 -0700 Subject: [El-errata] ELSA-2025-4461 Moderate: Oracle Linux 8 nodejs:20 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4461 http://linux.oracle.com/errata/ELSA-2025-4461.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-20.19.1-1.module+el8.10.0+90560+49d7a1eb.x86_64.rpm nodejs-devel-20.19.1-1.module+el8.10.0+90560+49d7a1eb.x86_64.rpm nodejs-docs-20.19.1-1.module+el8.10.0+90560+49d7a1eb.noarch.rpm nodejs-full-i18n-20.19.1-1.module+el8.10.0+90560+49d7a1eb.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90560+49d7a1eb.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90560+49d7a1eb.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90560+49d7a1eb.noarch.rpm npm-10.8.2-1.20.19.1.1.module+el8.10.0+90560+49d7a1eb.x86_64.rpm aarch64: nodejs-20.19.1-1.module+el8.10.0+90560+49d7a1eb.aarch64.rpm nodejs-devel-20.19.1-1.module+el8.10.0+90560+49d7a1eb.aarch64.rpm nodejs-docs-20.19.1-1.module+el8.10.0+90560+49d7a1eb.noarch.rpm nodejs-full-i18n-20.19.1-1.module+el8.10.0+90560+49d7a1eb.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90560+49d7a1eb.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90560+49d7a1eb.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90560+49d7a1eb.noarch.rpm npm-10.8.2-1.20.19.1.1.module+el8.10.0+90560+49d7a1eb.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//nodejs-20.19.1-1.module+el8.10.0+90560+49d7a1eb.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.10.0+90560+49d7a1eb.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.10.0+90560+49d7a1eb.src.rpm Related CVEs: CVE-2025-31498 Description of changes: nodejs [1:20.19.1-1] - Update to version 20.19.1 Resolves: RHEL-78763 [1:20.18.2-4] - Update c-ares to 1.34.5 to address CVE-2025-31498 From el-errata at oss.oracle.com Tue May 13 17:19:32 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:19:32 -0700 Subject: [El-errata] ELSA-2025-4459 Important: Oracle Linux 8 nodejs:22 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4459 http://linux.oracle.com/errata/ELSA-2025-4459.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-22.15.0-1.module+el8.10.0+90558+f3d29a46.x86_64.rpm nodejs-devel-22.15.0-1.module+el8.10.0+90558+f3d29a46.x86_64.rpm nodejs-docs-22.15.0-1.module+el8.10.0+90558+f3d29a46.noarch.rpm nodejs-full-i18n-22.15.0-1.module+el8.10.0+90558+f3d29a46.x86_64.rpm nodejs-libs-22.15.0-1.module+el8.10.0+90558+f3d29a46.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90558+f3d29a46.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90558+f3d29a46.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90558+f3d29a46.noarch.rpm npm-10.9.2-1.22.15.0.1.module+el8.10.0+90558+f3d29a46.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.15.0.1.module+el8.10.0+90558+f3d29a46.x86_64.rpm aarch64: nodejs-22.15.0-1.module+el8.10.0+90558+f3d29a46.aarch64.rpm nodejs-devel-22.15.0-1.module+el8.10.0+90558+f3d29a46.aarch64.rpm nodejs-docs-22.15.0-1.module+el8.10.0+90558+f3d29a46.noarch.rpm nodejs-full-i18n-22.15.0-1.module+el8.10.0+90558+f3d29a46.aarch64.rpm nodejs-libs-22.15.0-1.module+el8.10.0+90558+f3d29a46.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el8.10.0+90558+f3d29a46.noarch.rpm nodejs-packaging-2021.06-4.module+el8.10.0+90558+f3d29a46.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el8.10.0+90558+f3d29a46.noarch.rpm npm-10.9.2-1.22.15.0.1.module+el8.10.0+90558+f3d29a46.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.15.0.1.module+el8.10.0+90558+f3d29a46.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//nodejs-22.15.0-1.module+el8.10.0+90558+f3d29a46.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.10.0+90558+f3d29a46.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.10.0+90558+f3d29a46.src.rpm Related CVEs: CVE-2025-3277 CVE-2025-31498 Description of changes: nodejs [1:22.15.0-1] - Update to 22.15.0 - Drop upstream patches [1:22.13.1-4] - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300 [1:22.13.1-3] - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86581 From el-errata at oss.oracle.com Tue May 13 17:24:53 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:24:53 -0700 Subject: [El-errata] ELSA-2025-4560 Important: Oracle Linux 8 libsoup security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4560 http://linux.oracle.com/errata/ELSA-2025-4560.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libsoup-2.62.3-8.el8_10.i686.rpm libsoup-2.62.3-8.el8_10.x86_64.rpm libsoup-devel-2.62.3-8.el8_10.i686.rpm libsoup-devel-2.62.3-8.el8_10.x86_64.rpm aarch64: libsoup-2.62.3-8.el8_10.aarch64.rpm libsoup-devel-2.62.3-8.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//libsoup-2.62.3-8.el8_10.src.rpm Related CVEs: CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32911 CVE-2025-32913 CVE-2025-46420 CVE-2025-46421 Description of changes: [2.62.3-8] - Backport patches for various CVEs, plus test improvements Resolves: RHEL-85887 Resolves: RHEL-85900 Resolves: RHEL-85901 Resolves: RHEL-87039 Resolves: RHEL-87094 Resolves: RHEL-87114 Resolves: RHEL-88348 Resolves: RHEL-88351 From el-errata at oss.oracle.com Tue May 13 17:24:57 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:24:57 -0700 Subject: [El-errata] ELSA-2025-4649 Important: Oracle Linux 8 thunderbird security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4649 http://linux.oracle.com/errata/ELSA-2025-4649.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.9.2-1.0.1.el8_10.x86_64.rpm aarch64: thunderbird-128.9.2-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//thunderbird-128.9.2-1.0.1.el8_10.src.rpm Related CVEs: CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 Description of changes: [128.9.2-1.0.1] - Fix prefs for new nss [Orabug: 37079820] - Add Oracle prefs file - Force use of gcc-toolset-13 due to clang dependency [128.9.2] - Add OpenELA debranding [128.9.2-1] - Update to 128.9.2 From el-errata at oss.oracle.com Tue May 13 17:24:55 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:24:55 -0700 Subject: [El-errata] ELSA-2025-4597 Moderate: Oracle Linux 8 mod_auth_openidc:2.3 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4597 http://linux.oracle.com/errata/ELSA-2025-4597.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: cjose-0.6.1-4.module+el8.10.0+90549+7b4eddfc.x86_64.rpm cjose-devel-0.6.1-4.module+el8.10.0+90549+7b4eddfc.x86_64.rpm mod_auth_openidc-2.4.9.4-8.module+el8.10.0+90568+7a187228.x86_64.rpm aarch64: cjose-0.6.1-4.module+el8.10.0+90549+7b4eddfc.aarch64.rpm cjose-devel-0.6.1-4.module+el8.10.0+90549+7b4eddfc.aarch64.rpm mod_auth_openidc-2.4.9.4-8.module+el8.10.0+90568+7a187228.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//cjose-0.6.1-4.module+el8.10.0+90549+7b4eddfc.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//mod_auth_openidc-2.4.9.4-8.module+el8.10.0+90568+7a187228.src.rpm Related CVEs: CVE-2025-3891 Description of changes: cjose mod_auth_openidc [2.4.9.4-8] - Resolves: RHEL-87759 - Empty POST causes crash with OIDCPreservePost From el-errata at oss.oracle.com Tue May 13 17:24:58 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:24:58 -0700 Subject: [El-errata] ELSA-2025-4658 Moderate: Oracle Linux 8 libtiff security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4658 http://linux.oracle.com/errata/ELSA-2025-4658.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libtiff-4.0.9-34.el8_10.i686.rpm libtiff-4.0.9-34.el8_10.x86_64.rpm libtiff-devel-4.0.9-34.el8_10.i686.rpm libtiff-devel-4.0.9-34.el8_10.x86_64.rpm libtiff-tools-4.0.9-34.el8_10.x86_64.rpm aarch64: libtiff-4.0.9-34.el8_10.aarch64.rpm libtiff-devel-4.0.9-34.el8_10.aarch64.rpm libtiff-tools-4.0.9-34.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//libtiff-4.0.9-34.el8_10.src.rpm Related CVEs: CVE-2017-17095 Description of changes: [4.0.9-34] - fix CVE-2017-17095: heap-based buffer overflow in pal2rgb (RHEL-87363) From el-errata at oss.oracle.com Tue May 13 17:25:06 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:25:06 -0700 Subject: [El-errata] ELSA-2025-4791 Moderate: Oracle Linux 8 python39:3.9 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4791 http://linux.oracle.com/errata/ELSA-2025-4791.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: python39-3.9.20-1.module+el8.10.0+90419+54594e05.x86_64.rpm python39-cffi-1.14.3-2.module+el8.9.0+90016+9c2d6573.x86_64.rpm python39-chardet-3.0.4-19.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-cryptography-3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99.x86_64.rpm python39-devel-3.9.20-1.module+el8.10.0+90419+54594e05.x86_64.rpm python39-idle-3.9.20-1.module+el8.10.0+90419+54594e05.x86_64.rpm python39-idna-2.10-4.module+el8.10.0+90341+71ca88f4.noarch.rpm python39-libs-3.9.20-1.module+el8.10.0+90419+54594e05.x86_64.rpm python39-lxml-4.6.5-1.module+el8.9.0+90016+9c2d6573.x86_64.rpm python39-mod_wsgi-4.7.1-7.module+el8.10.0+90570+e9e3ed00.1.x86_64.rpm python39-numpy-1.19.4-3.module+el8.9.0+90016+9c2d6573.x86_64.rpm python39-numpy-doc-1.19.4-3.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-numpy-f2py-1.19.4-3.module+el8.9.0+90016+9c2d6573.x86_64.rpm python39-pip-20.2.4-9.module+el8.10.0+90269+2fa22b99.noarch.rpm python39-pip-wheel-20.2.4-9.module+el8.10.0+90269+2fa22b99.noarch.rpm python39-ply-3.11-10.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-psutil-5.8.0-4.module+el8.9.0+90016+9c2d6573.x86_64.rpm python39-psycopg2-2.8.6-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm python39-psycopg2-doc-2.8.6-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm python39-psycopg2-tests-2.8.6-3.module+el8.10.0+90269+2fa22b99.x86_64.rpm python39-pycparser-2.20-3.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-PyMySQL-0.10.1-2.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-pysocks-1.7.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-pyyaml-5.4.1-1.module+el8.9.0+90016+9c2d6573.x86_64.rpm python39-requests-2.25.0-3.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-rpm-macros-3.9.20-1.module+el8.10.0+90419+54594e05.noarch.rpm python39-scipy-1.5.4-5.module+el8.9.0+90016+9c2d6573.x86_64.rpm python39-setuptools-50.3.2-6.module+el8.10.0+90395+b6c4aad1.noarch.rpm python39-setuptools-wheel-50.3.2-6.module+el8.10.0+90395+b6c4aad1.noarch.rpm python39-six-1.15.0-3.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-test-3.9.20-1.module+el8.10.0+90419+54594e05.x86_64.rpm python39-tkinter-3.9.20-1.module+el8.10.0+90419+54594e05.x86_64.rpm python39-toml-0.10.1-5.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-urllib3-1.25.10-5.module+el8.10.0+90269+2fa22b99.noarch.rpm python39-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-wheel-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm aarch64: python39-3.9.20-1.module+el8.10.0+90419+54594e05.aarch64.rpm python39-cffi-1.14.3-2.module+el8.9.0+90016+9c2d6573.aarch64.rpm python39-chardet-3.0.4-19.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-cryptography-3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99.aarch64.rpm python39-devel-3.9.20-1.module+el8.10.0+90419+54594e05.aarch64.rpm python39-idle-3.9.20-1.module+el8.10.0+90419+54594e05.aarch64.rpm python39-idna-2.10-4.module+el8.10.0+90341+71ca88f4.noarch.rpm python39-libs-3.9.20-1.module+el8.10.0+90419+54594e05.aarch64.rpm python39-lxml-4.6.5-1.module+el8.9.0+90016+9c2d6573.aarch64.rpm python39-mod_wsgi-4.7.1-7.module+el8.10.0+90570+e9e3ed00.1.aarch64.rpm python39-numpy-1.19.4-3.module+el8.9.0+90016+9c2d6573.aarch64.rpm python39-numpy-doc-1.19.4-3.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-numpy-f2py-1.19.4-3.module+el8.9.0+90016+9c2d6573.aarch64.rpm python39-pip-20.2.4-9.module+el8.10.0+90269+2fa22b99.noarch.rpm python39-pip-wheel-20.2.4-9.module+el8.10.0+90269+2fa22b99.noarch.rpm python39-ply-3.11-10.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-psutil-5.8.0-4.module+el8.9.0+90016+9c2d6573.aarch64.rpm python39-psycopg2-2.8.6-3.module+el8.10.0+90269+2fa22b99.aarch64.rpm python39-psycopg2-doc-2.8.6-3.module+el8.10.0+90269+2fa22b99.aarch64.rpm python39-psycopg2-tests-2.8.6-3.module+el8.10.0+90269+2fa22b99.aarch64.rpm python39-pycparser-2.20-3.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-PyMySQL-0.10.1-2.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-pysocks-1.7.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-pyyaml-5.4.1-1.module+el8.9.0+90016+9c2d6573.aarch64.rpm python39-requests-2.25.0-3.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-rpm-macros-3.9.20-1.module+el8.10.0+90419+54594e05.noarch.rpm python39-scipy-1.5.4-5.module+el8.9.0+90016+9c2d6573.aarch64.rpm python39-setuptools-50.3.2-6.module+el8.10.0+90395+b6c4aad1.noarch.rpm python39-setuptools-wheel-50.3.2-6.module+el8.10.0+90395+b6c4aad1.noarch.rpm python39-six-1.15.0-3.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-test-3.9.20-1.module+el8.10.0+90419+54594e05.aarch64.rpm python39-tkinter-3.9.20-1.module+el8.10.0+90419+54594e05.aarch64.rpm python39-toml-0.10.1-5.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-urllib3-1.25.10-5.module+el8.10.0+90269+2fa22b99.noarch.rpm python39-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm python39-wheel-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//mod_wsgi-4.7.1-7.module+el8.10.0+90570+e9e3ed00.1.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//numpy-1.19.4-3.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python39-3.9.20-1.module+el8.10.0+90419+54594e05.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python3x-pip-20.2.4-9.module+el8.10.0+90269+2fa22b99.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python3x-setuptools-50.3.2-6.module+el8.10.0+90395+b6c4aad1.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python3x-six-1.15.0-3.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-cffi-1.14.3-2.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-chardet-3.0.4-19.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-cryptography-3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-idna-2.10-4.module+el8.10.0+90341+71ca88f4.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-lxml-4.6.5-1.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-ply-3.11-10.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-psutil-5.8.0-4.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-psycopg2-2.8.6-3.module+el8.10.0+90269+2fa22b99.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-pycparser-2.20-3.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-PyMySQL-0.10.1-2.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-pysocks-1.7.1-4.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-requests-2.25.0-3.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-toml-0.10.1-5.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-urllib3-1.25.10-5.module+el8.10.0+90269+2fa22b99.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//PyYAML-5.4.1-1.module+el8.9.0+90016+9c2d6573.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//scipy-1.5.4-5.module+el8.9.0+90016+9c2d6573.src.rpm Related CVEs: CVE-2022-2255 Description of changes: mod_wsgi [4.7.1-7.1] - Resolves: RHEL-87514 - CVE-2022-2255 python39:3.9/mod_wsgi: Trusted Proxy Headers Removing Bypass numpy python39 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography python-idna python-lxml python-ply python-psutil python-psycopg2 python-pycparser python-PyMySQL python-pysocks python-requests python-toml python-urllib3 python-wheel PyYAML scipy From el-errata at oss.oracle.com Tue May 13 17:25:08 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 10:25:08 -0700 Subject: [El-errata] ELSA-2025-4797 Important: Oracle Linux 8 thunderbird security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4797 http://linux.oracle.com/errata/ELSA-2025-4797.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.10.0-1.0.1.el8_10.x86_64.rpm aarch64: thunderbird-128.10.0-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//thunderbird-128.10.0-1.0.1.el8_10.src.rpm Related CVEs: CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 Description of changes: [128.10.0-1.0.1] - Fix prefs for new nss [Orabug: 37079820] - Add Oracle prefs file - Force use of gcc-toolset-13 due to clang dependency [128.10.0] - Add OpenELA debranding [128.10.0-1] - Update to 128.10.0 build1 From el-errata at oss.oracle.com Tue May 13 18:04:58 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 11:04:58 -0700 Subject: [El-errata] ELBA-2025-4337-1 Oracle Linux 8 kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4337-1 http://linux.oracle.com/errata/ELBA-2025-4337-1.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.51.1.0.1.el8_10.noarch.rpm kernel-core-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.51.1.0.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm perf-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.51.1.0.1.el8_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.51.1.0.1.el8_10.src.rpm Description of changes: [4.18.0-553.51.1.0.1.el8_10.OL8] - scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230] [4.18.0-553.51.1.el8_10.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] [4.18.0-553.51.1.el8_10] - x86/xen: use the whole RCX when picking the right hypercall function (Vitaly Kuznetsov) [RHEL-87072] - Revert "usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB" (Desnes Nunes) [RHEL-87280] From el-errata at oss.oracle.com Tue May 13 18:05:25 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 11:05:25 -0700 Subject: [El-errata] ELSA-2025-20319 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20319 http://linux.oracle.com/errata/ELSA-2025-20319.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2136.343.5.1.el8uek.x86_64.rpm kernel-uek-container-5.4.17-2136.343.5.1.el8uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.343.5.1.el8uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.343.5.1.el8uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.343.5.1.el8uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.343.5.1.el8uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.343.5.1.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.343.5.1.el8uek.src.rpm Related CVEs: CVE-2023-52532 CVE-2024-36929 Description of changes: [5.4.17-2136.343.5.1.el8uek] - nvme: fix deadlock between reset and scan (Bitao Hu) [Orabug: 37920457] [5.4.17-2136.343.5.el8uek] - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846673] - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846668] - uek-rpm: remove .el7 from shim version (Samasth Norway Ananda) [Orabug: 37834734] [5.4.17-2136.343.4.el8uek] - bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao) - Revert "sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy" (Magali Lemes) - jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz) - serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping) - Revert "sctp: sysctl: auth_enable: avoid using current->nsproxy" (Magali Lemes) - net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet) - vlan: fix memory leak in vlan_newlink() (Eric Dumazet) - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (H?kon Bugge) [Orabug: 37747826] [5.4.17-2136.343.3.el8uek] - LTS tag: v5.4.291 (Sherry Yang) - eeprom: digsy_mtc: Make GPIO lookup table match the device (Andy Shevchenko) - slimbus: messaging: Free transaction ID in delayed interrupt scenario (Visweswara Tanuku) - intel_th: pci: Add Panther Lake-P/U support (Alexander Shishkin) - intel_th: pci: Add Panther Lake-H support (Alexander Shishkin) - intel_th: pci: Add Arrow Lake support (Pawel Chmielewski) - Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) - xhci: pci: Fix indentation in the PCI device ID definitions (Andy Shevchenko) - usb: gadget: Check bmAttributes only if configuration is valid (Prashanth K) - usb: gadget: Fix setting self-powered state on suspend (Marek Szyprowski) - usb: gadget: Set self-powered based on MaxPower and bmAttributes (Prashanth K) - usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (AngeloGioacchino Del Regno) - usb: typec: ucsi: increase timeout for PPM reset operations (Fedor Pchelkin) - usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich) - usb: renesas_usbhs: Flush the notify_hotplug_work (Claudiu Beznea) - usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (Miao Li) - usb: renesas_usbhs: Use devm_usb_get_phy() (Claudiu Beznea) - usb: renesas_usbhs: Call clk_put() (Claudiu Beznea) - Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (Christian Heusel) - gpio: rcar: Fix missing of_node_put() call (Fabrizio Castro) - net: ipv6: fix missing dst ref drop in ila lwtunnel (Justin Iurman) - net: ipv6: fix dst ref loop in ila lwtunnel (Justin Iurman) - net-timestamp: support TCP GSO case for a few missing flags (Jason Xing) - vlan: enforce underlying device type (Oscar Maes) - ppp: Fix KMSAN uninit-value warning with bpf (Jiayuan Chen) - be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink (Nikolay Aleksandrov) - drm/sched: Fix preprocessor guard (Philipp Stanner) - hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (Xinghuo Chen) - llc: do not use skb_get() before dev_queue_xmit() (Eric Dumazet) - hwmon: (ad7314) Validate leading zero bits and return error (Erik Schumacher) - hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (Maud Spierings) - hwmon: (pmbus) Initialise page count in pmbus_identify() (Titus Rwantare) - caif_virtio: fix wrong pointer check in cfv_probe() (Vitaliy Shevtsov) - net: gso: fix ownership in __udp_gso_segment (Antoine Tenart) - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (Zhang Lixu) - HID: google: fix unused variable warning under !CONFIG_ACPI (Yu-Chun Lin) - wifi: iwlwifi: limit printed string from FW file (Johannes Berg) - mm/page_alloc: fix uninitialized variable (Hao Zhang) - rapidio: fix an API misues when rio_add_net() fails (Haoxiang Li) - rapidio: add check for rio_add_net() in rio_scan_alloc_net() (Haoxiang Li) - wifi: nl80211: reject cooked mode if it is set along with other flags (Vitaliy Shevtsov) - wifi: cfg80211: regulatory: improve invalid hints checking (Nikita Zhandarovich) - x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 (Ahmed S. Darwish) - x86/cpu: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - x86/cacheinfo: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (Mingcong Bai) - drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (Richard Thier) - ALSA: hda/realtek: update ALC222 depop optimize (Kailang Yang) - ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (Hoku Ishibe) - HID: appleir: Fix potential NULL dereference at raw event handle (Daniil Dulov) - Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" (Rob Herring (Arm)) - drm/amdgpu: disable BAR resize on Dell G5 SE (Alex Deucher) - drm/amdgpu: Check extended configuration space register when system uses large bar (Ma Jun) - drm/amdgpu: skip BAR resizing if the bios already did it (Alex Deucher) - acct: perform last write from workqueue (Christian Brauner) - kernel/acct.c: use dedicated helper to access rlimit values (Yang Yang) - kernel/acct.c: use #elif instead of #end and #elif (Hui Su) - drop_monitor: fix incorrect initialization order (Gavrilov Ilia) - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (Quang Le) - sched/core: Prevent rescheduling when interrupts are disabled (Thomas Gleixner) - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (Kaustabh Chakraborty) - phy: tegra: xusb: reset VBUS & ID OVERRIDE (BH Hsieh) - usbnet: gl620a: fix endpoint checking in genelink_bind() (Nikita Zhandarovich) - perf/core: Fix low freq setting via IOC_PERIOD (Kan Liang) - ftrace: Avoid potential division by zero in function_stat_show() (Nikolay Kuratov) - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems (Russell Senior) - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. (Harshal Chaudhari) - ipvs: Always clear ipvs_property flag in skb_scrub_packet() (Philo Lu) - ASoC: es8328: fix route from DAC to output (Nicolas Frattaroli) - net: cadence: macb: Synchronize stats calculations (Sean Anderson) - sunrpc: suppress warnings for unused procfs functions (Arnd Bergmann) - batman-adv: Drop unmanaged ELP metric worker (Sven Eckelmann) - batman-adv: Ignore neighbor throughput metrics in error case (Sven Eckelmann) - acct: block access to kernel internal filesystems (Christian Brauner) - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (John Veness) - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (Haoxiang Li) - tee: optee: Fix supplicant wait loop (Sumit Garg) - power: supply: da9150-fg: fix potential overflow (Andrey Vatoropin) - flow_dissector: Fix port range key handling in BPF conversion (Cong Wang) - flow_dissector: Fix handling of mixed port and port-range keys (Cong Wang) - net: extract port range fields from fl_flow_key (Maksym Glubokiy) - geneve: Suppress list corruption splat in geneve_destroy_tunnels(). (Kuniyuki Iwashima) - geneve: Fix use-after-free in geneve_find_dev(). (Kuniyuki Iwashima) - powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (Christophe Leroy) - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (Christophe Leroy) - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (Michael Ellerman) - USB: gadget: f_midi: f_midi_complete to call queue_work (Jill Donahue) - usb/gadget: f_midi: Replace tasklet with work (Davidlohr Bueso) - usb/gadget: f_midi: convert tasklets to use new tasklet_setup() API (Allen Pais) - usb: dwc3: Fix timeout issue during controller enter/exit from halt state (Selvarasu Ganesan) - usb: dwc3: Increase DWC3 controller halt timeout (Wesley Cheng) - memcg: fix soft lockup in the OOM process (Chen Ridong) - mm: update mark_victim tracepoints fields (Carlos Galo) - crypto: testmgr - some more fixes to RSA test vectors (Ignat Korchagin) - crypto: testmgr - populate RSA CRT parameters in RSA test vectors (Ignat Korchagin) - crypto: testmgr - fix version number of RSA tests (lei he) - crypto: testmgr - Fix wrong test case of RSA (Lei He) - crypto: testmgr - fix wrong key length for pkcs1pad (Lei He) - driver core: bus: Fix double free in driver API bus_register() (Zijun Hu) - scsi: storvsc: Set correct data length for sending SCSI command without payload (Long Li) - vlan: move dev_put into vlan_dev_uninit (Xin Long) - vlan: introduce vlan_dev_free_egress_priority (Xin Long) - pps: Fix a use-after-free (Calvin Owens) - btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana) - x86/i8253: Disable PIT timer 0 when not in use (David Woodhouse) - parport_pc: add support for ASIX AX99100 (Jiaqing Zhao) - serial: 8250_pci: add support for ASIX AX99100 (Jiaqing Zhao) - can: ems_pci: move ASIX AX99100 ids to pci_ids.h (Jiaqing Zhao) - nilfs2: protect access to buffers with no active references (Ryusuke Konishi) - nilfs2: do not force clear folio if buffer is referenced (Ryusuke Konishi) - nilfs2: do not output warnings when clearing dirty buffers (Ryusuke Konishi) - alpha: replace hardcoded stack offsets with autogenerated ones (Ivan Kokshaysky) - ndisc: extend RCU protection in ndisc_send_skb() (Eric Dumazet) - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (Eric Dumazet) - arp: use RCU protection in arp_xmit() (Eric Dumazet) - neighbour: use RCU protection in __neigh_notify() (Eric Dumazet) - neighbour: delete redundant judgment statements (Li Zetao) - ndisc: use RCU protection in ndisc_alloc_skb() (Eric Dumazet) - ipv6: use RCU protection in ip6_default_advmss() (Eric Dumazet) - ipv4: use RCU protection in inet_select_addr() (Eric Dumazet) - ipv4: use RCU protection in rt_is_expired() (Eric Dumazet) - net: add dev_net_rcu() helper (Eric Dumazet) - net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu() (Jiri Pirko) - regmap-irq: Add missing kfree() (Jiasheng Jiang) - partitions: mac: fix handling of bogus partition table (Jann Horn) - gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (Wentao Liang) - alpha: align stack for page fault and user unaligned trap handlers (Ivan Kokshaysky) - serial: 8250: Fix fifo underflow on flush (John Keeping) - alpha: make stack 16-byte aligned (most cases) (Ivan Kokshaysky) - can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (Alexander H?lzl) - can: c_can: fix unbalanced runtime PM disable in error path (Krzysztof Kozlowski) - USB: serial: option: drop MeiG Smart defines (Johan Hovold) - USB: serial: option: fix Telit Cinterion FN990A name (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FN990B compositions (Fabio Porcedda) - USB: serial: option: add MeiG Smart SLM828 (Chester A. Unal) - usb: cdc-acm: Fix handling of oversized fragments (Jann Horn) - usb: cdc-acm: Check control transfer buffer size before access (Jann Horn) - USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (Marek Vasut) - USB: hub: Ignore non-compliant devices with too many configs or interfaces (Alan Stern) - usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (John Keeping) - USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (Mathias Nyman) - USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (Lei Huang) - USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (Huacai Chen) - usb: dwc2: gadget: remove of_node reference upon udc_stop (Fabrice Gasnier) - usb: gadget: udc: renesas_usb3: Fix compiler warning (Guo Ren) - usb: roles: set switch registered flag early on (Elson Roy Serrao) - batman-adv: fix panic during interface removal (Andy Strohman) - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (Hans de Goede) - orangefs: fix a oob in orangefs_debug_write (Mike Marshall) - Grab mm lock before grabbing pt lock (Maksym Planeta) - vfio/pci: Enable iowrite64 and ioread64 for vfio pci (Ramesh Thomas) - media: cxd2841er: fix 64-bit division on gcc-9 (Arnd Bergmann) - gpio: bcm-kona: Add missing newline to dev_err format string (Artur Weber) - gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (Artur Weber) - gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (Artur Weber) - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec) - team: better TEAM_OPTION_TYPE_STRING validation (Eric Dumazet) - vrf: use RCU protection in l3mdev_l3_out() (Eric Dumazet) - ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (Eric Dumazet) - HID: multitouch: Add NULL check in mt_input_configured (Charles Han) - ocfs2: check dir i_size in ocfs2_find_entry (Su Yue) - MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static (WangYuli) - ptp: Ensure info->enable callback is always set (Thomas Wei?schuh) - net/ncsi: wait for the last response to Deselect Package before configuring channel (Paul Fertser) - misc: fastrpc: Fix registered buffer page address (Ekansh Gupta) - mtd: onenand: Fix uninitialized retlen in do_otp_read() (Ivan Stepchenko) - NFC: nci: Add bounds checking in nci_hci_create_pipe() (Dan Carpenter) - nilfs2: fix possible int overflows in nilfs_fiemap() (Nikita Zhandarovich) - ocfs2: handle a symlink read error correctly (Matthew Wilcox (Oracle)) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - nvmem: core: improve range check for nvmem_cell_write() (Jennifer Berringer) - crypto: qce - unregister previously registered algos in error path (Bartosz Golaszewski) - crypto: qce - fix goto jump in error path (Bartosz Golaszewski) - media: uvcvideo: Remove redundant NULL assignment (Ricardo Ribalda) - media: uvcvideo: Fix event flags in uvc_ctrl_send_events (Ricardo Ribalda) - media: ov5640: fix get_light_freq on auto (Sam Bobrowicz) - soc: qcom: smem_state: fix missing of_node_put in error path (Krzysztof Kozlowski) - kbuild: Move -Wenum-enum-conversion to W=2 (Nathan Chancellor) - powerpc/pseries/eeh: Fix get PE state translation (Narayana Murty N) - serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (Claudiu Beznea) - serial: sh-sci: Drop __initdata macro for port_cfg (Claudiu Beznea) - soc: qcom: socinfo: Avoid out of bounds read of serial number (Stephan Gerhold) - usb: gadget: f_tcm: Don't prepare BOT write request twice (Thinh Nguyen) - usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (Thinh Nguyen) - usb: gadget: f_tcm: Decrement command ref count on cleanup (Thinh Nguyen) - usb: gadget: f_tcm: Translate error to sense (Thinh Nguyen) - wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (Marcel Hamer) - HID: hid-sensor-hub: don't use stale platform-data on remove (Heiko Stuebner) - of: reserved-memory: Fix using wrong number of cells to get property 'alignment' (Zijun Hu) - of: Fix of_find_node_opts_by_path() handling of alias+path+options (Zijun Hu) - of: Correct child specifier used as input of the 2nd nexus node (Zijun Hu) - perf bench: Fix undefined behavior in cmpworker() (Kuan-Wei Chiu) - clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (Anastasia Belova) - clk: qcom: clk-alpha-pll: fix alpha mode configuration (Gabor Juhos) - drm/komeda: Add check for komeda_get_layer_fourcc_list() (Haoxiang Li) - KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (David Hildenbrand) - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (Sean Christopherson) - arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (Jakob Unterwurzacher) - binfmt_flat: Fix integer overflow bug on 32 bit systems (Dan Carpenter) - m68k: vga: Fix I/O defines (Thomas Zimmermann) - s390/futex: Fix FUTEX_OP_ANDN implementation (Heiko Carstens) - leds: lp8860: Write full EEPROM, not only half of it (Alexander Sverdlin) - cpufreq: s3c64xx: Fix compilation warning (Viresh Kumar) - tun: revert fix group permission check (Willem de Bruijn) - net: rose: lock the socket in rose_bind() (Eric Dumazet) - udp: gso: do not drop small packets when PMTU reduces (Yan Zhai) - tg3: Disable tg3 PCIe AER on system reboot (Lenny Szubowicz) - gpu: drm_dp_cec: fix broken CEC adapter properties check (Hans Verkuil) - firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (Prasad Pandit) - nvme: handle connectivity loss in nvme_set_queue_count (Daniel Wagner) - usb: xhci: Fix NULL pointer dereference on certain command aborts (Michal Pecio) - usb: xhci: Add timeout argument in address_device USB HCD callback (Hardik Gajjar) - net: usb: rtl8150: enable basic endpoint checking (Nikita Zhandarovich) - net: usb: rtl8150: use new tasklet API (Emil Renner Berthing) - tasklet: Introduce new initialization API (Romain Perier) - kbuild: userprogs: use correct lld when linking through clang (Thomas Wei?schuh) - media: uvcvideo: Remove dangling pointers (Ricardo Ribalda) - media: uvcvideo: Only save async fh if success (Ricardo Ribalda) - nilfs2: handle errors that nilfs_prepare_chunk() may return (Ryusuke Konishi) - nilfs2: eliminate staggered calls to kunmap in nilfs_rename (Ryusuke Konishi) - nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link (Ryusuke Konishi) - spi-mxs: Fix chipselect glitch (Ralf Schlatterbeck) - x86/mm: Don't disable PCID when INVLPG has been fixed by microcode (Xi Ruoyao) - APEI: GHES: Have GHES honor the panic= setting (Borislav Petkov) - HID: Wacom: Add PCI Wacom device support (Even Xu) - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (Hans de Goede) - tomoyo: don't emit warning in tomoyo_write_control() (Tetsuo Handa) - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (Dmitry Antipov) - mmc: core: Respect quirk_max_rate for non-UHS SDIO card (Shawn Lin) - tun: fix group permission check (Stas Sergeev) - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (Kuan-Wei Chiu) - x86/amd_nb: Restrict init function to AMD-based systems (Yazen Ghannam) - sched: Don't try to catch up excess steal time. (Suleiman Souhlal) - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (Josef Bacik) - btrfs: fix use-after-free when attempting to join an aborted transaction (Filipe Manana) - btrfs: output the reason for open_ctree() failure (Qu Wenruo) - usb: gadget: f_tcm: Don't free command immediately (Thinh Nguyen) - media: uvcvideo: Fix double free in error path (Laurent Pinchart) - HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (Alan Stern) - usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (Jos Wang) - drivers/card_reader/rtsx_usb: Restore interrupt based detection (Sean Rhodes) - ktest.pl: Check kernelrelease return in get_version (Ricardo B. Marliere) - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Chuck Lever) - hexagon: Fix unbalanced spinlock in die() (Lin Yujun) - hexagon: fix using plain integer as NULL pointer warning in cmpxchg (Willem de Bruijn) - genksyms: fix memory leak when the same symbol is read from *.symref file (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is added from source (Masahiro Yamada) - net: sh_eth: Fix missing rtnl lock in suspend/resume path (Kory Maincent) - vsock: Allow retrying on connect() failure (Michal Luczaj) - perf trace: Fix runtime error of index out of bounds (Howard Chu) - net: davicom: fix UAF in dm9000_drv_remove (Chenyuan Yang) - net: rose: fix timer races against user threads (Eric Dumazet) - PM: hibernate: Add error handling for syscore_suspend() (Wentao Liang) - ipmr: do not call mr_mfc_uses_dev() for unres entries (Eric Dumazet) - net: fec: implement TSO descriptor cleanup (Dheeraj Reddy Jonnalagadda) - ubifs: skip dumping tnc tree when zroot is null (pangliyuan) - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (Oleksij Rempel) - dmaengine: ti: edma: fix OF node reference leaks in edma_driver (Joe Hattori) - module: Extend the preempt disabled section in dereference_symbol_descriptor(). (Sebastian Andrzej Siewior) - ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (Su Yue) - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (Guixin Liu) - scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1 (Paul Menzel) - staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (Joe Hattori) - media: uvcvideo: Propagate buf->error to userspace (Ricardo Ribalda) - media: camif-core: Add check for clk_enable() (Jiasheng Jiang) - media: mipi-csis: Add check for clk_enable() (Jiasheng Jiang) - PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (Zijun Hu) - media: lmedm04: Handle errors for lme2510_int_read (Chen Ni) - media: lmedm04: Use GFP_KERNEL for URB allocation/submission. (Malcolm Priestley) - media: rc: iguanair: handle timeouts (Oliver Neukum) - fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (Joe Hattori) - ARM: dts: mediatek: mt7623: fix IR nodename (Rafa? Mi?ecki) - arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property (Chen-Yu Tsai) - rdma/cxgb4: Prevent potential integer overflow on 32bit (Dan Carpenter) - RDMA/mlx4: Avoid false error about access to uninitialized gids array (Leon Romanovsky) - bpf: Send signals asynchronously if !preemptible (Puranjay Mohan) - perf report: Fix misleading help message about --demangle (Jiachen Zhang) - perf top: Don't complain about lack of vmlinux when not resolving some kernel samples (Arnaldo Carvalho de Melo) - padata: fix sysfs store callback check (Thomas Wei?schuh) - ktest.pl: Remove unused declarations in run_bisect_test function (Ba Jing) - perf header: Fix one memory leakage in process_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_btf() (Zhongqiu Han) - ASoC: sun4i-spdif: Add clock multiplier settings (George Lander) - tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande) - net: sched: Disallow replacing of child qdisc from one parent to another (Jamal Hadi Salim) - net/mlxfw: Drop hard coded max FW flash image size (Maher Sanalla) - net: let net.core.dev_weight always be non-zero (Liu Jian) - clk: analogbits: Fix incorrect calculation of vco rate delta (Bo Gan) - selftests: harness: fix printing of mismatch values in __EXPECT() (Dmitry V. Levin) - selftests/harness: Display signed values correctly (Kees Cook) - wifi: wlcore: fix unbalanced pm_runtime calls (Andreas Kemnade) - regulator: of: Implement the unwind path of of_regulator_match() (Joe Hattori) - team: prevent adding a device which is already a team device lower (Octavian Purdila) - cpupower: fix TSC MHz calculation (He Rongguang) - wifi: rtlwifi: pci: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix memory leaks and invalid access at probe error path (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused check_buddy_priv (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused dualmac control leftovers (Dmitry Antipov) - wifi: rtlwifi: remove unused timer and related code (Dmitry Antipov) - rtlwifi: replace usage of found with dedicated list iterator variable (Jakob Koschel) - dt-bindings: mmc: controller: clarify the address-cells description (Neil Armstrong) - wifi: rtlwifi: usb: fix workqueue leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (Thadeu Lima de Souza Cascardo) - rtlwifi: rtl8192se Rename RT_TRACE to rtl_dbg (Larry Finger) - wifi: rtlwifi: do not complete firmware loading needlessly (Thadeu Lima de Souza Cascardo) - ipmi: ipmb: Add check devm_kasprintf() returned value (Charles Han) - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (Ivan Stepchenko) - drm/etnaviv: Fix page property being used for non writecombine buffers (Sui Jingfeng) - partitions: ldm: remove the initial kernel-doc notation (Randy Dunlap) - nbd: don't allow reconnect after disconnect (Yu Kuai) - afs: Fix directory format encoding struct (David Howells) - overflow: Allow mixed type arguments (Kees Cook) - overflow: Correct check_shl_overflow() comment (Keith Busch) - overflow: Add __must_check attribute to check_*() helpers (Kees Cook) [5.4.17-2136.343.2.el8uek] - rds: ib: Do not attempt to insert RDMA exthdr twice (H?kon Bugge) [Orabug: 37721764] - net: mana: Fix TX CQE error handling (Haiyang Zhang) [Orabug: 36983924] {CVE-2023-52532} - net/mlx5: Stop waiting for PCI if pci channel is offline (Moshe Shemesh) [Orabug: 36929747] - rds: ib: Fix racy send affinity work cancellation (H?kon Bugge) [Orabug: 36605776] - uek-rpm: install the perf exec dir (Stephen Brennan) [Orabug: 35023180] - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37764002] [5.4.17-2136.343.1.el8uek] - rds: ib: Make traffic_class visible to user-space (H?kon Bugge) [Orabug: 37617866] - rds: ib: Remove incorrect update of the path record sl and qos_class fields (H?kon Bugge) [Orabug: 37617866] - net: core: reject skb_copy(_expand) for fraglist GSO skbs (Felix Fietkau) [Orabug: 36683418] {CVE-2024-36929} - udp: do not accept non-tunnel GSO skbs landing in a tunnel (Antoine Tenart) [Orabug: 36643088] - udp: never accept GSO_FRAGLIST packets (Paolo Abeni) [Orabug: 36643088] - udp: initialize is_flist with 0 in udp_gro_receive (Xin Long) [Orabug: 36643088] From el-errata at oss.oracle.com Tue May 13 18:07:03 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 11:07:03 -0700 Subject: [El-errata] ELSA-2025-20320 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20320 http://linux.oracle.com/errata/ELSA-2025-20320.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-core-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-debug-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-debug-core-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-devel-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-doc-5.15.0-308.179.6.el8uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-container-5.15.0-308.179.6.el8uek.x86_64.rpm kernel-uek-container-debug-5.15.0-308.179.6.el8uek.x86_64.rpm aarch64: bpftool-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-core-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-debug-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-debug-core-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-devel-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-doc-5.15.0-308.179.6.el8uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-container-5.15.0-308.179.6.el8uek.aarch64.rpm kernel-uek-container-debug-5.15.0-308.179.6.el8uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-308.179.6.el8uek.src.rpm Related CVEs: CVE-2024-25742 CVE-2024-25743 CVE-2024-25744 CVE-2024-56583 Description of changes: [5.15.0-308.179.6.el8uek] - net: bridge: IP defragmentation failing for jumboframes (Venkat Venkatsubra) [Orabug: 37847171] - uek-rpm: remove .el9 from shim version (Samasth Norway Ananda) [Orabug: 37834731] - RDS: avoid using offlined CPU during reconnect (Arumugam Kolappan) [Orabug: 37783021] - net/mlx5e: Rely on reqid in IPsec tunnel mode (Leon Romanovsky) [Orabug: 37710815] - net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (Leon Romanovsky) [Orabug: 37710815] - net/mlx5: Clear port select structure when fail to create (Mark Zhang) [Orabug: 37710815] - net/mlx5: SF, Fix add port error handling (Chris Mi) [Orabug: 37710815] - net/mlx5: Fix variable not being completed when function returns (Chenguang Zhao) [Orabug: 37710815] - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: macsec: Maintain TX SA from encoding_sa (Dragos Tatulea) [Orabug: 37710815] - net/mlx5e: Remove workaround to avoid syndrome for internal port (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: SD, Use correct mdev to build channel param (Tariq Toukan) [Orabug: 37710815] - mlxsw: spectrum_acl_flex_keys: Use correct key block on Spectrum-4 (Ido Schimmel) [Orabug: 37710815] - net/mlx5e: clear xdp features on non-uplink representors (William Tu) [Orabug: 37710815] - net/mlx5: Fix msix vectors to respect platform limit (Parav Pandit) [Orabug: 37710815] - mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (Ido Schimmel) [Orabug: 37710815] - mlxsw: spectrum_ptp: Add missing verification before pushing Tx header (Amit Cohen) [Orabug: 37710815] - net/mlx5e: Don't call cleanup on profile rollback failure (Cosmin Ratiu) [Orabug: 37710815] - net/mlx5: Fix command bitmask initialization (Shay Drory) [Orabug: 37710815] - net/mlx5: Check for invalid vector index on EQ creation (Maher Sanalla) [Orabug: 37710815] - mlxsw: spectrum_acl_flex_keys: Constify struct mlxsw_afk_element_inst (Christophe JAILLET) [Orabug: 37710815] - net: Fix netns for ip_tunnel_init_flow() (Xiao Liang) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (Ido Schimmel) [Orabug: 37710815] - ip_tunnel: annotate data-races around t->parms.link (Eric Dumazet) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (Ido Schimmel) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (Ido Schimmel) [Orabug: 37710815] - net/mlx5e: SHAMPO, Fix overflow of hd_per_wq (Dragos Tatulea) [Orabug: 37710815] - net/mlx5e: SHAMPO, Increase timeout to improve latency (Dragos Tatulea) [Orabug: 37710815] - net/mlx5: Verify support for scheduling element and TSAR type (Carolina Jubran) [Orabug: 37710815] - net/mlx5e: Enable remove flow for hard packet limit (Jianbo Liu) [Orabug: 37710815] - net/mlx5: Use set number of max EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: IFC updates for SF max IO EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5e: Approximate IPsec per-SA payload data bytes count (Leon Romanovsky) [Orabug: 37710815] - net/mlx5e: Present succeeded IPsec SA bytes and packet (Leon Romanovsky) [Orabug: 37710815] - net/mlx5: Use max_num_eqs_24b capability if set (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: IFC updates for changing max EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: Correct TASR typo into TSAR (Cosmin Ratiu) [Orabug: 37710815] - net/mlx5e: SHAMPO, Re-enable HW-GRO (Yoray Zack) [Orabug: 37710815] - net/mlx5e: SHAMPO, Use KSMs instead of KLMs (Yoray Zack) [Orabug: 37710815] - net/mlx5e: Fix netif state handling (Shay Drory) [Orabug: 37710815] - net/mlx5e: RSS, Block XOR hash with over 128 channels (Carolina Jubran) [Orabug: 37710815] - net/mlx5: Support matching on l4_type for ttc_table (Jianbo Liu) [Orabug: 37710815] - net/mlx5: Enable SD feature (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Block TLS device offload on combined SD netdev (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Support per-mdev queue counter (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Support cross-vhca RSS (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Let channels be SD-aware (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Connect mlx5 IPsec statistics with XFRM core (Leon Romanovsky) [Orabug: 37710815] - xfrm: get global statistics from the offloaded device (Leon Romanovsky) [Orabug: 37710815] - RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584] [Orabug: 37551309] - uek-rpm/kernel-uek.spec: Set DEFAULTKERNEL correctly during %postun (Vijay Kumar) [Orabug: 37376706] [5.15.0-308.179.5.el8uek] - net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet) - usbnet:fix NPE during rx_complete (Ying Lu) - bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao) - jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz) - serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping) - ksmbd: fix multichannel connection failure (Namjae Jeon) - rds: Tear down the copy-from-user cache before destroying rds_wq (H?kon Bugge) [Orabug: 37716901] [5.15.0-308.179.4.el8uek] - Check concurrency before THP creation for file mappings in fault path (Prakash Sangappa) [Orabug: 37608058] - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (H?kon Bugge) [Orabug: 37747825] [5.15.0-308.179.3.el8uek] - uek-rpm: Build Bluefield 3 kernel for OL9 (Dave Kleikamp) [Orabug: 37763488] - uek-rpm: Add emb3 config and core list for OL9 (Dave Kleikamp) [Orabug: 37763488] - udf: Fix directory iteration for longer tail extents (Jan Kara) [Orabug: 37761829] - uek-rpm: install the perf exec dir (Stephen Brennan) [Orabug: 37757734] - perf probe: Improve log for long event name failure (Leo Yan) [Orabug: 37752593] - perf probe: Check group string length (Leo Yan) [Orabug: 37752593] - perf probe: Use the MAX_EVENT_NAME_LEN macro (Leo Yan) [Orabug: 37752593] - perf probe-event: Better error message for a too-long probe name (Dima Kogan) [Orabug: 37752593] - rds: ib: Do not attempt to insert RDMA exthdr twice (H?kon Bugge) [Orabug: 37721762] - x86/sev: Harden #VC instruction emulation somewhat (Borislav Petkov (AMD)) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Do not allow external 0x80 interrupts (Thomas Gleixner) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Convert INT 0x80 emulation to IDTENTRY (Thomas Gleixner) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Fixup objtool/ibt validation (Peter Zijlstra) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/sev: Mark the code returning to user space as syscall gap (Lai Jiangshan) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - rds: ib: Fix racy send affinity work cancellation (H?kon Bugge) [Orabug: 37607469] - sched/deadline: Fix warning in migrate_enable for boosted tasks (Wander Lairson Costa) [Orabug: 37433838] {CVE-2024-56583} - x86/coco: Disable 32-bit emulation by default on TDX and SEV (Kirill A. Shutemov) [Orabug: 36298741] {CVE-2024-25744} - x86/ia32: State that IA32 emulation is disabled (Borislav Petkov (AMD)) [Orabug: 36298741] {CVE-2024-25744} - x86: Make IA32_EMULATION boot time configurable (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Remove toolchain check for X32 ABI capability (Masahiro Yamada) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/elf: Make loading of 32bit processes depend on ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Compile entry_SYSCALL32_ignore() unconditionally (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Rename ignore_sysret() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Introduce ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Fix misspelled Kconfig symbols (Lukas Bulwahn) [Orabug: 36298741] {CVE-2024-25744} [5.15.0-308.179.2.el8uek] - LTS version: v5.15.179 (Vijayendra Suman) - net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (Jakub Kicinski) - kbuild: userprogs: use correct lld when linking through clang (Thomas Wei?schuh) - vsock: Orphan socket after transport release (Michal Luczaj) - vsock: Keep the binding until socket destruction (Michal Luczaj) - bpf, vsock: Invoke proto::close on close() (Michal Luczaj) - media: uvcvideo: Remove dangling pointers (Ricardo Ribalda) - media: uvcvideo: Fix crash during unbind if gpio unit is in use (Ricardo Ribalda) - nilfs2: handle errors that nilfs_prepare_chunk() may return (Ryusuke Konishi) - nilfs2: eliminate staggered calls to kunmap in nilfs_rename (Ryusuke Konishi) - nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link (Ryusuke Konishi) - spi-mxs: Fix chipselect glitch (Ralf Schlatterbeck) - mtd: rawnand: cadence: fix unchecked dereference (Niravkumar L Rabara) - md: select BLOCK_LEGACY_AUTOLOAD (NeilBrown) - media: uvcvideo: Avoid returning invalid controls (Ricardo Ribalda) - media: uvcvideo: Avoid invalid memory access (Ricardo Ribalda) - drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (Haoyu Li) - eeprom: digsy_mtc: Make GPIO lookup table match the device (Andy Shevchenko) - bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (Manivannan Sadhasivam) - slimbus: messaging: Free transaction ID in delayed interrupt scenario (Visweswara Tanuku) - intel_th: pci: Add Panther Lake-P/U support (Alexander Shishkin) - intel_th: pci: Add Panther Lake-H support (Alexander Shishkin) - intel_th: pci: Add Arrow Lake support (Pawel Chmielewski) - mei: me: add panther lake P DID (Alexander Usyskin) - Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) - usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (Michal Pecio) - xhci: pci: Fix indentation in the PCI device ID definitions (Andy Shevchenko) - usb: gadget: Check bmAttributes only if configuration is valid (Prashanth K) - usb: gadget: Fix setting self-powered state on suspend (Marek Szyprowski) - usb: gadget: Set self-powered based on MaxPower and bmAttributes (Prashanth K) - usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (AngeloGioacchino Del Regno) - usb: typec: ucsi: increase timeout for PPM reset operations (Fedor Pchelkin) - usb: dwc3: gadget: Prevent irq storm when TH re-executes (Badhri Jagan Sridharan) - usb: renesas_usbhs: Flush the notify_hotplug_work (Claudiu Beznea) - usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (Miao Li) - usb: hub: lack of clearing xHC resources (Pawel Laszczak) - usb: renesas_usbhs: Use devm_usb_get_phy() (Claudiu Beznea) - usb: renesas_usbhs: Call clk_put() (Claudiu Beznea) - Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (Christian Heusel) - gpio: rcar: Fix missing of_node_put() call (Fabrizio Castro) - net: ipv6: fix missing dst ref drop in ila lwtunnel (Justin Iurman) - net: ipv6: fix dst ref loop in ila lwtunnel (Justin Iurman) - sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (Zecheng Li) - net-timestamp: support TCP GSO case for a few missing flags (Jason Xing) - exfat: fix soft lockup in exfat_clear_bitmap (Namjae Jeon) - x86/sgx: Fix size overflows in sgx_encl_create() (Jarkko Sakkinen) - vlan: enforce underlying device type (Oscar Maes) - ppp: Fix KMSAN uninit-value warning with bpf (Jiayuan Chen) - net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (Peiyang Wang) - be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink (Nikolay Aleksandrov) - drm/sched: Fix preprocessor guard (Philipp Stanner) - hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (Xinghuo Chen) - llc: do not use skb_get() before dev_queue_xmit() (Eric Dumazet) - ALSA: usx2y: validate nrpacks module parameter on probe (Murad Masimov) - hwmon: (ad7314) Validate leading zero bits and return error (Erik Schumacher) - hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (Maud Spierings) - hwmon: (pmbus) Initialise page count in pmbus_identify() (Titus Rwantare) - caif_virtio: fix wrong pointer check in cfv_probe() (Vitaliy Shevtsov) - net: gso: fix ownership in __udp_gso_segment (Antoine Tenart) - nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (Meir Elisha) - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (Zhang Lixu) - HID: google: fix unused variable warning under !CONFIG_ACPI (Yu-Chun Lin) - wifi: iwlwifi: limit printed string from FW file (Johannes Berg) - mm: don't skip arch_sync_kernel_mappings() in error paths (Ryan Roberts) - mm/page_alloc: fix uninitialized variable (Hao Zhang) - block: fix conversion of GPT partition name to 7-bit (Olivier Gayot) - s390/traps: Fix test_monitor_call() inline assembly (Heiko Carstens) - rapidio: fix an API misues when rio_add_net() fails (Haoxiang Li) - rapidio: add check for rio_add_net() in rio_scan_alloc_net() (Haoxiang Li) - wifi: nl80211: reject cooked mode if it is set along with other flags (Vitaliy Shevtsov) - wifi: cfg80211: regulatory: improve invalid hints checking (Nikita Zhandarovich) - x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 (Ahmed S. Darwish) - x86/cpu: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - x86/cacheinfo: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (Mingcong Bai) - drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (Richard Thier) - ALSA: hda/realtek: update ALC222 depop optimize (Kailang Yang) - ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (Hoku Ishibe) - gpio: aggregator: protect driver attr handlers against module unload (Koichiro Den) - gpio: rcar: Use raw_spinlock to protect register access (Niklas S?derlund) - HID: appleir: Fix potential NULL dereference at raw event handle (Daniil Dulov) - Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" (Rob Herring (Arm)) - drm/amdgpu: disable BAR resize on Dell G5 SE (Alex Deucher) - drm/amdgpu: Check extended configuration space register when system uses large bar (Ma Jun) - smb: client: Add check for next_buffer in receive_encrypted_standard() (Haoxiang Li) - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (Quang Le) - intel_idle: Handle older CPUs, which stop the TSC in deeper C states, correctly (Thomas Gleixner) - sched/core: Prevent rescheduling when interrupts are disabled (Thomas Gleixner) - vmlinux.lds: Ensure that const vars with relocations are mapped R/O (Ard Biesheuvel) - mptcp: always handle address removal under msk socket lock (Paolo Abeni) - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (Kaustabh Chakraborty) - phy: tegra: xusb: reset VBUS & ID OVERRIDE (BH Hsieh) - net: enetc: correct the xdp_tx statistics (Wei Fang) - net: enetc: update UDP checksum when updating originTimestamp field (Wei Fang) - net: enetc: fix the off-by-one issue in enetc_map_tx_buffs() (Wei Fang) - usbnet: gl620a: fix endpoint checking in genelink_bind() (Nikita Zhandarovich) - i2c: npcm: disable interrupt enable bit before devm_request_irq (Tyrone Ting) - drm/amd/display: Fix HPD after gpu reset (Roman Li) - perf/core: Fix low freq setting via IOC_PERIOD (Kan Liang) - ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (Dmitry Panchenko) - ftrace: Avoid potential division by zero in function_stat_show() (Nikolay Kuratov) - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems (Russell Senior) - net: ipv6: fix dst ref loop on input in rpl lwt (Justin Iurman) - net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (Justin Iurman) - net: ipv6: fix dst ref loop on input in seg6 lwt (Justin Iurman) - net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (Justin Iurman) - include: net: add static inline dst_dev_overhead() to dst.h (Justin Iurman) - seg6: add support for SRv6 H.L2Encaps.Red behavior (Andrea Mayer) - seg6: add support for SRv6 H.Encaps.Red behavior (Andrea Mayer) - net/mlx5: IRQ, Fix null string in debug print (Shay Drory) - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. (Harshal Chaudhari) - tcp: Defer ts_recent changes until req is owned (Wang Hai) - ipvs: Always clear ipvs_property flag in skb_scrub_packet() (Philo Lu) - ASoC: es8328: fix route from DAC to output (Nicolas Frattaroli) - net: cadence: macb: Synchronize stats calculations (Sean Anderson) - afs: Fix the server_list to unuse a displaced server rather than putting it (David Howells) - afs: Make it possible to find the volumes that are using a server (David Howells) - afs: remove variable nr_servers (Colin Ian King) - Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (Luiz Augusto von Dentz) - ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (Takashi Iwai) - sunrpc: suppress warnings for unused procfs functions (Arnd Bergmann) - RDMA/mlx5: Fix bind QP error cleanup flow (Patrisious Haddad) - scsi: core: Clear driver private data when retrying request (Ye Bin) - scsi: core: Don't memset() the entire scsi_cmnd in scsi_init_command() (Christoph Hellwig) - ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (Vasiliy Kovalev) - ovl: pass ofs to creation operations (Christian Brauner) - ovl: use wrappers to all vfs_*xattr() calls (Amir Goldstein) - IB/mlx5: Set and get correct qp_num for a DCT QP (Mark Zhang) - x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (Patrick Bellasi) - mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (Niravkumar L Rabara) - mtd: rawnand: cadence: use dma_map_resource for sdma address (Niravkumar L Rabara) - mtd: rawnand: cadence: fix error code in cadence_nand_init() (Niravkumar L Rabara) - acct: block access to kernel internal filesystems (Christian Brauner) - acct: perform last write from workqueue (Christian Brauner) - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (John Veness) - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (Haoxiang Li) - drop_monitor: fix incorrect initialization order (Gavrilov Ilia) - tee: optee: Fix supplicant wait loop (Sumit Garg) - bpf: skip non exist keys in generic_map_lookup_batch (Yan Zhai) - nvme/ioctl: add missing space in err message (Caleb Sander Mateos) - power: supply: da9150-fg: fix potential overflow (Andrey Vatoropin) - arp: switch to dev_getbyhwaddr() in arp_req_set_public() (Breno Leitao) - net: Add non-RCU dev_getbyhwaddr() helper (Breno Leitao) - flow_dissector: Fix port range key handling in BPF conversion (Cong Wang) - flow_dissector: Fix handling of mixed port and port-range keys (Cong Wang) - geneve: Suppress list corruption splat in geneve_destroy_tunnels(). (Kuniyuki Iwashima) - geneve: Fix use-after-free in geneve_find_dev(). (Kuniyuki Iwashima) - powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (Christophe Leroy) - ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang) - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (Christophe Leroy) - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (Michael Ellerman) - USB: gadget: f_midi: f_midi_complete to call queue_work (Jill Donahue) - usb: dwc3: Fix timeout issue during controller enter/exit from halt state (Selvarasu Ganesan) - usb: dwc3: Increase DWC3 controller halt timeout (Wesley Cheng) - batman-adv: Drop unmanaged ELP metric worker (Sven Eckelmann) - batman-adv: Drop initialization of flexible ethtool_link_ksettings (Sven Eckelmann) - media: uvcvideo: Only save async fh if success (Ricardo Ribalda) - media: uvcvideo: Refactor iterators (Ricardo Ribalda) - media: uvcvideo: Set error_idx during ctrl_commit errors (Ricardo Ribalda) - soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (Krzysztof Kozlowski) - soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (Krzysztof Kozlowski) - soc: mediatek: mtk-devapc: Switch to devm_clk_get_enabled() (AngeloGioacchino Del Regno) - kfence: skip __GFP_THISNODE allocations on NUMA systems (Marco Elver) - kfence: enable check kfence canary on panic via boot param (huangshaobo) - kfence: allow use of a deferrable timer (Marco Elver) - tpm: Change to kvalloc() in eventlog/acpi.c (Jarkko Sakkinen) - tpm: Use managed allocation for bios event log (Eddie James) - arm64: dts: mediatek: mt8183: Disable DSI display output by default (Chen-Yu Tsai) - ASoC: renesas: rz-ssi: Add a check for negative sample_space (Dan Carpenter) - drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (Thomas Zimmermann) - drm/probe-helper: Create a HPD IRQ event helper for a single connector (Maxime Ripard) - ksmbd: fix integer overflows on 32 bit systems (Dan Carpenter) - memcg: fix soft lockup in the OOM process (Chen Ridong) - mm: update mark_victim tracepoints fields (Carlos Galo) - media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (Dan Carpenter) - crypto: testmgr - some more fixes to RSA test vectors (Ignat Korchagin) - crypto: testmgr - populate RSA CRT parameters in RSA test vectors (Ignat Korchagin) - crypto: testmgr - fix version number of RSA tests (lei he) - crypto: testmgr - Fix wrong test case of RSA (Lei He) - crypto: testmgr - fix wrong key length for pkcs1pad (Lei He) - arm64: mte: Do not allow PROT_MTE on MAP_HUGETLB user mappings (Catalin Marinas) - pps: Fix a use-after-free (Calvin Owens) - btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana) - x86/i8253: Disable PIT timer 0 when not in use (David Woodhouse) - f2fs: fix to wait dio completion (Chao Yu) - ARM: dts: dra7: Add bus_dma_limit for l4 cfg bus (Romain Naour) - parport_pc: add support for ASIX AX99100 (Jiaqing Zhao) - serial: 8250_pci: add support for ASIX AX99100 (Jiaqing Zhao) - can: ems_pci: move ASIX AX99100 ids to pci_ids.h (Jiaqing Zhao) - nilfs2: protect access to buffers with no active references (Ryusuke Konishi) - nilfs2: do not force clear folio if buffer is referenced (Ryusuke Konishi) - nilfs2: do not output warnings when clearing dirty buffers (Ryusuke Konishi) - alpha: replace hardcoded stack offsets with autogenerated ones (Ivan Kokshaysky) - kdb: Do not assume write() callback available (John Ogness) - drm/v3d: Stop active perfmon if it is being destroyed (Christian Gmeiner) - drm/tidss: Clear the interrupt status for interrupts being disabled (Devarsh Thakkar) - drm/tidss: Fix issue in irq handling causing irq-flood issue (Tomi Valkeinen) - ipv6: mcast: add RCU protection to mld_newpack() (Eric Dumazet) - ndisc: extend RCU protection in ndisc_send_skb() (Eric Dumazet) - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (Eric Dumazet) - arp: use RCU protection in arp_xmit() (Eric Dumazet) - neighbour: use RCU protection in __neigh_notify() (Eric Dumazet) - neighbour: delete redundant judgment statements (Li Zetao) - ndisc: use RCU protection in ndisc_alloc_skb() (Eric Dumazet) - ipv6: use RCU protection in ip6_default_advmss() (Eric Dumazet) - ipv4: use RCU protection in __ip_rt_update_pmtu() (Eric Dumazet) - net: ipv4: Cache pmtu for all packet paths if multipath enabled (Vladimir Vdovin) - selftest: net: Test IPv4 PMTU exceptions with DSCP and ECN (Guillaume Nault) - Namespaceify mtu_expires sysctl (xu xin) - Namespaceify min_pmtu sysctl (xu xin) - ipv4: use RCU protection in inet_select_addr() (Eric Dumazet) - ipv4: use RCU protection in rt_is_expired() (Eric Dumazet) - net: add dev_net_rcu() helper (Eric Dumazet) - ipv4: add RCU protection to ip4_dst_hoplimit() (Eric Dumazet) - clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (Waiman Long) - clocksource: Use pr_info() for "Checking clocksource synchronization" message (Waiman Long) - clocksource: Replace cpumask_weight() with cpumask_empty() (Yury Norov) - btrfs: fix hole expansion when writing at an offset beyond EOF (Filipe Manana) - mlxsw: Add return value check for mlxsw_sp_port_get_stats_raw() (Wentao Liang) - arm64: Handle .ARM.attributes section in linker scripts (Nathan Chancellor) - regmap-irq: Add missing kfree() (Jiasheng Jiang) - partitions: mac: fix handling of bogus partition table (Jann Horn) - gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (Wentao Liang) - alpha: align stack for page fault and user unaligned trap handlers (Ivan Kokshaysky) - serial: 8250: Fix fifo underflow on flush (John Keeping) - cgroup: fix race between fork and cgroup.kill (Shakeel Butt) - efi: Avoid cold plugged memory for placing the kernel (Ard Biesheuvel) - alpha: make stack 16-byte aligned (most cases) (Ivan Kokshaysky) - can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (Alexander H?lzl) - can: c_can: fix unbalanced runtime PM disable in error path (Krzysztof Kozlowski) - USB: serial: option: drop MeiG Smart defines (Johan Hovold) - USB: serial: option: fix Telit Cinterion FN990A name (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FN990B compositions (Fabio Porcedda) - USB: serial: option: add MeiG Smart SLM828 (Chester A. Unal) - usb: cdc-acm: Fix handling of oversized fragments (Jann Horn) - usb: cdc-acm: Check control transfer buffer size before access (Jann Horn) - USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (Marek Vasut) - USB: hub: Ignore non-compliant devices with too many configs or interfaces (Alan Stern) - usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (John Keeping) - USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (Mathias Nyman) - USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (Lei Huang) - usb: core: fix pipe creation for get_bMaxPacketSize0 (Stefan Eichenberger) - USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (Huacai Chen) - usb: dwc2: gadget: remove of_node reference upon udc_stop (Fabrice Gasnier) - usb: gadget: udc: renesas_usb3: Fix compiler warning (Guo Ren) - usb: roles: set switch registered flag early on (Elson Roy Serrao) - perf/x86/intel: Ensure LBRs are disabled when a CPU is starting (Sean Christopherson) - KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (Sean Christopherson) - batman-adv: Ignore neighbor throughput metrics in error case (Sven Eckelmann) - batman-adv: fix panic during interface removal (Andy Strohman) - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (Hans de Goede) - orangefs: fix a oob in orangefs_debug_write (Mike Marshall) - Grab mm lock before grabbing pt lock (Maksym Planeta) - vfio/pci: Enable iowrite64 and ioread64 for vfio pci (Ramesh Thomas) - PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (Takashi Iwai) - media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (Edward Adam Davis) - media: cxd2841er: fix 64-bit division on gcc-9 (Arnd Bergmann) - x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross) - xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik) - gpio: bcm-kona: Add missing newline to dev_err format string (Artur Weber) - gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (Artur Weber) - gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (Artur Weber) - drm/i915/selftests: avoid using uninitialized context (Krzysztof Karas) - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec) - team: better TEAM_OPTION_TYPE_STRING validation (Eric Dumazet) - vrf: use RCU protection in l3mdev_l3_out() (Eric Dumazet) - ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (Eric Dumazet) - HID: multitouch: Add NULL check in mt_input_configured (Charles Han) - NFSD: fix hang in nfsd4_shutdown_callback (Dai Ngo) - nfsd: clear acl_access/acl_default after releasing them (Li Lingfeng) - tty: xilinx_uartps: split sysrq handling (Sean Anderson) - mptcp: prevent excessive coalescing on receive (Paolo Abeni) - ocfs2: check dir i_size in ocfs2_find_entry (Su Yue) - memory: tegra20-emc: Correct memory device mask (Dmitry Osipenko) - gpio: xilinx: remove excess kernel doc (Bartosz Golaszewski) - net/ncsi: use dev_set_mac_address() for Get MC MAC Address handling (Paul Fertser) - MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static (WangYuli) - ptp: Ensure info->enable callback is always set (Thomas Wei?schuh) - net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (Milos Reljin) - net/ncsi: wait for the last response to Deselect Package before configuring channel (Paul Fertser) - misc: fastrpc: Fix registered buffer page address (Ekansh Gupta) - mtd: onenand: Fix uninitialized retlen in do_otp_read() (Ivan Stepchenko) - NFC: nci: Add bounds checking in nci_hci_create_pipe() (Dan Carpenter) - nilfs2: fix possible int overflows in nilfs_fiemap() (Nikita Zhandarovich) - ocfs2: handle a symlink read error correctly (Matthew Wilcox (Oracle)) - pnfs/flexfiles: retry getting layout segment for reads (Mike Snitzer) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - nvmem: core: improve range check for nvmem_cell_write() (Jennifer Berringer) - nvmem: qcom-spmi-sdam: Set size in struct nvmem_config (Luca Weiss) - crypto: qce - unregister previously registered algos in error path (Bartosz Golaszewski) - crypto: qce - fix goto jump in error path (Bartosz Golaszewski) - media: uvcvideo: Remove redundant NULL assignment (Ricardo Ribalda) - media: uvcvideo: Fix event flags in uvc_ctrl_send_events (Ricardo Ribalda) - media: ccs: Fix cleanup order in ccs_probe() (Mehdi Djait) - media: ccs: Fix CCS static data parsing for large block sizes (Sakari Ailus) - media: ov5640: fix get_light_freq on auto (Sam Bobrowicz) - media: mc: fix endpoint iteration (Cosmin Tanislav) - soc: qcom: smem_state: fix missing of_node_put in error path (Krzysztof Kozlowski) - iio: light: as73211: fix channel handling in only-color triggered buffer (Javier Carrasco) - media: ccs: Clean up parsed CCS static data on parse failure (Sakari Ailus) - xfs: Add error handling for xfs_reflink_cancel_cow_range (Wentao Liang) - crypto: qce - fix priority to be less than ARMv8 CE (Eric Biggers) - arm64: dts: qcom: sm8350: Fix MPSS memory length (Krzysztof Kozlowski) - x86/boot: Use '-std=gnu11' to fix build with GCC 15 (Nathan Chancellor) - kbuild: Move -Wenum-enum-conversion to W=2 (Nathan Chancellor) - scsi: qla2xxx: Move FCE Trace buffer allocation to user control (Quinn Tran) - nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (Georg Gottleuber) - nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (Georg Gottleuber) - PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (Zijun Hu) - ALSA: hda/realtek: Enable headset mic on Positivo C6400 (Edson Juliano Drosdeck) - mips/math-emu: fix emulation of the prefx instruction (Mateusz Jo?czyk) - dm-crypt: track tag_offset in convert_context (Hou Tao) - dm-crypt: don't update io->sector after kcryptd_crypt_write_io_submit() (Hou Tao) - powerpc/pseries/eeh: Fix get PE state translation (Narayana Murty N) - MIPS: Loongson64: remove ROM Size unit in boardinfo (Kexy Biscuit) - serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (Claudiu Beznea) - serial: sh-sci: Drop __initdata macro for port_cfg (Claudiu Beznea) - soc: qcom: socinfo: Avoid out of bounds read of serial number (Stephan Gerhold) - usb: gadget: f_tcm: Don't prepare BOT write request twice (Thinh Nguyen) - usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (Thinh Nguyen) - usb: gadget: f_tcm: Decrement command ref count on cleanup (Thinh Nguyen) - usb: gadget: f_tcm: Translate error to sense (Thinh Nguyen) - wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (Marcel Hamer) - wifi: rtlwifi: rtl8821ae: Fix media status report (Bitterblue Smith) - HID: hid-sensor-hub: don't use stale platform-data on remove (Heiko Stuebner) - of: reserved-memory: Fix using wrong number of cells to get property 'alignment' (Zijun Hu) - of: Fix of_find_node_opts_by_path() handling of alias+path+options (Zijun Hu) - of: Correct child specifier used as input of the 2nd nexus node (Zijun Hu) - perf bench: Fix undefined behavior in cmpworker() (Kuan-Wei Chiu) - efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (Nathan Chancellor) - blk-cgroup: Fix class @block_class's subsystem refcount leakage (Zijun Hu) - clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (Anastasia Belova) - clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (Satya Priya Kakitapalli) - clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (Luca Weiss) - clk: qcom: clk-alpha-pll: fix alpha mode configuration (Gabor Juhos) - clk: sunxi-ng: a100: enable MMC clock reparenting (Cody Eksal) - Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (Fedor Pchelkin) - Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin) - drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (Ville Syrj?l?) - drm/komeda: Add check for komeda_get_layer_fourcc_list() (Haoxiang Li) - drm/amd/pm: Mark MM activity as unsupported (Lijo Lazar) - KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (David Hildenbrand) - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (Sean Christopherson) - arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (Jakob Unterwurzacher) - binfmt_flat: Fix integer overflow bug on 32 bit systems (Dan Carpenter) - m68k: vga: Fix I/O defines (Thomas Zimmermann) - s390/futex: Fix FUTEX_OP_ANDN implementation (Heiko Carstens) - drm/modeset: Handle tiled displays in pan_display_atomic. (Maarten Lankhorst) - leds: lp8860: Write full EEPROM, not only half of it (Alexander Sverdlin) - cpufreq: s3c64xx: Fix compilation warning (Viresh Kumar) - tun: revert fix group permission check (Willem de Bruijn) - net: rose: lock the socket in rose_bind() (Eric Dumazet) - net: atlantic: fix warning during hot unplug (Jacob Moroni) - gpio: pca953x: Improve interrupt support (Mark Tomlinson) - udp: gso: do not drop small packets when PMTU reduces (Yan Zhai) - tg3: Disable tg3 PCIe AER on system reboot (Lenny Szubowicz) - gpu: drm_dp_cec: fix broken CEC adapter properties check (Hans Verkuil) - firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (Prasad Pandit) - nvme: handle connectivity loss in nvme_set_queue_count (Daniel Wagner) - usb: xhci: Fix NULL pointer dereference on certain command aborts (Michal Pecio) - usb: xhci: Add timeout argument in address_device USB HCD callback (Hardik Gajjar) - xfs: don't over-report free space or inodes in statvfs (Darrick J. Wong) - xfs: report realtime block quota limits on realtime directories (Darrick J. Wong) - gpio: xilinx: Convert gpio_lock to raw spinlock (Sean Anderson) - net/ncsi: fix locking in Get MAC Address handling (Paul Fertser) - net/ncsi: Add NC-SI 1.2 Get MC MAC Address command (Peter Delevoryas) - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (Joe Hattori) - usb: chipidea/ci_hdrc_imx: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - usb: chipidea: ci_hdrc_imx: use dev_err_probe() (Alexander Stein) - x86/mm: Don't disable PCID when INVLPG has been fixed by microcode (Xi Ruoyao) - platform/x86: acer-wmi: Ignore AC events (Armin Wolf) - Input: allocate keycode for phone linking (Illia Ostapyshyn) - selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (Liu Ye) - tipc: re-order conditions in tipc_crypto_key_rcv() (Dan Carpenter) - mmc: sdhci-msm: Correctly set the load for the regulator (Yuanjie Yang) - net: wwan: iosm: Fix hibernation by re-binding the driver around it (Maciej S. Szmigiero) - APEI: GHES: Have GHES honor the panic= setting (Borislav Petkov) - i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (Randolph Ha) - wifi: iwlwifi: avoid memory leak (Miri Korenblit) - net/mlx5: use do_aux_work for PHC overflow checks (Vadim Fedorenko) - HID: Wacom: Add PCI Wacom device support (Even Xu) - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (Hans de Goede) - tomoyo: don't emit warning in tomoyo_write_control() (Tetsuo Handa) - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (Dmitry Antipov) - mmc: core: Respect quirk_max_rate for non-UHS SDIO card (Shawn Lin) - tun: fix group permission check (Stas Sergeev) - safesetid: check size of policy writes (Leo Stone) - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (Kuan-Wei Chiu) - x86/amd_nb: Restrict init function to AMD-based systems (Yazen Ghannam) - lockdep: Fix upper limit for LOCKDEP_*_BITS configs (Carlos Llamas) - sched: Don't try to catch up excess steal time. (Suleiman Souhlal) - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (Josef Bacik) - btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (Hao-ran Zheng) - btrfs: fix use-after-free when attempting to join an aborted transaction (Filipe Manana) - btrfs: output the reason for open_ctree() failure (Qu Wenruo) - usb: gadget: f_tcm: Don't free command immediately (Thinh Nguyen) - media: uvcvideo: Fix double free in error path (Laurent Pinchart) - mptcp: consolidate suboption status (Paolo Abeni) - usb: typec: tcpci: Prevent Sink disconnection before vPpsShutdown in SPR PPS (Kyle Tso) - usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (Jos Wang) - usb: dwc3: core: Defer the probe until USB power supply ready (Kyle Tso) - usb: gadget: f_tcm: Fix Get/SetInterface return value (Thinh Nguyen) - drivers/card_reader/rtsx_usb: Restore interrupt based detection (Sean Rhodes) - net: usb: rtl8150: enable basic endpoint checking (Nikita Zhandarovich) - ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (Lianqin Hu) - ktest.pl: Check kernelrelease return in get_version (Ricardo B. Marliere) - netfilter: nf_tables: reject mismatching sum of field_len with set key length (Pablo Neira Ayuso) - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Chuck Lever) - hexagon: Fix unbalanced spinlock in die() (Lin Yujun) - hexagon: fix using plain integer as NULL pointer warning in cmpxchg (Willem de Bruijn) - kconfig: fix memory leak in sym_warn_unmet_dep() (Masahiro Yamada) - kconfig: WERROR unmet symbol dependency (Sergey Senozhatsky) - kconfig: deduplicate code in conf_read_simple() (Masahiro Yamada) - kconfig: remove unused code for S_DEF_AUTO in conf_read_simple() (Masahiro Yamada) - kconfig: require a space after '#' for valid input (Masahiro Yamada) - kconfig: add warn-unknown-symbols sanity check (Sergey Senozhatsky) - kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is read from *.symref file (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is added from source (Masahiro Yamada) - net: sh_eth: Fix missing rtnl lock in suspend/resume path (Kory Maincent) - bgmac: reduce max frame size to support just MTU 1500 (Rafa? Mi?ecki) - vsock: Allow retrying on connect() failure (Michal Luczaj) - perf trace: Fix runtime error of index out of bounds (Howard Chu) - ptp: Properly handle compat ioctls (Thomas Wei?schuh) - net: davicom: fix UAF in dm9000_drv_remove (Chenyuan Yang) - net: netdevsim: try to close UDP port harness races (Jakub Kicinski) - net: rose: fix timer races against user threads (Eric Dumazet) - PM: hibernate: Add error handling for syscore_suspend() (Wentao Liang) - ipmr: do not call mr_mfc_uses_dev() for unres entries (Eric Dumazet) - net: fec: implement TSO descriptor cleanup (Dheeraj Reddy Jonnalagadda) - gpio: mxc: remove dead code after switch to DT-only (Ahmad Fatoum) - net: hns3: fix oops when unload drivers paralleling (Jian Shen) - ubifs: skip dumping tnc tree when zroot is null (pangliyuan) - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (Oleksij Rempel) - dmaengine: ti: edma: fix OF node reference leaks in edma_driver (Joe Hattori) - xfrm: replay: Fix the update of replay_esn->oseq_hi for GSO (Jianbo Liu) - tools/bootconfig: Fix the wrong format specifier (Luo Yifan) - NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (Olga Kornievskaia) - NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (Olga Kornievskaia) - module: Extend the preempt disabled section in dereference_symbol_descriptor(). (Sebastian Andrzej Siewior) - ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (Su Yue) - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (Guixin Liu) - scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1 (Paul Menzel) - PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (King Dix) - staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (Joe Hattori) - mtd: hyperbus: hbmc-am654: fix an OF node reference leak (Joe Hattori) - mtd: hyperbus: hbmc-am654: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - mtd: hyperbus: Make hyperbus_unregister_device() return void (Uwe Kleine-K?nig) - media: uvcvideo: Propagate buf->error to userspace (Ricardo Ribalda) - media: camif-core: Add check for clk_enable() (Jiasheng Jiang) - media: mipi-csis: Add check for clk_enable() (Jiasheng Jiang) - media: i2c: ov9282: Correct the exposure offset (Dave Stevenson) - media: i2c: imx412: Add missing newline to prints (Luca Weiss) - media: marvell: Add check for clk_enable() (Jiasheng Jiang) - PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (Zijun Hu) - media: lmedm04: Handle errors for lme2510_int_read (Chen Ni) - media: rc: iguanair: handle timeouts (Oliver Neukum) - efi: sysfb_efi: fix W=1 warnings when EFI is not set (Randy Dunlap) - of: reserved-memory: Do not make kmemleak ignore freed address (Zijun Hu) - memblock: drop memblock_free_early_nid() and memblock_free_early() (Mike Rapoport) - xen/x86: free_p2m_page: use memblock_free_ptr() to free a virtual pointer (Mike Rapoport) - RDMA/mlx5: Fix indirect mkey ODP page count (Michael Guralnik) - RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (Michael Guralnik) - fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (Joe Hattori) - ARM: dts: mediatek: mt7623: fix IR nodename (Rafa? Mi?ecki) - arm64: dts: qcom: sdm845: Fix interrupt types of camss interrupts (Vladimir Zapolskiy) - arm64: dts: qcom: sm8150-microsoft-surface-duo: fix typos in da7280 properties (Neil Armstrong) - arm64: dts: qcom: sm8350: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sm8250: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sm6125: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sc7280: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8994: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8916: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8994: Describe USB interrupts (Konrad Dybcio) - arm64: dts: qcom: msm8996: Fix up USB3 interrupts (Konrad Dybcio) - arm64: dts: mediatek: mt8183-kukui-jacuzzi: Drop pp3300_panel voltage settings (Chen-Yu Tsai) - memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (Joe Hattori) - memory: tegra20-emc: Support matching timings by LPDDR2 configuration (Dmitry Osipenko) - memory: Add LPDDR2-info helpers (Dmitry Osipenko) - arm64: dts: mediatek: mt8183: willow: Support second source touchscreen (Hsin-Te Yuan) - arm64: dts: mediatek: mt8183: kenzo: Support second source touchscreen (Hsin-Te Yuan) - arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-elm: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-elm: Drop regulator-compatible property (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property (Chen-Yu Tsai) - rdma/cxgb4: Prevent potential integer overflow on 32bit (Dan Carpenter) - RDMA/mlx4: Avoid false error about access to uninitialized gids array (Leon Romanovsky) - arm64: dts: mediatek: mt8516: reserve 192 KiB for TF-A (Val Packett) - arm64: dts: mediatek: mt8516: add i2c clock-div property (Val Packett) - arm64: dts: mediatek: mt8516: remove 2 invalid i2c clocks (Fabien Parent) - arm64: dts: mediatek: mt8516: fix wdt irq type (Val Packett) - arm64: dts: mediatek: mt8516: fix GICv2 range (Val Packett) - arm64: dts: mt8183: set DMIC one-wire mode on Damu (Hsin-Yi Wang) - ARM: at91: pm: change BU Power Switch to automatic mode (Nicolas Ferre) - padata: avoid UAF for reorder_work (Chen Ridong) - padata: add pd get/put refcnt helper (Chen Ridong) - padata: fix UAF in padata_reorder (Chen Ridong) - bpf: Send signals asynchronously if !preemptible (Puranjay Mohan) - perf report: Fix misleading help message about --demangle (Jiachen Zhang) - perf top: Don't complain about lack of vmlinux when not resolving some kernel samples (Arnaldo Carvalho de Melo) - padata: fix sysfs store callback check (Thomas Wei?schuh) - crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (Joe Hattori) - crypto: hisilicon/sec2 - fix for aead invalid authsize (Wenkai Lin) - crypto: hisilicon/sec2 - fix for aead icv error (Wenkai Lin) - crypto: hisilicon/sec2 - optimize the error return process (Chenghai Huang) - crypto: hisilicon/sec - delete redundant blank lines (Kai Ye) - crypto: hisilicon/sec - add some comments for soft fallback (Kai Ye) - ktest.pl: Remove unused declarations in run_bisect_test function (Ba Jing) - ASoC: renesas: rz-ssi: Use only the proper amount of dividers (Claudiu Beznea) - perf bpf: Fix two memory leakages when calling perf_env__insert_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_btf() (Zhongqiu Han) - ASoC: sun4i-spdif: Add clock multiplier settings (George Lander) - libbpf: Fix segfault due to libelf functions not setting errno (Quentin Monnet) - net/rose: prevent integer overflows in rose_setsockopt() (Nikita Zhandarovich) - tcp_cubic: fix incorrect HyStart round start detection (Mahdi Arghavani) - net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (Roger Quadros) - netfilter: nft_flow_offload: update tcp state flags under lock (Florian Westphal) - net: sched: Disallow replacing of child qdisc from one parent to another (Jamal Hadi Salim) - net: avoid race between device unregistration and ethnl ops (Antoine Tenart) - net/mlxfw: Drop hard coded max FW flash image size (Maher Sanalla) - net: let net.core.dev_weight always be non-zero (Liu Jian) - selftests/landlock: Fix error message (Micka?l Sala?n) - clk: analogbits: Fix incorrect calculation of vco rate delta (Bo Gan) - wifi: cfg80211: adjust allocation of colocated AP data (Dmitry Antipov) - wifi: cfg80211: Handle specific BSSID in 6GHz scanning (Ilan Peer) - selftests: harness: fix printing of mismatch values in __EXPECT() (Dmitry V. Levin) - cpufreq: ACPI: Fix max-frequency computation (Gautham R. Shenoy) - wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (WangYuli) - landlock: Handle weird files (Micka?l Sala?n) - landlock: Move filesystem helpers and add a new one (Micka?l Sala?n) - net/smc: fix data error when recvmsg with MSG_PEEK flag (Guangguan Wang) - wifi: wlcore: fix unbalanced pm_runtime calls (Andreas Kemnade) - samples/landlock: Fix possible NULL dereference in parse_path() (Zichen Xie) - regulator: of: Implement the unwind path of of_regulator_match() (Joe Hattori) - team: prevent adding a device which is already a team device lower (Octavian Purdila) - clk: imx8mp: Fix clkout1/2 support (Marek Vasut) - cpufreq: schedutil: Fix superfluous updates caused by need_freq_update (Sultan Alsawaf (unemployed)) - leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (Joe Hattori) - dt-bindings: mfd: bd71815: Fix rsense and typos (Matti Vaittinen) - cpupower: fix TSC MHz calculation (He Rongguang) - ACPI: fan: cleanup resources in the error path of .probe() (Joe Hattori) - regulator: dt-bindings: mt6315: Drop regulator-compatible property (Chen-Yu Tsai) - HID: multitouch: fix support for Goodix PID 0x01e9 (Jiri Kosina) - Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (Jiri Kosina) - HID: multitouch: Add support for lenovo Y9000P Touchpad (He Lugang) - wifi: rtlwifi: pci: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix memory leaks and invalid access at probe error path (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: destroy workqueue at rtl_deinit_core (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused check_buddy_priv (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused dualmac control leftovers (Dmitry Antipov) - wifi: rtlwifi: remove unused timer and related code (Dmitry Antipov) - rtlwifi: replace usage of found with dedicated list iterator variable (Jakob Koschel) - dt-bindings: leds: class-multicolor: Fix path to color definitions (Geert Uytterhoeven) - dt-bindings: leds: class-multicolor: reference class directly in multi-led node (Krzysztof Kozlowski) - dt-bindings: leds: Add multicolor PWM LED bindings (Sven Schwermer) - dt-bindings: leds: Optional multi-led unit address (Sven Schwermer) - dt-bindings: leds: Add Qualcomm Light Pulse Generator binding (Bjorn Andersson) - dt-bindings: Another pass removing cases of 'allOf' containing a '$ref' (Rob Herring) - spi: dt-bindings: add schema listing peripheral-specific properties (Pratyush Yadav) - dt-bindings: mmc: controller: clarify the address-cells description (Neil Armstrong) - spi: zynq-qspi: Add check for clk_enable() (Mingwei Zheng) - wifi: rtlwifi: usb: fix workqueue leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix init_sw_vars leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: do not complete firmware loading needlessly (Thadeu Lima de Souza Cascardo) - ipmi: ipmb: Add check devm_kasprintf() returned value (Charles Han) - genirq: Make handle_enforce_irqctx() unconditionally available (Thomas Gleixner) - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (Ivan Stepchenko) - HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (Alan Stern) - drm/etnaviv: Fix page property being used for non writecombine buffers (Sui Jingfeng) - sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (Peter Zijlstra) - sched/psi: Use task->psi_flags to clear in CPU migration (Chengming Zhou) - afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (David Howells) - select: Fix unbalanced user_access_end() (Christophe Leroy) - partitions: ldm: remove the initial kernel-doc notation (Randy Dunlap) - nvme: Add error check for xa_store in nvme_get_effects_log (Keisuke Nishimura) - pstore/blk: trivial typo fixes (Eugen Hristev) - nbd: don't allow reconnect after disconnect (Yu Kuai) - block: retry call probe after request_module in blk_request_module (Yang Erkun) - block: deprecate autoloading based on dev_t (Christoph Hellwig) - fs: fix proc_handler for sysctl_nr_open (Jinliang Zheng) - fs: move fs stat sysctls to file_table.c (Luis Chamberlain) - fs: move inode sysctls to its own file (Luis Chamberlain) - sysctl: share unsigned long const values (Luis Chamberlain) - sysctl: use const for typically used max/min proc sysctls (Xiaoming Ni) - hung_task: move hung_task sysctl interface to hung_task.c (Xiaoming Ni) - afs: Fix directory format encoding struct (David Howells) - afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (David Howells) - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37764001] [5.15.0-308.178.1.el8uek] - perf dso: fix dso__is_kallsyms() check (Stephen Brennan) [Orabug: 37709864] - scsi: storvsc: Set correct data length for sending SCSI command without payload (Long Li) [Orabug: 37681137] - dyndbg: export ddebug_add_module/ddebug_remove_module (Julian Pidancet) [Orabug: 37629344] - kallsyms: add module_kallsyms_on_each_symbol_locked (Julian Pidancet) [Orabug: 37629344] - kallsyms: export module_kallsyms_on_each_symbol (Julian Pidancet) [Orabug: 37629344] - rds: ib: Make traffic_class visible to user-space (H?kon Bugge) [Orabug: 37350892] - rds: ib: Remove incorrect update of the path record sl and qos_class fields (H?kon Bugge) [Orabug: 37350892] - selftest/vm: Add -O2 in CFLAGS to Makefile to avoid possible failure (Yifei Liu) [Orabug: 37197150] [5.15.0-307.178.5.el8uek] - net/mlx5: DR, prevent potential error pointer dereference (Dan Carpenter) [Orabug: 37434242] {CVE-2024-56660} - uek-rpm: Set CONFIG_IP6_NF_IPTABLES for ol9/ol8 container kernels (Jonah Palmer) [Orabug: 37703179] - net: hsr: fix fill_frame_info() regression vs VLAN packets (Eric Dumazet) - f2fs: Introduce linear search for dentries (Daniel Lee) - tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande) - net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel) - x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (Andrew Cooper) - sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke H?iland-J?rgensen) - usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich) - x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (Juergen Gross) - x86/xen: add FRAME_END to xen_hypercall_hvm() (Juergen Gross) - ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao) - usb: dwc3: Set SUSPENDENABLE soon after phy init (Thinh Nguyen) - Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den) - Revert "media: uvcvideo: Require entities to have a non-zero unique ID" (Thadeu Lima de Souza Cascardo) - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang) [5.15.0-307.178.4.el8uek] - LTS version: v5.15.178 (Vijayendra Suman) - Input: xpad - add support for wooting two he (arm) (Jack Greiner) - Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto) - Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson) - ALSA: usb-audio: Add delay quirk for USB Audio Device (Lianqin Hu) - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz) - wifi: iwlwifi: add a few rate index validity checks (Anjaneyulu) - scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (Easwar Hariharan) - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Ido Schimmel) - platform/chrome: cros_ec_typec: Check for EC driver (Akihiko Odaki) - fs/ntfs3: Additional check in ntfs_file_release (Konstantin Komarov) - Bluetooth: RFCOMM: Fix not validating setsockopt user input (Luiz Augusto von Dentz) - Bluetooth: SCO: Fix not validating setsockopt user input (Luiz Augusto von Dentz) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - net: sched: fix ets qdisc OOB Indexing (Jamal Hadi Salim) - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) - mptcp: don't always assume copied data in mptcp_cleanup_rbuf() (Paolo Abeni) - regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav) - ASoC: samsung: Add missing depends on I2C (Charles Keepax) - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons) - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang) - seccomp: Stub for !CONFIG_SECCOMP (Linus Walleij) - ASoC: samsung: Add missing selects for MFD_WM8994 (Charles Keepax) - ASoC: wm8994: Add depends on MFD core (Charles Keepax) [5.15.0-307.177.3.el8uek] - jbd2: increase maximum transaction size (Jan Kara) [Orabug: 37688920] - net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled (Carolina Jubran) [Orabug: 37534698] - net/mlx5e: Always start IPsec sequence number from 1 (Leon Romanovsky) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Add support for clock_measure performance block (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Add support for monitoring cycle count (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: incorrect type in assignment (Pei Xiao) [Orabug: 37534698] - net/mlx5e: Disable loopback self-test on multi-PF netdev (Carolina Jubran) [Orabug: 37534698] - net/mlx5: Unregister notifier on eswitch init failure (Cosmin Ratiu) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling (Michal Wilczynski) [Orabug: 37534698] - net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (Jianbo Liu) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: fix lockdep warning (Luiz Capitulino) [Orabug: 37534698] - net/mlx5: Fix bridge mode operations when there are no VFs (Benjamin Poirier) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add hw_reset() support for BlueField-3 SoC (Liming Sun) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: add dwcmshc_pltfm_data (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: factor out code into dwcmshc_rk35xx_init (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: factor out code for th1520_init() (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: move two rk35xx functions (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: add common bulk optional clocks support (Chen Wang) [Orabug: 37534698] - net/mlx5e: Take state lock during tx timeout reporter (Dragos Tatulea) [Orabug: 37534698] - net/mlx5: SD, Do not query MPIR register if no sd_group (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Always drain health in shutdown callback (Shay Drory) [Orabug: 37534698] - mmc: dw_mmc-bluefield: Add support for eMMC HW reset (Liming Sun) [Orabug: 37534698] - mmc: dw_mmc: Add support for platform specific eMMC HW reset (Liming Sun) [Orabug: 37534698] - net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Dragos Tatulea) [Orabug: 37534698] - net/mlx5e: SHAMPO, Fix incorrect page release (Dragos Tatulea) [Orabug: 37534698] - net/mlx5: Do not query MPIR on embedded CPU function (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Reload only IB representors upon lag disable/enable (Maher Sanalla) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add tuning support for Sophgo CV1800B and SG200X (Jisheng Zhang) [Orabug: 37534698] - macsec: Detect if Rx skb is macsec-related for offloading devices that update md_dst (Rahul Rameshbabu) [Orabug: 37534698] - macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads (Rahul Rameshbabu) [Orabug: 37534698] - net/mlx5e: Prevent deadlock while disabling aRFS (Carolina Jubran) [Orabug: 37534698] - net/mlx5e: Use channel mdev reference instead of global mdev instance for coalescing (Rahul Rameshbabu) [Orabug: 37534698] - net/mlx5: SD, Handle possible devcom ERR_PTR (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Disallow SRIOV switchdev mode when in multi-PF netdev (Tariq Toukan) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Implement SDHCI CQE support (Sergey Khimich) [Orabug: 37534698] - mmc: cqhci: Add cqhci set_tran_desc() callback (Sergey Khimich) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: fix signedness bugs (Dan Carpenter) [Orabug: 37534698] - net/mlx5e: Create EN core HW resources for all secondary devices (Tariq Toukan) [Orabug: 37534698] - net/mlx5e: Create single netdev per SD group (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Add debugfs (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Add informative prints in kernel log (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement steering for primary and secondaries (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement devcom communication and primary election (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement basic query and instantiation (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Introduce SD lib (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Add MPIR bit in mcam_access_reg (Tariq Toukan) [Orabug: 37534698] - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (David Gow) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Ignore unsupported performance blocks (Luiz Capitulino) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: mlxbf_pmc_event_list(): make size ptr optional (Luiz Capitulino) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add support for Sophgo CV1800B and SG2002 (Jisheng Zhang) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Cleanup signed/unsigned mix-up (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Replace uintN_t with kernel-style types (Shravan Kumar Ramani) [Orabug: 37534698] - net: macsec: revert the MAC address if mdo_upd_secy fails (Radu Pirea (NXP OSS)) [Orabug: 37534698] - net: macsec: documentation for macsec_context and macsec_ops (Radu Pirea (NXP OSS)) [Orabug: 37534698] - fortify: Do not cast to "unsigned char" (Kees Cook) [Orabug: 37534698] - fortify: Use SIZE_MAX instead of (size_t)-1 (Kees Cook) [Orabug: 37534698] - fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL (Kees Cook) [Orabug: 37534698] - mmc: dw_mmc: Add driver callbacks for data read timeout (M?rten Lindahl) [Orabug: 37534698] - mmc: dw_mmc-exynos: Add support for ARTPEC-8 (M?rten Lindahl) [Orabug: 37534698] - mmc: dw_mmc: clean up a debug message (Dan Carpenter) [Orabug: 37534698] - mmc: dw_mmc: exynos: use common_caps (John Keeping) [Orabug: 37534698] - mmc: dw_mmc: add common capabilities to replace caps (John Keeping) [Orabug: 37534698] - mmc: dw_mmc: Allow lower TMOUT value than maximum (M?rten Lindahl) [Orabug: 37534698] - rds: Make sure transmit path and connection tear-down does not run concurrently (H?kon Bugge) [Orabug: 36441944] - ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [Orabug: 36252756] - ice: virtchnl rss hena support (Md Fahad Iqbal Polash) [Orabug: 36252756] - ice: Add support Flex RXD (Michal Jaron) [Orabug: 36252756] [5.15.0-307.177.2.el8uek] - uek-rpm: Enable CONFIG_MICROSOFT_MANA as module in aarch64 (Vijayendra Suman) [Orabug: 37647393] - rtc: add new RTC_FEATURE_ALARM_WAKEUP_ONLY feature (Alexandre Belloni) [Orabug: 37631796] - thermal: core: Drop excessive lockdep_assert_held() calls (Rafael J. Wysocki) [Orabug: 37631796] - thermal: core: Introduce thermal_cooling_device_update() (Rafael J. Wysocki) [Orabug: 37631796] - thermal: core: Introduce thermal_cooling_device_present() (Rafael J. Wysocki) [Orabug: 37631796] - thermal: sysfs: Reuse cdev->max_state (Viresh Kumar) [Orabug: 37631796] - rtc: efi: Enable SET/GET WAKEUP services as optional (Shanker Donthineni) [Orabug: 37631796] - rtc: efi: Add wakeup support (Riwen Lu) [Orabug: 37631796] - rtc: efi: switch to RTC_FEATURE_UPDATE_INTERRUPT (Alexandre Belloni) [Orabug: 37631796] - rtc: add BSM parameter (Alexandre Belloni) [Orabug: 37631796] - rtc: add correction parameter (Alexandre Belloni) [Orabug: 37631796] - rtc: add parameter ioctl (Alexandre Belloni) [Orabug: 37631796] - rtc: expose correction feature (Alexandre Belloni) [Orabug: 37631796] - rtc: add alarm related features (Alexandre Belloni) [Orabug: 37631796] - rtc: efi: switch to devm_rtc_allocate_device (Alexandre Belloni) [Orabug: 37631796] - cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621589] - rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (H?kon Bugge) [Orabug: 37586089] - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (Michael Chan) [Orabug: 37434220] {CVE-2024-56656} - bnxt_en: Fix receive ring space parameters when XDP is active (Shravya KN) [Orabug: 37433562] {CVE-2024-53209} - bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (Aleksandr Mishin) [Orabug: 37070333] {CVE-2024-40919} - bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (Vikas Gupta) [Orabug: 37070270] {CVE-2024-35972} - bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (Somnath Kotur) [Orabug: 37070266] {CVE-2024-44984} [5.15.0-307.177.1.el8uek] - nvmet: always initialize cqe.result (Daniel Wagner) [Orabug: 36897348] {CVE-2024-41079} - nvmet-auth: complete a request only after freeing the dhchap pointers (Maurizio Lombardi) [Orabug: 36897348] {CVE-2024-41079} - scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (Justin Tee) [Orabug: 37116505] {CVE-2024-46842} - netdevsim: use cond_resched() in nsim_dev_trap_report_work() (Eric Dumazet) [Orabug: 37264120] {CVE-2024-50155} - nvmet-auth: assign dh_key to NULL after kfree_sensitive (Vitaliy Shevtsov) [Orabug: 37268555] {CVE-2024-50215} - net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (Oleksij Rempel) [Orabug: 37433573] {CVE-2024-53213} - PCI/MSI: Handle lack of irqdomain gracefully (Thomas Gleixner) [Orabug: 37452651] {CVE-2024-56760} - selftests: rtnetlink: update netdevsim ipsec output format (Hangbin Liu) [Orabug: 37547931] - netdevsim: print human readable IP address (Hangbin Liu) [Orabug: 37547931] - uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619141] - Add __init annotation to pensando_efi_mem_reserve (Joseph Dobosenski) [Orabug: 37619785] From el-errata at oss.oracle.com Tue May 13 18:07:04 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 11:07:04 -0700 Subject: [El-errata] ELSA-2025-20323 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20323 http://linux.oracle.com/errata/ELSA-2025-20323.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-core-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-debug-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-debug-core-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-devel-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-doc-5.15.0-308.179.6.2.el8uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-container-5.15.0-308.179.6.2.el8uek.x86_64.rpm kernel-uek-container-debug-5.15.0-308.179.6.2.el8uek.x86_64.rpm aarch64: bpftool-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-core-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-debug-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-debug-core-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-devel-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-doc-5.15.0-308.179.6.2.el8uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-container-5.15.0-308.179.6.2.el8uek.aarch64.rpm kernel-uek-container-debug-5.15.0-308.179.6.2.el8uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-308.179.6.2.el8uek.src.rpm Related CVEs: CVE-2024-28956 Description of changes: [5.15.0-308.179.6.2.el8uek] - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37920681] - x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37920681] - x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37920681] - selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/alternatives: Remove faulty optimization (Josh Poimboeuf) [Orabug: 37863726] {CVE-2024-28956} - x86/alternative: Optimize returns patching (Borislav Petkov (AMD)) [Orabug: 37863726] {CVE-2024-28956} From el-errata at oss.oracle.com Tue May 13 18:09:08 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 11:09:08 -0700 Subject: [El-errata] ELBA-2025-20305 Oracle Linux 8 oVirt 4.5 ovirt-engine bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20305 http://linux.oracle.com/errata/ELBA-2025-20305.html The following updated rpms for Oracle Linux 8 oVirt 4.5 have been uploaded to the Unbreakable Linux Network: x86_64: ovirt-engine-4.5.5-1.45.el8.noarch.rpm ovirt-engine-backend-4.5.5-1.45.el8.noarch.rpm ovirt-engine-dbscripts-4.5.5-1.45.el8.noarch.rpm ovirt-engine-health-check-bundler-4.5.5-1.45.el8.noarch.rpm ovirt-engine-restapi-4.5.5-1.45.el8.noarch.rpm ovirt-engine-setup-4.5.5-1.45.el8.noarch.rpm ovirt-engine-setup-base-4.5.5-1.45.el8.noarch.rpm ovirt-engine-setup-plugin-cinderlib-4.5.5-1.45.el8.noarch.rpm ovirt-engine-setup-plugin-imageio-4.5.5-1.45.el8.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-4.5.5-1.45.el8.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-common-4.5.5-1.45.el8.noarch.rpm ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.5-1.45.el8.noarch.rpm ovirt-engine-setup-plugin-websocket-proxy-4.5.5-1.45.el8.noarch.rpm ovirt-engine-tools-4.5.5-1.45.el8.noarch.rpm ovirt-engine-tools-backup-4.5.5-1.45.el8.noarch.rpm ovirt-engine-vmconsole-proxy-helper-4.5.5-1.45.el8.noarch.rpm ovirt-engine-webadmin-portal-4.5.5-1.45.el8.noarch.rpm ovirt-engine-websocket-proxy-4.5.5-1.45.el8.noarch.rpm python3-ovirt-engine-lib-4.5.5-1.45.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//ovirt-engine-4.5.5-1.45.el8.src.rpm Description of changes: [4.5.5-1.45] - Update Sapphire and Icelake CPU flags [4.5.5-1.44] - Fix error of requested handler 'populate service facts and restart libvirtd' not found [4.5.5-1.43] - update numpy package version From el-errata at oss.oracle.com Tue May 13 18:09:10 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 11:09:10 -0700 Subject: [El-errata] ELBA-2025-20306 Oracle Linux 8 oVirt 4.5 olvm-branding bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20306 http://linux.oracle.com/errata/ELBA-2025-20306.html The following updated rpms for Oracle Linux 8 oVirt 4.5 have been uploaded to the Unbreakable Linux Network: x86_64: olvm-branding-4.5.5-1.3.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//olvm-branding-4.5.5-1.3.el8.src.rpm Description of changes: [4.5.5-1.3] - Rename 04_05_0350_vm_icons_update.sql to 04_05_0320_vm_icons_update.sql [4.5.5-1.2] - Add OL_CoreOs guest VM From el-errata at oss.oracle.com Tue May 13 18:09:11 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 11:09:11 -0700 Subject: [El-errata] ELBA-2025-20307 Oracle Linux 8 oVirt 4.5 olvm-vmcontrol bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20307 http://linux.oracle.com/errata/ELBA-2025-20307.html The following updated rpms for Oracle Linux 8 oVirt 4.5 have been uploaded to the Unbreakable Linux Network: x86_64: olvm-vmcontrol-4.5.5-1.2.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//olvm-vmcontrol-4.5.5-1.2.el8.src.rpm Description of changes: [4.5.5-1.2] - Add -t cpuPinningTopology fag to support 1-to-1 vCPU to pCPU-set pinning [4.5.5-1.1] - Bump up version for 4.5.5 release [4.5.4-1.2] - Add keystore patch [4.5.4-1.1] - Create version vmcontrol utility for Oracle Linux Virtualization Manager 4.5.4 [4.4.1-1.1] - Added httpcomponents-client & java-11-openjdk-headless dependencies and check for required Java version. [4.4.1-1] - Create version for Oracle Linux Virtualization Manager 4.4 [4.3.1-1.1] - Close session before exiting [4.3.1-1] - Create version for Oracle Linux Virtualization Manager 4.3 [4.2.1-14] - Add final license in COPYING file [4.2.1-13] - Add tar.gz [4.2.1-12] - ENH 30213584 - changes required on olvm_vmcontrol for hard-partitioning. Relax the VmPlacementPolicy Restrictions (migration mode and host pinning). [4.2.1-11] - Bugfix for olvm-vmcontrol-confirm empty arguments. [4.2.1-10] - Better exception handling, use -m for manager instead of -h, man page improvements. [4.2.1-8] - Better exception handling and man page improvements. [4.2.1-7] - Fixed uninstall to remove directories, tweak man pages, handle non-admin users. [4.2.1-6] - Tweaked help/wording some more and small bug fixes. [4.2.1-5] - Tweaked help/wording some more and small bug fixes. [4.2.1-3] - Tweaked help/wording some more. [4.2.1-2] - Added man page for confirm tool, readme for zip tool, added logfile version check and tweaked help/wording. [4.2.1-1] - Same version - added new package/script for confirm [4.2.1-1] - Initial package From el-errata at oss.oracle.com Tue May 13 18:10:23 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 11:10:23 -0700 Subject: [El-errata] ELBA-2025-20308 Oracle Linux 8 oVirt 4.5 numpy bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20308 http://linux.oracle.com/errata/ELBA-2025-20308.html The following updated rpms for Oracle Linux 8 oVirt 4.5 have been uploaded to the Unbreakable Linux Network: x86_64: python3-numpy-1.17.0-11.2.el8.x86_64.rpm python3-numpy-f2py-1.17.0-11.2.el8.x86_64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//numpy-1.17.0-11.2.el8.src.rpm Description of changes: [1:1.17.0-11] - Fix CVE-2021-41495 - [BACKPORT] Set linalg test_nan unit test to xfail [1:1.17.0-8] - Bump to avoid NVR conflict [1:1.17.0-3] - Fix CVE-2021-33430 - Fix CVE-2021-41496 - Use Git for autosetup - Fix 'if' conditional to quote terms [1:1.17.0-1] - 1.17.0, split out Python 2. [1:1.16.4-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild [1:1.16.4-2] - Avoid hardcoding /usr prefix [1:1.16.4-1] - 1.16.4 [1:1.16.3-2] - Build only with openblasp (bugz#1709161) [1:1.16.3-1] - 1.16.3. [1:1.16.2-1] - 1.16.2. [1:1.16.1-1] - 1.16.1. [1:1.16.0-1] - 1.16.0. [1:1.15.1-2] - Switch to pytest for running tests during check - Stop ignoring failures when running tests - Set PATH in check so that f2py tests work - Update docs to match release - Remove outdated workaround from rhbz#849713 [1:1.15.1-1] - Update to latest version [1:1.15.0-2] - Fix broken build on s390x - Remove bytecode produced by pytest - Re-enable tests on s390x [1:1.15.0-1] - 1.15.0 [1:1.14.5-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild [1:1.14.5-2] - Rebuilt for Python 3.7 [1:1.14.5-1] - 1.14.5 [1:1.14.3-1] - 1.14.3 [1:1.14.2-1] - 1.14.2 [1:1.14.1-1] - 1.14.1 [1:1.14.0-0.rc1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [1:1.14.0-0.rc1] - 1.14.0 rc1 [1:1.13.3-5] - Fix ambiguous Python 2 dependency declarations (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) [1:1.13.3-4] - Split out doc subpackage. [1:1.13.3-3] - Cleanup spec file conditionals [1:1.13.3-2] - set proper environment variables for openblas [1:1.13.3-1] - 1.13.3 [1:1.13.2-1] - 1.13.2 [1:1.13.1-4] - Use openblas where available, BZ 1472318. [1:1.13.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [1:1.13.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [1:1.13.1-1] - 1.13.1 final [1:1.13.0-1] - 1.13.0 final [1:1.13.0-0.rc2] - 1.13.0 rc2 [1:1.13.0-0.rc1] - 1.13.0 rc1 [1:1.12.1-1] - 1.12.1 [1:1.12.0-1] - Update to 1.12.0, build with gcc 7.0. [1:1.11.2-2] - Rebuild for Python 3.6 [1:1.11.2-1] - Update to 1.11.2 final [1:1.11.2-0.rc1] - Update to 1.11.2rc1, BZ 1340440. [1:1.11.1-2] - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages [1:1.11.1-1] - Update to 1.11.1 final [1:1.11.1-0.rc1] - Update to 1.11.1rc1, BZ 1340440. [1:1.11.0-4] - Update to 1.11.0 final [1:1.11.0-3.rc2] - Update to 1.11.0rc2 [1:1.11.0-2.b3] - Bump Release. 1b2 is higher than 0b3 [1:1.11.0-0.b3] - Update to 1.11.0b2, BZ 1306249. [1:1.11.0-1b2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild [1:1.11.0-0.b2] - Update to 1.11.0b2, BZ 1303387. [1:1.11.0-020161016.cc2b04git] - Update to git snapshot (due to build issue) after 1.11.0b1, BZ 1301943. [1:1.10.4-1] - Update to 1.10.4, BZ 1296509. [1:1.10.2-1] - Update to 1.10.2, BZ 1291674. [1:1.10.2-0.2.rc2] - Update to 1.10.2rc1, BZ 1289550. [1:1.10.2-0.1.rc1] - Update to 1.10.2rc1 - Drop opt-flags patch applied upstream [1:1.10.1-6] - Add provides to satisfy numpy%{_isa} requires in other packages [1:1.10.1-5] - Re-add provides f2py [1:1.10.1-4] - Fix obsoletes / provides for numpy -> python2-numpy rename [1:1.10.1-3] - Remove fortran flags or arm would build with -march=x86-64 [1:1.10.1-2] - Provide python2-* packages - Run tests with verbose=2 [1:1.10.1-1] - Update to 1.10.1, BZ 1271022. From el-errata at oss.oracle.com Tue May 13 23:37:01 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:37:01 -0700 Subject: [El-errata] ELBA-2025-20310 Oracle Linux 9 openscap bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20310 http://linux.oracle.com/errata/ELBA-2025-20310.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: openscap-1.3.10-2.0.2.el9_3.i686.rpm openscap-1.3.10-2.0.2.el9_3.x86_64.rpm openscap-devel-1.3.10-2.0.2.el9_3.i686.rpm openscap-devel-1.3.10-2.0.2.el9_3.x86_64.rpm openscap-engine-sce-1.3.10-2.0.2.el9_3.i686.rpm openscap-engine-sce-1.3.10-2.0.2.el9_3.x86_64.rpm openscap-python3-1.3.10-2.0.2.el9_3.x86_64.rpm openscap-scanner-1.3.10-2.0.2.el9_3.x86_64.rpm openscap-utils-1.3.10-2.0.2.el9_3.x86_64.rpm openscap-engine-sce-devel-1.3.10-2.0.2.el9_3.i686.rpm openscap-engine-sce-devel-1.3.10-2.0.2.el9_3.x86_64.rpm aarch64: openscap-1.3.10-2.0.2.el9_3.aarch64.rpm openscap-devel-1.3.10-2.0.2.el9_3.aarch64.rpm openscap-engine-sce-1.3.10-2.0.2.el9_3.aarch64.rpm openscap-python3-1.3.10-2.0.2.el9_3.aarch64.rpm openscap-scanner-1.3.10-2.0.2.el9_3.aarch64.rpm openscap-utils-1.3.10-2.0.2.el9_3.aarch64.rpm openscap-engine-sce-devel-1.3.10-2.0.2.el9_3.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//openscap-1.3.10-2.0.2.el9_3.src.rpm Description of changes: [1.3.10-2.0.2] - Fix textfilecontent54 behavior with negative numbers [Orabug: 37896019] From el-errata at oss.oracle.com Tue May 13 23:37:02 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:37:02 -0700 Subject: [El-errata] ELBA-2025-20314 Oracle Linux 9 kexec-tools bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20314 http://linux.oracle.com/errata/ELBA-2025-20314.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: kexec-tools-2.0.29-5.0.3.el9.x86_64.rpm aarch64: kexec-tools-2.0.29-5.0.3.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kexec-tools-2.0.29-5.0.3.el9.src.rpm Description of changes: [2.0.29-5.0.3] - Disable transparent_hugepage for aarch64 [Orabug: 37858059] From el-errata at oss.oracle.com Tue May 13 23:37:03 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:37:03 -0700 Subject: [El-errata] ELBA-2025-20315 Oracle Linux 9 scap-security-guide bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20315 http://linux.oracle.com/errata/ELBA-2025-20315.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: scap-security-guide-0.1.76-1.0.3.el9.noarch.rpm scap-security-guide-doc-0.1.76-1.0.3.el9.noarch.rpm aarch64: scap-security-guide-0.1.76-1.0.3.el9.noarch.rpm scap-security-guide-doc-0.1.76-1.0.3.el9.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//scap-security-guide-0.1.76-1.0.3.el9.src.rpm Description of changes: [0.1.76-1.0.3] - Implement OL9 DISA STIG V1R1 [Orabug: 37916318] From el-errata at oss.oracle.com Tue May 13 23:37:05 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:37:05 -0700 Subject: [El-errata] ELBA-2025-20321 Oracle Linux 9 linux-firmware bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20321 http://linux.oracle.com/errata/ELBA-2025-20321.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: iwl1000-firmware-39.31.5.1-999.40.el9.noarch.rpm iwl100-firmware-39.31.5.1-999.40.el9.noarch.rpm iwl105-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl135-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl2000-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl2030-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl3160-firmware-25.30.13.0-999.40.el9.noarch.rpm iwl3945-firmware-15.32.2.9-999.40.el9.noarch.rpm iwl4965-firmware-228.61.2.24-999.40.el9.noarch.rpm iwl5000-firmware-8.83.5.1_1-999.40.el9.noarch.rpm iwl5150-firmware-8.24.2.2-999.40.el9.noarch.rpm iwl6000-firmware-9.221.4.1-999.40.el9.noarch.rpm iwl6000g2a-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl6000g2b-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl6050-firmware-41.28.5.1-999.40.el9.noarch.rpm iwl7260-firmware-25.30.13.0-999.40.el9.noarch.rpm iwlax2xx-firmware-20250423-999.40.el9.noarch.rpm libertas-sd8686-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm libertas-sd8787-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm libertas-usb8388-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm libertas-usb8388-olpc-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm linux-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm linux-firmware-core-20250423-999.40.git32f3227b.el9.noarch.rpm linux-firmware-whence-20250423-999.40.git32f3227b.el9.noarch.rpm liquidio-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm netronome-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm aarch64: iwl1000-firmware-39.31.5.1-999.40.el9.noarch.rpm iwl100-firmware-39.31.5.1-999.40.el9.noarch.rpm iwl105-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl135-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl2000-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl2030-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl3160-firmware-25.30.13.0-999.40.el9.noarch.rpm iwl3945-firmware-15.32.2.9-999.40.el9.noarch.rpm iwl4965-firmware-228.61.2.24-999.40.el9.noarch.rpm iwl5000-firmware-8.83.5.1_1-999.40.el9.noarch.rpm iwl5150-firmware-8.24.2.2-999.40.el9.noarch.rpm iwl6000-firmware-9.221.4.1-999.40.el9.noarch.rpm iwl6000g2a-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl6000g2b-firmware-18.168.6.1-999.40.el9.noarch.rpm iwl6050-firmware-41.28.5.1-999.40.el9.noarch.rpm iwl7260-firmware-25.30.13.0-999.40.el9.noarch.rpm iwlax2xx-firmware-20250423-999.40.el9.noarch.rpm libertas-sd8686-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm libertas-sd8787-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm libertas-usb8388-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm libertas-usb8388-olpc-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm linux-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm linux-firmware-core-20250423-999.40.git32f3227b.el9.noarch.rpm linux-firmware-whence-20250423-999.40.git32f3227b.el9.noarch.rpm liquidio-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm netronome-firmware-20250423-999.40.git32f3227b.el9.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//linux-firmware-20250423-999.40.git32f3227b.el9.src.rpm Description of changes: [20250423-999.40.git32f3227b.el9] - Rebase to latest upstream [Orabug: 37868435] From el-errata at oss.oracle.com Tue May 13 23:37:06 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:37:06 -0700 Subject: [El-errata] ELBA-2025-20322 Oracle Linux 9 iscsi-initiator-utils bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20322 http://linux.oracle.com/errata/ELBA-2025-20322.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.5.el9.i686.rpm iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.5.el9.x86_64.rpm iscsi-initiator-utils-iscsiuio-6.2.1.9-1.gita65a472.0.5.el9.x86_64.rpm python3-iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.5.el9.x86_64.rpm aarch64: iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.5.el9.aarch64.rpm iscsi-initiator-utils-iscsiuio-6.2.1.9-1.gita65a472.0.5.el9.aarch64.rpm python3-iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.5.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//iscsi-initiator-utils-6.2.1.9-1.gita65a472.0.5.el9.src.rpm Description of changes: [6.2.1.9-18.gita65a472.0.5] - Correct the typos in email addresses in changelog in OL9.5 [Orabug: 37910459] From el-errata at oss.oracle.com Tue May 13 23:37:09 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:37:09 -0700 Subject: [El-errata] ELSA-2025-20323 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20323 http://linux.oracle.com/errata/ELSA-2025-20323.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: aarch64: bpftool-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-container-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-container-debug-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-core-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-debug-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-debug-core-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-devel-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-doc-5.15.0-308.179.6.2.el9uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek64k-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek64k-core-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek64k-modules-5.15.0-308.179.6.2.el9uek.aarch64.rpm kernel-uek64k-modules-extra-5.15.0-308.179.6.2.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-308.179.6.2.el9uek.src.rpm Related CVEs: CVE-2024-28956 Description of changes: [5.15.0-308.179.6.2.el9uek] - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37920681] - x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37920681] - x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37920681] - selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/alternatives: Remove faulty optimization (Josh Poimboeuf) [Orabug: 37863726] {CVE-2024-28956} - x86/alternative: Optimize returns patching (Borislav Petkov (AMD)) [Orabug: 37863726] {CVE-2024-28956} From el-errata at oss.oracle.com Tue May 13 23:37:07 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:37:07 -0700 Subject: [El-errata] ELSA-2025-20320 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20320 http://linux.oracle.com/errata/ELSA-2025-20320.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: aarch64: bpftool-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-container-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-container-debug-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-core-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-debug-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-debug-core-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-devel-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-doc-5.15.0-308.179.6.el9uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek64k-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek64k-core-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek64k-modules-5.15.0-308.179.6.el9uek.aarch64.rpm kernel-uek64k-modules-extra-5.15.0-308.179.6.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-308.179.6.el9uek.src.rpm Related CVEs: CVE-2024-25742 CVE-2024-25743 CVE-2024-25744 CVE-2024-56583 Description of changes: [5.15.0-308.179.6.el9uek] - net: bridge: IP defragmentation failing for jumboframes (Venkat Venkatsubra) [Orabug: 37847171] - uek-rpm: remove .el9 from shim version (Samasth Norway Ananda) [Orabug: 37834731] - RDS: avoid using offlined CPU during reconnect (Arumugam Kolappan) [Orabug: 37783021] - net/mlx5e: Rely on reqid in IPsec tunnel mode (Leon Romanovsky) [Orabug: 37710815] - net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (Leon Romanovsky) [Orabug: 37710815] - net/mlx5: Clear port select structure when fail to create (Mark Zhang) [Orabug: 37710815] - net/mlx5: SF, Fix add port error handling (Chris Mi) [Orabug: 37710815] - net/mlx5: Fix variable not being completed when function returns (Chenguang Zhao) [Orabug: 37710815] - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: macsec: Maintain TX SA from encoding_sa (Dragos Tatulea) [Orabug: 37710815] - net/mlx5e: Remove workaround to avoid syndrome for internal port (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: SD, Use correct mdev to build channel param (Tariq Toukan) [Orabug: 37710815] - mlxsw: spectrum_acl_flex_keys: Use correct key block on Spectrum-4 (Ido Schimmel) [Orabug: 37710815] - net/mlx5e: clear xdp features on non-uplink representors (William Tu) [Orabug: 37710815] - net/mlx5: Fix msix vectors to respect platform limit (Parav Pandit) [Orabug: 37710815] - mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (Ido Schimmel) [Orabug: 37710815] - mlxsw: spectrum_ptp: Add missing verification before pushing Tx header (Amit Cohen) [Orabug: 37710815] - net/mlx5e: Don't call cleanup on profile rollback failure (Cosmin Ratiu) [Orabug: 37710815] - net/mlx5: Fix command bitmask initialization (Shay Drory) [Orabug: 37710815] - net/mlx5: Check for invalid vector index on EQ creation (Maher Sanalla) [Orabug: 37710815] - mlxsw: spectrum_acl_flex_keys: Constify struct mlxsw_afk_element_inst (Christophe JAILLET) [Orabug: 37710815] - net: Fix netns for ip_tunnel_init_flow() (Xiao Liang) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (Ido Schimmel) [Orabug: 37710815] - ip_tunnel: annotate data-races around t->parms.link (Eric Dumazet) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (Ido Schimmel) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (Ido Schimmel) [Orabug: 37710815] - net/mlx5e: SHAMPO, Fix overflow of hd_per_wq (Dragos Tatulea) [Orabug: 37710815] - net/mlx5e: SHAMPO, Increase timeout to improve latency (Dragos Tatulea) [Orabug: 37710815] - net/mlx5: Verify support for scheduling element and TSAR type (Carolina Jubran) [Orabug: 37710815] - net/mlx5e: Enable remove flow for hard packet limit (Jianbo Liu) [Orabug: 37710815] - net/mlx5: Use set number of max EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: IFC updates for SF max IO EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5e: Approximate IPsec per-SA payload data bytes count (Leon Romanovsky) [Orabug: 37710815] - net/mlx5e: Present succeeded IPsec SA bytes and packet (Leon Romanovsky) [Orabug: 37710815] - net/mlx5: Use max_num_eqs_24b capability if set (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: IFC updates for changing max EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: Correct TASR typo into TSAR (Cosmin Ratiu) [Orabug: 37710815] - net/mlx5e: SHAMPO, Re-enable HW-GRO (Yoray Zack) [Orabug: 37710815] - net/mlx5e: SHAMPO, Use KSMs instead of KLMs (Yoray Zack) [Orabug: 37710815] - net/mlx5e: Fix netif state handling (Shay Drory) [Orabug: 37710815] - net/mlx5e: RSS, Block XOR hash with over 128 channels (Carolina Jubran) [Orabug: 37710815] - net/mlx5: Support matching on l4_type for ttc_table (Jianbo Liu) [Orabug: 37710815] - net/mlx5: Enable SD feature (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Block TLS device offload on combined SD netdev (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Support per-mdev queue counter (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Support cross-vhca RSS (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Let channels be SD-aware (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Connect mlx5 IPsec statistics with XFRM core (Leon Romanovsky) [Orabug: 37710815] - xfrm: get global statistics from the offloaded device (Leon Romanovsky) [Orabug: 37710815] - RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584] [Orabug: 37551309] - uek-rpm/kernel-uek.spec: Set DEFAULTKERNEL correctly during %postun (Vijay Kumar) [Orabug: 37376706] [5.15.0-308.179.5.el9uek] - net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet) - usbnet:fix NPE during rx_complete (Ying Lu) - bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao) - jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz) - serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping) - ksmbd: fix multichannel connection failure (Namjae Jeon) - rds: Tear down the copy-from-user cache before destroying rds_wq (H?kon Bugge) [Orabug: 37716901] [5.15.0-308.179.4.el9uek] - Check concurrency before THP creation for file mappings in fault path (Prakash Sangappa) [Orabug: 37608058] - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (H?kon Bugge) [Orabug: 37747825] [5.15.0-308.179.3.el9uek] - uek-rpm: Build Bluefield 3 kernel for OL9 (Dave Kleikamp) [Orabug: 37763488] - uek-rpm: Add emb3 config and core list for OL9 (Dave Kleikamp) [Orabug: 37763488] - udf: Fix directory iteration for longer tail extents (Jan Kara) [Orabug: 37761829] - uek-rpm: install the perf exec dir (Stephen Brennan) [Orabug: 37757734] - perf probe: Improve log for long event name failure (Leo Yan) [Orabug: 37752593] - perf probe: Check group string length (Leo Yan) [Orabug: 37752593] - perf probe: Use the MAX_EVENT_NAME_LEN macro (Leo Yan) [Orabug: 37752593] - perf probe-event: Better error message for a too-long probe name (Dima Kogan) [Orabug: 37752593] - rds: ib: Do not attempt to insert RDMA exthdr twice (H?kon Bugge) [Orabug: 37721762] - x86/sev: Harden #VC instruction emulation somewhat (Borislav Petkov (AMD)) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Do not allow external 0x80 interrupts (Thomas Gleixner) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Convert INT 0x80 emulation to IDTENTRY (Thomas Gleixner) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Fixup objtool/ibt validation (Peter Zijlstra) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/sev: Mark the code returning to user space as syscall gap (Lai Jiangshan) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - rds: ib: Fix racy send affinity work cancellation (H?kon Bugge) [Orabug: 37607469] - sched/deadline: Fix warning in migrate_enable for boosted tasks (Wander Lairson Costa) [Orabug: 37433838] {CVE-2024-56583} - x86/coco: Disable 32-bit emulation by default on TDX and SEV (Kirill A. Shutemov) [Orabug: 36298741] {CVE-2024-25744} - x86/ia32: State that IA32 emulation is disabled (Borislav Petkov (AMD)) [Orabug: 36298741] {CVE-2024-25744} - x86: Make IA32_EMULATION boot time configurable (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Remove toolchain check for X32 ABI capability (Masahiro Yamada) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/elf: Make loading of 32bit processes depend on ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Compile entry_SYSCALL32_ignore() unconditionally (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Rename ignore_sysret() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Introduce ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Fix misspelled Kconfig symbols (Lukas Bulwahn) [Orabug: 36298741] {CVE-2024-25744} [5.15.0-308.179.2.el9uek] - LTS version: v5.15.179 (Vijayendra Suman) - net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (Jakub Kicinski) - kbuild: userprogs: use correct lld when linking through clang (Thomas Wei?schuh) - vsock: Orphan socket after transport release (Michal Luczaj) - vsock: Keep the binding until socket destruction (Michal Luczaj) - bpf, vsock: Invoke proto::close on close() (Michal Luczaj) - media: uvcvideo: Remove dangling pointers (Ricardo Ribalda) - media: uvcvideo: Fix crash during unbind if gpio unit is in use (Ricardo Ribalda) - nilfs2: handle errors that nilfs_prepare_chunk() may return (Ryusuke Konishi) - nilfs2: eliminate staggered calls to kunmap in nilfs_rename (Ryusuke Konishi) - nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link (Ryusuke Konishi) - spi-mxs: Fix chipselect glitch (Ralf Schlatterbeck) - mtd: rawnand: cadence: fix unchecked dereference (Niravkumar L Rabara) - md: select BLOCK_LEGACY_AUTOLOAD (NeilBrown) - media: uvcvideo: Avoid returning invalid controls (Ricardo Ribalda) - media: uvcvideo: Avoid invalid memory access (Ricardo Ribalda) - drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (Haoyu Li) - eeprom: digsy_mtc: Make GPIO lookup table match the device (Andy Shevchenko) - bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (Manivannan Sadhasivam) - slimbus: messaging: Free transaction ID in delayed interrupt scenario (Visweswara Tanuku) - intel_th: pci: Add Panther Lake-P/U support (Alexander Shishkin) - intel_th: pci: Add Panther Lake-H support (Alexander Shishkin) - intel_th: pci: Add Arrow Lake support (Pawel Chmielewski) - mei: me: add panther lake P DID (Alexander Usyskin) - Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) - usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (Michal Pecio) - xhci: pci: Fix indentation in the PCI device ID definitions (Andy Shevchenko) - usb: gadget: Check bmAttributes only if configuration is valid (Prashanth K) - usb: gadget: Fix setting self-powered state on suspend (Marek Szyprowski) - usb: gadget: Set self-powered based on MaxPower and bmAttributes (Prashanth K) - usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (AngeloGioacchino Del Regno) - usb: typec: ucsi: increase timeout for PPM reset operations (Fedor Pchelkin) - usb: dwc3: gadget: Prevent irq storm when TH re-executes (Badhri Jagan Sridharan) - usb: renesas_usbhs: Flush the notify_hotplug_work (Claudiu Beznea) - usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (Miao Li) - usb: hub: lack of clearing xHC resources (Pawel Laszczak) - usb: renesas_usbhs: Use devm_usb_get_phy() (Claudiu Beznea) - usb: renesas_usbhs: Call clk_put() (Claudiu Beznea) - Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (Christian Heusel) - gpio: rcar: Fix missing of_node_put() call (Fabrizio Castro) - net: ipv6: fix missing dst ref drop in ila lwtunnel (Justin Iurman) - net: ipv6: fix dst ref loop in ila lwtunnel (Justin Iurman) - sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (Zecheng Li) - net-timestamp: support TCP GSO case for a few missing flags (Jason Xing) - exfat: fix soft lockup in exfat_clear_bitmap (Namjae Jeon) - x86/sgx: Fix size overflows in sgx_encl_create() (Jarkko Sakkinen) - vlan: enforce underlying device type (Oscar Maes) - ppp: Fix KMSAN uninit-value warning with bpf (Jiayuan Chen) - net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (Peiyang Wang) - be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink (Nikolay Aleksandrov) - drm/sched: Fix preprocessor guard (Philipp Stanner) - hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (Xinghuo Chen) - llc: do not use skb_get() before dev_queue_xmit() (Eric Dumazet) - ALSA: usx2y: validate nrpacks module parameter on probe (Murad Masimov) - hwmon: (ad7314) Validate leading zero bits and return error (Erik Schumacher) - hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (Maud Spierings) - hwmon: (pmbus) Initialise page count in pmbus_identify() (Titus Rwantare) - caif_virtio: fix wrong pointer check in cfv_probe() (Vitaliy Shevtsov) - net: gso: fix ownership in __udp_gso_segment (Antoine Tenart) - nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (Meir Elisha) - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (Zhang Lixu) - HID: google: fix unused variable warning under !CONFIG_ACPI (Yu-Chun Lin) - wifi: iwlwifi: limit printed string from FW file (Johannes Berg) - mm: don't skip arch_sync_kernel_mappings() in error paths (Ryan Roberts) - mm/page_alloc: fix uninitialized variable (Hao Zhang) - block: fix conversion of GPT partition name to 7-bit (Olivier Gayot) - s390/traps: Fix test_monitor_call() inline assembly (Heiko Carstens) - rapidio: fix an API misues when rio_add_net() fails (Haoxiang Li) - rapidio: add check for rio_add_net() in rio_scan_alloc_net() (Haoxiang Li) - wifi: nl80211: reject cooked mode if it is set along with other flags (Vitaliy Shevtsov) - wifi: cfg80211: regulatory: improve invalid hints checking (Nikita Zhandarovich) - x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 (Ahmed S. Darwish) - x86/cpu: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - x86/cacheinfo: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (Mingcong Bai) - drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (Richard Thier) - ALSA: hda/realtek: update ALC222 depop optimize (Kailang Yang) - ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (Hoku Ishibe) - gpio: aggregator: protect driver attr handlers against module unload (Koichiro Den) - gpio: rcar: Use raw_spinlock to protect register access (Niklas S?derlund) - HID: appleir: Fix potential NULL dereference at raw event handle (Daniil Dulov) - Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" (Rob Herring (Arm)) - drm/amdgpu: disable BAR resize on Dell G5 SE (Alex Deucher) - drm/amdgpu: Check extended configuration space register when system uses large bar (Ma Jun) - smb: client: Add check for next_buffer in receive_encrypted_standard() (Haoxiang Li) - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (Quang Le) - intel_idle: Handle older CPUs, which stop the TSC in deeper C states, correctly (Thomas Gleixner) - sched/core: Prevent rescheduling when interrupts are disabled (Thomas Gleixner) - vmlinux.lds: Ensure that const vars with relocations are mapped R/O (Ard Biesheuvel) - mptcp: always handle address removal under msk socket lock (Paolo Abeni) - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (Kaustabh Chakraborty) - phy: tegra: xusb: reset VBUS & ID OVERRIDE (BH Hsieh) - net: enetc: correct the xdp_tx statistics (Wei Fang) - net: enetc: update UDP checksum when updating originTimestamp field (Wei Fang) - net: enetc: fix the off-by-one issue in enetc_map_tx_buffs() (Wei Fang) - usbnet: gl620a: fix endpoint checking in genelink_bind() (Nikita Zhandarovich) - i2c: npcm: disable interrupt enable bit before devm_request_irq (Tyrone Ting) - drm/amd/display: Fix HPD after gpu reset (Roman Li) - perf/core: Fix low freq setting via IOC_PERIOD (Kan Liang) - ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (Dmitry Panchenko) - ftrace: Avoid potential division by zero in function_stat_show() (Nikolay Kuratov) - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems (Russell Senior) - net: ipv6: fix dst ref loop on input in rpl lwt (Justin Iurman) - net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (Justin Iurman) - net: ipv6: fix dst ref loop on input in seg6 lwt (Justin Iurman) - net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (Justin Iurman) - include: net: add static inline dst_dev_overhead() to dst.h (Justin Iurman) - seg6: add support for SRv6 H.L2Encaps.Red behavior (Andrea Mayer) - seg6: add support for SRv6 H.Encaps.Red behavior (Andrea Mayer) - net/mlx5: IRQ, Fix null string in debug print (Shay Drory) - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. (Harshal Chaudhari) - tcp: Defer ts_recent changes until req is owned (Wang Hai) - ipvs: Always clear ipvs_property flag in skb_scrub_packet() (Philo Lu) - ASoC: es8328: fix route from DAC to output (Nicolas Frattaroli) - net: cadence: macb: Synchronize stats calculations (Sean Anderson) - afs: Fix the server_list to unuse a displaced server rather than putting it (David Howells) - afs: Make it possible to find the volumes that are using a server (David Howells) - afs: remove variable nr_servers (Colin Ian King) - Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (Luiz Augusto von Dentz) - ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (Takashi Iwai) - sunrpc: suppress warnings for unused procfs functions (Arnd Bergmann) - RDMA/mlx5: Fix bind QP error cleanup flow (Patrisious Haddad) - scsi: core: Clear driver private data when retrying request (Ye Bin) - scsi: core: Don't memset() the entire scsi_cmnd in scsi_init_command() (Christoph Hellwig) - ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (Vasiliy Kovalev) - ovl: pass ofs to creation operations (Christian Brauner) - ovl: use wrappers to all vfs_*xattr() calls (Amir Goldstein) - IB/mlx5: Set and get correct qp_num for a DCT QP (Mark Zhang) - x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (Patrick Bellasi) - mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (Niravkumar L Rabara) - mtd: rawnand: cadence: use dma_map_resource for sdma address (Niravkumar L Rabara) - mtd: rawnand: cadence: fix error code in cadence_nand_init() (Niravkumar L Rabara) - acct: block access to kernel internal filesystems (Christian Brauner) - acct: perform last write from workqueue (Christian Brauner) - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (John Veness) - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (Haoxiang Li) - drop_monitor: fix incorrect initialization order (Gavrilov Ilia) - tee: optee: Fix supplicant wait loop (Sumit Garg) - bpf: skip non exist keys in generic_map_lookup_batch (Yan Zhai) - nvme/ioctl: add missing space in err message (Caleb Sander Mateos) - power: supply: da9150-fg: fix potential overflow (Andrey Vatoropin) - arp: switch to dev_getbyhwaddr() in arp_req_set_public() (Breno Leitao) - net: Add non-RCU dev_getbyhwaddr() helper (Breno Leitao) - flow_dissector: Fix port range key handling in BPF conversion (Cong Wang) - flow_dissector: Fix handling of mixed port and port-range keys (Cong Wang) - geneve: Suppress list corruption splat in geneve_destroy_tunnels(). (Kuniyuki Iwashima) - geneve: Fix use-after-free in geneve_find_dev(). (Kuniyuki Iwashima) - powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (Christophe Leroy) - ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang) - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (Christophe Leroy) - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (Michael Ellerman) - USB: gadget: f_midi: f_midi_complete to call queue_work (Jill Donahue) - usb: dwc3: Fix timeout issue during controller enter/exit from halt state (Selvarasu Ganesan) - usb: dwc3: Increase DWC3 controller halt timeout (Wesley Cheng) - batman-adv: Drop unmanaged ELP metric worker (Sven Eckelmann) - batman-adv: Drop initialization of flexible ethtool_link_ksettings (Sven Eckelmann) - media: uvcvideo: Only save async fh if success (Ricardo Ribalda) - media: uvcvideo: Refactor iterators (Ricardo Ribalda) - media: uvcvideo: Set error_idx during ctrl_commit errors (Ricardo Ribalda) - soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (Krzysztof Kozlowski) - soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (Krzysztof Kozlowski) - soc: mediatek: mtk-devapc: Switch to devm_clk_get_enabled() (AngeloGioacchino Del Regno) - kfence: skip __GFP_THISNODE allocations on NUMA systems (Marco Elver) - kfence: enable check kfence canary on panic via boot param (huangshaobo) - kfence: allow use of a deferrable timer (Marco Elver) - tpm: Change to kvalloc() in eventlog/acpi.c (Jarkko Sakkinen) - tpm: Use managed allocation for bios event log (Eddie James) - arm64: dts: mediatek: mt8183: Disable DSI display output by default (Chen-Yu Tsai) - ASoC: renesas: rz-ssi: Add a check for negative sample_space (Dan Carpenter) - drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (Thomas Zimmermann) - drm/probe-helper: Create a HPD IRQ event helper for a single connector (Maxime Ripard) - ksmbd: fix integer overflows on 32 bit systems (Dan Carpenter) - memcg: fix soft lockup in the OOM process (Chen Ridong) - mm: update mark_victim tracepoints fields (Carlos Galo) - media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (Dan Carpenter) - crypto: testmgr - some more fixes to RSA test vectors (Ignat Korchagin) - crypto: testmgr - populate RSA CRT parameters in RSA test vectors (Ignat Korchagin) - crypto: testmgr - fix version number of RSA tests (lei he) - crypto: testmgr - Fix wrong test case of RSA (Lei He) - crypto: testmgr - fix wrong key length for pkcs1pad (Lei He) - arm64: mte: Do not allow PROT_MTE on MAP_HUGETLB user mappings (Catalin Marinas) - pps: Fix a use-after-free (Calvin Owens) - btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana) - x86/i8253: Disable PIT timer 0 when not in use (David Woodhouse) - f2fs: fix to wait dio completion (Chao Yu) - ARM: dts: dra7: Add bus_dma_limit for l4 cfg bus (Romain Naour) - parport_pc: add support for ASIX AX99100 (Jiaqing Zhao) - serial: 8250_pci: add support for ASIX AX99100 (Jiaqing Zhao) - can: ems_pci: move ASIX AX99100 ids to pci_ids.h (Jiaqing Zhao) - nilfs2: protect access to buffers with no active references (Ryusuke Konishi) - nilfs2: do not force clear folio if buffer is referenced (Ryusuke Konishi) - nilfs2: do not output warnings when clearing dirty buffers (Ryusuke Konishi) - alpha: replace hardcoded stack offsets with autogenerated ones (Ivan Kokshaysky) - kdb: Do not assume write() callback available (John Ogness) - drm/v3d: Stop active perfmon if it is being destroyed (Christian Gmeiner) - drm/tidss: Clear the interrupt status for interrupts being disabled (Devarsh Thakkar) - drm/tidss: Fix issue in irq handling causing irq-flood issue (Tomi Valkeinen) - ipv6: mcast: add RCU protection to mld_newpack() (Eric Dumazet) - ndisc: extend RCU protection in ndisc_send_skb() (Eric Dumazet) - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (Eric Dumazet) - arp: use RCU protection in arp_xmit() (Eric Dumazet) - neighbour: use RCU protection in __neigh_notify() (Eric Dumazet) - neighbour: delete redundant judgment statements (Li Zetao) - ndisc: use RCU protection in ndisc_alloc_skb() (Eric Dumazet) - ipv6: use RCU protection in ip6_default_advmss() (Eric Dumazet) - ipv4: use RCU protection in __ip_rt_update_pmtu() (Eric Dumazet) - net: ipv4: Cache pmtu for all packet paths if multipath enabled (Vladimir Vdovin) - selftest: net: Test IPv4 PMTU exceptions with DSCP and ECN (Guillaume Nault) - Namespaceify mtu_expires sysctl (xu xin) - Namespaceify min_pmtu sysctl (xu xin) - ipv4: use RCU protection in inet_select_addr() (Eric Dumazet) - ipv4: use RCU protection in rt_is_expired() (Eric Dumazet) - net: add dev_net_rcu() helper (Eric Dumazet) - ipv4: add RCU protection to ip4_dst_hoplimit() (Eric Dumazet) - clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (Waiman Long) - clocksource: Use pr_info() for "Checking clocksource synchronization" message (Waiman Long) - clocksource: Replace cpumask_weight() with cpumask_empty() (Yury Norov) - btrfs: fix hole expansion when writing at an offset beyond EOF (Filipe Manana) - mlxsw: Add return value check for mlxsw_sp_port_get_stats_raw() (Wentao Liang) - arm64: Handle .ARM.attributes section in linker scripts (Nathan Chancellor) - regmap-irq: Add missing kfree() (Jiasheng Jiang) - partitions: mac: fix handling of bogus partition table (Jann Horn) - gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (Wentao Liang) - alpha: align stack for page fault and user unaligned trap handlers (Ivan Kokshaysky) - serial: 8250: Fix fifo underflow on flush (John Keeping) - cgroup: fix race between fork and cgroup.kill (Shakeel Butt) - efi: Avoid cold plugged memory for placing the kernel (Ard Biesheuvel) - alpha: make stack 16-byte aligned (most cases) (Ivan Kokshaysky) - can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (Alexander H?lzl) - can: c_can: fix unbalanced runtime PM disable in error path (Krzysztof Kozlowski) - USB: serial: option: drop MeiG Smart defines (Johan Hovold) - USB: serial: option: fix Telit Cinterion FN990A name (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FN990B compositions (Fabio Porcedda) - USB: serial: option: add MeiG Smart SLM828 (Chester A. Unal) - usb: cdc-acm: Fix handling of oversized fragments (Jann Horn) - usb: cdc-acm: Check control transfer buffer size before access (Jann Horn) - USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (Marek Vasut) - USB: hub: Ignore non-compliant devices with too many configs or interfaces (Alan Stern) - usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (John Keeping) - USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (Mathias Nyman) - USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (Lei Huang) - usb: core: fix pipe creation for get_bMaxPacketSize0 (Stefan Eichenberger) - USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (Huacai Chen) - usb: dwc2: gadget: remove of_node reference upon udc_stop (Fabrice Gasnier) - usb: gadget: udc: renesas_usb3: Fix compiler warning (Guo Ren) - usb: roles: set switch registered flag early on (Elson Roy Serrao) - perf/x86/intel: Ensure LBRs are disabled when a CPU is starting (Sean Christopherson) - KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (Sean Christopherson) - batman-adv: Ignore neighbor throughput metrics in error case (Sven Eckelmann) - batman-adv: fix panic during interface removal (Andy Strohman) - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (Hans de Goede) - orangefs: fix a oob in orangefs_debug_write (Mike Marshall) - Grab mm lock before grabbing pt lock (Maksym Planeta) - vfio/pci: Enable iowrite64 and ioread64 for vfio pci (Ramesh Thomas) - PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (Takashi Iwai) - media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (Edward Adam Davis) - media: cxd2841er: fix 64-bit division on gcc-9 (Arnd Bergmann) - x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross) - xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik) - gpio: bcm-kona: Add missing newline to dev_err format string (Artur Weber) - gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (Artur Weber) - gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (Artur Weber) - drm/i915/selftests: avoid using uninitialized context (Krzysztof Karas) - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec) - team: better TEAM_OPTION_TYPE_STRING validation (Eric Dumazet) - vrf: use RCU protection in l3mdev_l3_out() (Eric Dumazet) - ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (Eric Dumazet) - HID: multitouch: Add NULL check in mt_input_configured (Charles Han) - NFSD: fix hang in nfsd4_shutdown_callback (Dai Ngo) - nfsd: clear acl_access/acl_default after releasing them (Li Lingfeng) - tty: xilinx_uartps: split sysrq handling (Sean Anderson) - mptcp: prevent excessive coalescing on receive (Paolo Abeni) - ocfs2: check dir i_size in ocfs2_find_entry (Su Yue) - memory: tegra20-emc: Correct memory device mask (Dmitry Osipenko) - gpio: xilinx: remove excess kernel doc (Bartosz Golaszewski) - net/ncsi: use dev_set_mac_address() for Get MC MAC Address handling (Paul Fertser) - MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static (WangYuli) - ptp: Ensure info->enable callback is always set (Thomas Wei?schuh) - net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (Milos Reljin) - net/ncsi: wait for the last response to Deselect Package before configuring channel (Paul Fertser) - misc: fastrpc: Fix registered buffer page address (Ekansh Gupta) - mtd: onenand: Fix uninitialized retlen in do_otp_read() (Ivan Stepchenko) - NFC: nci: Add bounds checking in nci_hci_create_pipe() (Dan Carpenter) - nilfs2: fix possible int overflows in nilfs_fiemap() (Nikita Zhandarovich) - ocfs2: handle a symlink read error correctly (Matthew Wilcox (Oracle)) - pnfs/flexfiles: retry getting layout segment for reads (Mike Snitzer) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - nvmem: core: improve range check for nvmem_cell_write() (Jennifer Berringer) - nvmem: qcom-spmi-sdam: Set size in struct nvmem_config (Luca Weiss) - crypto: qce - unregister previously registered algos in error path (Bartosz Golaszewski) - crypto: qce - fix goto jump in error path (Bartosz Golaszewski) - media: uvcvideo: Remove redundant NULL assignment (Ricardo Ribalda) - media: uvcvideo: Fix event flags in uvc_ctrl_send_events (Ricardo Ribalda) - media: ccs: Fix cleanup order in ccs_probe() (Mehdi Djait) - media: ccs: Fix CCS static data parsing for large block sizes (Sakari Ailus) - media: ov5640: fix get_light_freq on auto (Sam Bobrowicz) - media: mc: fix endpoint iteration (Cosmin Tanislav) - soc: qcom: smem_state: fix missing of_node_put in error path (Krzysztof Kozlowski) - iio: light: as73211: fix channel handling in only-color triggered buffer (Javier Carrasco) - media: ccs: Clean up parsed CCS static data on parse failure (Sakari Ailus) - xfs: Add error handling for xfs_reflink_cancel_cow_range (Wentao Liang) - crypto: qce - fix priority to be less than ARMv8 CE (Eric Biggers) - arm64: dts: qcom: sm8350: Fix MPSS memory length (Krzysztof Kozlowski) - x86/boot: Use '-std=gnu11' to fix build with GCC 15 (Nathan Chancellor) - kbuild: Move -Wenum-enum-conversion to W=2 (Nathan Chancellor) - scsi: qla2xxx: Move FCE Trace buffer allocation to user control (Quinn Tran) - nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (Georg Gottleuber) - nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (Georg Gottleuber) - PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (Zijun Hu) - ALSA: hda/realtek: Enable headset mic on Positivo C6400 (Edson Juliano Drosdeck) - mips/math-emu: fix emulation of the prefx instruction (Mateusz Jo?czyk) - dm-crypt: track tag_offset in convert_context (Hou Tao) - dm-crypt: don't update io->sector after kcryptd_crypt_write_io_submit() (Hou Tao) - powerpc/pseries/eeh: Fix get PE state translation (Narayana Murty N) - MIPS: Loongson64: remove ROM Size unit in boardinfo (Kexy Biscuit) - serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (Claudiu Beznea) - serial: sh-sci: Drop __initdata macro for port_cfg (Claudiu Beznea) - soc: qcom: socinfo: Avoid out of bounds read of serial number (Stephan Gerhold) - usb: gadget: f_tcm: Don't prepare BOT write request twice (Thinh Nguyen) - usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (Thinh Nguyen) - usb: gadget: f_tcm: Decrement command ref count on cleanup (Thinh Nguyen) - usb: gadget: f_tcm: Translate error to sense (Thinh Nguyen) - wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (Marcel Hamer) - wifi: rtlwifi: rtl8821ae: Fix media status report (Bitterblue Smith) - HID: hid-sensor-hub: don't use stale platform-data on remove (Heiko Stuebner) - of: reserved-memory: Fix using wrong number of cells to get property 'alignment' (Zijun Hu) - of: Fix of_find_node_opts_by_path() handling of alias+path+options (Zijun Hu) - of: Correct child specifier used as input of the 2nd nexus node (Zijun Hu) - perf bench: Fix undefined behavior in cmpworker() (Kuan-Wei Chiu) - efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (Nathan Chancellor) - blk-cgroup: Fix class @block_class's subsystem refcount leakage (Zijun Hu) - clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (Anastasia Belova) - clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (Satya Priya Kakitapalli) - clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (Luca Weiss) - clk: qcom: clk-alpha-pll: fix alpha mode configuration (Gabor Juhos) - clk: sunxi-ng: a100: enable MMC clock reparenting (Cody Eksal) - Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (Fedor Pchelkin) - Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin) - drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (Ville Syrj?l?) - drm/komeda: Add check for komeda_get_layer_fourcc_list() (Haoxiang Li) - drm/amd/pm: Mark MM activity as unsupported (Lijo Lazar) - KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (David Hildenbrand) - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (Sean Christopherson) - arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (Jakob Unterwurzacher) - binfmt_flat: Fix integer overflow bug on 32 bit systems (Dan Carpenter) - m68k: vga: Fix I/O defines (Thomas Zimmermann) - s390/futex: Fix FUTEX_OP_ANDN implementation (Heiko Carstens) - drm/modeset: Handle tiled displays in pan_display_atomic. (Maarten Lankhorst) - leds: lp8860: Write full EEPROM, not only half of it (Alexander Sverdlin) - cpufreq: s3c64xx: Fix compilation warning (Viresh Kumar) - tun: revert fix group permission check (Willem de Bruijn) - net: rose: lock the socket in rose_bind() (Eric Dumazet) - net: atlantic: fix warning during hot unplug (Jacob Moroni) - gpio: pca953x: Improve interrupt support (Mark Tomlinson) - udp: gso: do not drop small packets when PMTU reduces (Yan Zhai) - tg3: Disable tg3 PCIe AER on system reboot (Lenny Szubowicz) - gpu: drm_dp_cec: fix broken CEC adapter properties check (Hans Verkuil) - firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (Prasad Pandit) - nvme: handle connectivity loss in nvme_set_queue_count (Daniel Wagner) - usb: xhci: Fix NULL pointer dereference on certain command aborts (Michal Pecio) - usb: xhci: Add timeout argument in address_device USB HCD callback (Hardik Gajjar) - xfs: don't over-report free space or inodes in statvfs (Darrick J. Wong) - xfs: report realtime block quota limits on realtime directories (Darrick J. Wong) - gpio: xilinx: Convert gpio_lock to raw spinlock (Sean Anderson) - net/ncsi: fix locking in Get MAC Address handling (Paul Fertser) - net/ncsi: Add NC-SI 1.2 Get MC MAC Address command (Peter Delevoryas) - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (Joe Hattori) - usb: chipidea/ci_hdrc_imx: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - usb: chipidea: ci_hdrc_imx: use dev_err_probe() (Alexander Stein) - x86/mm: Don't disable PCID when INVLPG has been fixed by microcode (Xi Ruoyao) - platform/x86: acer-wmi: Ignore AC events (Armin Wolf) - Input: allocate keycode for phone linking (Illia Ostapyshyn) - selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (Liu Ye) - tipc: re-order conditions in tipc_crypto_key_rcv() (Dan Carpenter) - mmc: sdhci-msm: Correctly set the load for the regulator (Yuanjie Yang) - net: wwan: iosm: Fix hibernation by re-binding the driver around it (Maciej S. Szmigiero) - APEI: GHES: Have GHES honor the panic= setting (Borislav Petkov) - i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (Randolph Ha) - wifi: iwlwifi: avoid memory leak (Miri Korenblit) - net/mlx5: use do_aux_work for PHC overflow checks (Vadim Fedorenko) - HID: Wacom: Add PCI Wacom device support (Even Xu) - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (Hans de Goede) - tomoyo: don't emit warning in tomoyo_write_control() (Tetsuo Handa) - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (Dmitry Antipov) - mmc: core: Respect quirk_max_rate for non-UHS SDIO card (Shawn Lin) - tun: fix group permission check (Stas Sergeev) - safesetid: check size of policy writes (Leo Stone) - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (Kuan-Wei Chiu) - x86/amd_nb: Restrict init function to AMD-based systems (Yazen Ghannam) - lockdep: Fix upper limit for LOCKDEP_*_BITS configs (Carlos Llamas) - sched: Don't try to catch up excess steal time. (Suleiman Souhlal) - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (Josef Bacik) - btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (Hao-ran Zheng) - btrfs: fix use-after-free when attempting to join an aborted transaction (Filipe Manana) - btrfs: output the reason for open_ctree() failure (Qu Wenruo) - usb: gadget: f_tcm: Don't free command immediately (Thinh Nguyen) - media: uvcvideo: Fix double free in error path (Laurent Pinchart) - mptcp: consolidate suboption status (Paolo Abeni) - usb: typec: tcpci: Prevent Sink disconnection before vPpsShutdown in SPR PPS (Kyle Tso) - usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (Jos Wang) - usb: dwc3: core: Defer the probe until USB power supply ready (Kyle Tso) - usb: gadget: f_tcm: Fix Get/SetInterface return value (Thinh Nguyen) - drivers/card_reader/rtsx_usb: Restore interrupt based detection (Sean Rhodes) - net: usb: rtl8150: enable basic endpoint checking (Nikita Zhandarovich) - ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (Lianqin Hu) - ktest.pl: Check kernelrelease return in get_version (Ricardo B. Marliere) - netfilter: nf_tables: reject mismatching sum of field_len with set key length (Pablo Neira Ayuso) - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Chuck Lever) - hexagon: Fix unbalanced spinlock in die() (Lin Yujun) - hexagon: fix using plain integer as NULL pointer warning in cmpxchg (Willem de Bruijn) - kconfig: fix memory leak in sym_warn_unmet_dep() (Masahiro Yamada) - kconfig: WERROR unmet symbol dependency (Sergey Senozhatsky) - kconfig: deduplicate code in conf_read_simple() (Masahiro Yamada) - kconfig: remove unused code for S_DEF_AUTO in conf_read_simple() (Masahiro Yamada) - kconfig: require a space after '#' for valid input (Masahiro Yamada) - kconfig: add warn-unknown-symbols sanity check (Sergey Senozhatsky) - kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is read from *.symref file (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is added from source (Masahiro Yamada) - net: sh_eth: Fix missing rtnl lock in suspend/resume path (Kory Maincent) - bgmac: reduce max frame size to support just MTU 1500 (Rafa? Mi?ecki) - vsock: Allow retrying on connect() failure (Michal Luczaj) - perf trace: Fix runtime error of index out of bounds (Howard Chu) - ptp: Properly handle compat ioctls (Thomas Wei?schuh) - net: davicom: fix UAF in dm9000_drv_remove (Chenyuan Yang) - net: netdevsim: try to close UDP port harness races (Jakub Kicinski) - net: rose: fix timer races against user threads (Eric Dumazet) - PM: hibernate: Add error handling for syscore_suspend() (Wentao Liang) - ipmr: do not call mr_mfc_uses_dev() for unres entries (Eric Dumazet) - net: fec: implement TSO descriptor cleanup (Dheeraj Reddy Jonnalagadda) - gpio: mxc: remove dead code after switch to DT-only (Ahmad Fatoum) - net: hns3: fix oops when unload drivers paralleling (Jian Shen) - ubifs: skip dumping tnc tree when zroot is null (pangliyuan) - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (Oleksij Rempel) - dmaengine: ti: edma: fix OF node reference leaks in edma_driver (Joe Hattori) - xfrm: replay: Fix the update of replay_esn->oseq_hi for GSO (Jianbo Liu) - tools/bootconfig: Fix the wrong format specifier (Luo Yifan) - NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (Olga Kornievskaia) - NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (Olga Kornievskaia) - module: Extend the preempt disabled section in dereference_symbol_descriptor(). (Sebastian Andrzej Siewior) - ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (Su Yue) - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (Guixin Liu) - scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1 (Paul Menzel) - PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (King Dix) - staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (Joe Hattori) - mtd: hyperbus: hbmc-am654: fix an OF node reference leak (Joe Hattori) - mtd: hyperbus: hbmc-am654: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - mtd: hyperbus: Make hyperbus_unregister_device() return void (Uwe Kleine-K?nig) - media: uvcvideo: Propagate buf->error to userspace (Ricardo Ribalda) - media: camif-core: Add check for clk_enable() (Jiasheng Jiang) - media: mipi-csis: Add check for clk_enable() (Jiasheng Jiang) - media: i2c: ov9282: Correct the exposure offset (Dave Stevenson) - media: i2c: imx412: Add missing newline to prints (Luca Weiss) - media: marvell: Add check for clk_enable() (Jiasheng Jiang) - PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (Zijun Hu) - media: lmedm04: Handle errors for lme2510_int_read (Chen Ni) - media: rc: iguanair: handle timeouts (Oliver Neukum) - efi: sysfb_efi: fix W=1 warnings when EFI is not set (Randy Dunlap) - of: reserved-memory: Do not make kmemleak ignore freed address (Zijun Hu) - memblock: drop memblock_free_early_nid() and memblock_free_early() (Mike Rapoport) - xen/x86: free_p2m_page: use memblock_free_ptr() to free a virtual pointer (Mike Rapoport) - RDMA/mlx5: Fix indirect mkey ODP page count (Michael Guralnik) - RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (Michael Guralnik) - fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (Joe Hattori) - ARM: dts: mediatek: mt7623: fix IR nodename (Rafa? Mi?ecki) - arm64: dts: qcom: sdm845: Fix interrupt types of camss interrupts (Vladimir Zapolskiy) - arm64: dts: qcom: sm8150-microsoft-surface-duo: fix typos in da7280 properties (Neil Armstrong) - arm64: dts: qcom: sm8350: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sm8250: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sm6125: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sc7280: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8994: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8916: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8994: Describe USB interrupts (Konrad Dybcio) - arm64: dts: qcom: msm8996: Fix up USB3 interrupts (Konrad Dybcio) - arm64: dts: mediatek: mt8183-kukui-jacuzzi: Drop pp3300_panel voltage settings (Chen-Yu Tsai) - memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (Joe Hattori) - memory: tegra20-emc: Support matching timings by LPDDR2 configuration (Dmitry Osipenko) - memory: Add LPDDR2-info helpers (Dmitry Osipenko) - arm64: dts: mediatek: mt8183: willow: Support second source touchscreen (Hsin-Te Yuan) - arm64: dts: mediatek: mt8183: kenzo: Support second source touchscreen (Hsin-Te Yuan) - arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-elm: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-elm: Drop regulator-compatible property (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property (Chen-Yu Tsai) - rdma/cxgb4: Prevent potential integer overflow on 32bit (Dan Carpenter) - RDMA/mlx4: Avoid false error about access to uninitialized gids array (Leon Romanovsky) - arm64: dts: mediatek: mt8516: reserve 192 KiB for TF-A (Val Packett) - arm64: dts: mediatek: mt8516: add i2c clock-div property (Val Packett) - arm64: dts: mediatek: mt8516: remove 2 invalid i2c clocks (Fabien Parent) - arm64: dts: mediatek: mt8516: fix wdt irq type (Val Packett) - arm64: dts: mediatek: mt8516: fix GICv2 range (Val Packett) - arm64: dts: mt8183: set DMIC one-wire mode on Damu (Hsin-Yi Wang) - ARM: at91: pm: change BU Power Switch to automatic mode (Nicolas Ferre) - padata: avoid UAF for reorder_work (Chen Ridong) - padata: add pd get/put refcnt helper (Chen Ridong) - padata: fix UAF in padata_reorder (Chen Ridong) - bpf: Send signals asynchronously if !preemptible (Puranjay Mohan) - perf report: Fix misleading help message about --demangle (Jiachen Zhang) - perf top: Don't complain about lack of vmlinux when not resolving some kernel samples (Arnaldo Carvalho de Melo) - padata: fix sysfs store callback check (Thomas Wei?schuh) - crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (Joe Hattori) - crypto: hisilicon/sec2 - fix for aead invalid authsize (Wenkai Lin) - crypto: hisilicon/sec2 - fix for aead icv error (Wenkai Lin) - crypto: hisilicon/sec2 - optimize the error return process (Chenghai Huang) - crypto: hisilicon/sec - delete redundant blank lines (Kai Ye) - crypto: hisilicon/sec - add some comments for soft fallback (Kai Ye) - ktest.pl: Remove unused declarations in run_bisect_test function (Ba Jing) - ASoC: renesas: rz-ssi: Use only the proper amount of dividers (Claudiu Beznea) - perf bpf: Fix two memory leakages when calling perf_env__insert_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_btf() (Zhongqiu Han) - ASoC: sun4i-spdif: Add clock multiplier settings (George Lander) - libbpf: Fix segfault due to libelf functions not setting errno (Quentin Monnet) - net/rose: prevent integer overflows in rose_setsockopt() (Nikita Zhandarovich) - tcp_cubic: fix incorrect HyStart round start detection (Mahdi Arghavani) - net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (Roger Quadros) - netfilter: nft_flow_offload: update tcp state flags under lock (Florian Westphal) - net: sched: Disallow replacing of child qdisc from one parent to another (Jamal Hadi Salim) - net: avoid race between device unregistration and ethnl ops (Antoine Tenart) - net/mlxfw: Drop hard coded max FW flash image size (Maher Sanalla) - net: let net.core.dev_weight always be non-zero (Liu Jian) - selftests/landlock: Fix error message (Micka?l Sala?n) - clk: analogbits: Fix incorrect calculation of vco rate delta (Bo Gan) - wifi: cfg80211: adjust allocation of colocated AP data (Dmitry Antipov) - wifi: cfg80211: Handle specific BSSID in 6GHz scanning (Ilan Peer) - selftests: harness: fix printing of mismatch values in __EXPECT() (Dmitry V. Levin) - cpufreq: ACPI: Fix max-frequency computation (Gautham R. Shenoy) - wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (WangYuli) - landlock: Handle weird files (Micka?l Sala?n) - landlock: Move filesystem helpers and add a new one (Micka?l Sala?n) - net/smc: fix data error when recvmsg with MSG_PEEK flag (Guangguan Wang) - wifi: wlcore: fix unbalanced pm_runtime calls (Andreas Kemnade) - samples/landlock: Fix possible NULL dereference in parse_path() (Zichen Xie) - regulator: of: Implement the unwind path of of_regulator_match() (Joe Hattori) - team: prevent adding a device which is already a team device lower (Octavian Purdila) - clk: imx8mp: Fix clkout1/2 support (Marek Vasut) - cpufreq: schedutil: Fix superfluous updates caused by need_freq_update (Sultan Alsawaf (unemployed)) - leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (Joe Hattori) - dt-bindings: mfd: bd71815: Fix rsense and typos (Matti Vaittinen) - cpupower: fix TSC MHz calculation (He Rongguang) - ACPI: fan: cleanup resources in the error path of .probe() (Joe Hattori) - regulator: dt-bindings: mt6315: Drop regulator-compatible property (Chen-Yu Tsai) - HID: multitouch: fix support for Goodix PID 0x01e9 (Jiri Kosina) - Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (Jiri Kosina) - HID: multitouch: Add support for lenovo Y9000P Touchpad (He Lugang) - wifi: rtlwifi: pci: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix memory leaks and invalid access at probe error path (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: destroy workqueue at rtl_deinit_core (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused check_buddy_priv (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused dualmac control leftovers (Dmitry Antipov) - wifi: rtlwifi: remove unused timer and related code (Dmitry Antipov) - rtlwifi: replace usage of found with dedicated list iterator variable (Jakob Koschel) - dt-bindings: leds: class-multicolor: Fix path to color definitions (Geert Uytterhoeven) - dt-bindings: leds: class-multicolor: reference class directly in multi-led node (Krzysztof Kozlowski) - dt-bindings: leds: Add multicolor PWM LED bindings (Sven Schwermer) - dt-bindings: leds: Optional multi-led unit address (Sven Schwermer) - dt-bindings: leds: Add Qualcomm Light Pulse Generator binding (Bjorn Andersson) - dt-bindings: Another pass removing cases of 'allOf' containing a '$ref' (Rob Herring) - spi: dt-bindings: add schema listing peripheral-specific properties (Pratyush Yadav) - dt-bindings: mmc: controller: clarify the address-cells description (Neil Armstrong) - spi: zynq-qspi: Add check for clk_enable() (Mingwei Zheng) - wifi: rtlwifi: usb: fix workqueue leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix init_sw_vars leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: do not complete firmware loading needlessly (Thadeu Lima de Souza Cascardo) - ipmi: ipmb: Add check devm_kasprintf() returned value (Charles Han) - genirq: Make handle_enforce_irqctx() unconditionally available (Thomas Gleixner) - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (Ivan Stepchenko) - HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (Alan Stern) - drm/etnaviv: Fix page property being used for non writecombine buffers (Sui Jingfeng) - sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (Peter Zijlstra) - sched/psi: Use task->psi_flags to clear in CPU migration (Chengming Zhou) - afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (David Howells) - select: Fix unbalanced user_access_end() (Christophe Leroy) - partitions: ldm: remove the initial kernel-doc notation (Randy Dunlap) - nvme: Add error check for xa_store in nvme_get_effects_log (Keisuke Nishimura) - pstore/blk: trivial typo fixes (Eugen Hristev) - nbd: don't allow reconnect after disconnect (Yu Kuai) - block: retry call probe after request_module in blk_request_module (Yang Erkun) - block: deprecate autoloading based on dev_t (Christoph Hellwig) - fs: fix proc_handler for sysctl_nr_open (Jinliang Zheng) - fs: move fs stat sysctls to file_table.c (Luis Chamberlain) - fs: move inode sysctls to its own file (Luis Chamberlain) - sysctl: share unsigned long const values (Luis Chamberlain) - sysctl: use const for typically used max/min proc sysctls (Xiaoming Ni) - hung_task: move hung_task sysctl interface to hung_task.c (Xiaoming Ni) - afs: Fix directory format encoding struct (David Howells) - afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (David Howells) - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37764001] [5.15.0-308.178.1.el9uek] - perf dso: fix dso__is_kallsyms() check (Stephen Brennan) [Orabug: 37709864] - scsi: storvsc: Set correct data length for sending SCSI command without payload (Long Li) [Orabug: 37681137] - dyndbg: export ddebug_add_module/ddebug_remove_module (Julian Pidancet) [Orabug: 37629344] - kallsyms: add module_kallsyms_on_each_symbol_locked (Julian Pidancet) [Orabug: 37629344] - kallsyms: export module_kallsyms_on_each_symbol (Julian Pidancet) [Orabug: 37629344] - rds: ib: Make traffic_class visible to user-space (H?kon Bugge) [Orabug: 37350892] - rds: ib: Remove incorrect update of the path record sl and qos_class fields (H?kon Bugge) [Orabug: 37350892] - selftest/vm: Add -O2 in CFLAGS to Makefile to avoid possible failure (Yifei Liu) [Orabug: 37197150] [5.15.0-307.178.5.el9uek] - net/mlx5: DR, prevent potential error pointer dereference (Dan Carpenter) [Orabug: 37434242] {CVE-2024-56660} - uek-rpm: Set CONFIG_IP6_NF_IPTABLES for ol9/ol8 container kernels (Jonah Palmer) [Orabug: 37703179] - net: hsr: fix fill_frame_info() regression vs VLAN packets (Eric Dumazet) - f2fs: Introduce linear search for dentries (Daniel Lee) - tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande) - net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel) - x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (Andrew Cooper) - sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke H?iland-J?rgensen) - usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich) - x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (Juergen Gross) - x86/xen: add FRAME_END to xen_hypercall_hvm() (Juergen Gross) - ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao) - usb: dwc3: Set SUSPENDENABLE soon after phy init (Thinh Nguyen) - Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den) - Revert "media: uvcvideo: Require entities to have a non-zero unique ID" (Thadeu Lima de Souza Cascardo) - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang) [5.15.0-307.178.4.el9uek] - LTS version: v5.15.178 (Vijayendra Suman) - Input: xpad - add support for wooting two he (arm) (Jack Greiner) - Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto) - Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson) - ALSA: usb-audio: Add delay quirk for USB Audio Device (Lianqin Hu) - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz) - wifi: iwlwifi: add a few rate index validity checks (Anjaneyulu) - scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (Easwar Hariharan) - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Ido Schimmel) - platform/chrome: cros_ec_typec: Check for EC driver (Akihiko Odaki) - fs/ntfs3: Additional check in ntfs_file_release (Konstantin Komarov) - Bluetooth: RFCOMM: Fix not validating setsockopt user input (Luiz Augusto von Dentz) - Bluetooth: SCO: Fix not validating setsockopt user input (Luiz Augusto von Dentz) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - net: sched: fix ets qdisc OOB Indexing (Jamal Hadi Salim) - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) - mptcp: don't always assume copied data in mptcp_cleanup_rbuf() (Paolo Abeni) - regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav) - ASoC: samsung: Add missing depends on I2C (Charles Keepax) - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons) - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang) - seccomp: Stub for !CONFIG_SECCOMP (Linus Walleij) - ASoC: samsung: Add missing selects for MFD_WM8994 (Charles Keepax) - ASoC: wm8994: Add depends on MFD core (Charles Keepax) [5.15.0-307.177.3.el9uek] - jbd2: increase maximum transaction size (Jan Kara) [Orabug: 37688920] - net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled (Carolina Jubran) [Orabug: 37534698] - net/mlx5e: Always start IPsec sequence number from 1 (Leon Romanovsky) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Add support for clock_measure performance block (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Add support for monitoring cycle count (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: incorrect type in assignment (Pei Xiao) [Orabug: 37534698] - net/mlx5e: Disable loopback self-test on multi-PF netdev (Carolina Jubran) [Orabug: 37534698] - net/mlx5: Unregister notifier on eswitch init failure (Cosmin Ratiu) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling (Michal Wilczynski) [Orabug: 37534698] - net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (Jianbo Liu) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: fix lockdep warning (Luiz Capitulino) [Orabug: 37534698] - net/mlx5: Fix bridge mode operations when there are no VFs (Benjamin Poirier) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add hw_reset() support for BlueField-3 SoC (Liming Sun) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: add dwcmshc_pltfm_data (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: factor out code into dwcmshc_rk35xx_init (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: factor out code for th1520_init() (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: move two rk35xx functions (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: add common bulk optional clocks support (Chen Wang) [Orabug: 37534698] - net/mlx5e: Take state lock during tx timeout reporter (Dragos Tatulea) [Orabug: 37534698] - net/mlx5: SD, Do not query MPIR register if no sd_group (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Always drain health in shutdown callback (Shay Drory) [Orabug: 37534698] - mmc: dw_mmc-bluefield: Add support for eMMC HW reset (Liming Sun) [Orabug: 37534698] - mmc: dw_mmc: Add support for platform specific eMMC HW reset (Liming Sun) [Orabug: 37534698] - net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Dragos Tatulea) [Orabug: 37534698] - net/mlx5e: SHAMPO, Fix incorrect page release (Dragos Tatulea) [Orabug: 37534698] - net/mlx5: Do not query MPIR on embedded CPU function (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Reload only IB representors upon lag disable/enable (Maher Sanalla) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add tuning support for Sophgo CV1800B and SG200X (Jisheng Zhang) [Orabug: 37534698] - macsec: Detect if Rx skb is macsec-related for offloading devices that update md_dst (Rahul Rameshbabu) [Orabug: 37534698] - macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads (Rahul Rameshbabu) [Orabug: 37534698] - net/mlx5e: Prevent deadlock while disabling aRFS (Carolina Jubran) [Orabug: 37534698] - net/mlx5e: Use channel mdev reference instead of global mdev instance for coalescing (Rahul Rameshbabu) [Orabug: 37534698] - net/mlx5: SD, Handle possible devcom ERR_PTR (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Disallow SRIOV switchdev mode when in multi-PF netdev (Tariq Toukan) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Implement SDHCI CQE support (Sergey Khimich) [Orabug: 37534698] - mmc: cqhci: Add cqhci set_tran_desc() callback (Sergey Khimich) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: fix signedness bugs (Dan Carpenter) [Orabug: 37534698] - net/mlx5e: Create EN core HW resources for all secondary devices (Tariq Toukan) [Orabug: 37534698] - net/mlx5e: Create single netdev per SD group (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Add debugfs (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Add informative prints in kernel log (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement steering for primary and secondaries (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement devcom communication and primary election (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement basic query and instantiation (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Introduce SD lib (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Add MPIR bit in mcam_access_reg (Tariq Toukan) [Orabug: 37534698] - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (David Gow) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Ignore unsupported performance blocks (Luiz Capitulino) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: mlxbf_pmc_event_list(): make size ptr optional (Luiz Capitulino) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add support for Sophgo CV1800B and SG2002 (Jisheng Zhang) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Cleanup signed/unsigned mix-up (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Replace uintN_t with kernel-style types (Shravan Kumar Ramani) [Orabug: 37534698] - net: macsec: revert the MAC address if mdo_upd_secy fails (Radu Pirea (NXP OSS)) [Orabug: 37534698] - net: macsec: documentation for macsec_context and macsec_ops (Radu Pirea (NXP OSS)) [Orabug: 37534698] - fortify: Do not cast to "unsigned char" (Kees Cook) [Orabug: 37534698] - fortify: Use SIZE_MAX instead of (size_t)-1 (Kees Cook) [Orabug: 37534698] - fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL (Kees Cook) [Orabug: 37534698] - mmc: dw_mmc: Add driver callbacks for data read timeout (M?rten Lindahl) [Orabug: 37534698] - mmc: dw_mmc-exynos: Add support for ARTPEC-8 (M?rten Lindahl) [Orabug: 37534698] - mmc: dw_mmc: clean up a debug message (Dan Carpenter) [Orabug: 37534698] - mmc: dw_mmc: exynos: use common_caps (John Keeping) [Orabug: 37534698] - mmc: dw_mmc: add common capabilities to replace caps (John Keeping) [Orabug: 37534698] - mmc: dw_mmc: Allow lower TMOUT value than maximum (M?rten Lindahl) [Orabug: 37534698] - rds: Make sure transmit path and connection tear-down does not run concurrently (H?kon Bugge) [Orabug: 36441944] - ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [Orabug: 36252756] - ice: virtchnl rss hena support (Md Fahad Iqbal Polash) [Orabug: 36252756] - ice: Add support Flex RXD (Michal Jaron) [Orabug: 36252756] [5.15.0-307.177.2.el9uek] - uek-rpm: Enable CONFIG_MICROSOFT_MANA as module in aarch64 (Vijayendra Suman) [Orabug: 37647393] - rtc: add new RTC_FEATURE_ALARM_WAKEUP_ONLY feature (Alexandre Belloni) [Orabug: 37631796] - thermal: core: Drop excessive lockdep_assert_held() calls (Rafael J. Wysocki) [Orabug: 37631796] - thermal: core: Introduce thermal_cooling_device_update() (Rafael J. Wysocki) [Orabug: 37631796] - thermal: core: Introduce thermal_cooling_device_present() (Rafael J. Wysocki) [Orabug: 37631796] - thermal: sysfs: Reuse cdev->max_state (Viresh Kumar) [Orabug: 37631796] - rtc: efi: Enable SET/GET WAKEUP services as optional (Shanker Donthineni) [Orabug: 37631796] - rtc: efi: Add wakeup support (Riwen Lu) [Orabug: 37631796] - rtc: efi: switch to RTC_FEATURE_UPDATE_INTERRUPT (Alexandre Belloni) [Orabug: 37631796] - rtc: add BSM parameter (Alexandre Belloni) [Orabug: 37631796] - rtc: add correction parameter (Alexandre Belloni) [Orabug: 37631796] - rtc: add parameter ioctl (Alexandre Belloni) [Orabug: 37631796] - rtc: expose correction feature (Alexandre Belloni) [Orabug: 37631796] - rtc: add alarm related features (Alexandre Belloni) [Orabug: 37631796] - rtc: efi: switch to devm_rtc_allocate_device (Alexandre Belloni) [Orabug: 37631796] - cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621589] - rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (H?kon Bugge) [Orabug: 37586089] - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (Michael Chan) [Orabug: 37434220] {CVE-2024-56656} - bnxt_en: Fix receive ring space parameters when XDP is active (Shravya KN) [Orabug: 37433562] {CVE-2024-53209} - bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (Aleksandr Mishin) [Orabug: 37070333] {CVE-2024-40919} - bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (Vikas Gupta) [Orabug: 37070270] {CVE-2024-35972} - bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (Somnath Kotur) [Orabug: 37070266] {CVE-2024-44984} [5.15.0-307.177.1.el9uek] - nvmet: always initialize cqe.result (Daniel Wagner) [Orabug: 36897348] {CVE-2024-41079} - nvmet-auth: complete a request only after freeing the dhchap pointers (Maurizio Lombardi) [Orabug: 36897348] {CVE-2024-41079} - scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (Justin Tee) [Orabug: 37116505] {CVE-2024-46842} - netdevsim: use cond_resched() in nsim_dev_trap_report_work() (Eric Dumazet) [Orabug: 37264120] {CVE-2024-50155} - nvmet-auth: assign dh_key to NULL after kfree_sensitive (Vitaliy Shevtsov) [Orabug: 37268555] {CVE-2024-50215} - net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (Oleksij Rempel) [Orabug: 37433573] {CVE-2024-53213} - PCI/MSI: Handle lack of irqdomain gracefully (Thomas Gleixner) [Orabug: 37452651] {CVE-2024-56760} - selftests: rtnetlink: update netdevsim ipsec output format (Hangbin Liu) [Orabug: 37547931] - netdevsim: print human readable IP address (Hangbin Liu) [Orabug: 37547931] - uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619141] - Add __init annotation to pensando_efi_mem_reserve (Joseph Dobosenski) [Orabug: 37619785] From el-errata at oss.oracle.com Tue May 13 23:43:19 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:43:19 -0700 Subject: [El-errata] ELBA-2025-4442 Oracle Linux 9 libguestfs bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4442 http://linux.oracle.com/errata/ELBA-2025-4442.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libguestfs-1.50.2-4.0.1.el9_5.x86_64.rpm libguestfs-appliance-1.50.2-4.0.1.el9_5.x86_64.rpm libguestfs-bash-completion-1.50.2-4.0.1.el9_5.noarch.rpm libguestfs-inspect-icons-1.50.2-4.0.1.el9_5.noarch.rpm libguestfs-rescue-1.50.2-4.0.1.el9_5.x86_64.rpm libguestfs-rsync-1.50.2-4.0.1.el9_5.x86_64.rpm libguestfs-xfs-1.50.2-4.0.1.el9_5.x86_64.rpm perl-Sys-Guestfs-1.50.2-4.0.1.el9_5.x86_64.rpm python3-libguestfs-1.50.2-4.0.1.el9_5.x86_64.rpm libguestfs-devel-1.50.2-4.0.1.el9_5.x86_64.rpm libguestfs-gobject-1.50.2-4.0.1.el9_5.x86_64.rpm libguestfs-gobject-devel-1.50.2-4.0.1.el9_5.x86_64.rpm libguestfs-man-pages-ja-1.50.2-4.0.1.el9_5.noarch.rpm libguestfs-man-pages-uk-1.50.2-4.0.1.el9_5.noarch.rpm lua-guestfs-1.50.2-4.0.1.el9_5.x86_64.rpm ocaml-libguestfs-1.50.2-4.0.1.el9_5.x86_64.rpm ocaml-libguestfs-devel-1.50.2-4.0.1.el9_5.x86_64.rpm php-libguestfs-1.50.2-4.0.1.el9_5.x86_64.rpm ruby-libguestfs-1.50.2-4.0.1.el9_5.x86_64.rpm aarch64: libguestfs-1.50.2-4.0.1.el9_5.aarch64.rpm libguestfs-appliance-1.50.2-4.0.1.el9_5.aarch64.rpm libguestfs-bash-completion-1.50.2-4.0.1.el9_5.noarch.rpm libguestfs-inspect-icons-1.50.2-4.0.1.el9_5.noarch.rpm libguestfs-rescue-1.50.2-4.0.1.el9_5.aarch64.rpm libguestfs-rsync-1.50.2-4.0.1.el9_5.aarch64.rpm libguestfs-xfs-1.50.2-4.0.1.el9_5.aarch64.rpm perl-Sys-Guestfs-1.50.2-4.0.1.el9_5.aarch64.rpm python3-libguestfs-1.50.2-4.0.1.el9_5.aarch64.rpm libguestfs-devel-1.50.2-4.0.1.el9_5.aarch64.rpm libguestfs-gobject-1.50.2-4.0.1.el9_5.aarch64.rpm libguestfs-gobject-devel-1.50.2-4.0.1.el9_5.aarch64.rpm libguestfs-man-pages-ja-1.50.2-4.0.1.el9_5.noarch.rpm libguestfs-man-pages-uk-1.50.2-4.0.1.el9_5.noarch.rpm lua-guestfs-1.50.2-4.0.1.el9_5.aarch64.rpm ocaml-libguestfs-1.50.2-4.0.1.el9_5.aarch64.rpm ocaml-libguestfs-devel-1.50.2-4.0.1.el9_5.aarch64.rpm php-libguestfs-1.50.2-4.0.1.el9_5.aarch64.rpm ruby-libguestfs-1.50.2-4.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libguestfs-1.50.2-4.0.1.el9_5.src.rpm Description of changes: [1.50.2-4.0.1] - Add btrfs-progs to the packages installed in the appliance [Orabug: 34137448] - Replace upstream references from a description tag - Fix build on Oracle Linux [Orabug: 29319324] - Set DISTRO_ORACLE_LINUX correspeonding to ol [1:1.50.2-4] - Run the fstrim command twice to workaround RHEL 9.5 kernel trimming bug resolves: RHEL-89045 From el-errata at oss.oracle.com Tue May 13 23:43:20 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:43:20 -0700 Subject: [El-errata] ELBA-2025-4475 Oracle Linux 9 pciutils bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4475 http://linux.oracle.com/errata/ELBA-2025-4475.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: pciutils-3.7.0-5.el9_5.1.i686.rpm pciutils-3.7.0-5.el9_5.1.x86_64.rpm pciutils-devel-3.7.0-5.el9_5.1.i686.rpm pciutils-devel-3.7.0-5.el9_5.1.x86_64.rpm pciutils-libs-3.7.0-5.el9_5.1.i686.rpm pciutils-libs-3.7.0-5.el9_5.1.x86_64.rpm aarch64: pciutils-3.7.0-5.el9_5.1.aarch64.rpm pciutils-devel-3.7.0-5.el9_5.1.aarch64.rpm pciutils-libs-3.7.0-5.el9_5.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//pciutils-3.7.0-5.el9_5.1.src.rpm Description of changes: [3.7.0-5.1] - add PCIe 6.0 data rate (64 GT/s) support (#RHEL-74316) From el-errata at oss.oracle.com Tue May 13 23:43:21 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:43:21 -0700 Subject: [El-errata] ELBA-2025-4476 Oracle Linux 9 ktls-utils bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4476 http://linux.oracle.com/errata/ELBA-2025-4476.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: ktls-utils-0.11-1.el9_5.1.x86_64.rpm aarch64: ktls-utils-0.11-1.el9_5.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//ktls-utils-0.11-1.el9_5.1.src.rpm Description of changes: [0.11-1.1] - tlshd: Pass ETIMEDOUT from gnutls to kernel (RHEL-82301) [0.11-0] - Release ktls-utils 0.11 (RHEL-39442) [0.10-0] - Initial package - Upstream contributions by: - Chuck Lever - Hannes Reinecke - Jeff Layton - Benjamin Coddington - David H?rdeman - Tigran Mkrtchyan - Moritz "WanzenBug" Wanzenb?ck From el-errata at oss.oracle.com Tue May 13 23:43:24 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:43:24 -0700 Subject: [El-errata] ELBA-2025-4478 Oracle Linux 9 dracut bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4478 http://linux.oracle.com/errata/ELBA-2025-4478.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: dracut-057-80.git20250411.0.1.el9_5.x86_64.rpm dracut-caps-057-80.git20250411.0.1.el9_5.x86_64.rpm dracut-config-generic-057-80.git20250411.0.1.el9_5.x86_64.rpm dracut-config-rescue-057-80.git20250411.0.1.el9_5.x86_64.rpm dracut-live-057-80.git20250411.0.1.el9_5.x86_64.rpm dracut-network-057-80.git20250411.0.1.el9_5.x86_64.rpm dracut-squash-057-80.git20250411.0.1.el9_5.x86_64.rpm dracut-tools-057-80.git20250411.0.1.el9_5.x86_64.rpm aarch64: dracut-057-80.git20250411.0.1.el9_5.aarch64.rpm dracut-caps-057-80.git20250411.0.1.el9_5.aarch64.rpm dracut-config-generic-057-80.git20250411.0.1.el9_5.aarch64.rpm dracut-config-rescue-057-80.git20250411.0.1.el9_5.aarch64.rpm dracut-live-057-80.git20250411.0.1.el9_5.aarch64.rpm dracut-network-057-80.git20250411.0.1.el9_5.aarch64.rpm dracut-squash-057-80.git20250411.0.1.el9_5.aarch64.rpm dracut-tools-057-80.git20250411.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//dracut-057-80.git20250411.0.1.el9_5.src.rpm Description of changes: [057-80.git20250411.0.1] - Ship Oracle IMA certificate [Orabug: 35992862] - Ship 98-integrity.conf, populating initramfs with Oracle IMA certificate [Orabug: 35992862] - fix(systemd): add missing modprobe at .service [Orabug: 35267570] - Include sys-fs-fuse-connections.mount if needed [Orabug: 35267570] - network-legacy: Revert some shellcheck that breaks parse_option_121 in dhclient [Orabug: 33778173] - Change installation dir in network legacy module-setup so that file is never missing [Orabug: 33516170] - Fix paths in squash module, so that correct modprobe is installed [Orabug: 33514517] - Install missing 68-del-part-node.rules [Orabug: 32827579] - Fix permission denied error while upgrading from OL8u2 to OL8u3 [Orabug 32160196] - dracut-shutdown.service should run before shutdown.target is invoked [Orabug: 29629738] - Update list of necessary files after squashfs execution [Orabug: 29864620] - Supress iscsidm error output during non-debug PV boot [Orabug: 29846195] - Stop block device service in case system is dropped to emergency shell [Orabug: 29851988] - Enable booting from block device if netroot=iscsi has failed [Orabug: 29478156] - Calculate relative path for kernel and initrd in 51-dracut-rescue.instal [Orabug: 29503293] - 40network scripts ifup and netlib updates for iSCSI [Orabug: 28502725] - Increase timeout when waiting for carrier detection on a network interface [Orabug: 24657828] (kevin.x.lyons at oracle.com) - add hyperv-keyboard for Hyper-V Gen2 VM [Orabug: 19191303] (Vaughan Cao) [057-80.git20250411] - fix(kernel-modules): use modalias info in get_dev_module() - fix(dracut-functions.sh): convert mmcblk to the real kernel - fix(35network-manager): install nftables kernel modules - fix(35network-manager): install nft binary during module - feat(dracut.sh): add --add-confdir option From el-errata at oss.oracle.com Tue May 13 23:43:23 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:43:23 -0700 Subject: [El-errata] ELBA-2025-4477 Oracle Linux 9 nfs-utils bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4477 http://linux.oracle.com/errata/ELBA-2025-4477.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libnfsidmap-2.5.4-27.0.1.el9_5.1.i686.rpm libnfsidmap-2.5.4-27.0.1.el9_5.1.x86_64.rpm nfs-utils-2.5.4-27.0.1.el9_5.1.x86_64.rpm nfs-utils-coreos-2.5.4-27.0.1.el9_5.1.x86_64.rpm nfsv4-client-utils-2.5.4-27.0.1.el9_5.1.x86_64.rpm libnfsidmap-devel-2.5.4-27.0.1.el9_5.1.i686.rpm libnfsidmap-devel-2.5.4-27.0.1.el9_5.1.x86_64.rpm aarch64: libnfsidmap-2.5.4-27.0.1.el9_5.1.aarch64.rpm nfs-utils-2.5.4-27.0.1.el9_5.1.aarch64.rpm nfs-utils-coreos-2.5.4-27.0.1.el9_5.1.aarch64.rpm nfsv4-client-utils-2.5.4-27.0.1.el9_5.1.aarch64.rpm libnfsidmap-devel-2.5.4-27.0.1.el9_5.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nfs-utils-2.5.4-27.0.1.el9_5.1.src.rpm Description of changes: [2.5.4-27.0.1] - Disable nfs-utils-2.5.4-gssd-bad-integ-error-support.patch [Orabug: 36563788] - spec: remove multiple warnings when upgrading nfs-utils with gssproxy [Orabug: 36044562] [2.5.4-27.1] - conffile: add 'arg' argument to conf_remove_now() (RHEL-82881) [2.5.4-27] - rpc-gssd.service has status failed (due to rpc.gssd segfault) (RHEL-43286) From el-errata at oss.oracle.com Tue May 13 23:43:25 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:43:25 -0700 Subject: [El-errata] ELSA-2025-4443 Important: Oracle Linux 9 firefox security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4443 http://linux.oracle.com/errata/ELSA-2025-4443.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.10.0-1.0.1.el9_5.x86_64.rpm firefox-x11-128.10.0-1.0.1.el9_5.x86_64.rpm aarch64: firefox-128.10.0-1.0.1.el9_5.aarch64.rpm firefox-x11-128.10.0-1.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//firefox-128.10.0-1.0.1.el9_5.src.rpm Related CVEs: CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 Description of changes: [128.10.0-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [128.10.0] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.10.0-1] - Update to 128.10.0 build1 From el-errata at oss.oracle.com Tue May 13 23:43:27 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:43:27 -0700 Subject: [El-errata] ELSA-2025-4460 Important: Oracle Linux 9 thunderbird security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4460 http://linux.oracle.com/errata/ELSA-2025-4460.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.10.0-1.0.1.el9_5.x86_64.rpm aarch64: thunderbird-128.10.0-1.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-128.10.0-1.0.1.el9_5.src.rpm Related CVEs: CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 Description of changes: [128.10.0-1.0.1] - Fix prefs for new nss [Orabug: 37079813] - Add Oracle prefs [128.10.0] - Add OpenELA debranding [128.10.0-1] - Update to 128.10.0 build1 From el-errata at oss.oracle.com Tue May 13 23:48:00 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:48:00 -0700 Subject: [El-errata] ELBA-2025-4480 Oracle Linux 9 samba bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4480 http://linux.oracle.com/errata/ELBA-2025-4480.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libnetapi-4.20.2-2.0.1.el9_5.1.i686.rpm libnetapi-4.20.2-2.0.1.el9_5.1.x86_64.rpm libsmbclient-4.20.2-2.0.1.el9_5.1.i686.rpm libsmbclient-4.20.2-2.0.1.el9_5.1.x86_64.rpm libwbclient-4.20.2-2.0.1.el9_5.1.i686.rpm libwbclient-4.20.2-2.0.1.el9_5.1.x86_64.rpm python3-samba-4.20.2-2.0.1.el9_5.1.i686.rpm python3-samba-4.20.2-2.0.1.el9_5.1.x86_64.rpm python3-samba-dc-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-client-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-client-libs-4.20.2-2.0.1.el9_5.1.i686.rpm samba-client-libs-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-common-4.20.2-2.0.1.el9_5.1.noarch.rpm samba-common-libs-4.20.2-2.0.1.el9_5.1.i686.rpm samba-common-libs-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-common-tools-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-dc-libs-4.20.2-2.0.1.el9_5.1.i686.rpm samba-dc-libs-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-dcerpc-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-gpupdate-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-krb5-printing-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-ldb-ldap-modules-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-libs-4.20.2-2.0.1.el9_5.1.i686.rpm samba-libs-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-tools-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-usershares-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-vfs-iouring-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-winbind-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-winbind-clients-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-winbind-krb5-locator-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-winbind-modules-4.20.2-2.0.1.el9_5.1.i686.rpm samba-winbind-modules-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-winexe-4.20.2-2.0.1.el9_5.1.x86_64.rpm libnetapi-devel-4.20.2-2.0.1.el9_5.1.i686.rpm libnetapi-devel-4.20.2-2.0.1.el9_5.1.x86_64.rpm libsmbclient-devel-4.20.2-2.0.1.el9_5.1.i686.rpm libsmbclient-devel-4.20.2-2.0.1.el9_5.1.x86_64.rpm libwbclient-devel-4.20.2-2.0.1.el9_5.1.i686.rpm libwbclient-devel-4.20.2-2.0.1.el9_5.1.x86_64.rpm python3-samba-devel-4.20.2-2.0.1.el9_5.1.i686.rpm python3-samba-devel-4.20.2-2.0.1.el9_5.1.x86_64.rpm python3-samba-test-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-devel-4.20.2-2.0.1.el9_5.1.i686.rpm samba-devel-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-pidl-4.20.2-2.0.1.el9_5.1.noarch.rpm samba-test-4.20.2-2.0.1.el9_5.1.x86_64.rpm samba-test-libs-4.20.2-2.0.1.el9_5.1.x86_64.rpm aarch64: libnetapi-4.20.2-2.0.1.el9_5.1.aarch64.rpm libsmbclient-4.20.2-2.0.1.el9_5.1.aarch64.rpm libwbclient-4.20.2-2.0.1.el9_5.1.aarch64.rpm python3-samba-4.20.2-2.0.1.el9_5.1.aarch64.rpm python3-samba-dc-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-client-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-client-libs-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-common-4.20.2-2.0.1.el9_5.1.noarch.rpm samba-common-libs-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-common-tools-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-dc-libs-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-dcerpc-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-gpupdate-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-krb5-printing-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-ldb-ldap-modules-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-libs-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-tools-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-usershares-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-vfs-iouring-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-winbind-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-winbind-clients-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-winbind-krb5-locator-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-winbind-modules-4.20.2-2.0.1.el9_5.1.aarch64.rpm libnetapi-devel-4.20.2-2.0.1.el9_5.1.aarch64.rpm libsmbclient-devel-4.20.2-2.0.1.el9_5.1.aarch64.rpm libwbclient-devel-4.20.2-2.0.1.el9_5.1.aarch64.rpm python3-samba-devel-4.20.2-2.0.1.el9_5.1.aarch64.rpm python3-samba-test-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-devel-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-pidl-4.20.2-2.0.1.el9_5.1.noarch.rpm samba-test-4.20.2-2.0.1.el9_5.1.aarch64.rpm samba-test-libs-4.20.2-2.0.1.el9_5.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//samba-4.20.2-2.0.1.el9_5.1.src.rpm Description of changes: [4.20.2-2.0.1.1] - s3: winbindd: winbindd_pam: fix leak in extract_pac_vrfy_sigs [Orabug: 36566309] [4.20.2-2.1] - resolves: RHEL-85347 - Fix winbind memory leak [4.20.2-2] - resolves: RHEL-59912 - Fix performance issue in notifyd [4.20.2-2] * resolves: RHEL-59913 - Package cert directories used by samba-gpupdate [4.20.2-2] - resolves: RHEL-47757 - Allow to run samba-bgqd as a standalone systemd service From el-errata at oss.oracle.com Tue May 13 23:48:03 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:48:03 -0700 Subject: [El-errata] ELBA-2025-4481 Oracle Linux 9 nodejs:22 bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4481 http://linux.oracle.com/errata/ELBA-2025-4481.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-22.13.1-2.module+el9.5.0+90563+a20ce010.x86_64.rpm nodejs-devel-22.13.1-2.module+el9.5.0+90563+a20ce010.x86_64.rpm nodejs-docs-22.13.1-2.module+el9.5.0+90563+a20ce010.noarch.rpm nodejs-full-i18n-22.13.1-2.module+el9.5.0+90563+a20ce010.x86_64.rpm nodejs-libs-22.13.1-2.module+el9.5.0+90563+a20ce010.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el9.5.0+90563+a20ce010.noarch.rpm nodejs-packaging-2021.06-4.module+el9.5.0+90563+a20ce010.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.5.0+90563+a20ce010.noarch.rpm npm-10.9.2-1.22.13.1.2.module+el9.5.0+90563+a20ce010.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.13.1.2.module+el9.5.0+90563+a20ce010.x86_64.rpm aarch64: nodejs-22.13.1-2.module+el9.5.0+90563+a20ce010.aarch64.rpm nodejs-devel-22.13.1-2.module+el9.5.0+90563+a20ce010.aarch64.rpm nodejs-docs-22.13.1-2.module+el9.5.0+90563+a20ce010.noarch.rpm nodejs-full-i18n-22.13.1-2.module+el9.5.0+90563+a20ce010.aarch64.rpm nodejs-libs-22.13.1-2.module+el9.5.0+90563+a20ce010.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el9.5.0+90563+a20ce010.noarch.rpm nodejs-packaging-2021.06-4.module+el9.5.0+90563+a20ce010.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.5.0+90563+a20ce010.noarch.rpm npm-10.9.2-1.22.13.1.2.module+el9.5.0+90563+a20ce010.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.13.1.2.module+el9.5.0+90563+a20ce010.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nodejs-22.13.1-2.module+el9.5.0+90563+a20ce010.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el9.5.0+90563+a20ce010.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-packaging-2021.06-4.module+el9.5.0+90563+a20ce010.src.rpm Description of changes: nodejs [1:22.13.1-2] - Remove obsolete lua pretransaction script from spec file Resolves: RHEL-83013 - Disable npm update notifications for users Resolves: RHEL-81155 nodejs-nodemon nodejs-packaging From el-errata at oss.oracle.com Tue May 13 23:48:04 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:48:04 -0700 Subject: [El-errata] ELBA-2025-4482 Oracle Linux 9 nodejs:20 bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4482 http://linux.oracle.com/errata/ELBA-2025-4482.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-20.18.2-2.module+el9.5.0+90567+0da4fe16.x86_64.rpm nodejs-devel-20.18.2-2.module+el9.5.0+90567+0da4fe16.x86_64.rpm nodejs-docs-20.18.2-2.module+el9.5.0+90567+0da4fe16.noarch.rpm nodejs-full-i18n-20.18.2-2.module+el9.5.0+90567+0da4fe16.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.noarch.rpm nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm npm-10.8.2-1.20.18.2.2.module+el9.5.0+90567+0da4fe16.x86_64.rpm aarch64: nodejs-20.18.2-2.module+el9.5.0+90567+0da4fe16.aarch64.rpm nodejs-devel-20.18.2-2.module+el9.5.0+90567+0da4fe16.aarch64.rpm nodejs-docs-20.18.2-2.module+el9.5.0+90567+0da4fe16.noarch.rpm nodejs-full-i18n-20.18.2-2.module+el9.5.0+90567+0da4fe16.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.noarch.rpm nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm npm-10.8.2-1.20.18.2.2.module+el9.5.0+90567+0da4fe16.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nodejs-20.18.2-2.module+el9.5.0+90567+0da4fe16.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.src.rpm Description of changes: nodejs [1:20.18.2-2] - Disable npm's update-notifier Resolves: RHEL-81098 nodejs-nodemon nodejs-packaging From el-errata at oss.oracle.com Tue May 13 23:48:06 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:48:06 -0700 Subject: [El-errata] ELBA-2025-4483 Oracle Linux 9 nodejs:18 bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4483 http://linux.oracle.com/errata/ELBA-2025-4483.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-18.20.6-2.module+el9.5.0+90566+16ffaf2c.x86_64.rpm nodejs-devel-18.20.6-2.module+el9.5.0+90566+16ffaf2c.x86_64.rpm nodejs-docs-18.20.6-2.module+el9.5.0+90566+16ffaf2c.noarch.rpm nodejs-full-i18n-18.20.6-2.module+el9.5.0+90566+16ffaf2c.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el9.5.0+90514+74072e0a.noarch.rpm nodejs-packaging-2021.06-4.module+el9.5.0+90514+74072e0a.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.5.0+90514+74072e0a.noarch.rpm npm-10.8.2-1.18.20.6.2.module+el9.5.0+90566+16ffaf2c.x86_64.rpm aarch64: nodejs-18.20.6-2.module+el9.5.0+90566+16ffaf2c.aarch64.rpm nodejs-devel-18.20.6-2.module+el9.5.0+90566+16ffaf2c.aarch64.rpm nodejs-docs-18.20.6-2.module+el9.5.0+90566+16ffaf2c.noarch.rpm nodejs-full-i18n-18.20.6-2.module+el9.5.0+90566+16ffaf2c.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el9.5.0+90514+74072e0a.noarch.rpm nodejs-packaging-2021.06-4.module+el9.5.0+90514+74072e0a.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.5.0+90514+74072e0a.noarch.rpm npm-10.8.2-1.18.20.6.2.module+el9.5.0+90566+16ffaf2c.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nodejs-18.20.6-2.module+el9.5.0+90566+16ffaf2c.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el9.5.0+90514+74072e0a.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-packaging-2021.06-4.module+el9.5.0+90514+74072e0a.src.rpm Description of changes: nodejs [1:18.20.6-2] - Disable npm's update-notifier Resolves: RHEL-81091 nodejs-nodemon nodejs-packaging From el-errata at oss.oracle.com Tue May 13 23:48:08 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:48:08 -0700 Subject: [El-errata] ELBA-2025-4484 Oracle Linux 9 OpenJDK 11 is no longer the default system-wide version of Java on RHEL 9.5 Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4484 http://linux.oracle.com/errata/ELBA-2025-4484.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: java-11-openjdk-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-demo-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-demo-fastdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-demo-slowdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-devel-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-devel-fastdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-devel-slowdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-fastdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-headless-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-headless-fastdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-headless-slowdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-javadoc-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-jmods-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-jmods-fastdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-jmods-slowdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-slowdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-src-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-src-fastdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-src-slowdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-static-libs-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-static-libs-fastdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm java-11-openjdk-static-libs-slowdebug-11.0.25.0.9-7.0.1.el9.x86_64.rpm aarch64: java-11-openjdk-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-demo-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-demo-fastdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-demo-slowdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-devel-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-devel-fastdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-devel-slowdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-fastdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-headless-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-headless-fastdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-headless-slowdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-javadoc-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-javadoc-zip-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-jmods-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-jmods-fastdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-jmods-slowdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-slowdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-src-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-src-fastdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-src-slowdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-static-libs-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-static-libs-fastdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm java-11-openjdk-static-libs-slowdebug-11.0.25.0.9-7.0.1.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//java-11-openjdk-11.0.25.0.9-7.0.1.el9.src.rpm Description of changes: [1:11.0.25.0.9-7.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] From el-errata at oss.oracle.com Tue May 13 23:48:09 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:48:09 -0700 Subject: [El-errata] ELBA-2025-4485 Oracle Linux 9 nmstate bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4485 http://linux.oracle.com/errata/ELBA-2025-4485.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nmstate-2.2.43-1.el9_5.x86_64.rpm nmstate-libs-2.2.43-1.el9_5.i686.rpm nmstate-libs-2.2.43-1.el9_5.x86_64.rpm python3-libnmstate-2.2.43-1.el9_5.x86_64.rpm nmstate-devel-2.2.43-1.el9_5.i686.rpm nmstate-devel-2.2.43-1.el9_5.x86_64.rpm nmstate-static-2.2.43-1.el9_5.i686.rpm nmstate-static-2.2.43-1.el9_5.x86_64.rpm aarch64: nmstate-2.2.43-1.el9_5.aarch64.rpm nmstate-libs-2.2.43-1.el9_5.aarch64.rpm python3-libnmstate-2.2.43-1.el9_5.aarch64.rpm nmstate-devel-2.2.43-1.el9_5.aarch64.rpm nmstate-static-2.2.43-1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nmstate-2.2.43-1.el9_5.src.rpm Description of changes: [2.2.43-1] - Upgrade to 2.2.43 - Support ethtool Forward Error Correction (FEC). RHEL-80785 [2.2.41-1] - Upgrade to 2.2.41. - Support nm connection with empty connection.interface-name (RHEL-82661) - Fix ovsdb purging issue (RHEL-79176) From el-errata at oss.oracle.com Tue May 13 23:52:57 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:52:57 -0700 Subject: [El-errata] ELSA-2025-4487 Moderate: Oracle Linux 9 ruby security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4487 http://linux.oracle.com/errata/ELSA-2025-4487.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: ruby-3.0.7-165.el9_5.i686.rpm ruby-3.0.7-165.el9_5.x86_64.rpm ruby-default-gems-3.0.7-165.el9_5.noarch.rpm ruby-devel-3.0.7-165.el9_5.i686.rpm ruby-devel-3.0.7-165.el9_5.x86_64.rpm ruby-libs-3.0.7-165.el9_5.i686.rpm ruby-libs-3.0.7-165.el9_5.x86_64.rpm rubygem-bigdecimal-3.0.0-165.el9_5.x86_64.rpm rubygem-bundler-2.2.33-165.el9_5.noarch.rpm rubygem-io-console-0.5.7-165.el9_5.x86_64.rpm rubygem-irb-1.3.5-165.el9_5.noarch.rpm rubygem-json-2.5.1-165.el9_5.x86_64.rpm rubygem-minitest-5.14.2-165.el9_5.noarch.rpm rubygem-power_assert-1.2.1-165.el9_5.noarch.rpm rubygem-psych-3.3.2-165.el9_5.x86_64.rpm rubygem-rake-13.0.3-165.el9_5.noarch.rpm rubygem-rbs-1.4.0-165.el9_5.noarch.rpm rubygem-rdoc-6.3.4.1-165.el9_5.noarch.rpm rubygem-rexml-3.2.5-165.el9_5.noarch.rpm rubygem-rss-0.2.9-165.el9_5.noarch.rpm rubygem-test-unit-3.3.7-165.el9_5.noarch.rpm rubygem-typeprof-0.15.2-165.el9_5.noarch.rpm rubygems-3.2.33-165.el9_5.noarch.rpm rubygems-devel-3.2.33-165.el9_5.noarch.rpm ruby-doc-3.0.7-165.el9_5.noarch.rpm aarch64: ruby-3.0.7-165.el9_5.aarch64.rpm ruby-default-gems-3.0.7-165.el9_5.noarch.rpm ruby-devel-3.0.7-165.el9_5.aarch64.rpm ruby-libs-3.0.7-165.el9_5.aarch64.rpm rubygem-bigdecimal-3.0.0-165.el9_5.aarch64.rpm rubygem-bundler-2.2.33-165.el9_5.noarch.rpm rubygem-io-console-0.5.7-165.el9_5.aarch64.rpm rubygem-irb-1.3.5-165.el9_5.noarch.rpm rubygem-json-2.5.1-165.el9_5.aarch64.rpm rubygem-minitest-5.14.2-165.el9_5.noarch.rpm rubygem-power_assert-1.2.1-165.el9_5.noarch.rpm rubygem-psych-3.3.2-165.el9_5.aarch64.rpm rubygem-rake-13.0.3-165.el9_5.noarch.rpm rubygem-rbs-1.4.0-165.el9_5.noarch.rpm rubygem-rdoc-6.3.4.1-165.el9_5.noarch.rpm rubygem-rexml-3.2.5-165.el9_5.noarch.rpm rubygem-rss-0.2.9-165.el9_5.noarch.rpm rubygem-test-unit-3.3.7-165.el9_5.noarch.rpm rubygem-typeprof-0.15.2-165.el9_5.noarch.rpm rubygems-3.2.33-165.el9_5.noarch.rpm rubygems-devel-3.2.33-165.el9_5.noarch.rpm ruby-doc-3.0.7-165.el9_5.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//ruby-3.0.7-165.el9_5.src.rpm Related CVEs: CVE-2025-27219 CVE-2025-27220 Description of changes: [3.0.7-165] - Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219) Resolves: RHEL-86104 - Fix ReDoS in CGI::Util#escapeElement. (CVE-2025-27220) Resolves: RHEL-86130 [3.0.7-164] - Undefine GC compaction methods on ppc64le. Resolves: RHEL-83136 - Fix printing warnings when using IRB from a script. Resolves: RHEL-83044 From el-errata at oss.oracle.com Tue May 13 23:52:53 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:52:53 -0700 Subject: [El-errata] ELBA-2025-4486 Oracle Linux 9 cloud-init bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4486 http://linux.oracle.com/errata/ELBA-2025-4486.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: cloud-init-23.4-19.0.2.el9_5.6.noarch.rpm aarch64: cloud-init-23.4-19.0.2.el9_5.6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//cloud-init-23.4-19.0.2.el9_5.6.src.rpm Description of changes: [23.4-19.0.2.el9_5.6] - Fixes regression in cloud-init-23.4-19.0.1 with module cc_write_files_deferred [Orabug: 36958039] - NetworkManagerActivator brings up interface failed when using sysconfig renderer [RHEL-18981] - Fix Oracle Datasource network and getdata methods for OCI OL [Orabug: 35950168] - Increase retry value and add timeout for OCI [Orabug: 35329883] - Fix log file permission [Orabug: 35302969] - Update detection logic for OL distros in config template [Orabug: 34845400] - Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938] - Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938] - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672] - limit permissions [Orabug: 31352433] - Changes to ignore all enslaved interfaces [Orabug: 30092148] - Make Oracle datasource detect dracut based config files [Orabug: 29956753] - add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch: 1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 (Bugzilla) - added OL to list of known distros Resolves: rhbz#1427280 Resolves: rhbz#1427280 From el-errata at oss.oracle.com Tue May 13 23:52:55 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:52:55 -0700 Subject: [El-errata] ELBA-2025-4489 Oracle Linux 9 virt-v2v bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4489 http://linux.oracle.com/errata/ELBA-2025-4489.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: virt-v2v-2.5.6-10.0.1.el9_5.x86_64.rpm virt-v2v-bash-completion-2.5.6-10.0.1.el9_5.noarch.rpm virt-v2v-man-pages-ja-2.5.6-10.0.1.el9_5.noarch.rpm virt-v2v-man-pages-uk-2.5.6-10.0.1.el9_5.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//virt-v2v-2.5.6-10.0.1.el9_5.src.rpm Description of changes: [2.5.6-10.0.1] - Replaced bugzilla.oracle.com references [Orabug: 34202300] - replaced upstream references [Orabug:34089586] [1:2.5.6-10] - Print blkhash of converted image in virt-v2v debugging output resolves: RHEL-85832 From el-errata at oss.oracle.com Tue May 13 23:52:59 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:52:59 -0700 Subject: [El-errata] ELSA-2025-4488 Moderate: Oracle Linux 9 ruby:3.1 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4488 http://linux.oracle.com/errata/ELSA-2025-4488.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: ruby-3.1.7-146.module+el9.5.0+90564+273a1edd.i686.rpm ruby-3.1.7-146.module+el9.5.0+90564+273a1edd.x86_64.rpm ruby-bundled-gems-3.1.7-146.module+el9.5.0+90564+273a1edd.i686.rpm ruby-bundled-gems-3.1.7-146.module+el9.5.0+90564+273a1edd.x86_64.rpm ruby-default-gems-3.1.7-146.module+el9.5.0+90564+273a1edd.noarch.rpm ruby-devel-3.1.7-146.module+el9.5.0+90564+273a1edd.i686.rpm ruby-devel-3.1.7-146.module+el9.5.0+90564+273a1edd.x86_64.rpm ruby-doc-3.1.7-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-bigdecimal-3.1.1-146.module+el9.5.0+90564+273a1edd.i686.rpm rubygem-bigdecimal-3.1.1-146.module+el9.5.0+90564+273a1edd.x86_64.rpm rubygem-bundler-2.3.27-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-io-console-0.5.11-146.module+el9.5.0+90564+273a1edd.i686.rpm rubygem-io-console-0.5.11-146.module+el9.5.0+90564+273a1edd.x86_64.rpm rubygem-irb-1.4.1-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-json-2.6.1-146.module+el9.5.0+90564+273a1edd.i686.rpm rubygem-json-2.6.1-146.module+el9.5.0+90564+273a1edd.x86_64.rpm rubygem-minitest-5.15.0-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.x86_64.rpm rubygem-mysql2-doc-0.5.4-1.module+el9.1.0+20815+286161bd.noarch.rpm rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.x86_64.rpm rubygem-pg-doc-1.3.5-1.module+el9.1.0+20815+286161bd.noarch.rpm rubygem-power_assert-2.0.1-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-psych-4.0.4-146.module+el9.5.0+90564+273a1edd.i686.rpm rubygem-psych-4.0.4-146.module+el9.5.0+90564+273a1edd.x86_64.rpm rubygem-rake-13.0.6-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-rbs-2.7.0-146.module+el9.5.0+90564+273a1edd.i686.rpm rubygem-rbs-2.7.0-146.module+el9.5.0+90564+273a1edd.x86_64.rpm rubygem-rdoc-6.4.1.1-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-rexml-3.3.9-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-rss-0.3.1-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygems-3.3.27-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygems-devel-3.3.27-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-test-unit-3.5.3-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-typeprof-0.21.3-146.module+el9.5.0+90564+273a1edd.noarch.rpm ruby-libs-3.1.7-146.module+el9.5.0+90564+273a1edd.i686.rpm ruby-libs-3.1.7-146.module+el9.5.0+90564+273a1edd.x86_64.rpm aarch64: ruby-3.1.7-146.module+el9.5.0+90564+273a1edd.aarch64.rpm ruby-bundled-gems-3.1.7-146.module+el9.5.0+90564+273a1edd.aarch64.rpm ruby-default-gems-3.1.7-146.module+el9.5.0+90564+273a1edd.noarch.rpm ruby-devel-3.1.7-146.module+el9.5.0+90564+273a1edd.aarch64.rpm ruby-doc-3.1.7-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-bigdecimal-3.1.1-146.module+el9.5.0+90564+273a1edd.aarch64.rpm rubygem-bundler-2.3.27-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-io-console-0.5.11-146.module+el9.5.0+90564+273a1edd.aarch64.rpm rubygem-irb-1.4.1-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-json-2.6.1-146.module+el9.5.0+90564+273a1edd.aarch64.rpm rubygem-minitest-5.15.0-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.aarch64.rpm rubygem-mysql2-doc-0.5.4-1.module+el9.1.0+20815+286161bd.noarch.rpm rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.aarch64.rpm rubygem-pg-doc-1.3.5-1.module+el9.1.0+20815+286161bd.noarch.rpm rubygem-power_assert-2.0.1-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-psych-4.0.4-146.module+el9.5.0+90564+273a1edd.aarch64.rpm rubygem-rake-13.0.6-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-rbs-2.7.0-146.module+el9.5.0+90564+273a1edd.aarch64.rpm rubygem-rdoc-6.4.1.1-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-rexml-3.3.9-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-rss-0.3.1-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygems-3.3.27-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygems-devel-3.3.27-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-test-unit-3.5.3-146.module+el9.5.0+90564+273a1edd.noarch.rpm rubygem-typeprof-0.21.3-146.module+el9.5.0+90564+273a1edd.noarch.rpm ruby-libs-3.1.7-146.module+el9.5.0+90564+273a1edd.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//ruby-3.1.7-146.module+el9.5.0+90564+273a1edd.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//rubygem-mysql2-0.5.4-1.module+el9.1.0+20815+286161bd.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//rubygem-pg-1.3.5-1.module+el9.1.0+20815+286161bd.src.rpm Related CVEs: CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 CVE-2025-27219 CVE-2025-27220 CVE-2025-27221 Description of changes: ruby [3.1.7-146] - Upgrade to Ruby 3.1.7. Resolves: RHEL-55410 - Fix DoS vulnerability in REXML. (CVE-2024-39908) Resolves: RHEL-86077 From el-errata at oss.oracle.com Tue May 13 23:55:34 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:55:34 -0700 Subject: [El-errata] ELBA-2025-4490 Oracle Linux 9 podman bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4490 http://linux.oracle.com/errata/ELBA-2025-4490.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: podman-5.2.2-16.0.1.el9_5.x86_64.rpm podman-docker-5.2.2-16.0.1.el9_5.noarch.rpm podman-plugins-5.2.2-16.0.1.el9_5.x86_64.rpm podman-remote-5.2.2-16.0.1.el9_5.x86_64.rpm podman-tests-5.2.2-16.0.1.el9_5.x86_64.rpm aarch64: podman-5.2.2-16.0.1.el9_5.aarch64.rpm podman-docker-5.2.2-16.0.1.el9_5.noarch.rpm podman-plugins-5.2.2-16.0.1.el9_5.aarch64.rpm podman-remote-5.2.2-16.0.1.el9_5.aarch64.rpm podman-tests-5.2.2-16.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//podman-5.2.2-16.0.1.el9_5.src.rpm Description of changes: [5.2.2-16.0.1] - podman: do not set rlimits to the default value [Orabug: 37310981] - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404] [4:5.2.2-16] - update to the latest content of https://github.com/containers/podman/tree/v5.2-rhel (https://github.com/containers/podman/commit/da46fda) - fixes "Rootless container libpod/tmp/persist directories not cleaned up, fill up tmpfs - [RHEL 9.5]" - Resolves: RHEL-86866 From el-errata at oss.oracle.com Tue May 13 23:55:36 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:55:36 -0700 Subject: [El-errata] ELBA-2025-4792 Oracle Linux 9 e2fsprogs bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-4792 http://linux.oracle.com/errata/ELBA-2025-4792.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: e2fsprogs-1.46.5-6.el9_5.x86_64.rpm e2fsprogs-devel-1.46.5-6.el9_5.i686.rpm e2fsprogs-devel-1.46.5-6.el9_5.x86_64.rpm e2fsprogs-libs-1.46.5-6.el9_5.i686.rpm e2fsprogs-libs-1.46.5-6.el9_5.x86_64.rpm libcom_err-1.46.5-6.el9_5.i686.rpm libcom_err-1.46.5-6.el9_5.x86_64.rpm libcom_err-devel-1.46.5-6.el9_5.i686.rpm libcom_err-devel-1.46.5-6.el9_5.x86_64.rpm libss-1.46.5-6.el9_5.i686.rpm libss-1.46.5-6.el9_5.x86_64.rpm libss-devel-1.46.5-6.el9_5.i686.rpm libss-devel-1.46.5-6.el9_5.x86_64.rpm aarch64: e2fsprogs-1.46.5-6.el9_5.aarch64.rpm e2fsprogs-devel-1.46.5-6.el9_5.aarch64.rpm e2fsprogs-libs-1.46.5-6.el9_5.aarch64.rpm libcom_err-1.46.5-6.el9_5.aarch64.rpm libcom_err-devel-1.46.5-6.el9_5.aarch64.rpm libss-1.46.5-6.el9_5.aarch64.rpm libss-devel-1.46.5-6.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//e2fsprogs-1.46.5-6.el9_5.src.rpm Description of changes: * Mon Jan 27 2025 Pavel Reichl - Fix: e2fsprogs: online resize fails From el-errata at oss.oracle.com Tue May 13 23:55:37 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:55:37 -0700 Subject: [El-errata] ELSA-2025-4491 Moderate: Oracle Linux 9 389-ds-base security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4491 http://linux.oracle.com/errata/ELSA-2025-4491.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: 389-ds-base-2.5.2-9.el9_5.x86_64.rpm 389-ds-base-libs-2.5.2-9.el9_5.x86_64.rpm 389-ds-base-snmp-2.5.2-9.el9_5.x86_64.rpm python3-lib389-2.5.2-9.el9_5.noarch.rpm 389-ds-base-devel-2.5.2-9.el9_5.x86_64.rpm aarch64: 389-ds-base-2.5.2-9.el9_5.aarch64.rpm 389-ds-base-libs-2.5.2-9.el9_5.aarch64.rpm 389-ds-base-snmp-2.5.2-9.el9_5.aarch64.rpm python3-lib389-2.5.2-9.el9_5.noarch.rpm 389-ds-base-devel-2.5.2-9.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//389-ds-base-2.5.2-9.el9_5.src.rpm Related CVEs: CVE-2025-2487 Description of changes: [2.5.2-9] - Resolves: RHEL-83874 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service [rhel-9.5.z] - Resolves: RHEL-80712 - Increased memory consumption caused by NDN cache [rhel-9.5.z] - Resolves: RHEL-87194 - Some replication status data are reset upon a restart. [rhel-9.5.z] From el-errata at oss.oracle.com Tue May 13 23:55:38 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:55:38 -0700 Subject: [El-errata] ELSA-2025-4492 Moderate: Oracle Linux 9 qemu-kvm security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4492 http://linux.oracle.com/errata/ELSA-2025-4492.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: qemu-guest-agent-9.0.0-10.el9_5.3.x86_64.rpm qemu-img-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-audio-pa-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-block-blkio-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-block-curl-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-block-rbd-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-common-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-core-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-device-display-virtio-vga-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-device-usb-host-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-device-usb-redirect-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-docs-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-tools-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-ui-egl-headless-9.0.0-10.el9_5.3.x86_64.rpm qemu-kvm-ui-opengl-9.0.0-10.el9_5.3.x86_64.rpm qemu-pr-helper-9.0.0-10.el9_5.3.x86_64.rpm aarch64: qemu-guest-agent-9.0.0-10.el9_5.3.aarch64.rpm qemu-img-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-audio-pa-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-block-blkio-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-block-curl-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-block-rbd-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-common-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-core-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-device-usb-host-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-device-usb-redirect-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-docs-9.0.0-10.el9_5.3.aarch64.rpm qemu-kvm-tools-9.0.0-10.el9_5.3.aarch64.rpm qemu-pr-helper-9.0.0-10.el9_5.3.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//qemu-kvm-9.0.0-10.el9_5.3.src.rpm Related CVEs: CVE-2023-6693 CVE-2024-3567 Description of changes: [9.0.0-10.el9_5.3] - kvm-target-i386-fix-feature-dependency-for-WAITPKG.patch [RHEL-84866] - Resolves: RHEL-84866 (Live migration after workload update fails with operation failed: guest CPU doesn't match specification: missing features: waitpkg [rhel-9.5.z]) From el-errata at oss.oracle.com Tue May 13 23:55:40 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:55:40 -0700 Subject: [El-errata] ELSA-2025-4493 Moderate: Oracle Linux 9 ruby:3.3 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4493 http://linux.oracle.com/errata/ELSA-2025-4493.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: ruby-3.3.8-4.module+el9.5.0+90562+4bc8f111.i686.rpm ruby-3.3.8-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm ruby-bundled-gems-3.3.8-4.module+el9.5.0+90562+4bc8f111.i686.rpm ruby-bundled-gems-3.3.8-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm ruby-default-gems-3.3.8-4.module+el9.5.0+90562+4bc8f111.noarch.rpm ruby-devel-3.3.8-4.module+el9.5.0+90562+4bc8f111.i686.rpm ruby-devel-3.3.8-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm ruby-doc-3.3.8-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-bigdecimal-3.1.5-4.module+el9.5.0+90562+4bc8f111.i686.rpm rubygem-bigdecimal-3.1.5-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm rubygem-bundler-2.5.22-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-io-console-0.7.1-4.module+el9.5.0+90562+4bc8f111.i686.rpm rubygem-io-console-0.7.1-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm rubygem-irb-1.13.1-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-json-2.7.2-4.module+el9.5.0+90562+4bc8f111.i686.rpm rubygem-json-2.7.2-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm rubygem-minitest-5.20.0-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.x86_64.rpm rubygem-mysql2-doc-0.5.5-1.module+el9.4.0+90257+8524dee7.noarch.rpm rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.x86_64.rpm rubygem-pg-doc-1.5.4-1.module+el9.4.0+90257+8524dee7.noarch.rpm rubygem-power_assert-2.0.3-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-psych-5.1.2-4.module+el9.5.0+90562+4bc8f111.i686.rpm rubygem-psych-5.1.2-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm rubygem-racc-1.7.3-4.module+el9.5.0+90562+4bc8f111.i686.rpm rubygem-racc-1.7.3-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm rubygem-rake-13.1.0-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-rbs-3.4.0-4.module+el9.5.0+90562+4bc8f111.i686.rpm rubygem-rbs-3.4.0-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm rubygem-rdoc-6.6.3.1-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-rexml-3.3.9-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-rss-0.3.1-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygems-3.5.22-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygems-devel-3.5.22-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-test-unit-3.6.1-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-typeprof-0.21.9-4.module+el9.5.0+90562+4bc8f111.noarch.rpm ruby-libs-3.3.8-4.module+el9.5.0+90562+4bc8f111.i686.rpm ruby-libs-3.3.8-4.module+el9.5.0+90562+4bc8f111.x86_64.rpm aarch64: ruby-3.3.8-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm ruby-bundled-gems-3.3.8-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm ruby-default-gems-3.3.8-4.module+el9.5.0+90562+4bc8f111.noarch.rpm ruby-devel-3.3.8-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm ruby-doc-3.3.8-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-bigdecimal-3.1.5-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm rubygem-bundler-2.5.22-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-io-console-0.7.1-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm rubygem-irb-1.13.1-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-json-2.7.2-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm rubygem-minitest-5.20.0-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.aarch64.rpm rubygem-mysql2-doc-0.5.5-1.module+el9.4.0+90257+8524dee7.noarch.rpm rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.aarch64.rpm rubygem-pg-doc-1.5.4-1.module+el9.4.0+90257+8524dee7.noarch.rpm rubygem-power_assert-2.0.3-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-psych-5.1.2-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm rubygem-racc-1.7.3-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm rubygem-rake-13.1.0-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-rbs-3.4.0-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm rubygem-rdoc-6.6.3.1-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-rexml-3.3.9-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-rss-0.3.1-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygems-3.5.22-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygems-devel-3.5.22-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-test-unit-3.6.1-4.module+el9.5.0+90562+4bc8f111.noarch.rpm rubygem-typeprof-0.21.9-4.module+el9.5.0+90562+4bc8f111.noarch.rpm ruby-libs-3.3.8-4.module+el9.5.0+90562+4bc8f111.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//ruby-3.3.8-4.module+el9.5.0+90562+4bc8f111.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//rubygem-mysql2-0.5.5-1.module+el9.4.0+90257+8524dee7.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//rubygem-pg-1.5.4-1.module+el9.4.0+90257+8524dee7.src.rpm Related CVEs: CVE-2025-25186 CVE-2025-27219 CVE-2025-27221 Description of changes: ruby [3.3.8-4] - Upgrade to Ruby 3.3.8. Resolves: RHEL-86933 - Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. (CVE-2025-25186) - Fix Denial of Service in CGI::Cookie.parse. (CVE-2025-27219) Resolves: RHEL-87182 - Fix userinfo leakage in URI#join, URI#merge and URI#+. (CVE-2025-27221) From el-errata at oss.oracle.com Tue May 13 23:55:42 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:55:42 -0700 Subject: [El-errata] ELSA-2025-4669 Important: Oracle Linux 9 osbuild-composer security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4669 http://linux.oracle.com/errata/ELSA-2025-4669.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: osbuild-composer-118.2-1.0.1.el9_5.x86_64.rpm osbuild-composer-core-118.2-1.0.1.el9_5.x86_64.rpm osbuild-composer-worker-118.2-1.0.1.el9_5.x86_64.rpm aarch64: osbuild-composer-118.2-1.0.1.el9_5.aarch64.rpm osbuild-composer-core-118.2-1.0.1.el9_5.aarch64.rpm osbuild-composer-worker-118.2-1.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//osbuild-composer-118.2-1.0.1.el9_5.src.rpm Related CVEs: CVE-2025-30204 Description of changes: [118.2-1.0.1] - jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) From el-errata at oss.oracle.com Tue May 13 23:55:43 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:55:43 -0700 Subject: [El-errata] ELSA-2025-4787 Moderate: Oracle Linux 9 emacs security update Message-ID: Oracle Linux Security Advisory ELSA-2025-4787 http://linux.oracle.com/errata/ELSA-2025-4787.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: emacs-27.2-11.el9_5.2.x86_64.rpm emacs-common-27.2-11.el9_5.2.x86_64.rpm emacs-filesystem-27.2-11.el9_5.2.noarch.rpm emacs-lucid-27.2-11.el9_5.2.x86_64.rpm emacs-nox-27.2-11.el9_5.2.x86_64.rpm aarch64: emacs-27.2-11.el9_5.2.aarch64.rpm emacs-common-27.2-11.el9_5.2.aarch64.rpm emacs-filesystem-27.2-11.el9_5.2.noarch.rpm emacs-lucid-27.2-11.el9_5.2.aarch64.rpm emacs-nox-27.2-11.el9_5.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//emacs-27.2-11.el9_5.2.src.rpm Related CVEs: CVE-2024-53920 Description of changes: [1:27.2-11.el9_5.2] - Fix arbitrary code execution via Lisp macro expansion (RHEL-69395) From el-errata at oss.oracle.com Tue May 13 23:57:50 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:57:50 -0700 Subject: [El-errata] ELSA-2025-20320 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20320 http://linux.oracle.com/errata/ELSA-2025-20320.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-core-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-debug-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-debug-core-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-devel-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-doc-5.15.0-308.179.6.el9uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-container-5.15.0-308.179.6.el9uek.x86_64.rpm kernel-uek-container-debug-5.15.0-308.179.6.el9uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-308.179.6.el9uek.src.rpm Related CVEs: CVE-2024-25742 CVE-2024-25743 CVE-2024-25744 CVE-2024-56583 Description of changes: [5.15.0-308.179.6.el9uek] - net: bridge: IP defragmentation failing for jumboframes (Venkat Venkatsubra) [Orabug: 37847171] - uek-rpm: remove .el9 from shim version (Samasth Norway Ananda) [Orabug: 37834731] - RDS: avoid using offlined CPU during reconnect (Arumugam Kolappan) [Orabug: 37783021] - net/mlx5e: Rely on reqid in IPsec tunnel mode (Leon Romanovsky) [Orabug: 37710815] - net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (Leon Romanovsky) [Orabug: 37710815] - net/mlx5: Clear port select structure when fail to create (Mark Zhang) [Orabug: 37710815] - net/mlx5: SF, Fix add port error handling (Chris Mi) [Orabug: 37710815] - net/mlx5: Fix variable not being completed when function returns (Chenguang Zhao) [Orabug: 37710815] - net/mlx5e: Keep netdev when leave switchdev for devlink set legacy only (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: Skip restore TC rules for vport rep without loaded flag (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: macsec: Maintain TX SA from encoding_sa (Dragos Tatulea) [Orabug: 37710815] - net/mlx5e: Remove workaround to avoid syndrome for internal port (Jianbo Liu) [Orabug: 37710815] - net/mlx5e: SD, Use correct mdev to build channel param (Tariq Toukan) [Orabug: 37710815] - mlxsw: spectrum_acl_flex_keys: Use correct key block on Spectrum-4 (Ido Schimmel) [Orabug: 37710815] - net/mlx5e: clear xdp features on non-uplink representors (William Tu) [Orabug: 37710815] - net/mlx5: Fix msix vectors to respect platform limit (Parav Pandit) [Orabug: 37710815] - mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (Ido Schimmel) [Orabug: 37710815] - mlxsw: spectrum_ptp: Add missing verification before pushing Tx header (Amit Cohen) [Orabug: 37710815] - net/mlx5e: Don't call cleanup on profile rollback failure (Cosmin Ratiu) [Orabug: 37710815] - net/mlx5: Fix command bitmask initialization (Shay Drory) [Orabug: 37710815] - net/mlx5: Check for invalid vector index on EQ creation (Maher Sanalla) [Orabug: 37710815] - mlxsw: spectrum_acl_flex_keys: Constify struct mlxsw_afk_element_inst (Christophe JAILLET) [Orabug: 37710815] - net: Fix netns for ip_tunnel_init_flow() (Xiao Liang) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (Ido Schimmel) [Orabug: 37710815] - ip_tunnel: annotate data-races around t->parms.link (Eric Dumazet) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (Ido Schimmel) [Orabug: 37710815] - ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (Ido Schimmel) [Orabug: 37710815] - net/mlx5e: SHAMPO, Fix overflow of hd_per_wq (Dragos Tatulea) [Orabug: 37710815] - net/mlx5e: SHAMPO, Increase timeout to improve latency (Dragos Tatulea) [Orabug: 37710815] - net/mlx5: Verify support for scheduling element and TSAR type (Carolina Jubran) [Orabug: 37710815] - net/mlx5e: Enable remove flow for hard packet limit (Jianbo Liu) [Orabug: 37710815] - net/mlx5: Use set number of max EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: IFC updates for SF max IO EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5e: Approximate IPsec per-SA payload data bytes count (Leon Romanovsky) [Orabug: 37710815] - net/mlx5e: Present succeeded IPsec SA bytes and packet (Leon Romanovsky) [Orabug: 37710815] - net/mlx5: Use max_num_eqs_24b capability if set (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: IFC updates for changing max EQs (Daniel Jurgens) [Orabug: 37710815] - net/mlx5: Correct TASR typo into TSAR (Cosmin Ratiu) [Orabug: 37710815] - net/mlx5e: SHAMPO, Re-enable HW-GRO (Yoray Zack) [Orabug: 37710815] - net/mlx5e: SHAMPO, Use KSMs instead of KLMs (Yoray Zack) [Orabug: 37710815] - net/mlx5e: Fix netif state handling (Shay Drory) [Orabug: 37710815] - net/mlx5e: RSS, Block XOR hash with over 128 channels (Carolina Jubran) [Orabug: 37710815] - net/mlx5: Support matching on l4_type for ttc_table (Jianbo Liu) [Orabug: 37710815] - net/mlx5: Enable SD feature (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Block TLS device offload on combined SD netdev (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Support per-mdev queue counter (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Support cross-vhca RSS (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Let channels be SD-aware (Tariq Toukan) [Orabug: 37710815] - net/mlx5e: Connect mlx5 IPsec statistics with XFRM core (Leon Romanovsky) [Orabug: 37710815] - xfrm: get global statistics from the offloaded device (Leon Romanovsky) [Orabug: 37710815] - RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584] [Orabug: 37551309] - uek-rpm/kernel-uek.spec: Set DEFAULTKERNEL correctly during %postun (Vijay Kumar) [Orabug: 37376706] [5.15.0-308.179.5.el9uek] - net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet) - usbnet:fix NPE during rx_complete (Ying Lu) - bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao) - jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz) - serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping) - ksmbd: fix multichannel connection failure (Namjae Jeon) - rds: Tear down the copy-from-user cache before destroying rds_wq (H?kon Bugge) [Orabug: 37716901] [5.15.0-308.179.4.el9uek] - Check concurrency before THP creation for file mappings in fault path (Prakash Sangappa) [Orabug: 37608058] - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (H?kon Bugge) [Orabug: 37747825] [5.15.0-308.179.3.el9uek] - uek-rpm: Build Bluefield 3 kernel for OL9 (Dave Kleikamp) [Orabug: 37763488] - uek-rpm: Add emb3 config and core list for OL9 (Dave Kleikamp) [Orabug: 37763488] - udf: Fix directory iteration for longer tail extents (Jan Kara) [Orabug: 37761829] - uek-rpm: install the perf exec dir (Stephen Brennan) [Orabug: 37757734] - perf probe: Improve log for long event name failure (Leo Yan) [Orabug: 37752593] - perf probe: Check group string length (Leo Yan) [Orabug: 37752593] - perf probe: Use the MAX_EVENT_NAME_LEN macro (Leo Yan) [Orabug: 37752593] - perf probe-event: Better error message for a too-long probe name (Dima Kogan) [Orabug: 37752593] - rds: ib: Do not attempt to insert RDMA exthdr twice (H?kon Bugge) [Orabug: 37721762] - x86/sev: Harden #VC instruction emulation somewhat (Borislav Petkov (AMD)) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Do not allow external 0x80 interrupts (Thomas Gleixner) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Convert INT 0x80 emulation to IDTENTRY (Thomas Gleixner) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/entry: Fixup objtool/ibt validation (Peter Zijlstra) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - x86/sev: Mark the code returning to user space as syscall gap (Lai Jiangshan) [Orabug: 37687865] {CVE-2024-25743} {CVE-2024-25742} - rds: ib: Fix racy send affinity work cancellation (H?kon Bugge) [Orabug: 37607469] - sched/deadline: Fix warning in migrate_enable for boosted tasks (Wander Lairson Costa) [Orabug: 37433838] {CVE-2024-56583} - x86/coco: Disable 32-bit emulation by default on TDX and SEV (Kirill A. Shutemov) [Orabug: 36298741] {CVE-2024-25744} - x86/ia32: State that IA32 emulation is disabled (Borislav Petkov (AMD)) [Orabug: 36298741] {CVE-2024-25744} - x86: Make IA32_EMULATION boot time configurable (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Remove toolchain check for X32 ABI capability (Masahiro Yamada) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/elf: Make loading of 32bit processes depend on ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Compile entry_SYSCALL32_ignore() unconditionally (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86/entry: Rename ignore_sysret() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Introduce ia32_enabled() (Nikolay Borisov) [Orabug: 36298741] {CVE-2024-25744} - x86: Fix misspelled Kconfig symbols (Lukas Bulwahn) [Orabug: 36298741] {CVE-2024-25744} [5.15.0-308.179.2.el9uek] - LTS version: v5.15.179 (Vijayendra Suman) - net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (Jakub Kicinski) - kbuild: userprogs: use correct lld when linking through clang (Thomas Wei?schuh) - vsock: Orphan socket after transport release (Michal Luczaj) - vsock: Keep the binding until socket destruction (Michal Luczaj) - bpf, vsock: Invoke proto::close on close() (Michal Luczaj) - media: uvcvideo: Remove dangling pointers (Ricardo Ribalda) - media: uvcvideo: Fix crash during unbind if gpio unit is in use (Ricardo Ribalda) - nilfs2: handle errors that nilfs_prepare_chunk() may return (Ryusuke Konishi) - nilfs2: eliminate staggered calls to kunmap in nilfs_rename (Ryusuke Konishi) - nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link (Ryusuke Konishi) - spi-mxs: Fix chipselect glitch (Ralf Schlatterbeck) - mtd: rawnand: cadence: fix unchecked dereference (Niravkumar L Rabara) - md: select BLOCK_LEGACY_AUTOLOAD (NeilBrown) - media: uvcvideo: Avoid returning invalid controls (Ricardo Ribalda) - media: uvcvideo: Avoid invalid memory access (Ricardo Ribalda) - drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (Haoyu Li) - eeprom: digsy_mtc: Make GPIO lookup table match the device (Andy Shevchenko) - bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (Manivannan Sadhasivam) - slimbus: messaging: Free transaction ID in delayed interrupt scenario (Visweswara Tanuku) - intel_th: pci: Add Panther Lake-P/U support (Alexander Shishkin) - intel_th: pci: Add Panther Lake-H support (Alexander Shishkin) - intel_th: pci: Add Arrow Lake support (Pawel Chmielewski) - mei: me: add panther lake P DID (Alexander Usyskin) - Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) - usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (Michal Pecio) - xhci: pci: Fix indentation in the PCI device ID definitions (Andy Shevchenko) - usb: gadget: Check bmAttributes only if configuration is valid (Prashanth K) - usb: gadget: Fix setting self-powered state on suspend (Marek Szyprowski) - usb: gadget: Set self-powered based on MaxPower and bmAttributes (Prashanth K) - usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (AngeloGioacchino Del Regno) - usb: typec: ucsi: increase timeout for PPM reset operations (Fedor Pchelkin) - usb: dwc3: gadget: Prevent irq storm when TH re-executes (Badhri Jagan Sridharan) - usb: renesas_usbhs: Flush the notify_hotplug_work (Claudiu Beznea) - usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (Miao Li) - usb: hub: lack of clearing xHC resources (Pawel Laszczak) - usb: renesas_usbhs: Use devm_usb_get_phy() (Claudiu Beznea) - usb: renesas_usbhs: Call clk_put() (Claudiu Beznea) - Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (Christian Heusel) - gpio: rcar: Fix missing of_node_put() call (Fabrizio Castro) - net: ipv6: fix missing dst ref drop in ila lwtunnel (Justin Iurman) - net: ipv6: fix dst ref loop in ila lwtunnel (Justin Iurman) - sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (Zecheng Li) - net-timestamp: support TCP GSO case for a few missing flags (Jason Xing) - exfat: fix soft lockup in exfat_clear_bitmap (Namjae Jeon) - x86/sgx: Fix size overflows in sgx_encl_create() (Jarkko Sakkinen) - vlan: enforce underlying device type (Oscar Maes) - ppp: Fix KMSAN uninit-value warning with bpf (Jiayuan Chen) - net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (Peiyang Wang) - be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink (Nikolay Aleksandrov) - drm/sched: Fix preprocessor guard (Philipp Stanner) - hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (Xinghuo Chen) - llc: do not use skb_get() before dev_queue_xmit() (Eric Dumazet) - ALSA: usx2y: validate nrpacks module parameter on probe (Murad Masimov) - hwmon: (ad7314) Validate leading zero bits and return error (Erik Schumacher) - hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (Maud Spierings) - hwmon: (pmbus) Initialise page count in pmbus_identify() (Titus Rwantare) - caif_virtio: fix wrong pointer check in cfv_probe() (Vitaliy Shevtsov) - net: gso: fix ownership in __udp_gso_segment (Antoine Tenart) - nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (Meir Elisha) - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (Zhang Lixu) - HID: google: fix unused variable warning under !CONFIG_ACPI (Yu-Chun Lin) - wifi: iwlwifi: limit printed string from FW file (Johannes Berg) - mm: don't skip arch_sync_kernel_mappings() in error paths (Ryan Roberts) - mm/page_alloc: fix uninitialized variable (Hao Zhang) - block: fix conversion of GPT partition name to 7-bit (Olivier Gayot) - s390/traps: Fix test_monitor_call() inline assembly (Heiko Carstens) - rapidio: fix an API misues when rio_add_net() fails (Haoxiang Li) - rapidio: add check for rio_add_net() in rio_scan_alloc_net() (Haoxiang Li) - wifi: nl80211: reject cooked mode if it is set along with other flags (Vitaliy Shevtsov) - wifi: cfg80211: regulatory: improve invalid hints checking (Nikita Zhandarovich) - x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 (Ahmed S. Darwish) - x86/cpu: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - x86/cacheinfo: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish) - platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (Mingcong Bai) - drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (Richard Thier) - ALSA: hda/realtek: update ALC222 depop optimize (Kailang Yang) - ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (Hoku Ishibe) - gpio: aggregator: protect driver attr handlers against module unload (Koichiro Den) - gpio: rcar: Use raw_spinlock to protect register access (Niklas S?derlund) - HID: appleir: Fix potential NULL dereference at raw event handle (Daniil Dulov) - Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" (Rob Herring (Arm)) - drm/amdgpu: disable BAR resize on Dell G5 SE (Alex Deucher) - drm/amdgpu: Check extended configuration space register when system uses large bar (Ma Jun) - smb: client: Add check for next_buffer in receive_encrypted_standard() (Haoxiang Li) - pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (Quang Le) - intel_idle: Handle older CPUs, which stop the TSC in deeper C states, correctly (Thomas Gleixner) - sched/core: Prevent rescheduling when interrupts are disabled (Thomas Gleixner) - vmlinux.lds: Ensure that const vars with relocations are mapped R/O (Ard Biesheuvel) - mptcp: always handle address removal under msk socket lock (Paolo Abeni) - phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (Kaustabh Chakraborty) - phy: tegra: xusb: reset VBUS & ID OVERRIDE (BH Hsieh) - net: enetc: correct the xdp_tx statistics (Wei Fang) - net: enetc: update UDP checksum when updating originTimestamp field (Wei Fang) - net: enetc: fix the off-by-one issue in enetc_map_tx_buffs() (Wei Fang) - usbnet: gl620a: fix endpoint checking in genelink_bind() (Nikita Zhandarovich) - i2c: npcm: disable interrupt enable bit before devm_request_irq (Tyrone Ting) - drm/amd/display: Fix HPD after gpu reset (Roman Li) - perf/core: Fix low freq setting via IOC_PERIOD (Kan Liang) - ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (Dmitry Panchenko) - ftrace: Avoid potential division by zero in function_stat_show() (Nikolay Kuratov) - x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems (Russell Senior) - net: ipv6: fix dst ref loop on input in rpl lwt (Justin Iurman) - net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (Justin Iurman) - net: ipv6: fix dst ref loop on input in seg6 lwt (Justin Iurman) - net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (Justin Iurman) - include: net: add static inline dst_dev_overhead() to dst.h (Justin Iurman) - seg6: add support for SRv6 H.L2Encaps.Red behavior (Andrea Mayer) - seg6: add support for SRv6 H.Encaps.Red behavior (Andrea Mayer) - net/mlx5: IRQ, Fix null string in debug print (Shay Drory) - net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. (Harshal Chaudhari) - tcp: Defer ts_recent changes until req is owned (Wang Hai) - ipvs: Always clear ipvs_property flag in skb_scrub_packet() (Philo Lu) - ASoC: es8328: fix route from DAC to output (Nicolas Frattaroli) - net: cadence: macb: Synchronize stats calculations (Sean Anderson) - afs: Fix the server_list to unuse a displaced server rather than putting it (David Howells) - afs: Make it possible to find the volumes that are using a server (David Howells) - afs: remove variable nr_servers (Colin Ian King) - Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (Luiz Augusto von Dentz) - ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (Takashi Iwai) - sunrpc: suppress warnings for unused procfs functions (Arnd Bergmann) - RDMA/mlx5: Fix bind QP error cleanup flow (Patrisious Haddad) - scsi: core: Clear driver private data when retrying request (Ye Bin) - scsi: core: Don't memset() the entire scsi_cmnd in scsi_init_command() (Christoph Hellwig) - ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (Vasiliy Kovalev) - ovl: pass ofs to creation operations (Christian Brauner) - ovl: use wrappers to all vfs_*xattr() calls (Amir Goldstein) - IB/mlx5: Set and get correct qp_num for a DCT QP (Mark Zhang) - x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (Patrick Bellasi) - mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (Niravkumar L Rabara) - mtd: rawnand: cadence: use dma_map_resource for sdma address (Niravkumar L Rabara) - mtd: rawnand: cadence: fix error code in cadence_nand_init() (Niravkumar L Rabara) - acct: block access to kernel internal filesystems (Christian Brauner) - acct: perform last write from workqueue (Christian Brauner) - ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (John Veness) - nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (Haoxiang Li) - drop_monitor: fix incorrect initialization order (Gavrilov Ilia) - tee: optee: Fix supplicant wait loop (Sumit Garg) - bpf: skip non exist keys in generic_map_lookup_batch (Yan Zhai) - nvme/ioctl: add missing space in err message (Caleb Sander Mateos) - power: supply: da9150-fg: fix potential overflow (Andrey Vatoropin) - arp: switch to dev_getbyhwaddr() in arp_req_set_public() (Breno Leitao) - net: Add non-RCU dev_getbyhwaddr() helper (Breno Leitao) - flow_dissector: Fix port range key handling in BPF conversion (Cong Wang) - flow_dissector: Fix handling of mixed port and port-range keys (Cong Wang) - geneve: Suppress list corruption splat in geneve_destroy_tunnels(). (Kuniyuki Iwashima) - geneve: Fix use-after-free in geneve_find_dev(). (Kuniyuki Iwashima) - powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (Christophe Leroy) - ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang) - powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (Christophe Leroy) - powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (Michael Ellerman) - USB: gadget: f_midi: f_midi_complete to call queue_work (Jill Donahue) - usb: dwc3: Fix timeout issue during controller enter/exit from halt state (Selvarasu Ganesan) - usb: dwc3: Increase DWC3 controller halt timeout (Wesley Cheng) - batman-adv: Drop unmanaged ELP metric worker (Sven Eckelmann) - batman-adv: Drop initialization of flexible ethtool_link_ksettings (Sven Eckelmann) - media: uvcvideo: Only save async fh if success (Ricardo Ribalda) - media: uvcvideo: Refactor iterators (Ricardo Ribalda) - media: uvcvideo: Set error_idx during ctrl_commit errors (Ricardo Ribalda) - soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (Krzysztof Kozlowski) - soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (Krzysztof Kozlowski) - soc: mediatek: mtk-devapc: Switch to devm_clk_get_enabled() (AngeloGioacchino Del Regno) - kfence: skip __GFP_THISNODE allocations on NUMA systems (Marco Elver) - kfence: enable check kfence canary on panic via boot param (huangshaobo) - kfence: allow use of a deferrable timer (Marco Elver) - tpm: Change to kvalloc() in eventlog/acpi.c (Jarkko Sakkinen) - tpm: Use managed allocation for bios event log (Eddie James) - arm64: dts: mediatek: mt8183: Disable DSI display output by default (Chen-Yu Tsai) - ASoC: renesas: rz-ssi: Add a check for negative sample_space (Dan Carpenter) - drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (Thomas Zimmermann) - drm/probe-helper: Create a HPD IRQ event helper for a single connector (Maxime Ripard) - ksmbd: fix integer overflows on 32 bit systems (Dan Carpenter) - memcg: fix soft lockup in the OOM process (Chen Ridong) - mm: update mark_victim tracepoints fields (Carlos Galo) - media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (Dan Carpenter) - crypto: testmgr - some more fixes to RSA test vectors (Ignat Korchagin) - crypto: testmgr - populate RSA CRT parameters in RSA test vectors (Ignat Korchagin) - crypto: testmgr - fix version number of RSA tests (lei he) - crypto: testmgr - Fix wrong test case of RSA (Lei He) - crypto: testmgr - fix wrong key length for pkcs1pad (Lei He) - arm64: mte: Do not allow PROT_MTE on MAP_HUGETLB user mappings (Catalin Marinas) - pps: Fix a use-after-free (Calvin Owens) - btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana) - x86/i8253: Disable PIT timer 0 when not in use (David Woodhouse) - f2fs: fix to wait dio completion (Chao Yu) - ARM: dts: dra7: Add bus_dma_limit for l4 cfg bus (Romain Naour) - parport_pc: add support for ASIX AX99100 (Jiaqing Zhao) - serial: 8250_pci: add support for ASIX AX99100 (Jiaqing Zhao) - can: ems_pci: move ASIX AX99100 ids to pci_ids.h (Jiaqing Zhao) - nilfs2: protect access to buffers with no active references (Ryusuke Konishi) - nilfs2: do not force clear folio if buffer is referenced (Ryusuke Konishi) - nilfs2: do not output warnings when clearing dirty buffers (Ryusuke Konishi) - alpha: replace hardcoded stack offsets with autogenerated ones (Ivan Kokshaysky) - kdb: Do not assume write() callback available (John Ogness) - drm/v3d: Stop active perfmon if it is being destroyed (Christian Gmeiner) - drm/tidss: Clear the interrupt status for interrupts being disabled (Devarsh Thakkar) - drm/tidss: Fix issue in irq handling causing irq-flood issue (Tomi Valkeinen) - ipv6: mcast: add RCU protection to mld_newpack() (Eric Dumazet) - ndisc: extend RCU protection in ndisc_send_skb() (Eric Dumazet) - openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (Eric Dumazet) - arp: use RCU protection in arp_xmit() (Eric Dumazet) - neighbour: use RCU protection in __neigh_notify() (Eric Dumazet) - neighbour: delete redundant judgment statements (Li Zetao) - ndisc: use RCU protection in ndisc_alloc_skb() (Eric Dumazet) - ipv6: use RCU protection in ip6_default_advmss() (Eric Dumazet) - ipv4: use RCU protection in __ip_rt_update_pmtu() (Eric Dumazet) - net: ipv4: Cache pmtu for all packet paths if multipath enabled (Vladimir Vdovin) - selftest: net: Test IPv4 PMTU exceptions with DSCP and ECN (Guillaume Nault) - Namespaceify mtu_expires sysctl (xu xin) - Namespaceify min_pmtu sysctl (xu xin) - ipv4: use RCU protection in inet_select_addr() (Eric Dumazet) - ipv4: use RCU protection in rt_is_expired() (Eric Dumazet) - net: add dev_net_rcu() helper (Eric Dumazet) - ipv4: add RCU protection to ip4_dst_hoplimit() (Eric Dumazet) - clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (Waiman Long) - clocksource: Use pr_info() for "Checking clocksource synchronization" message (Waiman Long) - clocksource: Replace cpumask_weight() with cpumask_empty() (Yury Norov) - btrfs: fix hole expansion when writing at an offset beyond EOF (Filipe Manana) - mlxsw: Add return value check for mlxsw_sp_port_get_stats_raw() (Wentao Liang) - arm64: Handle .ARM.attributes section in linker scripts (Nathan Chancellor) - regmap-irq: Add missing kfree() (Jiasheng Jiang) - partitions: mac: fix handling of bogus partition table (Jann Horn) - gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (Wentao Liang) - alpha: align stack for page fault and user unaligned trap handlers (Ivan Kokshaysky) - serial: 8250: Fix fifo underflow on flush (John Keeping) - cgroup: fix race between fork and cgroup.kill (Shakeel Butt) - efi: Avoid cold plugged memory for placing the kernel (Ard Biesheuvel) - alpha: make stack 16-byte aligned (most cases) (Ivan Kokshaysky) - can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (Alexander H?lzl) - can: c_can: fix unbalanced runtime PM disable in error path (Krzysztof Kozlowski) - USB: serial: option: drop MeiG Smart defines (Johan Hovold) - USB: serial: option: fix Telit Cinterion FN990A name (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FN990B compositions (Fabio Porcedda) - USB: serial: option: add MeiG Smart SLM828 (Chester A. Unal) - usb: cdc-acm: Fix handling of oversized fragments (Jann Horn) - usb: cdc-acm: Check control transfer buffer size before access (Jann Horn) - USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (Marek Vasut) - USB: hub: Ignore non-compliant devices with too many configs or interfaces (Alan Stern) - usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (John Keeping) - USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (Mathias Nyman) - USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (Lei Huang) - usb: core: fix pipe creation for get_bMaxPacketSize0 (Stefan Eichenberger) - USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (Huacai Chen) - usb: dwc2: gadget: remove of_node reference upon udc_stop (Fabrice Gasnier) - usb: gadget: udc: renesas_usb3: Fix compiler warning (Guo Ren) - usb: roles: set switch registered flag early on (Elson Roy Serrao) - perf/x86/intel: Ensure LBRs are disabled when a CPU is starting (Sean Christopherson) - KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (Sean Christopherson) - batman-adv: Ignore neighbor throughput metrics in error case (Sven Eckelmann) - batman-adv: fix panic during interface removal (Andy Strohman) - ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (Hans de Goede) - orangefs: fix a oob in orangefs_debug_write (Mike Marshall) - Grab mm lock before grabbing pt lock (Maksym Planeta) - vfio/pci: Enable iowrite64 and ioread64 for vfio pci (Ramesh Thomas) - PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (Takashi Iwai) - media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (Edward Adam Davis) - media: cxd2841er: fix 64-bit division on gcc-9 (Arnd Bergmann) - x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross) - xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik) - gpio: bcm-kona: Add missing newline to dev_err format string (Artur Weber) - gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (Artur Weber) - gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (Artur Weber) - drm/i915/selftests: avoid using uninitialized context (Krzysztof Karas) - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec) - team: better TEAM_OPTION_TYPE_STRING validation (Eric Dumazet) - vrf: use RCU protection in l3mdev_l3_out() (Eric Dumazet) - ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (Eric Dumazet) - HID: multitouch: Add NULL check in mt_input_configured (Charles Han) - NFSD: fix hang in nfsd4_shutdown_callback (Dai Ngo) - nfsd: clear acl_access/acl_default after releasing them (Li Lingfeng) - tty: xilinx_uartps: split sysrq handling (Sean Anderson) - mptcp: prevent excessive coalescing on receive (Paolo Abeni) - ocfs2: check dir i_size in ocfs2_find_entry (Su Yue) - memory: tegra20-emc: Correct memory device mask (Dmitry Osipenko) - gpio: xilinx: remove excess kernel doc (Bartosz Golaszewski) - net/ncsi: use dev_set_mac_address() for Get MC MAC Address handling (Paul Fertser) - MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static (WangYuli) - ptp: Ensure info->enable callback is always set (Thomas Wei?schuh) - net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (Milos Reljin) - net/ncsi: wait for the last response to Deselect Package before configuring channel (Paul Fertser) - misc: fastrpc: Fix registered buffer page address (Ekansh Gupta) - mtd: onenand: Fix uninitialized retlen in do_otp_read() (Ivan Stepchenko) - NFC: nci: Add bounds checking in nci_hci_create_pipe() (Dan Carpenter) - nilfs2: fix possible int overflows in nilfs_fiemap() (Nikita Zhandarovich) - ocfs2: handle a symlink read error correctly (Matthew Wilcox (Oracle)) - pnfs/flexfiles: retry getting layout segment for reads (Mike Snitzer) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - nvmem: core: improve range check for nvmem_cell_write() (Jennifer Berringer) - nvmem: qcom-spmi-sdam: Set size in struct nvmem_config (Luca Weiss) - crypto: qce - unregister previously registered algos in error path (Bartosz Golaszewski) - crypto: qce - fix goto jump in error path (Bartosz Golaszewski) - media: uvcvideo: Remove redundant NULL assignment (Ricardo Ribalda) - media: uvcvideo: Fix event flags in uvc_ctrl_send_events (Ricardo Ribalda) - media: ccs: Fix cleanup order in ccs_probe() (Mehdi Djait) - media: ccs: Fix CCS static data parsing for large block sizes (Sakari Ailus) - media: ov5640: fix get_light_freq on auto (Sam Bobrowicz) - media: mc: fix endpoint iteration (Cosmin Tanislav) - soc: qcom: smem_state: fix missing of_node_put in error path (Krzysztof Kozlowski) - iio: light: as73211: fix channel handling in only-color triggered buffer (Javier Carrasco) - media: ccs: Clean up parsed CCS static data on parse failure (Sakari Ailus) - xfs: Add error handling for xfs_reflink_cancel_cow_range (Wentao Liang) - crypto: qce - fix priority to be less than ARMv8 CE (Eric Biggers) - arm64: dts: qcom: sm8350: Fix MPSS memory length (Krzysztof Kozlowski) - x86/boot: Use '-std=gnu11' to fix build with GCC 15 (Nathan Chancellor) - kbuild: Move -Wenum-enum-conversion to W=2 (Nathan Chancellor) - scsi: qla2xxx: Move FCE Trace buffer allocation to user control (Quinn Tran) - nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (Georg Gottleuber) - nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (Georg Gottleuber) - PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (Zijun Hu) - ALSA: hda/realtek: Enable headset mic on Positivo C6400 (Edson Juliano Drosdeck) - mips/math-emu: fix emulation of the prefx instruction (Mateusz Jo?czyk) - dm-crypt: track tag_offset in convert_context (Hou Tao) - dm-crypt: don't update io->sector after kcryptd_crypt_write_io_submit() (Hou Tao) - powerpc/pseries/eeh: Fix get PE state translation (Narayana Murty N) - MIPS: Loongson64: remove ROM Size unit in boardinfo (Kexy Biscuit) - serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (Claudiu Beznea) - serial: sh-sci: Drop __initdata macro for port_cfg (Claudiu Beznea) - soc: qcom: socinfo: Avoid out of bounds read of serial number (Stephan Gerhold) - usb: gadget: f_tcm: Don't prepare BOT write request twice (Thinh Nguyen) - usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (Thinh Nguyen) - usb: gadget: f_tcm: Decrement command ref count on cleanup (Thinh Nguyen) - usb: gadget: f_tcm: Translate error to sense (Thinh Nguyen) - wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (Marcel Hamer) - wifi: rtlwifi: rtl8821ae: Fix media status report (Bitterblue Smith) - HID: hid-sensor-hub: don't use stale platform-data on remove (Heiko Stuebner) - of: reserved-memory: Fix using wrong number of cells to get property 'alignment' (Zijun Hu) - of: Fix of_find_node_opts_by_path() handling of alias+path+options (Zijun Hu) - of: Correct child specifier used as input of the 2nd nexus node (Zijun Hu) - perf bench: Fix undefined behavior in cmpworker() (Kuan-Wei Chiu) - efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (Nathan Chancellor) - blk-cgroup: Fix class @block_class's subsystem refcount leakage (Zijun Hu) - clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (Anastasia Belova) - clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (Satya Priya Kakitapalli) - clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (Luca Weiss) - clk: qcom: clk-alpha-pll: fix alpha mode configuration (Gabor Juhos) - clk: sunxi-ng: a100: enable MMC clock reparenting (Cody Eksal) - Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (Fedor Pchelkin) - Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin) - drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (Ville Syrj?l?) - drm/komeda: Add check for komeda_get_layer_fourcc_list() (Haoxiang Li) - drm/amd/pm: Mark MM activity as unsupported (Lijo Lazar) - KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (David Hildenbrand) - KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (Sean Christopherson) - arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (Jakob Unterwurzacher) - binfmt_flat: Fix integer overflow bug on 32 bit systems (Dan Carpenter) - m68k: vga: Fix I/O defines (Thomas Zimmermann) - s390/futex: Fix FUTEX_OP_ANDN implementation (Heiko Carstens) - drm/modeset: Handle tiled displays in pan_display_atomic. (Maarten Lankhorst) - leds: lp8860: Write full EEPROM, not only half of it (Alexander Sverdlin) - cpufreq: s3c64xx: Fix compilation warning (Viresh Kumar) - tun: revert fix group permission check (Willem de Bruijn) - net: rose: lock the socket in rose_bind() (Eric Dumazet) - net: atlantic: fix warning during hot unplug (Jacob Moroni) - gpio: pca953x: Improve interrupt support (Mark Tomlinson) - udp: gso: do not drop small packets when PMTU reduces (Yan Zhai) - tg3: Disable tg3 PCIe AER on system reboot (Lenny Szubowicz) - gpu: drm_dp_cec: fix broken CEC adapter properties check (Hans Verkuil) - firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (Prasad Pandit) - nvme: handle connectivity loss in nvme_set_queue_count (Daniel Wagner) - usb: xhci: Fix NULL pointer dereference on certain command aborts (Michal Pecio) - usb: xhci: Add timeout argument in address_device USB HCD callback (Hardik Gajjar) - xfs: don't over-report free space or inodes in statvfs (Darrick J. Wong) - xfs: report realtime block quota limits on realtime directories (Darrick J. Wong) - gpio: xilinx: Convert gpio_lock to raw spinlock (Sean Anderson) - net/ncsi: fix locking in Get MAC Address handling (Paul Fertser) - net/ncsi: Add NC-SI 1.2 Get MC MAC Address command (Peter Delevoryas) - usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (Joe Hattori) - usb: chipidea/ci_hdrc_imx: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - usb: chipidea: ci_hdrc_imx: use dev_err_probe() (Alexander Stein) - x86/mm: Don't disable PCID when INVLPG has been fixed by microcode (Xi Ruoyao) - platform/x86: acer-wmi: Ignore AC events (Armin Wolf) - Input: allocate keycode for phone linking (Illia Ostapyshyn) - selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (Liu Ye) - tipc: re-order conditions in tipc_crypto_key_rcv() (Dan Carpenter) - mmc: sdhci-msm: Correctly set the load for the regulator (Yuanjie Yang) - net: wwan: iosm: Fix hibernation by re-binding the driver around it (Maciej S. Szmigiero) - APEI: GHES: Have GHES honor the panic= setting (Borislav Petkov) - i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (Randolph Ha) - wifi: iwlwifi: avoid memory leak (Miri Korenblit) - net/mlx5: use do_aux_work for PHC overflow checks (Vadim Fedorenko) - HID: Wacom: Add PCI Wacom device support (Even Xu) - mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (Hans de Goede) - tomoyo: don't emit warning in tomoyo_write_control() (Tetsuo Handa) - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (Dmitry Antipov) - mmc: core: Respect quirk_max_rate for non-UHS SDIO card (Shawn Lin) - tun: fix group permission check (Stas Sergeev) - safesetid: check size of policy writes (Leo Stone) - printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (Kuan-Wei Chiu) - x86/amd_nb: Restrict init function to AMD-based systems (Yazen Ghannam) - lockdep: Fix upper limit for LOCKDEP_*_BITS configs (Carlos Llamas) - sched: Don't try to catch up excess steal time. (Suleiman Souhlal) - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (Josef Bacik) - btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (Hao-ran Zheng) - btrfs: fix use-after-free when attempting to join an aborted transaction (Filipe Manana) - btrfs: output the reason for open_ctree() failure (Qu Wenruo) - usb: gadget: f_tcm: Don't free command immediately (Thinh Nguyen) - media: uvcvideo: Fix double free in error path (Laurent Pinchart) - mptcp: consolidate suboption status (Paolo Abeni) - usb: typec: tcpci: Prevent Sink disconnection before vPpsShutdown in SPR PPS (Kyle Tso) - usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (Jos Wang) - usb: dwc3: core: Defer the probe until USB power supply ready (Kyle Tso) - usb: gadget: f_tcm: Fix Get/SetInterface return value (Thinh Nguyen) - drivers/card_reader/rtsx_usb: Restore interrupt based detection (Sean Rhodes) - net: usb: rtl8150: enable basic endpoint checking (Nikita Zhandarovich) - ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (Lianqin Hu) - ktest.pl: Check kernelrelease return in get_version (Ricardo B. Marliere) - netfilter: nf_tables: reject mismatching sum of field_len with set key length (Pablo Neira Ayuso) - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Chuck Lever) - hexagon: Fix unbalanced spinlock in die() (Lin Yujun) - hexagon: fix using plain integer as NULL pointer warning in cmpxchg (Willem de Bruijn) - kconfig: fix memory leak in sym_warn_unmet_dep() (Masahiro Yamada) - kconfig: WERROR unmet symbol dependency (Sergey Senozhatsky) - kconfig: deduplicate code in conf_read_simple() (Masahiro Yamada) - kconfig: remove unused code for S_DEF_AUTO in conf_read_simple() (Masahiro Yamada) - kconfig: require a space after '#' for valid input (Masahiro Yamada) - kconfig: add warn-unknown-symbols sanity check (Sergey Senozhatsky) - kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is read from *.symref file (Masahiro Yamada) - genksyms: fix memory leak when the same symbol is added from source (Masahiro Yamada) - net: sh_eth: Fix missing rtnl lock in suspend/resume path (Kory Maincent) - bgmac: reduce max frame size to support just MTU 1500 (Rafa? Mi?ecki) - vsock: Allow retrying on connect() failure (Michal Luczaj) - perf trace: Fix runtime error of index out of bounds (Howard Chu) - ptp: Properly handle compat ioctls (Thomas Wei?schuh) - net: davicom: fix UAF in dm9000_drv_remove (Chenyuan Yang) - net: netdevsim: try to close UDP port harness races (Jakub Kicinski) - net: rose: fix timer races against user threads (Eric Dumazet) - PM: hibernate: Add error handling for syscore_suspend() (Wentao Liang) - ipmr: do not call mr_mfc_uses_dev() for unres entries (Eric Dumazet) - net: fec: implement TSO descriptor cleanup (Dheeraj Reddy Jonnalagadda) - gpio: mxc: remove dead code after switch to DT-only (Ahmad Fatoum) - net: hns3: fix oops when unload drivers paralleling (Jian Shen) - ubifs: skip dumping tnc tree when zroot is null (pangliyuan) - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (Oleksij Rempel) - dmaengine: ti: edma: fix OF node reference leaks in edma_driver (Joe Hattori) - xfrm: replay: Fix the update of replay_esn->oseq_hi for GSO (Jianbo Liu) - tools/bootconfig: Fix the wrong format specifier (Luo Yifan) - NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (Olga Kornievskaia) - NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (Olga Kornievskaia) - module: Extend the preempt disabled section in dereference_symbol_descriptor(). (Sebastian Andrzej Siewior) - ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (Su Yue) - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (Guixin Liu) - scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1 (Paul Menzel) - PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (King Dix) - staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (Joe Hattori) - mtd: hyperbus: hbmc-am654: fix an OF node reference leak (Joe Hattori) - mtd: hyperbus: hbmc-am654: Convert to platform remove callback returning void (Uwe Kleine-K?nig) - mtd: hyperbus: Make hyperbus_unregister_device() return void (Uwe Kleine-K?nig) - media: uvcvideo: Propagate buf->error to userspace (Ricardo Ribalda) - media: camif-core: Add check for clk_enable() (Jiasheng Jiang) - media: mipi-csis: Add check for clk_enable() (Jiasheng Jiang) - media: i2c: ov9282: Correct the exposure offset (Dave Stevenson) - media: i2c: imx412: Add missing newline to prints (Luca Weiss) - media: marvell: Add check for clk_enable() (Jiasheng Jiang) - PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (Zijun Hu) - media: lmedm04: Handle errors for lme2510_int_read (Chen Ni) - media: rc: iguanair: handle timeouts (Oliver Neukum) - efi: sysfb_efi: fix W=1 warnings when EFI is not set (Randy Dunlap) - of: reserved-memory: Do not make kmemleak ignore freed address (Zijun Hu) - memblock: drop memblock_free_early_nid() and memblock_free_early() (Mike Rapoport) - xen/x86: free_p2m_page: use memblock_free_ptr() to free a virtual pointer (Mike Rapoport) - RDMA/mlx5: Fix indirect mkey ODP page count (Michael Guralnik) - RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (Michael Guralnik) - fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (Joe Hattori) - ARM: dts: mediatek: mt7623: fix IR nodename (Rafa? Mi?ecki) - arm64: dts: qcom: sdm845: Fix interrupt types of camss interrupts (Vladimir Zapolskiy) - arm64: dts: qcom: sm8150-microsoft-surface-duo: fix typos in da7280 properties (Neil Armstrong) - arm64: dts: qcom: sm8350: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sm8250: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sm6125: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: sc7280: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8994: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8916: correct sleep clock frequency (Dmitry Baryshkov) - arm64: dts: qcom: msm8994: Describe USB interrupts (Konrad Dybcio) - arm64: dts: qcom: msm8996: Fix up USB3 interrupts (Konrad Dybcio) - arm64: dts: mediatek: mt8183-kukui-jacuzzi: Drop pp3300_panel voltage settings (Chen-Yu Tsai) - memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (Joe Hattori) - memory: tegra20-emc: Support matching timings by LPDDR2 configuration (Dmitry Osipenko) - memory: Add LPDDR2-info helpers (Dmitry Osipenko) - arm64: dts: mediatek: mt8183: willow: Support second source touchscreen (Hsin-Te Yuan) - arm64: dts: mediatek: mt8183: kenzo: Support second source touchscreen (Hsin-Te Yuan) - arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-elm: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-elm: Drop regulator-compatible property (Chen-Yu Tsai) - arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property (Chen-Yu Tsai) - rdma/cxgb4: Prevent potential integer overflow on 32bit (Dan Carpenter) - RDMA/mlx4: Avoid false error about access to uninitialized gids array (Leon Romanovsky) - arm64: dts: mediatek: mt8516: reserve 192 KiB for TF-A (Val Packett) - arm64: dts: mediatek: mt8516: add i2c clock-div property (Val Packett) - arm64: dts: mediatek: mt8516: remove 2 invalid i2c clocks (Fabien Parent) - arm64: dts: mediatek: mt8516: fix wdt irq type (Val Packett) - arm64: dts: mediatek: mt8516: fix GICv2 range (Val Packett) - arm64: dts: mt8183: set DMIC one-wire mode on Damu (Hsin-Yi Wang) - ARM: at91: pm: change BU Power Switch to automatic mode (Nicolas Ferre) - padata: avoid UAF for reorder_work (Chen Ridong) - padata: add pd get/put refcnt helper (Chen Ridong) - padata: fix UAF in padata_reorder (Chen Ridong) - bpf: Send signals asynchronously if !preemptible (Puranjay Mohan) - perf report: Fix misleading help message about --demangle (Jiachen Zhang) - perf top: Don't complain about lack of vmlinux when not resolving some kernel samples (Arnaldo Carvalho de Melo) - padata: fix sysfs store callback check (Thomas Wei?schuh) - crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (Joe Hattori) - crypto: hisilicon/sec2 - fix for aead invalid authsize (Wenkai Lin) - crypto: hisilicon/sec2 - fix for aead icv error (Wenkai Lin) - crypto: hisilicon/sec2 - optimize the error return process (Chenghai Huang) - crypto: hisilicon/sec - delete redundant blank lines (Kai Ye) - crypto: hisilicon/sec - add some comments for soft fallback (Kai Ye) - ktest.pl: Remove unused declarations in run_bisect_test function (Ba Jing) - ASoC: renesas: rz-ssi: Use only the proper amount of dividers (Claudiu Beznea) - perf bpf: Fix two memory leakages when calling perf_env__insert_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_prog_info() (Zhongqiu Han) - perf header: Fix one memory leakage in process_bpf_btf() (Zhongqiu Han) - ASoC: sun4i-spdif: Add clock multiplier settings (George Lander) - libbpf: Fix segfault due to libelf functions not setting errno (Quentin Monnet) - net/rose: prevent integer overflows in rose_setsockopt() (Nikita Zhandarovich) - tcp_cubic: fix incorrect HyStart round start detection (Mahdi Arghavani) - net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (Roger Quadros) - netfilter: nft_flow_offload: update tcp state flags under lock (Florian Westphal) - net: sched: Disallow replacing of child qdisc from one parent to another (Jamal Hadi Salim) - net: avoid race between device unregistration and ethnl ops (Antoine Tenart) - net/mlxfw: Drop hard coded max FW flash image size (Maher Sanalla) - net: let net.core.dev_weight always be non-zero (Liu Jian) - selftests/landlock: Fix error message (Micka?l Sala?n) - clk: analogbits: Fix incorrect calculation of vco rate delta (Bo Gan) - wifi: cfg80211: adjust allocation of colocated AP data (Dmitry Antipov) - wifi: cfg80211: Handle specific BSSID in 6GHz scanning (Ilan Peer) - selftests: harness: fix printing of mismatch values in __EXPECT() (Dmitry V. Levin) - cpufreq: ACPI: Fix max-frequency computation (Gautham R. Shenoy) - wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (WangYuli) - landlock: Handle weird files (Micka?l Sala?n) - landlock: Move filesystem helpers and add a new one (Micka?l Sala?n) - net/smc: fix data error when recvmsg with MSG_PEEK flag (Guangguan Wang) - wifi: wlcore: fix unbalanced pm_runtime calls (Andreas Kemnade) - samples/landlock: Fix possible NULL dereference in parse_path() (Zichen Xie) - regulator: of: Implement the unwind path of of_regulator_match() (Joe Hattori) - team: prevent adding a device which is already a team device lower (Octavian Purdila) - clk: imx8mp: Fix clkout1/2 support (Marek Vasut) - cpufreq: schedutil: Fix superfluous updates caused by need_freq_update (Sultan Alsawaf (unemployed)) - leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (Joe Hattori) - dt-bindings: mfd: bd71815: Fix rsense and typos (Matti Vaittinen) - cpupower: fix TSC MHz calculation (He Rongguang) - ACPI: fan: cleanup resources in the error path of .probe() (Joe Hattori) - regulator: dt-bindings: mt6315: Drop regulator-compatible property (Chen-Yu Tsai) - HID: multitouch: fix support for Goodix PID 0x01e9 (Jiri Kosina) - Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (Jiri Kosina) - HID: multitouch: Add support for lenovo Y9000P Touchpad (He Lugang) - wifi: rtlwifi: pci: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix memory leaks and invalid access at probe error path (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: destroy workqueue at rtl_deinit_core (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused check_buddy_priv (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: remove unused dualmac control leftovers (Dmitry Antipov) - wifi: rtlwifi: remove unused timer and related code (Dmitry Antipov) - rtlwifi: replace usage of found with dedicated list iterator variable (Jakob Koschel) - dt-bindings: leds: class-multicolor: Fix path to color definitions (Geert Uytterhoeven) - dt-bindings: leds: class-multicolor: reference class directly in multi-led node (Krzysztof Kozlowski) - dt-bindings: leds: Add multicolor PWM LED bindings (Sven Schwermer) - dt-bindings: leds: Optional multi-led unit address (Sven Schwermer) - dt-bindings: leds: Add Qualcomm Light Pulse Generator binding (Bjorn Andersson) - dt-bindings: Another pass removing cases of 'allOf' containing a '$ref' (Rob Herring) - spi: dt-bindings: add schema listing peripheral-specific properties (Pratyush Yadav) - dt-bindings: mmc: controller: clarify the address-cells description (Neil Armstrong) - spi: zynq-qspi: Add check for clk_enable() (Mingwei Zheng) - wifi: rtlwifi: usb: fix workqueue leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: fix init_sw_vars leak when probe fails (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (Thadeu Lima de Souza Cascardo) - wifi: rtlwifi: do not complete firmware loading needlessly (Thadeu Lima de Souza Cascardo) - ipmi: ipmb: Add check devm_kasprintf() returned value (Charles Han) - genirq: Make handle_enforce_irqctx() unconditionally available (Thomas Gleixner) - drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (Ivan Stepchenko) - HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (Alan Stern) - drm/etnaviv: Fix page property being used for non writecombine buffers (Sui Jingfeng) - sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (Peter Zijlstra) - sched/psi: Use task->psi_flags to clear in CPU migration (Chengming Zhou) - afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (David Howells) - select: Fix unbalanced user_access_end() (Christophe Leroy) - partitions: ldm: remove the initial kernel-doc notation (Randy Dunlap) - nvme: Add error check for xa_store in nvme_get_effects_log (Keisuke Nishimura) - pstore/blk: trivial typo fixes (Eugen Hristev) - nbd: don't allow reconnect after disconnect (Yu Kuai) - block: retry call probe after request_module in blk_request_module (Yang Erkun) - block: deprecate autoloading based on dev_t (Christoph Hellwig) - fs: fix proc_handler for sysctl_nr_open (Jinliang Zheng) - fs: move fs stat sysctls to file_table.c (Luis Chamberlain) - fs: move inode sysctls to its own file (Luis Chamberlain) - sysctl: share unsigned long const values (Luis Chamberlain) - sysctl: use const for typically used max/min proc sysctls (Xiaoming Ni) - hung_task: move hung_task sysctl interface to hung_task.c (Xiaoming Ni) - afs: Fix directory format encoding struct (David Howells) - afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (David Howells) - uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37764001] [5.15.0-308.178.1.el9uek] - perf dso: fix dso__is_kallsyms() check (Stephen Brennan) [Orabug: 37709864] - scsi: storvsc: Set correct data length for sending SCSI command without payload (Long Li) [Orabug: 37681137] - dyndbg: export ddebug_add_module/ddebug_remove_module (Julian Pidancet) [Orabug: 37629344] - kallsyms: add module_kallsyms_on_each_symbol_locked (Julian Pidancet) [Orabug: 37629344] - kallsyms: export module_kallsyms_on_each_symbol (Julian Pidancet) [Orabug: 37629344] - rds: ib: Make traffic_class visible to user-space (H?kon Bugge) [Orabug: 37350892] - rds: ib: Remove incorrect update of the path record sl and qos_class fields (H?kon Bugge) [Orabug: 37350892] - selftest/vm: Add -O2 in CFLAGS to Makefile to avoid possible failure (Yifei Liu) [Orabug: 37197150] [5.15.0-307.178.5.el9uek] - net/mlx5: DR, prevent potential error pointer dereference (Dan Carpenter) [Orabug: 37434242] {CVE-2024-56660} - uek-rpm: Set CONFIG_IP6_NF_IPTABLES for ol9/ol8 container kernels (Jonah Palmer) [Orabug: 37703179] - net: hsr: fix fill_frame_info() regression vs VLAN packets (Eric Dumazet) - f2fs: Introduce linear search for dentries (Daniel Lee) - tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande) - net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel) - x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (Andrew Cooper) - sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke H?iland-J?rgensen) - usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich) - x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (Juergen Gross) - x86/xen: add FRAME_END to xen_hypercall_hvm() (Juergen Gross) - ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao) - usb: dwc3: Set SUSPENDENABLE soon after phy init (Thinh Nguyen) - Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den) - Revert "media: uvcvideo: Require entities to have a non-zero unique ID" (Thadeu Lima de Souza Cascardo) - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang) [5.15.0-307.178.4.el9uek] - LTS version: v5.15.178 (Vijayendra Suman) - Input: xpad - add support for wooting two he (arm) (Jack Greiner) - Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto) - Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson) - ALSA: usb-audio: Add delay quirk for USB Audio Device (Lianqin Hu) - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz) - wifi: iwlwifi: add a few rate index validity checks (Anjaneyulu) - scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (Easwar Hariharan) - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Ido Schimmel) - platform/chrome: cros_ec_typec: Check for EC driver (Akihiko Odaki) - fs/ntfs3: Additional check in ntfs_file_release (Konstantin Komarov) - Bluetooth: RFCOMM: Fix not validating setsockopt user input (Luiz Augusto von Dentz) - Bluetooth: SCO: Fix not validating setsockopt user input (Luiz Augusto von Dentz) - vfio/platform: check the bounds of read/write syscalls (Alex Williamson) - net: sched: fix ets qdisc OOB Indexing (Jamal Hadi Salim) - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) - mptcp: don't always assume copied data in mptcp_cleanup_rbuf() (Paolo Abeni) - regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav) - ASoC: samsung: Add missing depends on I2C (Charles Keepax) - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons) - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang) - seccomp: Stub for !CONFIG_SECCOMP (Linus Walleij) - ASoC: samsung: Add missing selects for MFD_WM8994 (Charles Keepax) - ASoC: wm8994: Add depends on MFD core (Charles Keepax) [5.15.0-307.177.3.el9uek] - jbd2: increase maximum transaction size (Jan Kara) [Orabug: 37688920] - net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled (Carolina Jubran) [Orabug: 37534698] - net/mlx5e: Always start IPsec sequence number from 1 (Leon Romanovsky) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Add support for clock_measure performance block (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Add support for monitoring cycle count (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: incorrect type in assignment (Pei Xiao) [Orabug: 37534698] - net/mlx5e: Disable loopback self-test on multi-PF netdev (Carolina Jubran) [Orabug: 37534698] - net/mlx5: Unregister notifier on eswitch init failure (Cosmin Ratiu) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling (Michal Wilczynski) [Orabug: 37534698] - net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (Jianbo Liu) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: fix lockdep warning (Luiz Capitulino) [Orabug: 37534698] - net/mlx5: Fix bridge mode operations when there are no VFs (Benjamin Poirier) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add hw_reset() support for BlueField-3 SoC (Liming Sun) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: add dwcmshc_pltfm_data (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: factor out code into dwcmshc_rk35xx_init (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: factor out code for th1520_init() (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: move two rk35xx functions (Chen Wang) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: add common bulk optional clocks support (Chen Wang) [Orabug: 37534698] - net/mlx5e: Take state lock during tx timeout reporter (Dragos Tatulea) [Orabug: 37534698] - net/mlx5: SD, Do not query MPIR register if no sd_group (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Always drain health in shutdown callback (Shay Drory) [Orabug: 37534698] - mmc: dw_mmc-bluefield: Add support for eMMC HW reset (Liming Sun) [Orabug: 37534698] - mmc: dw_mmc: Add support for platform specific eMMC HW reset (Liming Sun) [Orabug: 37534698] - net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Dragos Tatulea) [Orabug: 37534698] - net/mlx5e: SHAMPO, Fix incorrect page release (Dragos Tatulea) [Orabug: 37534698] - net/mlx5: Do not query MPIR on embedded CPU function (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Reload only IB representors upon lag disable/enable (Maher Sanalla) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add tuning support for Sophgo CV1800B and SG200X (Jisheng Zhang) [Orabug: 37534698] - macsec: Detect if Rx skb is macsec-related for offloading devices that update md_dst (Rahul Rameshbabu) [Orabug: 37534698] - macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads (Rahul Rameshbabu) [Orabug: 37534698] - net/mlx5e: Prevent deadlock while disabling aRFS (Carolina Jubran) [Orabug: 37534698] - net/mlx5e: Use channel mdev reference instead of global mdev instance for coalescing (Rahul Rameshbabu) [Orabug: 37534698] - net/mlx5: SD, Handle possible devcom ERR_PTR (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Disallow SRIOV switchdev mode when in multi-PF netdev (Tariq Toukan) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Implement SDHCI CQE support (Sergey Khimich) [Orabug: 37534698] - mmc: cqhci: Add cqhci set_tran_desc() callback (Sergey Khimich) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: fix signedness bugs (Dan Carpenter) [Orabug: 37534698] - net/mlx5e: Create EN core HW resources for all secondary devices (Tariq Toukan) [Orabug: 37534698] - net/mlx5e: Create single netdev per SD group (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Add debugfs (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Add informative prints in kernel log (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement steering for primary and secondaries (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement devcom communication and primary election (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Implement basic query and instantiation (Tariq Toukan) [Orabug: 37534698] - net/mlx5: SD, Introduce SD lib (Tariq Toukan) [Orabug: 37534698] - net/mlx5: Add MPIR bit in mcam_access_reg (Tariq Toukan) [Orabug: 37534698] - lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (David Gow) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Ignore unsupported performance blocks (Luiz Capitulino) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: mlxbf_pmc_event_list(): make size ptr optional (Luiz Capitulino) [Orabug: 37534698] - mmc: sdhci-of-dwcmshc: Add support for Sophgo CV1800B and SG2002 (Jisheng Zhang) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Cleanup signed/unsigned mix-up (Shravan Kumar Ramani) [Orabug: 37534698] - platform/mellanox: mlxbf-pmc: Replace uintN_t with kernel-style types (Shravan Kumar Ramani) [Orabug: 37534698] - net: macsec: revert the MAC address if mdo_upd_secy fails (Radu Pirea (NXP OSS)) [Orabug: 37534698] - net: macsec: documentation for macsec_context and macsec_ops (Radu Pirea (NXP OSS)) [Orabug: 37534698] - fortify: Do not cast to "unsigned char" (Kees Cook) [Orabug: 37534698] - fortify: Use SIZE_MAX instead of (size_t)-1 (Kees Cook) [Orabug: 37534698] - fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL (Kees Cook) [Orabug: 37534698] - mmc: dw_mmc: Add driver callbacks for data read timeout (M?rten Lindahl) [Orabug: 37534698] - mmc: dw_mmc-exynos: Add support for ARTPEC-8 (M?rten Lindahl) [Orabug: 37534698] - mmc: dw_mmc: clean up a debug message (Dan Carpenter) [Orabug: 37534698] - mmc: dw_mmc: exynos: use common_caps (John Keeping) [Orabug: 37534698] - mmc: dw_mmc: add common capabilities to replace caps (John Keeping) [Orabug: 37534698] - mmc: dw_mmc: Allow lower TMOUT value than maximum (M?rten Lindahl) [Orabug: 37534698] - rds: Make sure transmit path and connection tear-down does not run concurrently (H?kon Bugge) [Orabug: 36441944] - ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [Orabug: 36252756] - ice: virtchnl rss hena support (Md Fahad Iqbal Polash) [Orabug: 36252756] - ice: Add support Flex RXD (Michal Jaron) [Orabug: 36252756] [5.15.0-307.177.2.el9uek] - uek-rpm: Enable CONFIG_MICROSOFT_MANA as module in aarch64 (Vijayendra Suman) [Orabug: 37647393] - rtc: add new RTC_FEATURE_ALARM_WAKEUP_ONLY feature (Alexandre Belloni) [Orabug: 37631796] - thermal: core: Drop excessive lockdep_assert_held() calls (Rafael J. Wysocki) [Orabug: 37631796] - thermal: core: Introduce thermal_cooling_device_update() (Rafael J. Wysocki) [Orabug: 37631796] - thermal: core: Introduce thermal_cooling_device_present() (Rafael J. Wysocki) [Orabug: 37631796] - thermal: sysfs: Reuse cdev->max_state (Viresh Kumar) [Orabug: 37631796] - rtc: efi: Enable SET/GET WAKEUP services as optional (Shanker Donthineni) [Orabug: 37631796] - rtc: efi: Add wakeup support (Riwen Lu) [Orabug: 37631796] - rtc: efi: switch to RTC_FEATURE_UPDATE_INTERRUPT (Alexandre Belloni) [Orabug: 37631796] - rtc: add BSM parameter (Alexandre Belloni) [Orabug: 37631796] - rtc: add correction parameter (Alexandre Belloni) [Orabug: 37631796] - rtc: add parameter ioctl (Alexandre Belloni) [Orabug: 37631796] - rtc: expose correction feature (Alexandre Belloni) [Orabug: 37631796] - rtc: add alarm related features (Alexandre Belloni) [Orabug: 37631796] - rtc: efi: switch to devm_rtc_allocate_device (Alexandre Belloni) [Orabug: 37631796] - cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621589] - rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (H?kon Bugge) [Orabug: 37586089] - bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (Michael Chan) [Orabug: 37434220] {CVE-2024-56656} - bnxt_en: Fix receive ring space parameters when XDP is active (Shravya KN) [Orabug: 37433562] {CVE-2024-53209} - bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (Aleksandr Mishin) [Orabug: 37070333] {CVE-2024-40919} - bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (Vikas Gupta) [Orabug: 37070270] {CVE-2024-35972} - bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (Somnath Kotur) [Orabug: 37070266] {CVE-2024-44984} [5.15.0-307.177.1.el9uek] - nvmet: always initialize cqe.result (Daniel Wagner) [Orabug: 36897348] {CVE-2024-41079} - nvmet-auth: complete a request only after freeing the dhchap pointers (Maurizio Lombardi) [Orabug: 36897348] {CVE-2024-41079} - scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (Justin Tee) [Orabug: 37116505] {CVE-2024-46842} - netdevsim: use cond_resched() in nsim_dev_trap_report_work() (Eric Dumazet) [Orabug: 37264120] {CVE-2024-50155} - nvmet-auth: assign dh_key to NULL after kfree_sensitive (Vitaliy Shevtsov) [Orabug: 37268555] {CVE-2024-50215} - net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (Oleksij Rempel) [Orabug: 37433573] {CVE-2024-53213} - PCI/MSI: Handle lack of irqdomain gracefully (Thomas Gleixner) [Orabug: 37452651] {CVE-2024-56760} - selftests: rtnetlink: update netdevsim ipsec output format (Hangbin Liu) [Orabug: 37547931] - netdevsim: print human readable IP address (Hangbin Liu) [Orabug: 37547931] - uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619141] - Add __init annotation to pensando_efi_mem_reserve (Joseph Dobosenski) [Orabug: 37619785] From el-errata at oss.oracle.com Tue May 13 23:57:52 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 16:57:52 -0700 Subject: [El-errata] ELSA-2025-20323 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20323 http://linux.oracle.com/errata/ELSA-2025-20323.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-core-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-debug-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-debug-core-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-devel-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-doc-5.15.0-308.179.6.2.el9uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-container-5.15.0-308.179.6.2.el9uek.x86_64.rpm kernel-uek-container-debug-5.15.0-308.179.6.2.el9uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-308.179.6.2.el9uek.src.rpm Related CVEs: CVE-2024-28956 Description of changes: [5.15.0-308.179.6.2.el9uek] - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37920681] - x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37920681] - x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37920681] - selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37863726] {CVE-2024-28956} - x86/alternatives: Remove faulty optimization (Josh Poimboeuf) [Orabug: 37863726] {CVE-2024-28956} - x86/alternative: Optimize returns patching (Borislav Petkov (AMD)) [Orabug: 37863726] {CVE-2024-28956} From el-errata at oss.oracle.com Wed May 14 00:00:21 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 17:00:21 -0700 Subject: [El-errata] ELBA-2025-20304 Oracle Linux 9 xfsprogs bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20304 http://linux.oracle.com/errata/ELBA-2025-20304.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: xfsprogs-6.12.0-1.0.2.el9.i686.rpm xfsprogs-6.12.0-1.0.2.el9.x86_64.rpm xfsprogs-devel-6.12.0-1.0.2.el9.i686.rpm xfsprogs-devel-6.12.0-1.0.2.el9.x86_64.rpm xfsprogs-xfs_scrub-6.12.0-1.0.2.el9.x86_64.rpm aarch64: xfsprogs-6.12.0-1.0.2.el9.aarch64.rpm xfsprogs-devel-6.12.0-1.0.2.el9.aarch64.rpm xfsprogs-xfs_scrub-6.12.0-1.0.2.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//xfsprogs-6.12.0-1.0.2.el9.src.rpm Description of changes: [6.12.0-1.0.2] - Introduce xfs_defrag to xfsprogs. [6.12.0-1.0.1] - Add mkfs configuration files for OL. - Add mkfs.xmem script. - Enable background online fsck services by default. Users must set autofsck=1 on their filesystems. - Rebase atop latest upstream. From el-errata at oss.oracle.com Wed May 14 00:00:23 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 17:00:23 -0700 Subject: [El-errata] ELBA-2025-20316 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20316 http://linux.oracle.com/errata/ELBA-2025-20316.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-core-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-core-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-devel-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-doc-6.12.0-1.23.3.el9uek.noarch.rpm kernel-uek-modules-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-modules-core-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-1.23.3.el9uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-1.23.3.el9uek.x86_64.rpm aarch64: kernel-uek-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-core-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-core-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-devel-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-modules-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-modules-core-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-core-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-modules-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-1.23.3.el9uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-1.23.3.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-6.12.0-1.23.3.el9uek.src.rpm Description of changes: [6.12.0-1.23.3] - RDS: avoid using offlined CPU during reconnect (Arumugam Kolappan) [Orabug: 37800558] [6.12.0-1.23.2] - vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393517] - vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393517] - RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584] [Orabug: 37551308] - Revert "x86/simplefb: simplefb was broken on UEFI mode Oracle and HP system, skip VIDEO_TYPE_EFI" (Harshit Mogalapalli) [Orabug: 37638881] - uek-rpm: Replace legacy FBDEV drivers with simpledrm and fbdev emulation layer (Harshit Mogalapalli) [Orabug: 37638881] - uek-rpm/kernel-uek.spec: Set DEFAULTKERNEL correctly during %postun (Vijay Kumar) - uek-rpm: Enable gcov build (Sherry Yang) [Orabug: 37734677] - uek-rpm: remove .el9 from shim version (Samasth Norway Ananda) [Orabug: 37820202] - drm/mgag200: Added support for the new device G200eH5 (Gwenael Georgeault) [Orabug: 37835185] [6.12.0-1.23.1] - LTS version: v6.12.23 (Jack Vogel) - platform/x86/amd/pmf: fix cleanup in amd_pmf_init_smart_pc() (Dan Carpenter) - tracing: Do not use PERF enums when perf is not defined (Steven Rostedt) - ARM: 9443/1: Require linker to support KEEP within OVERLAY for DCE (Nathan Chancellor) - NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (Chuck Lever) - NFSD: Never return NFS4ERR_FILE_OPEN when removing a directory (Chuck Lever) - NFSD: nfsd_unlink() clobbers non-zero status returned from fh_fill_pre_attrs() (Chuck Lever) - nfsd: fix management of listener transports (Olga Kornievskaia) - nfsd: put dl_stid if fail to queue dl_recall (Li Lingfeng) - nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid() (Jeff Layton) - media: streamzap: fix race between device disconnection and urb callback (Murad Masimov) - media: vimc: skip .s_stream() for stopped entities (Nikita Zhandarovich) - exec: fix the racy usage of fs_struct->in_exec (Oleg Nesterov) - mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (Yosry Ahmed) - jfs: add index corruption check to DT_GETPAGE() (Roman Smirnov) - jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz) - ext4: fix OOB read when checking dotdot dir (Acs, Jakub) - ext4: don't over-report free space or inodes in statvfs (Theodore Ts'o) - wifi: mt76: mt7921: fix kernel panic due to null pointer dereference (Ming Yen Hsieh) - arm64: Don't call NULL in do_compat_alignment_fixup() (Angelos Oikonomopoulos) - mm/gup: reject FOLL_SPLIT_PMD with hugetlb VMAs (David Hildenbrand) - tracing/osnoise: Fix possible recursive locking for cpus_read_lock() (Ran Xiaokai) - tracing: Fix synth event printk format for str fields (Douglas Raillard) - tracing: Ensure module defining synth event cannot be unloaded while tracing (Douglas Raillard) - tracing: Fix use-after-free in print_graph_function_flags during tracer switching (Tengda Wu) - exfat: fix potential wrong error return from get_block (Sungjong Seo) - exfat: fix random stack corruption after get_block (Sungjong Seo) - ksmbd: fix null pointer dereference in alloc_preauth_hash() (Namjae Jeon) - ksmbd: validate zero num_subauth before sub_auth is accessed (Norbert Szetei) - ksmbd: fix overflow in dacloffset bounds check (Norbert Szetei) - ksmbd: fix session use-after-free in multichannel connection (Namjae Jeon) - ksmbd: fix use-after-free in ksmbd_sessions_deregister() (Namjae Jeon) - ksmbd: add bounds check for create lease context (Norbert Szetei) - ksmbd: add bounds check for durable handle context (Namjae Jeon) - KVM: SVM: Don't change target vCPU state on AP Creation VMGEXIT error (Sean Christopherson) - mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (Ulf Hansson) - mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (Karel Balej) - mmc: omap: Fix memory leak in mmc_omap_new_slot (Miaoqian Lin) - Remove unnecessary firmware version check for gc v9_4_2 (Candice Li) - media: omap3isp: Handle ARM dma_iommu_mapping (Robin Murphy) - ARM: 9444/1: add KEEP() keyword to ARM_VECTORS (Christian Eggers) - ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (Paul Menzel) - acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (Murad Masimov) - wifi: mt76: mt7925: remove unused acpi function for clc (Ming Yen Hsieh) - x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (Jann Horn) - x86/tsc: Always save/restore TSC sched_clock() on suspend/resume (Guilherme G. Piccoli) - x86/Kconfig: Add cmpxchg8b support back to Geode CPUs (Arnd Bergmann) - uprobes/x86: Harden uretprobe syscall trampoline check (Jiri Olsa) - perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read (Kan Liang) - perf/x86/intel: Apply static call for drain_pebs (Peter Zijlstra (Intel)) - ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (Markus Elfring) - platform/x86: ISST: Correct command storage data length (Srinivas Pandruvada) - platform/x86: thinkpad_acpi: disable ACPI fan access for T495* and E560 (Eduard Christian Dumitrescu) - ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (Hans de Goede) - x86/tdx: Fix arch_safe_halt() execution for TDX VMs (Vishal Annapurve) - x86/mce: use is_copy_from_user() to determine copy-from-user context (Shuai Xue) - x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (Boris Ostrovsky) - KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (Paolo Bonzini) - x86/hyperv: Fix check of return value from snp_set_vmsa() (Tianyu Lan) - LoongArch: BPF: Use move_addr() for BPF_PSEUDO_FUNC (Hengqi Chen) - LoongArch: BPF: Don't override subprog's return value (Hengqi Chen) - LoongArch: BPF: Fix off-by-one error in build_prologue() (Hengqi Chen) - LoongArch: Increase MAX_IO_PICS up to 8 (Huacai Chen) - LoongArch: Increase ARCH_DMA_MINALIGN up to 16 (Huacai Chen) - rust: Fix enabling Rust and building with GCC for LoongArch (WANG Rui) - usbnet:fix NPE during rx_complete (Ying Lu) - wifi: mac80211: Fix sparse warning for monitor_sdata (Alexander Wetzel) - tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (Sherry Sun) - tty: serial: fsl_lpuart: Fix unused variable 'sport' build warning (Sherry Sun) - tty: serial: fsl_lpuart: use port struct directly to simply code (Sherry Sun) - tty: serial: fsl_lpuart: Use u32 and u8 for register variables (Sherry Sun) - cgroup/rstat: Fix forceidle time in cpu.stat (Abel Wu) - cgroup/rstat: Tracking cgroup-level niced CPU time (Joshua Hahn) - tracing: Correct the refcount if the hist/hist_debug file fails to open (Tengda Wu) - tracing/hist: Support POLLPRI event for poll on histogram (Masami Hiramatsu (Google)) - tracing/hist: Add poll(POLLIN) support on hist file (Masami Hiramatsu (Google)) - tracing: Switch trace_events_hist.c code over to use guard() (Steven Rostedt) - tools/power turbostat: report CoreThr per measurement interval (Len Brown) - perf/core: Fix child_total_time_enabled accounting bug at task exit (Yeoreum Yun) - drm/amdgpu/gfx12: fix num_mec (Alex Deucher) - drm/amdgpu/gfx11: fix num_mec (Alex Deucher) - kbuild: deb-pkg: don't set KBUILD_BUILD_VERSION unconditionally (Alexandru Gagniuc) - net: ibmveth: make veth_pool_store stop hanging (Dave Marquardt) - arcnet: Add NULL check in com20020pci_probe() (Henry Martin) - ipv6: Do not consider link down nexthops in path selection (Ido Schimmel) - ipv6: Start path selection from the first nexthop (Ido Schimmel) - net: fix geneve_opt length integer overflow (Lin Ma) - net: dsa: mv88e6xxx: propperly shutdown PPU re-enable timer on destroy (David Oberhollenzer) - ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (Fernando Fernandez Mancera) - netfilter: nft_tunnel: fix geneve_opt type confusion addition (Lin Ma) - net: decrease cached dst counters in dst_release (Antoine Tenart) - tunnels: Accept PACKET_HOST in skb_tunnel_check_pmtu(). (Guillaume Nault) - vsock: avoid timeout during connect() if the socket is closing (Stefano Garzarella) - udp: Fix memory accounting leak. (Kuniyuki Iwashima) - udp: Fix multiple wraparounds of sk->sk_rmem_alloc. (Kuniyuki Iwashima) - net: mvpp2: Prevent parser TCAM memory corruption (Tobias Waldekranz) - sctp: add mutual exclusion in proc_sctp_do_udp_port() (Eric Dumazet) - net_sched: skbprio: Remove overly strict queue assertions (Cong Wang) - netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (Debin Zhu) - netfilter: nf_tables: don't unregister hook when table is dormant (Florian Westphal) - netfilter: nft_set_hash: GC reaps elements with conncount for dynamic sets only (Pablo Neira Ayuso) - idpf: fix adapter NULL pointer dereference on reboot (Emil Tantilov) - e1000e: change k1 configuration on MTP and later platforms (Vitaly Lifshits) - spi: bcm2835: Restore native CS probing when pinctrl-bcm2835 is absent (Florian Fainelli) - ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (Takashi Iwai) - spi: bcm2835: Do not call gpiod_put() on invalid descriptor (Florian Fainelli) - ASoC: imx-card: Add NULL check in imx_card_probe() (Henry Martin) - nvme/ioctl: don't warn on vectorized uring_cmd with fixed buffer (Caleb Sander Mateos) - riscv/purgatory: 4B align purgatory_start (Bj?rn T?pel) - riscv/kexec_file: Handle R_RISCV_64 in purgatory relocator (Yao Zi) - riscv: Fix hugetlb retrieval of number of ptes in case of !present pte (Alexandre Ghiti) - spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock() (Josh Poimboeuf) - ASoC: codecs: rt5665: Fix some error handling paths in rt5665_probe() (Christophe JAILLET) - s390/entry: Fix setting _CIF_MCCK_GUEST with lowcore relocation (Sven Schnelle) - ublk: make sure ubq->canceling is set when queue is frozen (Ming Lei) - x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (Herton R. Krzesinski) - RISC-V: errata: Use medany for relocatable builds (Palmer Dabbelt) - ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (Takashi Iwai) - firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (Richard Fitzgerald) - ntb: intel: Fix using link status DB's (Nikita Shubin) - ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (Yajun Deng) - riscv: ftrace: Add parentheses in macro definitions of make_call_t0 and make_call_ra (Juhan Jin) - fs/9p: fix NULL pointer dereference on mkdir (Christian Schoenebeck) - spufs: fix a leak in spufs_create_context() (Al Viro) - spufs: fix gang directory lifetimes (Al Viro) - spufs: fix a leak on spufs_new_file() failure (Al Viro) - netfs: Fix netfs_unbuffered_read() to return ssize_t rather than int (David Howells) - hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (Tasos Sahanidis) - memory: omap-gpmc: drop no compatible check (Roger Quadros) - can: statistics: use atomic access in hot path (Oliver Hartkopp) - ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (Navon John Lukose) - selftests: netfilter: skip br_netfilter queue tests if kernel is tainted (Florian Westphal) - net: devmem: do not WARN conditionally after netdev_rx_queue_restart() (Taehee Yoo) - drm/amd: Keep display off while going into S4 (Mario Limonciello) - nvme-pci: fix stuck reset on concurrent DPC and HP (Keith Busch) - x86/sgx: Warn explicitly if X86_FEATURE_SGX_LC is not enabled (Vladis Dronov) - x86/hyperv: Fix output argument to hypercall that changes page visibility (Michael Kelley) - locking/semaphore: Use wake_q to wake up processes outside lock critical section (Waiman Long) - wifi: mac80211: fix SA Query processing in MLO (Johannes Berg) - wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (Emmanuel Grumbach) - ASoC: rt1320: set wake_capable = 0 explicitly (Bard Liao) - ASoC: codecs: wsa884x: report temps to hwmon in millidegree of Celsius (Alexey Klimov) - x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (Naman Jain) - sched/deadline: Use online cpus for validating runtime (Shrikanth Hegde) - ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (Stefan Binding) - ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (Stefan Binding) - ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (Stefan Binding) - ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (Stefan Binding) - ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (Stefan Binding) - ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (Stefan Binding) - ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (Stefan Binding) - exfat: add a check for invalid data size (Yuezhang Mo) - platform/x86/amd/pmf: Update PMF Driver for Compatibility with new PMF-TA (Shyam Sundar S K) - platform/x86/amd/pmf: Propagate PMF-TA return codes (Shyam Sundar S K) - HID: i2c-hid: improve i2c_hid_get_report error message (Wentao Guan) - net: dsa: rtl8366rb: don't prompt users for LED control (Jakub Kicinski) - platform/x86/intel/vsec: Add Diamond Rapids support (David E. Box) - platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (Dmitry Panchenko) - cifs: fix incorrect validation for num_aces field of smb_acl (Namjae Jeon) - smb: common: change the data type of num_aces to le16 (Namjae Jeon) - perf/core: Fix perf_pmu_register() vs. perf_init_event() (Peter Zijlstra) - ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (Daniel B?rta) - ALSA: hda/realtek: Fix Asus Z13 2025 audio (Antheas Kapenekakis) - affs: don't write overlarge OFS data block size fields (Simon Tatham) - affs: generate OFS sequence numbers starting at 1 (Simon Tatham) - wifi: brcmfmac: keep power during suspend if board requires it (Matthias Proske) - nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (Icenowy Zheng) - nvme-pci: clean up CMBMSC when registering CMB fails (Icenowy Zheng) - nvme-tcp: fix possible UAF in nvme_tcp_poll (Sagi Grimberg) - wifi: iwlwifi: mvm: use the right version of the rate API (Emmanuel Grumbach) - wifi: iwlwifi: fw: allocate chained SG tables for dump (Johannes Berg) - wifi: mac80211: remove debugfs dir for virtual monitor (Alexander Wetzel) - wifi: mac80211: Cleanup sta TXQs on flush (Alexander Wetzel) - nfs: Add missing release on error in nfs_lock_and_join_requests() (Dan Carpenter) - objtool/loongarch: Add unwind hints in prepare_frametrace() (Josh Poimboeuf) - rcu-tasks: Always inline rcu_irq_work_resched() (Josh Poimboeuf) - context_tracking: Always inline ct_{nmi,irq}_{enter,exit}() (Josh Poimboeuf) - sched/smt: Always inline sched_smt_active() (Josh Poimboeuf) - objtool: Fix verbose disassembly if CROSS_COMPILE isn't set (David Laight) - octeontx2-af: Free NIX_AF_INT_VEC_GEN irq (Geetha sowjanya) - octeontx2-af: Fix mbox INTR handler when num VFs > 64 (Geetha sowjanya) - net: phy: broadcom: Correct BCM5221 PHY model detection (Jim Liu) - ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (Giovanni Gherdovich) - LoongArch: Rework the arch_kgdb_breakpoint() implementation (Yuli Wang) - LoongArch: Fix device node refcount leak in fdt_cpu_clk_init() (Miaoqian Lin) - LoongArch: Fix help text of CMDLINE_EXTEND in Kconfig (??? (XIE Zhibang)) - objtool: Fix segfault in ignore_unreachable_insn() (Josh Poimboeuf) - ring-buffer: Fix bytes_dropped calculation issue (Feng Yang) - net/mlx5e: SHAMPO, Make reserved size independent of page size (Lama Kayal) - ksmbd: fix r_count dec/increment mismatch (Namjae Jeon) - ksmbd: fix multichannel connection failure (Namjae Jeon) - ksmbd: use aead_request_free to match aead_request_alloc (Miaoqian Lin) - rndis_host: Flag RNDIS modems as WWAN devices (Lubomir Rintel) - rtnetlink: Allocate vfinfo size for VF GUIDs when supported (Mark Zhang) - exfat: fix missing shutdown check (Yuezhang Mo) - exfat: fix the infinite loop in exfat_find_last_cluster() (Yuezhang Mo) - smb: client: Fix netns refcount imbalance causing leaks and use-after-free (Wang Zhaolong) - NFS: Shut down the nfs_client only after all the superblocks (Trond Myklebust) - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (Josh Poimboeuf) - objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show() (Josh Poimboeuf) - thermal: core: Remove duplicate struct declaration (xueqin Luo) - perf bpf-filter: Fix a parsing error with comma (Namhyung Kim) - perf tools: annotate asm_pure_loop.S (Marcus Meissner) - fs/procfs: fix the comment above proc_pid_wchan() (Bart Van Assche) - perf vendor events arm64 AmpereOneX: Fix frontend_bound calculation (Ilkka Koskinen) - tty: n_tty: use uint for space returned by tty_write_room() (Jiri Slaby (SUSE)) - staging: vchiq_arm: Fix possible NPR of keep-alive thread (Stefan Wahren) - staging: vchiq_arm: Register debugfs after cdev (Stefan Wahren) - staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (??? (XIE Zhibang)) - perf: intel-tpebs: Fix incorrect usage of zfree() (James Clark) - perf python: Check if there is space to copy all the event (Arnaldo Carvalho de Melo) - perf python: Don't keep a raw_data pointer to consumed ring buffer space (Arnaldo Carvalho de Melo) - perf python: Decrement the refcount of just created event on failure (Arnaldo Carvalho de Melo) - perf python: Fixup description of sample.id event member (Arnaldo Carvalho de Melo) - i3c: master: svc: Fix missing the IBI rules (Stanley Chu) - um: hostfs: avoid issues on inode number reuse by host (Benjamin Berg) - um: remove copy_from_kernel_nofault_allowed (Benjamin Berg) - um: Pass the correct Rust target and options with gcc (David Gow) - selftests/mm/cow: fix the incorrect error handling (Cyan Yang) - fuse: fix dax truncate/punch_hole fault path (Alistair Popple) - NFS: fix open_owner_id_maxsz and related fields. (NeilBrown) - NFSv4: Avoid unnecessary scans of filesystems for delayed delegations (Trond Myklebust) - NFSv4: Avoid unnecessary scans of filesystems for expired delegations (Trond Myklebust) - NFSv4: Avoid unnecessary scans of filesystems for returning delegations (Trond Myklebust) - NFSv4: Don't trigger uneccessary scans for return-on-close delegations (Trond Myklebust) - arch/powerpc: drop GENERIC_PTDUMP from mpc885_ads_defconfig (Anshuman Khandual) - ocfs2: validate l_tree_depth to avoid out-of-bounds access (Vasiliy Kovalev) - kexec: initialize ELF lowest address to ULONG_MAX (Sourabh Jain) - kernel/events/uprobes: handle device-exclusive entries correctly in __replace_page() (David Hildenbrand) - perf units: Fix insufficient array space (Arnaldo Carvalho de Melo) - perf evlist: Add success path to evlist__create_syswide_maps (Ian Rogers) - perf debug: Avoid stack overflow in recursive error message (Ian Rogers) - iio: light: Add check for array bounds in veml6075_read_int_time_ms (Karan Sanghavi) - iio: adc: ad7768-1: set MOSI idle state to prevent accidental reset (Jonathan Santos) - iio: adc: ad7173: Fix comparison of channel configs (Uwe Kleine-K?nig) - iio: adc: ad7124: Fix comparison of channel configs (Uwe Kleine-K?nig) - iio: adc: ad4130: Fix comparison of channel setups (Uwe Kleine-K?nig) - dmaengine: fsl-edma: free irq correctly in remove path (Peng Fan) - dmaengine: fsl-edma: cleanup chan after dma_async_device_unregister (Peng Fan) - fs/ntfs3: Prevent integer overflow in hdr_first_de() (Dan Carpenter) - fs/ntfs3: Fix a couple integer overflows on 32bit systems (Dan Carpenter) - usb: xhci: correct debug message page size calculation (Niklas Neronin) - perf bench: Fix perf bench syscall loop count (Thomas Richter) - perf arm-spe: Fix load-store operation checking (Leo Yan) - iio: backend: make sure to NULL terminate stack buffer (Nuno S?) - iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails. (Jonathan Cameron) - iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (Jonathan Cameron) - ucsi_ccg: Don't show failed to get FW build information error (Mario Limonciello) - perf build: Fix in-tree build due to symbolic link (Luca Ceresoli) - tools/x86: Fix linux/unaligned.h include path in lib/insn.c (Ian Rogers) - perf pmu: Don't double count common sysfs and json events (James Clark) - coresight-etm4x: add isb() before reading the TRCSTATR (Yuanfang Zhang) - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (Mike Christie) - coresight: catu: Fix number of pages while using 64k pages (Ilkka Koskinen) - greybus: gb-beagleplay: Add error handling for gb_greybus_init (Wentao Liang) - perf report: Switch data file correctly in TUI (Namhyung Kim) - soundwire: slave: fix an OF node reference leak in soundwire slave device (Joe Hattori) - isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (Qasim Ijaz) - phy: phy-rockchip-samsung-hdptx: Don't use dt aliases to determine phy-id (Heiko Stuebner) - fs/ntfs3: Update inode->i_mapping->a_ops on compression state (Konstantin Komarov) - w1: fix NULL pointer dereference in probe (Chenyuan Yang) - perf: Always feature test reallocarray (James Clark) - perf stat: Fix find_stat for mixed legacy/non-legacy events (Ian Rogers) - clk: qcom: mmcc-sdm660: fix stuck video_subcore0 clock (Barnab?s Cz?m?n) - pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (Andy Shevchenko) - crypto: hisilicon/sec2 - fix for aead auth key length (Wenkai Lin) - RDMA/core: Fix use-after-free when rename device name (Wang Liang) - x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (Jann Horn) - leds: Fix LED_OFF brightness race (Remi Pommarel) - mfd: sm501: Switch to BIT() to mitigate integer overflows (Nikita Zhandarovich) - pinctrl: renesas: rzv2m: Fix missing of_node_put() call (Fabrizio Castro) - RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (Patrisious Haddad) - bpf: Fix array bounds error with may_goto (Jiayuan Chen) - clk: qcom: gcc-sm8650: Do not turn off USB GDSCs during gdsc_disable() (Neil Armstrong) - crypto: nx - Fix uninitialised hv_nxc on error (Herbert Xu) - power: supply: max77693: Fix wrong conversion of charge input threshold value (Artur Weber) - x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (Jann Horn) - clk: amlogic: g12a: fix mmc A peripheral clock (Jerome Brunet) - clk: clk-imx8mp-audiomix: fix dsp/ocram_a clock parents (Laurentiu Mihalcea) - crypto: qat - remove access to parity register for QAT GEN4 (Bairavi Alagappan) - pinctrl: npcm8xx: Fix incorrect struct npcm8xx_pincfg assignment (Andy Shevchenko) - rust: fix signature of rust_fmt_argument (Alice Ryhl) - selftests/bpf: Select NUMA_NO_NODE to create map (Saket Kumar Bhaskar) - clk: amlogic: gxbb: drop non existing 32k clock parent (Jerome Brunet) - clk: amlogic: g12b: fix cluster A parent data (Jerome Brunet) - pinctrl: tegra: Set SFIO mode to Mux Register (Prathamesh Shete) - IB/mad: Check available slots before posting receive WRs (Maher Sanalla) - crypto: api - Fix larval relookup type and mask (Herbert Xu) - power: supply: bq27xxx_battery: do not update cached flags prematurely (Sicelo A. Mhlongo) - remoteproc: qcom_q6v5_mss: Handle platforms with one power domain (Luca Weiss) - RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (Cheng Xu) - RDMA/mlx5: Fix calculation of total invalidated pages (Chiara Meiohas) - RDMA/core: Don't expose hw_counters outside of init net namespace (Roman Gushchin) - clk: rockchip: rk3328: fix wrong clk_ref_usb3otg parent (Peter Geis) - selftests/bpf: Fix freplace_link segfault in tailcalls prog test (Tengda Wu) - RDMA/mlx5: Fix MR cache initialization error flow (Michael Guralnik) - pinctrl: renesas: rzg2l: Fix missing of_node_put() call (Fabrizio Castro) - pinctrl: renesas: rza2: Fix missing of_node_put() call (Fabrizio Castro) - lib: 842: Improve error handling in sw842_compress() (Tanya Agarwal) - bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao) - clk: qcom: gcc-x1e80100: Unregister GCC_GPU_CFG_AHB_CLK/GCC_DISP_XO_CLK (Konrad Dybcio) - remoteproc: qcom_q6v5_pas: Use resource with CX PD for MSM8226 (Luca Weiss) - crypto: tegra - Set IV to NULL explicitly for AES ECB (Akhil R) - RDMA/mana_ib: Ensure variable err is initialized (Kees Bakker) - s390: Remove ioremap_wt() and pgprot_writethrough() (Niklas Schnelle) - clk: qcom: gcc-msm8953: fix stuck venus0_core0 clock (Vladimir Lypak) - crypto: tegra - Fix CMAC intermediate result handling (Akhil R) - pinctrl: nuvoton: npcm8xx: Fix error handling in npcm8xx_gpio_fw() (Yue Haibing) - clk: samsung: Fix UBSAN panic in samsung_clk_init() (Will McVicker) - remoteproc: qcom: pas: add minidump_id to SC7280 WPSS (Luca Weiss) - clk: renesas: r8a08g045: Check the source of the CPU PLL settings (Claudiu Beznea) - x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() (David Hildenbrand) - selftests/bpf: Fix string read in strncmp benchmark (Viktor Malik) - libbpf: Fix hypothetical STT_SECTION extern NULL deref case (Andrii Nakryiko) - remoteproc: qcom_q6v5_pas: Make single-PD handling more robust (Luca Weiss) - pinctrl: renesas: rzg2l: Suppress binding attributes (Claudiu Beznea) - of: property: Increase NR_FWNODE_REFERENCE_ARGS (Zijun Hu) - remoteproc: core: Clear table_sz when rproc_shutdown (Peng Fan) - RDMA/mlx5: Fix page_size variable overflow (Michael Guralnik) - crypto: hisilicon/sec2 - fix for sec spec check (Wenkai Lin) - crypto: hisilicon/sec2 - fix for aead authsize alignment (Wenkai Lin) - clk: amlogic: gxbb: drop incorrect flag on 32k clock (Jerome Brunet) - crypto: tegra - Use HMAC fallback when keyslots are full (Akhil R) - crypto: bpf - Add MODULE_DESCRIPTION for skcipher (Arnd Bergmann) - crypto: tegra - check return value for hash do_one_req (Akhil R) - crypto: tegra - Use separate buffer for setkey (Akhil R) - crypto: qat - set parity error mask for qat_420xx (Bairavi Alagappan) - crypto: iaa - Test the correct request flag (Herbert Xu) - fbdev: sm501fb: Add some geometry checks. (Danila Chernetsov) - mdacon: rework dependency list (Arnd Bergmann) - dummycon: fix default rows/cols (Arnd Bergmann) - fbdev: au1100fb: Move a variable assignment behind a null pointer check (Markus Elfring) - PCI: pciehp: Don't enable HPIE when resuming in poll mode (Ilpo J?rvinen) - PCI: Fix BAR resizing when VF BARs are assigned (Ilpo J?rvinen) - PCI: histb: Fix an error handling path in histb_pcie_probe() (Christophe JAILLET) - PCI: dwc: ep: Return -ENOMEM for allocation failures (Dan Carpenter) - drm/amd/display: avoid NPD when ASIC does not support DMUB (Thadeu Lima de Souza Cascardo) - drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (Dan Carpenter) - drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (Douglas Anderson) - drm/mediatek: Fix config_updating flag never false when no mbox channel (Jason-JH Lin) - PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (Thippeswamy Havalige) - PCI: Remove stray put_device() in pci_register_host_bridge() (Dan Carpenter) - powerpc/kexec: fix physical address calculation in clear_utlb_entry() (Christophe Leroy) - crypto: powerpc: Mark ghashp8-ppc.o as an OBJECT_FILES_NON_STANDARD (Christophe Leroy) - drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (Rob Clark) - drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (Vitaliy Shevtsov) - drm/panthor: Update CS_STATUS_ defines to correct values (Ashley Smith) - PCI: Avoid reset when disabled via sysfs (Nishanth Aravamudan) - PCI/portdrv: Only disable pciehp interrupts early when needed (Feng Tang) - PCI: brcmstb: Fix potential premature regulator disabling (Jim Quinlan) - PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (Jim Quinlan) - PCI: brcmstb: Use internal register to change link capability (Jim Quinlan) - PCI: brcmstb: Set generation limit before PCIe link up (Jim Quinlan) - PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (Hans Zhang) - drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (Srinivasan Shanmugam) - drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (Marijn Suijten) - drm/msm/dsi: Use existing per-interface slice count in DSC timing (Marijn Suijten) - drm/msm/dsi/phy: Program clock inverters in correct register (Krzysztof Kozlowski) - drm/msm/dpu: don't use active in atomic_check() (Dmitry Baryshkov) - drm/amd/display: fix an indent issue in DML21 (Aurabindo Pillai) - PCI/ACS: Fix 'pci=config_acs=' parameter (Tushar Dave) - drm/panel: ilitek-ili9882t: fix GPIO name in error message (John Keeping) - PCI/ASPM: Fix link state exit during switch upstream function removal (Daniel Stodden) - drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (AngeloGioacchino Del Regno) - drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (AngeloGioacchino Del Regno) - PCI: Remove add_align overwrite unrelated to size0 (Ilpo J?rvinen) - PCI: Use downstream bridges for distributing resources (Kai-Heng Feng) - drm/amdgpu/umsch: fix ucode check (Alex Deucher) - drm/amdgpu: refine smu send msg debug log format (Yang Wang) - gpu: cdns-mhdp8546: fix call balance of mhdp->clk handling routines (Vitalii Mordan) - drm/vkms: Fix use after free and double free on init error (Jos? Exp?sito) - drm: xlnx: zynqmp: Fix max dma segment size (Tomi Valkeinen) - drm/bridge: it6505: fix HDCP V match check is not performed correctly (Hermes Wu) - drm/dp_mst: Fix drm RAD print (Wayne Lin) - drm/ssd130x: ensure ssd132x pitch is correct (John Keeping) - drm/ssd130x: fix ssd132x encoding (John Keeping) - drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (Javier Martinez Canillas) - drm/bridge: ti-sn65dsi86: Fix multiple instances (Geert Uytterhoeven) - ALSA: timer: Don't take register_mutex with copy_from/to_user() (Takashi Iwai) - ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (Jayesh Choudhary) - ALSA: hda/realtek: Always honor no_shutup_pins (Takashi Iwai) - dt-bindings: vendor-prefixes: add GOcontroll (Maud Spierings) - HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (Jiri Kosina) - ASoC: amd: acp: Fix for enabling DMIC on acp platforms via _DSD entry (Venkata Prasad Potturu) - ASoC: cs35l41: check the return value from spi_setup() (Vitaliy Shevtsov) - platform/x86: dell-ddv: Fix temperature calculation (Armin Wolf) - platform/x86: dell-uart-backlight: Make dell_uart_bl_serdev_driver static (Ilpo J?rvinen) - platform/x86: lenovo-yoga-tab2-pro-1380-fastcharger: Make symbol static (Ilpo J?rvinen) - auxdisplay: panel: Fix an API misuse in panel.c (Andy Shevchenko) - media: platform: allgro-dvt: unregister v4l2_device on the error path (Joe Hattori) - media: verisilicon: HEVC: Initialize start_bit field (Benjamin Gaignard) - auxdisplay: MAX6959 should select BITREVERSE (Geert Uytterhoeven) - regulator: pca9450: Fix enable register for LDO5 (Frieder Schrempf) - x86/entry: Add __init to ia32_emulation_override_cmdline() (Vitaly Kuznetsov) - x86/fpu/xstate: Fix inconsistencies in guest FPU xfeatures (Chao Gao) - x86/traps: Make exc_double_fault() consistently noreturn (Josh Poimboeuf) - perf/ring_buffer: Allow the EPOLLRDNORM flag for poll (Tao Chen) - lockdep: Don't disable interrupts on RT in disable_irq_nosync_lockdep.*() (Sebastian Andrzej Siewior) - PM: sleep: Fix handling devices with direct_complete set on errors (Rafael J. Wysocki) - thermal: int340x: Add NULL check for adev (Chenyuan Yang) - x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors (James Morse) - EDAC/ie31200: Fix the error path order of ie31200_init() (Qiuxu Zhuo) - EDAC/ie31200: Fix the DIMM size mask for several SoCs (Qiuxu Zhuo) - EDAC/ie31200: Fix the size of EDAC_MC_LAYER_CHIP_SELECT layer (Qiuxu Zhuo) - selinux: Chain up tool resolving errors in install_policy.sh (Tim Schumacher) - watchdog/hardlockup/perf: Fix perf_event memory leak (Li Huafei) - kunit/stackinit: Use fill byte different from Clang i386 pattern (Kees Cook) - RISC-V: KVM: Disable the kernel perf counter during configure (Atish Patra) - cpufreq: tegra194: Allow building for Tegra234 (Aaron Kling) - PM: sleep: Adjust check before setting power.must_resume (Rafael J. Wysocki) - lockdep/mm: Fix might_fault() lockdep check of current->mm->mmap_lock (Peter Zijlstra) - x86/sev: Add missing RIP_REL_REF() invocations during sme_enable() (Kevin Loughlin) - x86/platform: Only allow CONFIG_EISA for 32-bit (Arnd Bergmann) - x86/fpu: Avoid copying dynamic FP state from init_task in arch_dup_task_struct() (Benjamin Berg) - x86/fpu: Fix guest FPU state buffer allocation size (Stanislav Spassov) - EDAC/{skx_common,i10nm}: Fix some missing error reports on Emerald Rapids (Qiuxu Zhuo) - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (Jie Zhan) - sched/eevdf: Force propagating min_slice of cfs_rq when {en,de}queue tasks (Tianchen Ding) - sched: Cancel the slice protection of the idle entity (zihan zhou) - smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket label (Konstantin Andreev) - smack: dont compile ipv6 code unless ipv6 is configured (Konstantin Andreev) - cpufreq: scpi: compare kHz instead of Hz (zuoqian) - x86/mm/pat: cpa-test: fix length for CPA_ARRAY test (Mike Rapoport (Microsoft)) - watch_queue: fix pipe accounting mismatch (Eric Sandeen) - LTS version: v6.12.22 (Jack Vogel) - bcachefs: bch2_ioctl_subvolume_destroy() fixes (Kent Overstreet) - serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping) - serial: stm32: do not deassert RS485 RTS GPIO prematurely (Cheick Traore) - perf tools: Fix up some comments and code to properly use the event_source bus (Greg Kroah-Hartman) - memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (Luo Qiu) - usb: xhci: Apply the link chain quirk on NEC isoc endpoints (Michal Pecio) - usb: xhci: Don't skip on Stopped - Length Invalid (Michal Pecio) - net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet) - net: usb: qmi_wwan: add Telit Cinterion FE990B composition (Fabio Porcedda) - net: usb: qmi_wwan: add Telit Cinterion FN990B composition (Fabio Porcedda) - tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (Sherry Sun) - tty: serial: 8250: Add Brainboxes XC devices (Cameron Williams) - tty: serial: 8250: Add some more device IDs (Cameron Williams) - counter: microchip-tcb-capture: Fix undefined counter channel state on probe (William Breathitt Gray) - counter: stm32-lptimer-cnt: fix error handling when enabling (Fabrice Gasnier) - ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (Dhruv Deshpande) - netfilter: socket: Lookup orig tuple for IPv6 SNAT (Maxim Mikityanskiy) - drm/amd/display: Don't write DP_MSTM_CTRL after LT (Wayne Lin) - atm: Fix NULL pointer dereference (Minjoong Kim) - HID: hid-plantronics: Add mic mute mapping and generalize quirks (Terry Junge) - ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (Terry Junge) - LTS version: v6.12.21 (Jack Vogel) - mptcp: Fix data stream corruption in the address announcement (Arthur Mongodin) - mm/huge_memory: drop beyond-EOF folios with the right number of refs (Zi Yan) - arm64: dts: rockchip: fix u2phy1_host status for NanoPi R4S (Justin Klaassen) - libsubcmd: Silence compiler warning (Eder Zulian) - Revert "sched/core: Reduce cost of sched_move_task when config autogroup" (Dietmar Eggemann) - KVM: arm64: Eagerly switch ZCR_EL{1,2} (Mark Rutland) - KVM: arm64: Mark some header functions as inline (Mark Rutland) - KVM: arm64: Refactor exit handlers (Mark Rutland) - KVM: arm64: Remove VHE host restore of CPACR_EL1.SMEN (Mark Rutland) - KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN (Mark Rutland) - KVM: arm64: Remove host FPSIMD saving for non-protected KVM (Mark Rutland) - KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (Mark Rutland) - KVM: arm64: Calculate cptr_el2 traps on activating traps (Fuad Tabba) - io_uring/net: fix sendzc double notif flush (Pavel Begunkov) - ksmbd: fix incorrect validation for num_aces field of smb_acl (Namjae Jeon) - drm/amdkfd: Fix user queue validation on Gfx7/8 (Philip Yang) - drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (David Rosca) - drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (David Rosca) - drm/amdgpu: Remove JPEG from vega and carrizo video caps (David Rosca) - drm/amdgpu/pm: wire up hwmon fan speed for smu 14.0.2 (Alex Deucher) - drm/amdgpu/pm: Handle SCLK offset correctly in overdrive for smu 14.0.2 (Tomasz Paku?a) - drm/amdgpu: Restore uncached behaviour on GFX12 (David Belanger) - drm/amd/pm: add unique_id for gfx12 (Harish Kasiviswanathan) - drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (Mario Limonciello) - drm/amd/display: Fix message for support_edp0_on_dp1 (Yilin Chen) - drm/amdgpu/gfx12: correct cleanup of 'me' field with gfx_v12_0_me_fini() (Wentao Liang) - drm/sched: Fix fence reference count leak (qianyi liu) - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (Nikita Zhandarovich) - pmdomain: amlogic: fix T7 ISP secpower (Xianwei Zhao) - soc: qcom: pdr: Fix the potential deadlock (Saranya R) - batman-adv: Ignore own maximum aggregation size during RX (Sven Eckelmann) - xsk: fix an integer overflow in xp_create_and_assign_umem() (Gavrilov Ilia) - keys: Fix UAF in key_put() (David Howells) - efi/libstub: Avoid physical address 0x0 when doing random allocation (Ard Biesheuvel) - firmware: qcom: uefisecapp: fix efivars registration race (Johan Hovold) - ARM: shmobile: smp: Enforce shmobile_smp_* alignment (Geert Uytterhoeven) - ARM: dts: imx6qdl-apalis: Fix poweroff on Apalis iMX6 (Stefan Eichenberger) - memcg: drain obj stock on cpu hotplug teardown (Shakeel Butt) - proc: fix UAF in proc_get_inode() (Ye Bin) - mm/page_alloc: fix memory accept before watermarks gets initialized (Kirill A. Shutemov) - mm/migrate: fix shmem xarray update during migration (Zi Yan) - mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (Raphael S. Carvalho) - selftests/mm: run_vmtests.sh: fix half_ufd_size_MB calculation (Rafael Aquini) - mmc: atmel-mci: Add missing clk_disable_unprepare() (Gu Bowen) - mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (Kamal Dasu) - arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (Quentin Schulz) - arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (Quentin Schulz) - arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to sound card (Stefan Eichenberger) - arm64: dts: freescale: imx8mp-verdin-dahlia: add Microphone Jack to sound card (Stefan Eichenberger) - accel/qaic: Fix integer overflow in qaic_validate_req() (Dan Carpenter) - regulator: check that dummy regulator has been probed before using it (Christian Eggers) - regulator: dummy: force synchronous probing (Christian Eggers) - netfs: Call invalidate_cache only if implemented (Max Kellermann) - riscv: dts: starfive: Fix a typo in StarFive JH7110 pin function definitions (E Shattow) - io_uring/net: don't clear REQ_F_NEED_CLEANUP unconditionally (Jens Axboe) - drm/v3d: Don't run jobs that have errors flagged in its fence (Ma?ra Canal) - drm/xe: Fix exporting xe buffers multiple times (Tomasz Rusinowicz) - can: flexcan: disable transceiver during system PM (Haibo Chen) - can: flexcan: only change CAN state when link up in system PM (Haibo Chen) - can: ucan: fix out of bound read in strscpy() source (Vincent Mailhol) - can: rcar_canfd: Fix page entries in the AFL list (Biju Das) - dt-bindings: can: renesas,rcar-canfd: Fix typo in pattern properties for R-Car V4M (Biju Das) - net: mana: Support holes in device list reply msg (Haiyang Zhang) - i2c: omap: fix IRQ storms (Andreas Kemnade) - tracing: tprobe-events: Fix leakage of module refcount (Masami Hiramatsu (Google)) - Revert "gre: Fix IPv6 link-local address generation." (Guillaume Nault) - net/neighbor: add missing policy for NDTPA_QUEUE_LENBYTES (Lin Ma) - libfs: Fix duplicate directory entry in offset_dir_lookup (Yongjian Sun) - net: ipv6: ioam6: fix lwtunnel_output() loop (Justin Iurman) - net: lwtunnel: fix recursion loops (Justin Iurman) - net: ti: icssg-prueth: Add lock to stats (MD Danish Anwar) - net: atm: fix use after free in lec_send() (Dan Carpenter) - gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (Jason Gunthorpe) - phy: fix xa_alloc_cyclic() error handling (Michal Swiatkowski) - dpll: fix xa_alloc_cyclic() error handling (Michal Swiatkowski) - devlink: fix xa_alloc_cyclic() error handling (Michal Swiatkowski) - ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create(). (Kuniyuki Iwashima) - ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). (Kuniyuki Iwashima) - net: ipv6: fix TCP GSO segmentation with NAT (Felix Fietkau) - net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence (Vignesh Raghavendra) - ata: libata-core: Add ATA_QUIRK_NO_LPM_ON_ATI for certain Samsung SSDs (Niklas Cassel) - tracing: tprobe-events: Fix to clean up tprobe correctly when module unload (Masami Hiramatsu (Google)) - ARM: davinci: da850: fix selecting ARCH_DAVINCI_DA8XX (David Lechner) - accel/qaic: Fix possible data corruption in BOs > 2G (Jeffrey Hugo) - Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (Arkadiusz Bokowy) - Bluetooth: Fix error code in chan_alloc_skb_cb() (Dan Carpenter) - RDMA/hns: Fix wrong value of max_sge_rd (Junxian Huang) - RDMA/hns: Fix missing xa_destroy() (Junxian Huang) - RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (Junxian Huang) - RDMA/hns: Fix invalid sq params not being blocked (Junxian Huang) - RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (Junxian Huang) - RDMA/hns: Fix soft lockup during bt pages loop (Junxian Huang) - RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (Saravanan Vajravel) - dma-mapping: fix missing clear bdr in check_ram_in_range_map() (Baochen Qiang) - ARM: dts: BCM5301X: Fix switch port labels of ASUS RT-AC3200 (Chester A. Unal) - ARM: dts: BCM5301X: Fix switch port labels of ASUS RT-AC5300 (Chester A. Unal) - ARM: dts: bcm2711: Don't mark timer regs unconfigured (Phil Elwell) - ARM: OMAP1: select CONFIG_GENERIC_IRQ_CHIP (Arnd Bergmann) - RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (Qasim Ijaz) - RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (Kashyap Desai) - RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (Zhu Yanjun) - arm64: dts: rockchip: Remove undocumented sdmmc property from lubancat-1 (Yao Zi) - arm64: dts: bcm2712: PL011 UARTs are actually r1p5 (Phil Elwell) - ARM: dts: bcm2711: PL011 UARTs are actually r1p5 (Phil Elwell) - ARM: dts: bcm2711: Fix xHCI power-domain (Stefan Wahren) - soc: imx8m: Unregister cpufreq and soc dev in cleanup path (Peng Fan) - soc: imx8m: Use devm_* to simplify probe failure handling (Marek Vasut) - soc: imx8m: Remove global soc_uid (Marek Vasut) - xfrm_output: Force software GSO only in tunnel mode (Cosmin Ratiu) - xfrm: fix tunnel mode TX datapath in packet offload mode (Alexandre Cassen) - arm64: dts: rockchip: remove supports-cqe from rk3588 tiger (Heiko Stuebner) - arm64: dts: rockchip: remove supports-cqe from rk3588 jaguar (Heiko Stuebner) - arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (Alexander Stein) - firmware: imx-scu: fix OF node leak in .probe() (Joe Hattori) - firmware: qcom: scm: Fix error code in probe() (Dan Carpenter) - rds: Tear down the copy-from-user cache before destroying rds_wq (H?kon Bugge) [Orabug: 37379052] - uek-rpm: Set uek_release variable in UEK 8 spec file (Harshit Mogalapalli) [Orabug: 37801392] [6.12.0-0.20.20.1] - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (H?kon Bugge) [Orabug: 37702023] - scsi: mpi3mr: Task Abort EH Support (Chandrakanth Patil) [Orabug: 37778472] - scsi: mpi3mr: Update driver version to 8.13.0.5.50 (Ranjan Kumar) [Orabug: 37778472] - scsi: mpi3mr: Check admin reply queue from Watchdog (Ranjan Kumar) [Orabug: 37778472] - scsi: mpi3mr: Update timestamp only for supervisor IOCs (Ranjan Kumar) [Orabug: 37778472] - scsi: mpi3mr: Update MPI Headers to revision 35 (Ranjan Kumar) [Orabug: 37778472] - scsi: mpi3mr: Fix locking in an error path (Bart Van Assche) [Orabug: 37778472] - scsi: mpi3mr: Fix spelling mistake "skiping" -> "skipping" (Colin Ian King) [Orabug: 37778472] - scsi: mpi3mr: Update driver version to 8.12.1.0.50 (Ranjan Kumar) [Orabug: 37778472] - scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (Ranjan Kumar) [Orabug: 37778472] - scsi: mpi3mr: Support for Segmented Hardware Trace buffer (Ranjan Kumar) [Orabug: 37778472] - scsi: mpi3mr: Avoid reply queue full condition (Ranjan Kumar) [Orabug: 37778472] - scsi: mpi3mr: Update driver version to 8.12.0.3.50 (Ranjan Kumar) [Orabug: 37778472] - uek-rpm: Enable Intel In Field Scan as a module in UEK8 (Harshit Mogalapalli) [Orabug: 37778856] From el-errata at oss.oracle.com Wed May 14 00:00:24 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 13 May 2025 17:00:24 -0700 Subject: [El-errata] ELSA-2025-20318 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20318 http://linux.oracle.com/errata/ELSA-2025-20318.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-core-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-core-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-devel-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-doc-6.12.0-1.23.3.1.el9uek.noarch.rpm kernel-uek-modules-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-modules-core-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-1.23.3.1.el9uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-1.23.3.1.el9uek.x86_64.rpm aarch64: kernel-uek-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-core-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-core-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-devel-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-modules-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-modules-core-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-core-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-modules-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-1.23.3.1.el9uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-1.23.3.1.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-6.12.0-1.23.3.1.el9uek.src.rpm Related CVEs: CVE-2024-28956 Description of changes: [6.12.0-1.23.3.1] - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37920680] - x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37920680] - x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37920680] - selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Add support for RSB stuffing mitigation (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} From el-errata at oss.oracle.com Fri May 16 22:15:46 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:15:46 -0700 Subject: [El-errata] ELBA-2025-20324 Oracle Linux 8 ruby:3.1 bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20324 http://linux.oracle.com/errata/ELBA-2025-20324.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: ruby-3.1.7-145.module+el8.10.0+90574+609b2fe6.i686.rpm ruby-3.1.7-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm ruby-bundled-gems-3.1.7-145.module+el8.10.0+90574+609b2fe6.i686.rpm ruby-bundled-gems-3.1.7-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm ruby-default-gems-3.1.7-145.module+el8.10.0+90574+609b2fe6.noarch.rpm ruby-devel-3.1.7-145.module+el8.10.0+90574+609b2fe6.i686.rpm ruby-devel-3.1.7-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm ruby-doc-3.1.7-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90574+609b2fe6.i686.rpm rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm rubygem-bundler-2.3.27-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-io-console-0.5.11-145.module+el8.10.0+90574+609b2fe6.i686.rpm rubygem-io-console-0.5.11-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm rubygem-irb-1.4.1-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-json-2.6.1-145.module+el8.10.0+90574+609b2fe6.i686.rpm rubygem-json-2.6.1-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm rubygem-minitest-5.15.0-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-mysql2-0.5.3-3.module+el8.10.0+90574+609b2fe6.x86_64.rpm rubygem-mysql2-doc-0.5.3-3.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-pg-1.3.2-1.module+el8.7.0+20780+b11ff321.x86_64.rpm rubygem-pg-doc-1.3.2-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-power_assert-2.0.1-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-psych-4.0.4-145.module+el8.10.0+90574+609b2fe6.i686.rpm rubygem-psych-4.0.4-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm rubygem-rake-13.0.6-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-rbs-2.7.0-145.module+el8.10.0+90574+609b2fe6.i686.rpm rubygem-rbs-2.7.0-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm rubygem-rdoc-6.4.1.1-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-rexml-3.3.9-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-rss-0.3.1-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygems-3.3.27-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygems-devel-3.3.27-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-test-unit-3.5.3-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-typeprof-0.21.3-145.module+el8.10.0+90574+609b2fe6.noarch.rpm ruby-libs-3.1.7-145.module+el8.10.0+90574+609b2fe6.i686.rpm ruby-libs-3.1.7-145.module+el8.10.0+90574+609b2fe6.x86_64.rpm aarch64: ruby-3.1.7-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm ruby-bundled-gems-3.1.7-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm ruby-default-gems-3.1.7-145.module+el8.10.0+90574+609b2fe6.noarch.rpm ruby-devel-3.1.7-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm ruby-doc-3.1.7-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-bigdecimal-3.1.1-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm rubygem-bundler-2.3.27-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-io-console-0.5.11-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm rubygem-irb-1.4.1-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-json-2.6.1-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm rubygem-minitest-5.15.0-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-mysql2-0.5.3-3.module+el8.10.0+90574+609b2fe6.aarch64.rpm rubygem-mysql2-doc-0.5.3-3.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-pg-1.3.2-1.module+el8.7.0+20780+b11ff321.aarch64.rpm rubygem-pg-doc-1.3.2-1.module+el8.7.0+20780+b11ff321.noarch.rpm rubygem-power_assert-2.0.1-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-psych-4.0.4-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm rubygem-rake-13.0.6-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-rbs-2.7.0-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm rubygem-rdoc-6.4.1.1-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-rexml-3.3.9-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-rss-0.3.1-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygems-3.3.27-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygems-devel-3.3.27-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-test-unit-3.5.3-145.module+el8.10.0+90574+609b2fe6.noarch.rpm rubygem-typeprof-0.21.3-145.module+el8.10.0+90574+609b2fe6.noarch.rpm ruby-libs-3.1.7-145.module+el8.10.0+90574+609b2fe6.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//ruby-3.1.7-145.module+el8.10.0+90574+609b2fe6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-abrt-0.4.0-1.module+el8.7.0+20780+b11ff321.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-mysql2-0.5.3-3.module+el8.10.0+90574+609b2fe6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-pg-1.3.2-1.module+el8.7.0+20780+b11ff321.src.rpm Description of changes: ruby rubygem-abrt rubygem-mysql2 [0.5.3-3] - Fix SSL related test failure by backporting Fedora commit . Related: RHEL-28565 rubygem-pg From el-errata at oss.oracle.com Fri May 16 22:15:52 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:15:52 -0700 Subject: [El-errata] ELBA-2025-20325 Oracle Linux 8 idm:DL1 bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20325 http://linux.oracle.com/errata/ELBA-2025-20325.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.x86_64.rpm custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm ipa-client-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.x86_64.rpm ipa-client-common-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-client-epn-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.x86_64.rpm ipa-client-samba-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.x86_64.rpm ipa-common-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-healthcheck-0.12-5.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-healthcheck-core-0.12-5.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-python-compat-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-selinux-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-server-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.x86_64.rpm ipa-server-common-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-server-dns-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-server-trust-ad-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.x86_64.rpm opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.x86_64.rpm python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm python3-ipaclient-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-ipalib-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-ipaserver-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-ipatests-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.noarch.rpm python3-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.noarch.rpm python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm python3-qrcode-5.3-1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-qrcode-core-5.3-1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.x86_64.rpm softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm aarch64: bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.aarch64.rpm custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm ipa-client-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.aarch64.rpm ipa-client-common-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-client-epn-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.aarch64.rpm ipa-client-samba-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.aarch64.rpm ipa-common-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-healthcheck-0.12-5.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-healthcheck-core-0.12-5.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-python-compat-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-selinux-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-server-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.aarch64.rpm ipa-server-common-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-server-dns-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm ipa-server-trust-ad-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.aarch64.rpm opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.aarch64.rpm python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm python3-ipaclient-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-ipalib-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-ipaserver-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-ipatests-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.noarch.rpm python3-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.noarch.rpm python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm python3-qrcode-5.3-1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-qrcode-core-5.3-1.module+el8.10.0+90553+1bd85afa.noarch.rpm python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.aarch64.rpm softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//ipa-4.9.13-16.0.1.module+el8.10.0+90553+1bd85afa.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//ipa-healthcheck-0.12-5.module+el8.10.0+90553+1bd85afa.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-qrcode-5.3-1.module+el8.10.0+90553+1bd85afa.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//python-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.src.rpm Description of changes: bind-dyndb-ldap custodia ipa ipa-healthcheck opendnssec python-jwcrypto [0.5.0-2] - Address potential DoS with high compression ratio Resolves: RHEL-28697 - Limit number of iterations for PBES Resolves: RHEL-23036 RHEL-23037 python-kdcproxy python-qrcode python-yubico pyusb slapi-nis softhsm From el-errata at oss.oracle.com Fri May 16 22:15:54 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:15:54 -0700 Subject: [El-errata] ELBA-2025-20331 Oracle Linux 8 sssd bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20331 http://linux.oracle.com/errata/ELBA-2025-20331.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libipa_hbac-2.9.4-5.0.2.el8_10.1.i686.rpm libipa_hbac-2.9.4-5.0.2.el8_10.1.x86_64.rpm libsss_autofs-2.9.4-5.0.2.el8_10.1.x86_64.rpm libsss_certmap-2.9.4-5.0.2.el8_10.1.i686.rpm libsss_certmap-2.9.4-5.0.2.el8_10.1.x86_64.rpm libsss_idmap-2.9.4-5.0.2.el8_10.1.i686.rpm libsss_idmap-2.9.4-5.0.2.el8_10.1.x86_64.rpm libsss_nss_idmap-2.9.4-5.0.2.el8_10.1.i686.rpm libsss_nss_idmap-2.9.4-5.0.2.el8_10.1.x86_64.rpm libsss_simpleifp-2.9.4-5.0.2.el8_10.1.i686.rpm libsss_simpleifp-2.9.4-5.0.2.el8_10.1.x86_64.rpm libsss_sudo-2.9.4-5.0.2.el8_10.1.x86_64.rpm python3-libipa_hbac-2.9.4-5.0.2.el8_10.1.x86_64.rpm python3-libsss_nss_idmap-2.9.4-5.0.2.el8_10.1.x86_64.rpm python3-sss-2.9.4-5.0.2.el8_10.1.x86_64.rpm python3-sssdconfig-2.9.4-5.0.2.el8_10.1.noarch.rpm python3-sss-murmur-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-ad-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-client-2.9.4-5.0.2.el8_10.1.i686.rpm sssd-client-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-common-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-common-pac-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-dbus-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-ipa-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-kcm-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-krb5-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-krb5-common-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-ldap-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-nfs-idmap-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-proxy-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-tools-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-winbind-idmap-2.9.4-5.0.2.el8_10.1.x86_64.rpm libsss_nss_idmap-devel-2.9.4-5.0.2.el8_10.1.i686.rpm libsss_nss_idmap-devel-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-polkit-rules-2.9.4-5.0.2.el8_10.1.x86_64.rpm sssd-idp-2.9.4-5.0.2.el8_10.1.x86_64.rpm aarch64: libipa_hbac-2.9.4-5.0.2.el8_10.1.aarch64.rpm libsss_autofs-2.9.4-5.0.2.el8_10.1.aarch64.rpm libsss_certmap-2.9.4-5.0.2.el8_10.1.aarch64.rpm libsss_idmap-2.9.4-5.0.2.el8_10.1.aarch64.rpm libsss_nss_idmap-2.9.4-5.0.2.el8_10.1.aarch64.rpm libsss_simpleifp-2.9.4-5.0.2.el8_10.1.aarch64.rpm libsss_sudo-2.9.4-5.0.2.el8_10.1.aarch64.rpm python3-libipa_hbac-2.9.4-5.0.2.el8_10.1.aarch64.rpm python3-libsss_nss_idmap-2.9.4-5.0.2.el8_10.1.aarch64.rpm python3-sss-2.9.4-5.0.2.el8_10.1.aarch64.rpm python3-sssdconfig-2.9.4-5.0.2.el8_10.1.noarch.rpm python3-sss-murmur-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-ad-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-client-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-common-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-common-pac-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-dbus-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-ipa-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-kcm-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-krb5-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-krb5-common-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-ldap-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-nfs-idmap-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-proxy-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-tools-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-winbind-idmap-2.9.4-5.0.2.el8_10.1.aarch64.rpm libsss_nss_idmap-devel-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-polkit-rules-2.9.4-5.0.2.el8_10.1.aarch64.rpm sssd-idp-2.9.4-5.0.2.el8_10.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//sssd-2.9.4-5.0.2.el8_10.1.src.rpm Description of changes: [2.9.4-5.0.2.1] - Missing ntohs to service port [Orabug: 37389651] From el-errata at oss.oracle.com Fri May 16 22:15:55 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:15:55 -0700 Subject: [El-errata] ELSA-2025-7531 Important: Oracle Linux 8 kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7531 http://linux.oracle.com/errata/ELSA-2025-7531.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.52.1.el8_10.noarch.rpm kernel-core-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.52.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.52.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.52.1.el8_10.x86_64.rpm perf-4.18.0-553.52.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.52.1.el8_10.x86_64.rpm aarch64: bpftool-4.18.0-553.52.1.el8_10.aarch64.rpm kernel-cross-headers-4.18.0-553.52.1.el8_10.aarch64.rpm kernel-headers-4.18.0-553.52.1.el8_10.aarch64.rpm kernel-tools-4.18.0-553.52.1.el8_10.aarch64.rpm kernel-tools-libs-4.18.0-553.52.1.el8_10.aarch64.rpm kernel-tools-libs-devel-4.18.0-553.52.1.el8_10.aarch64.rpm perf-4.18.0-553.52.1.el8_10.aarch64.rpm python3-perf-4.18.0-553.52.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.52.1.el8_10.src.rpm Related CVEs: CVE-2022-49011 CVE-2024-53141 Description of changes: [4.18.0-553.52.1.el8_10.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] [4.18.0-553.52.1.el8_10.gfd1b] - netfilter: ipset: add missing range check in bitmap_ip_uadt (Florian Westphal) [RHEL-70268] {CVE-2024-53141} - NFS: Extend rdirplus mount option with "force|none" (Benjamin Coddington) [RHEL-16285] - idpf: trigger SW interrupt when exiting wb_on_itr mode (Michal Schmidt) [RHEL-73266] - idpf: add support for SW triggered interrupts (Michal Schmidt) [RHEL-73266] - idpf: fix VF dynamic interrupt ctl register initialization (Michal Schmidt) [RHEL-73266] - idpf: enable WB_ON_ITR (Michal Schmidt) [RHEL-73266] - redhat: require recent enough linux-firmware for qed (Denys Vlasenko) [RHEL-6342] - gfs2: deallocate inodes in gfs2_create_inode (Andreas Gruenbacher) [RHEL-7875] - gfs2: Move GIF_ALLOC_FAILED check out of gfs2_ea_dealloc (Andreas Gruenbacher) [RHEL-7875] - gfs2: Move gfs2_dinode_dealloc (Andreas Gruenbacher) [RHEL-7875] - gfs2: Don't reread inodes unnecessarily (Andreas Gruenbacher) [RHEL-7875] - gfs2: gfs2_create_inode error handling fix (Andreas Gruenbacher) [RHEL-7875] - gfs2: No longer use 'extern' in function declarations (Andreas Gruenbacher) [RHEL-7875] - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (CKI Backport Bot) [RHEL-63668] {CVE-2022-49011} From el-errata at oss.oracle.com Fri May 16 22:15:57 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:15:57 -0700 Subject: [El-errata] ELSA-2025-7540 Moderate: Oracle Linux 8 libjpeg-turbo security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7540 http://linux.oracle.com/errata/ELSA-2025-7540.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libjpeg-turbo-1.5.3-14.el8_10.i686.rpm libjpeg-turbo-1.5.3-14.el8_10.x86_64.rpm libjpeg-turbo-devel-1.5.3-14.el8_10.i686.rpm libjpeg-turbo-devel-1.5.3-14.el8_10.x86_64.rpm libjpeg-turbo-utils-1.5.3-14.el8_10.x86_64.rpm turbojpeg-1.5.3-14.el8_10.i686.rpm turbojpeg-1.5.3-14.el8_10.x86_64.rpm turbojpeg-devel-1.5.3-14.el8_10.i686.rpm turbojpeg-devel-1.5.3-14.el8_10.x86_64.rpm aarch64: libjpeg-turbo-1.5.3-14.el8_10.aarch64.rpm libjpeg-turbo-devel-1.5.3-14.el8_10.aarch64.rpm libjpeg-turbo-utils-1.5.3-14.el8_10.aarch64.rpm turbojpeg-1.5.3-14.el8_10.aarch64.rpm turbojpeg-devel-1.5.3-14.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//libjpeg-turbo-1.5.3-14.el8_10.src.rpm Related CVEs: CVE-2020-13790 Description of changes: [1.5.3-14] - updated previous fix (RHEL-87364) [1.5.3-13] - fix CVE-2020-13790: heap-based buffer over-read in get_rgb_row (RHEL-87364) From el-errata at oss.oracle.com Fri May 16 22:15:58 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:15:58 -0700 Subject: [El-errata] ELSA-2025-7569 Important: Oracle Linux 8 yelp and yelp-xsl security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7569 http://linux.oracle.com/errata/ELSA-2025-7569.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: yelp-3.28.1-3.el8_10.1.x86_64.rpm yelp-libs-3.28.1-3.el8_10.1.i686.rpm yelp-libs-3.28.1-3.el8_10.1.x86_64.rpm yelp-xsl-3.28.0-2.el8_10.1.noarch.rpm yelp-devel-3.28.1-3.el8_10.1.i686.rpm yelp-devel-3.28.1-3.el8_10.1.x86_64.rpm aarch64: yelp-3.28.1-3.el8_10.1.aarch64.rpm yelp-libs-3.28.1-3.el8_10.1.aarch64.rpm yelp-xsl-3.28.0-2.el8_10.1.noarch.rpm yelp-devel-3.28.1-3.el8_10.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//yelp-3.28.1-3.el8_10.1.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//yelp-xsl-3.28.0-2.el8_10.1.src.rpm Related CVEs: CVE-2025-3155 Description of changes: yelp [2:3.28.1-3.1] - Fix CVE-2025-3155 (RHEL-85922) yelp-xsl [3.28.0-2.1] - Fix CVE-2025-3155 (RHEL-85922) From el-errata at oss.oracle.com Fri May 16 22:16:00 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:16:00 -0700 Subject: [El-errata] ELSA-2025-7571 Important: Oracle Linux 8 .NET 9.0 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7571 http://linux.oracle.com/errata/ELSA-2025-7571.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-9.0-9.0.5-1.0.1.el8_10.x86_64.rpm aspnetcore-runtime-dbg-9.0-9.0.5-1.0.1.el8_10.x86_64.rpm aspnetcore-targeting-pack-9.0-9.0.5-1.0.1.el8_10.x86_64.rpm dotnet-9.0.106-1.0.1.el8_10.x86_64.rpm dotnet-apphost-pack-9.0-9.0.5-1.0.1.el8_10.x86_64.rpm dotnet-host-9.0.5-1.0.1.el8_10.x86_64.rpm dotnet-hostfxr-9.0-9.0.5-1.0.1.el8_10.x86_64.rpm dotnet-runtime-9.0-9.0.5-1.0.1.el8_10.x86_64.rpm dotnet-runtime-dbg-9.0-9.0.5-1.0.1.el8_10.x86_64.rpm dotnet-sdk-9.0-9.0.106-1.0.1.el8_10.x86_64.rpm dotnet-sdk-aot-9.0-9.0.106-1.0.1.el8_10.x86_64.rpm dotnet-sdk-dbg-9.0-9.0.106-1.0.1.el8_10.x86_64.rpm dotnet-targeting-pack-9.0-9.0.5-1.0.1.el8_10.x86_64.rpm dotnet-templates-9.0-9.0.106-1.0.1.el8_10.x86_64.rpm netstandard-targeting-pack-2.1-9.0.106-1.0.1.el8_10.x86_64.rpm dotnet-sdk-9.0-source-built-artifacts-9.0.106-1.0.1.el8_10.x86_64.rpm aarch64: aspnetcore-runtime-9.0-9.0.5-1.0.1.el8_10.aarch64.rpm aspnetcore-runtime-dbg-9.0-9.0.5-1.0.1.el8_10.aarch64.rpm aspnetcore-targeting-pack-9.0-9.0.5-1.0.1.el8_10.aarch64.rpm dotnet-9.0.106-1.0.1.el8_10.aarch64.rpm dotnet-apphost-pack-9.0-9.0.5-1.0.1.el8_10.aarch64.rpm dotnet-host-9.0.5-1.0.1.el8_10.aarch64.rpm dotnet-hostfxr-9.0-9.0.5-1.0.1.el8_10.aarch64.rpm dotnet-runtime-9.0-9.0.5-1.0.1.el8_10.aarch64.rpm dotnet-runtime-dbg-9.0-9.0.5-1.0.1.el8_10.aarch64.rpm dotnet-sdk-9.0-9.0.106-1.0.1.el8_10.aarch64.rpm dotnet-sdk-aot-9.0-9.0.106-1.0.1.el8_10.aarch64.rpm dotnet-sdk-dbg-9.0-9.0.106-1.0.1.el8_10.aarch64.rpm dotnet-targeting-pack-9.0-9.0.5-1.0.1.el8_10.aarch64.rpm dotnet-templates-9.0-9.0.106-1.0.1.el8_10.aarch64.rpm netstandard-targeting-pack-2.1-9.0.106-1.0.1.el8_10.aarch64.rpm dotnet-sdk-9.0-source-built-artifacts-9.0.106-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//dotnet9.0-9.0.106-1.0.1.el8_10.src.rpm Related CVEs: CVE-2025-26646 Description of changes: [9.0.106-1.0.1] - Add support for Oracle Linux [9.0.106-1] - Update to .NET SDK 9.0.106 and Runtime 9.0.5 - Resolves: RHEL-89451 [9.0.105-2] - Update to .NET SDK 9.0.105 and Runtime 9.0.4 - Resolves: RHEL-85279 From el-errata at oss.oracle.com Fri May 16 22:16:53 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:16:53 -0700 Subject: [El-errata] ELBA-2025-20328 Oracle Linux 8 xfsprogs bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20328 http://linux.oracle.com/errata/ELBA-2025-20328.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: xfsprogs-5.15.0-1.0.6.el8.x86_64.rpm xfsprogs-devel-5.15.0-1.0.6.el8.x86_64.rpm xfsprogs-5.15.0-1.0.6.el8.i686.rpm xfsprogs-devel-5.15.0-1.0.6.el8.i686.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//xfsprogs-5.15.0-1.0.6.el8.src.rpm Description of changes: [5.15.0-1.0.6] - Introduce xfs_defrag to xfsprogs. From el-errata at oss.oracle.com Fri May 16 22:18:00 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:18:00 -0700 Subject: [El-errata] ELBA-2025-20327 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20327 http://linux.oracle.com/errata/ELBA-2025-20327.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-core-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-debug-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-debug-core-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-devel-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-doc-5.15.0-308.179.6.3.el8uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-container-5.15.0-308.179.6.3.el8uek.x86_64.rpm kernel-uek-container-debug-5.15.0-308.179.6.3.el8uek.x86_64.rpm aarch64: bpftool-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-core-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-debug-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-debug-core-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-devel-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-doc-5.15.0-308.179.6.3.el8uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-container-5.15.0-308.179.6.3.el8uek.aarch64.rpm kernel-uek-container-debug-5.15.0-308.179.6.3.el8uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-308.179.6.3.el8uek.src.rpm Description of changes: [5.15.0-308.179.6.3.el8uek] - x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 37937056] From el-errata at oss.oracle.com Fri May 16 22:19:10 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:19:10 -0700 Subject: [El-errata] ELBA-2025-20327 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20327 http://linux.oracle.com/errata/ELBA-2025-20327.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: aarch64: bpftool-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-container-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-container-debug-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-core-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-debug-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-debug-core-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-devel-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-doc-5.15.0-308.179.6.3.el9uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek64k-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek64k-core-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek64k-modules-5.15.0-308.179.6.3.el9uek.aarch64.rpm kernel-uek64k-modules-extra-5.15.0-308.179.6.3.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-308.179.6.3.el9uek.src.rpm Description of changes: [5.15.0-308.179.6.3.el9uek] - x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 37937056] From el-errata at oss.oracle.com Fri May 16 22:20:24 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:20:24 -0700 Subject: [El-errata] ELBA-2025-20327 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20327 http://linux.oracle.com/errata/ELBA-2025-20327.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-core-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-debug-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-debug-core-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-devel-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-doc-5.15.0-308.179.6.3.el9uek.noarch.rpm kernel-uek-modules-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-container-5.15.0-308.179.6.3.el9uek.x86_64.rpm kernel-uek-container-debug-5.15.0-308.179.6.3.el9uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-308.179.6.3.el9uek.src.rpm Description of changes: [5.15.0-308.179.6.3.el9uek] - x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 37937056] From el-errata at oss.oracle.com Fri May 16 22:20:26 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:20:26 -0700 Subject: [El-errata] ELBA-2025-20329 Oracle Linux 9 xfsprogs bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20329 http://linux.oracle.com/errata/ELBA-2025-20329.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: xfsprogs-6.12.0-1.0.2.el9.x86_64.rpm xfsprogs-6.12.0-1.0.2.el9.i686.rpm xfsprogs-devel-6.12.0-1.0.2.el9.x86_64.rpm xfsprogs-devel-6.12.0-1.0.2.el9.i686.rpm xfsprogs-xfs_scrub-6.12.0-1.0.2.el9.x86_64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//xfsprogs-6.12.0-1.0.2.el9.src.rpm Description of changes: [6.12.0-1.0.2] - Introduce xfs_defrag to xfsprogs. From el-errata at oss.oracle.com Fri May 16 22:25:05 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 16 May 2025 15:25:05 -0700 Subject: [El-errata] ELBA-2025-20326 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20326 http://linux.oracle.com/errata/ELBA-2025-20326.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-core-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-core-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-devel-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-doc-6.12.0-1.23.3.2.el9uek.noarch.rpm kernel-uek-modules-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-modules-core-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-1.23.3.2.el9uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-1.23.3.2.el9uek.x86_64.rpm aarch64: kernel-uek-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-core-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-core-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-devel-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-modules-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-modules-core-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-core-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-modules-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-1.23.3.2.el9uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-1.23.3.2.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-6.12.0-1.23.3.2.el9uek.src.rpm Description of changes: [6.12.0-1.23.3.2] - x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 37935547] - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37920680] - x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37920680] - x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37920680] - selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Add support for RSB stuffing mitigation (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Add 'vmexit' option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} - Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37863725] {CVE-2024-28956} From el-errata at oss.oracle.com Wed May 21 16:09:40 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:40 -0700 Subject: [El-errata] ELBA-2025-20333 Oracle Linux 8 leapp-repository bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20333 http://linux.oracle.com/errata/ELBA-2025-20333.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: leapp-upgrade-el8toel9-0.20.0-2.0.22.el8.noarch.rpm leapp-upgrade-el8toel9-deps-0.20.0-2.0.22.el8.noarch.rpm aarch64: leapp-upgrade-el8toel9-0.20.0-2.0.22.el8.noarch.rpm leapp-upgrade-el8toel9-deps-0.20.0-2.0.22.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//leapp-repository-0.20.0-2.0.22.el8.src.rpm Description of changes: [0.20.0-2.0.22] - Set Oracle Linux 9.6 as upgrade target [Orabug: 37839808] - Add alert for problematic aarch64 package [Orabug: 37953148] From el-errata at oss.oracle.com Wed May 21 16:09:42 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:42 -0700 Subject: [El-errata] ELBA-2025-7521 Oracle Linux 8 java-21-openjdk bug fix update: G1 and NUMA migrations Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7521 http://linux.oracle.com/errata/ELBA-2025-7521.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: java-21-openjdk-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-demo-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-devel-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-headless-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-javadoc-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-javadoc-zip-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-jmods-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-src-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-static-libs-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-demo-fastdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-demo-slowdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-devel-fastdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-devel-slowdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-fastdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-headless-fastdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-headless-slowdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-jmods-fastdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-jmods-slowdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-slowdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-src-fastdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-src-slowdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-static-libs-fastdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm java-21-openjdk-static-libs-slowdebug-21.0.7.0.6-2.0.1.el8.x86_64.rpm aarch64: java-21-openjdk-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-demo-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-devel-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-headless-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-javadoc-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-javadoc-zip-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-jmods-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-src-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-static-libs-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-demo-fastdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-demo-slowdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-devel-fastdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-devel-slowdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-fastdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-headless-fastdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-headless-slowdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-jmods-fastdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-jmods-slowdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-slowdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-src-fastdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-src-slowdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-static-libs-fastdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm java-21-openjdk-static-libs-slowdebug-21.0.7.0.6-2.0.1.el8.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//java-21-openjdk-21.0.7.0.6-2.0.1.el8.src.rpm Description of changes: [1:21.0.7.0.6-2.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] [1:21.0.7.0.6-2] - Add local version of JDK-8351500 for early interim release before 21.0.8 - Sync the copy of the portable specfile with the latest update - Resolves: RHEL-90306 From el-errata at oss.oracle.com Wed May 21 16:09:45 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:45 -0700 Subject: [El-errata] ELBA-2025-7988 Oracle Linux 8 lftp bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7988 http://linux.oracle.com/errata/ELBA-2025-7988.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: lftp-4.8.4-4.el8_10.i686.rpm lftp-4.8.4-4.el8_10.x86_64.rpm lftp-scripts-4.8.4-4.el8_10.noarch.rpm aarch64: lftp-4.8.4-4.el8_10.aarch64.rpm lftp-scripts-4.8.4-4.el8_10.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//lftp-4.8.4-4.el8_10.src.rpm Description of changes: [4.8.4-4] - Ensure proper closing of TLS connection - Resolves: RHEL-88955 From el-errata at oss.oracle.com Wed May 21 16:09:43 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:43 -0700 Subject: [El-errata] ELBA-2025-7900 Oracle Linux 8 openscap bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7900 http://linux.oracle.com/errata/ELBA-2025-7900.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: openscap-1.3.12-2.0.1.el8_10.i686.rpm openscap-1.3.12-2.0.1.el8_10.x86_64.rpm openscap-devel-1.3.12-2.0.1.el8_10.i686.rpm openscap-devel-1.3.12-2.0.1.el8_10.x86_64.rpm openscap-engine-sce-1.3.12-2.0.1.el8_10.i686.rpm openscap-engine-sce-1.3.12-2.0.1.el8_10.x86_64.rpm openscap-python3-1.3.12-2.0.1.el8_10.x86_64.rpm openscap-scanner-1.3.12-2.0.1.el8_10.x86_64.rpm openscap-utils-1.3.12-2.0.1.el8_10.x86_64.rpm openscap-engine-sce-devel-1.3.12-2.0.1.el8_10.i686.rpm openscap-engine-sce-devel-1.3.12-2.0.1.el8_10.x86_64.rpm aarch64: openscap-1.3.12-2.0.1.el8_10.aarch64.rpm openscap-devel-1.3.12-2.0.1.el8_10.aarch64.rpm openscap-engine-sce-1.3.12-2.0.1.el8_10.aarch64.rpm openscap-python3-1.3.12-2.0.1.el8_10.aarch64.rpm openscap-scanner-1.3.12-2.0.1.el8_10.aarch64.rpm openscap-utils-1.3.12-2.0.1.el8_10.aarch64.rpm openscap-engine-sce-devel-1.3.12-2.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//openscap-1.3.12-2.0.1.el8_10.src.rpm Description of changes: [1.3.12-2.0.1] - Add oracle cpe names to internal cpe dictionary [Orabug: 33493979] [1.3.12.openela.1.0] - Add OpenELA to openscap [1:1.3.12-2] - Initialize tmt (RHEL-43240) [1:1.3.12-1] - Upgrade to the latest upstream release (RHEL-88842) - Fix error when tailoring DISA content (RHEL-34104) - Fix OSCAP_PROBE_IGNORE_PATHS handling (RHEL-67297) [1.3.10-3] - Switch gating to tmt plan (RHEL-43240) From el-errata at oss.oracle.com Wed May 21 16:09:48 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:48 -0700 Subject: [El-errata] ELSA-2025-7539 Moderate: Oracle Linux 8 ruby:2.5 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7539 http://linux.oracle.com/errata/ELSA-2025-7539.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: ruby-2.5.9-114.module+el8.10.0+90580+29305b94.i686.rpm ruby-2.5.9-114.module+el8.10.0+90580+29305b94.x86_64.rpm ruby-devel-2.5.9-114.module+el8.10.0+90580+29305b94.i686.rpm ruby-devel-2.5.9-114.module+el8.10.0+90580+29305b94.x86_64.rpm ruby-doc-2.5.9-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm rubygem-abrt-doc-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm rubygem-bigdecimal-1.3.4-114.module+el8.10.0+90580+29305b94.i686.rpm rubygem-bigdecimal-1.3.4-114.module+el8.10.0+90580+29305b94.x86_64.rpm rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.x86_64.rpm rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-bundler-1.16.1-5.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-bundler-doc-1.16.1-5.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-did_you_mean-1.2.0-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-io-console-0.4.6-114.module+el8.10.0+90580+29305b94.i686.rpm rubygem-io-console-0.4.6-114.module+el8.10.0+90580+29305b94.x86_64.rpm rubygem-json-2.1.0-114.module+el8.10.0+90580+29305b94.i686.rpm rubygem-json-2.1.0-114.module+el8.10.0+90580+29305b94.x86_64.rpm rubygem-minitest-5.10.3-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.x86_64.rpm rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-net-telnet-0.1.1-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-openssl-2.1.2-114.module+el8.10.0+90580+29305b94.i686.rpm rubygem-openssl-2.1.2-114.module+el8.10.0+90580+29305b94.x86_64.rpm rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.x86_64.rpm rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-power_assert-1.1.1-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-psych-3.0.2-114.module+el8.10.0+90580+29305b94.i686.rpm rubygem-psych-3.0.2-114.module+el8.10.0+90580+29305b94.x86_64.rpm rubygem-rake-12.3.3-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-rdoc-6.0.1.1-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygems-2.7.6.3-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygems-devel-2.7.6.3-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-test-unit-3.2.7-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-xmlrpc-0.3.0-114.module+el8.10.0+90580+29305b94.noarch.rpm ruby-irb-2.5.9-114.module+el8.10.0+90580+29305b94.noarch.rpm ruby-libs-2.5.9-114.module+el8.10.0+90580+29305b94.i686.rpm ruby-libs-2.5.9-114.module+el8.10.0+90580+29305b94.x86_64.rpm aarch64: ruby-2.5.9-114.module+el8.10.0+90580+29305b94.aarch64.rpm ruby-devel-2.5.9-114.module+el8.10.0+90580+29305b94.aarch64.rpm ruby-doc-2.5.9-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm rubygem-abrt-doc-0.3.0-4.module+el8.10.0+90367+ae9e8511.noarch.rpm rubygem-bigdecimal-1.3.4-114.module+el8.10.0+90580+29305b94.aarch64.rpm rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.aarch64.rpm rubygem-bson-doc-4.3.0-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-bundler-1.16.1-5.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-bundler-doc-1.16.1-5.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-did_you_mean-1.2.0-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-io-console-0.4.6-114.module+el8.10.0+90580+29305b94.aarch64.rpm rubygem-json-2.1.0-114.module+el8.10.0+90580+29305b94.aarch64.rpm rubygem-minitest-5.10.3-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-mongo-doc-2.5.1-2.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.aarch64.rpm rubygem-mysql2-doc-0.4.10-4.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-net-telnet-0.1.1-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-openssl-2.1.2-114.module+el8.10.0+90580+29305b94.aarch64.rpm rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.aarch64.rpm rubygem-pg-doc-1.0.0-3.module+el8.9.0+90042+a65659a6.noarch.rpm rubygem-power_assert-1.1.1-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-psych-3.0.2-114.module+el8.10.0+90580+29305b94.aarch64.rpm rubygem-rake-12.3.3-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-rdoc-6.0.1.1-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygems-2.7.6.3-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygems-devel-2.7.6.3-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-test-unit-3.2.7-114.module+el8.10.0+90580+29305b94.noarch.rpm rubygem-xmlrpc-0.3.0-114.module+el8.10.0+90580+29305b94.noarch.rpm ruby-irb-2.5.9-114.module+el8.10.0+90580+29305b94.noarch.rpm ruby-libs-2.5.9-114.module+el8.10.0+90580+29305b94.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//ruby-2.5.9-114.module+el8.10.0+90580+29305b94.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-abrt-0.3.0-4.module+el8.10.0+90367+ae9e8511.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-bson-4.3.0-2.module+el8.9.0+90042+a65659a6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-bundler-1.16.1-5.module+el8.10.0+90580+29305b94.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-mongo-2.5.1-2.module+el8.9.0+90042+a65659a6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-mysql2-0.4.10-4.module+el8.9.0+90042+a65659a6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//rubygem-pg-1.0.0-3.module+el8.9.0+90042+a65659a6.src.rpm Related CVEs: CVE-2019-19012 CVE-2021-43809 Description of changes: ruby [2.5.9-114] - Fix integer overflow in search_in_range function in regexec.c (CVE-2019-19012). Resolves: RHEL-87505 rubygem-abrt rubygem-bson rubygem-bundler [1.16.1-5] - Fix unexpected code execution in Gemfiles (CVE-2021-43809) Resolves: RHEL-87017 rubygem-mongo rubygem-mysql2 rubygem-pg From el-errata at oss.oracle.com Wed May 21 16:09:49 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:49 -0700 Subject: [El-errata] ELSA-2025-7589 Important: Oracle Linux 8 .NET 8.0 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7589 http://linux.oracle.com/errata/ELSA-2025-7589.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-8.0-8.0.16-1.0.1.el8_10.x86_64.rpm aspnetcore-runtime-dbg-8.0-8.0.16-1.0.1.el8_10.x86_64.rpm aspnetcore-targeting-pack-8.0-8.0.16-1.0.1.el8_10.x86_64.rpm dotnet-apphost-pack-8.0-8.0.16-1.0.1.el8_10.x86_64.rpm dotnet-hostfxr-8.0-8.0.16-1.0.1.el8_10.x86_64.rpm dotnet-runtime-8.0-8.0.16-1.0.1.el8_10.x86_64.rpm dotnet-runtime-dbg-8.0-8.0.16-1.0.1.el8_10.x86_64.rpm dotnet-sdk-8.0-8.0.116-1.0.1.el8_10.x86_64.rpm dotnet-sdk-dbg-8.0-8.0.116-1.0.1.el8_10.x86_64.rpm dotnet-targeting-pack-8.0-8.0.16-1.0.1.el8_10.x86_64.rpm dotnet-templates-8.0-8.0.116-1.0.1.el8_10.x86_64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.116-1.0.1.el8_10.x86_64.rpm aarch64: aspnetcore-runtime-8.0-8.0.16-1.0.1.el8_10.aarch64.rpm aspnetcore-runtime-dbg-8.0-8.0.16-1.0.1.el8_10.aarch64.rpm aspnetcore-targeting-pack-8.0-8.0.16-1.0.1.el8_10.aarch64.rpm dotnet-apphost-pack-8.0-8.0.16-1.0.1.el8_10.aarch64.rpm dotnet-hostfxr-8.0-8.0.16-1.0.1.el8_10.aarch64.rpm dotnet-runtime-8.0-8.0.16-1.0.1.el8_10.aarch64.rpm dotnet-runtime-dbg-8.0-8.0.16-1.0.1.el8_10.aarch64.rpm dotnet-sdk-8.0-8.0.116-1.0.1.el8_10.aarch64.rpm dotnet-sdk-dbg-8.0-8.0.116-1.0.1.el8_10.aarch64.rpm dotnet-targeting-pack-8.0-8.0.16-1.0.1.el8_10.aarch64.rpm dotnet-templates-8.0-8.0.116-1.0.1.el8_10.aarch64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.116-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//dotnet8.0-8.0.116-1.0.1.el8_10.src.rpm Related CVEs: CVE-2025-26646 Description of changes: [8.0.116-1.0.1] - Add support for Oracle Linux [8.0.116-1] - Update to .NET SDK 8.0.116 and Runtime 8.0.16 - Resolves: RHEL-89446 From el-errata at oss.oracle.com Wed May 21 16:09:51 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:51 -0700 Subject: [El-errata] ELSA-2025-7686 Important: Oracle Linux 8 redis:6 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7686 http://linux.oracle.com/errata/ELSA-2025-7686.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: redis-6.2.18-1.0.1.module+el8.10.0+90576+0f5e8f7a.x86_64.rpm redis-devel-6.2.18-1.0.1.module+el8.10.0+90576+0f5e8f7a.x86_64.rpm redis-doc-6.2.18-1.0.1.module+el8.10.0+90576+0f5e8f7a.noarch.rpm aarch64: redis-6.2.18-1.0.1.module+el8.10.0+90576+0f5e8f7a.aarch64.rpm redis-devel-6.2.18-1.0.1.module+el8.10.0+90576+0f5e8f7a.aarch64.rpm redis-doc-6.2.18-1.0.1.module+el8.10.0+90576+0f5e8f7a.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//redis-6.2.18-1.0.1.module+el8.10.0+90576+0f5e8f7a.src.rpm Related CVEs: CVE-2025-21605 Description of changes: [6.2.18-1.0.1] - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 [6.2.18-1] - rebase to 6.2.18 for CVE-2025-21605 From el-errata at oss.oracle.com Wed May 21 16:09:52 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:52 -0700 Subject: [El-errata] ELSA-2025-7894 Important: Oracle Linux 8 grafana security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7894 http://linux.oracle.com/errata/ELSA-2025-7894.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: grafana-9.2.10-23.el8_10.x86_64.rpm grafana-selinux-9.2.10-23.el8_10.x86_64.rpm aarch64: grafana-9.2.10-23.el8_10.aarch64.rpm grafana-selinux-9.2.10-23.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//grafana-9.2.10-23.el8_10.src.rpm Related CVEs: CVE-2025-4123 Description of changes: [9.2.10-23] - Resolves RHEL-89949: CVE-2025-4123 From el-errata at oss.oracle.com Wed May 21 16:09:54 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:54 -0700 Subject: [El-errata] ELSA-2025-7895 Important: Oracle Linux 8 compat-openssl10 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7895 http://linux.oracle.com/errata/ELSA-2025-7895.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: compat-openssl10-1.0.2o-4.el8_10.1.i686.rpm compat-openssl10-1.0.2o-4.el8_10.1.x86_64.rpm aarch64: compat-openssl10-1.0.2o-4.el8_10.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//compat-openssl10-1.0.2o-4.el8_10.1.src.rpm Related CVEs: CVE-2023-0286 Description of changes: [1.1.0.2o-4.1] - Fix CVE-2023-0286 X.400 address type confusion in X.509 GeneralName Resolves: RHEL-9699 From el-errata at oss.oracle.com Wed May 21 16:09:55 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:55 -0700 Subject: [El-errata] ELSA-2025-7967 Important: Oracle Linux 8 osbuild-composer security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7967 http://linux.oracle.com/errata/ELSA-2025-7967.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: osbuild-composer-101-3.0.1.el8_10.x86_64.rpm osbuild-composer-core-101-3.0.1.el8_10.x86_64.rpm osbuild-composer-worker-101-3.0.1.el8_10.x86_64.rpm aarch64: osbuild-composer-101-3.0.1.el8_10.aarch64.rpm osbuild-composer-core-101-3.0.1.el8_10.aarch64.rpm osbuild-composer-worker-101-3.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//osbuild-composer-101-3.0.1.el8_10.src.rpm Related CVEs: CVE-2025-30204 Description of changes: [101-3.0.1] - Rebuilt to fix: - CVE-2024-34156 - CVE-2024-1394 - RHEL-24303 - RHEL-57905 - Support using repository definitons with OCI variables [JIRA: OLDIS-38657] - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123] - Increase default /boot size to 1GB [Orabug: 36827079] - support for building OL8/9 images on Oracle Linux 8 [Orabug: 36400619] [101-3] - Resolve RHEL-84643 (CVE-2025-30204) From el-errata at oss.oracle.com Wed May 21 16:09:57 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:09:57 -0700 Subject: [El-errata] ELSA-2025-8046 Important: Oracle Linux 8 webkit2gtk3 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8046 http://linux.oracle.com/errata/ELSA-2025-8046.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: webkit2gtk3-2.48.2-1.el8_10.i686.rpm webkit2gtk3-2.48.2-1.el8_10.x86_64.rpm webkit2gtk3-devel-2.48.2-1.el8_10.i686.rpm webkit2gtk3-devel-2.48.2-1.el8_10.x86_64.rpm webkit2gtk3-jsc-2.48.2-1.el8_10.i686.rpm webkit2gtk3-jsc-2.48.2-1.el8_10.x86_64.rpm webkit2gtk3-jsc-devel-2.48.2-1.el8_10.i686.rpm webkit2gtk3-jsc-devel-2.48.2-1.el8_10.x86_64.rpm aarch64: webkit2gtk3-2.48.2-1.el8_10.aarch64.rpm webkit2gtk3-devel-2.48.2-1.el8_10.aarch64.rpm webkit2gtk3-jsc-2.48.2-1.el8_10.aarch64.rpm webkit2gtk3-jsc-devel-2.48.2-1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//webkit2gtk3-2.48.2-1.el8_10.src.rpm Related CVEs: CVE-2025-31205 CVE-2025-31257 Description of changes: [2.48.2-1] - Update to 2.48.2 - Reenable JavaScriptCore JIT From el-errata at oss.oracle.com Wed May 21 16:12:31 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:12:31 -0700 Subject: [El-errata] ELBA-2025-7531-1 Oracle Linux 8 kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7531-1 http://linux.oracle.com/errata/ELBA-2025-7531-1.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.52.1.0.1.el8_10.noarch.rpm kernel-core-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.52.1.0.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm perf-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.52.1.0.1.el8_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.52.1.0.1.el8_10.src.rpm Description of changes: [4.18.0-553.52.1.0.1.el8_10.OL8] - scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230] [4.18.0-553.52.1.el8_10.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] [4.18.0-553.52.1.el8_10.gfd1b] - netfilter: ipset: add missing range check in bitmap_ip_uadt (Florian Westphal) [RHEL-70268] {CVE-2024-53141} - NFS: Extend rdirplus mount option with "force|none" (Benjamin Coddington) [RHEL-16285] - idpf: trigger SW interrupt when exiting wb_on_itr mode (Michal Schmidt) [RHEL-73266] - idpf: add support for SW triggered interrupts (Michal Schmidt) [RHEL-73266] - idpf: fix VF dynamic interrupt ctl register initialization (Michal Schmidt) [RHEL-73266] - idpf: enable WB_ON_ITR (Michal Schmidt) [RHEL-73266] - redhat: require recent enough linux-firmware for qed (Denys Vlasenko) [RHEL-6342] - gfs2: deallocate inodes in gfs2_create_inode (Andreas Gruenbacher) [RHEL-7875] - gfs2: Move GIF_ALLOC_FAILED check out of gfs2_ea_dealloc (Andreas Gruenbacher) [RHEL-7875] - gfs2: Move gfs2_dinode_dealloc (Andreas Gruenbacher) [RHEL-7875] - gfs2: Don't reread inodes unnecessarily (Andreas Gruenbacher) [RHEL-7875] - gfs2: gfs2_create_inode error handling fix (Andreas Gruenbacher) [RHEL-7875] - gfs2: No longer use 'extern' in function declarations (Andreas Gruenbacher) [RHEL-7875] - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (CKI Backport Bot) [RHEL-63668] {CVE-2022-49011} From el-errata at oss.oracle.com Wed May 21 16:12:39 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 21 May 2025 09:12:39 -0700 Subject: [El-errata] OLAMSA-2025-0004 Moderate: Oracle Linux 8 ol-automation-manager security update Message-ID: Oracle Linux Security Advisory OLAMSA-2025-0004 http://linux.oracle.com/errata/OLAMSA-2025-0004.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: ol-automation-manager-2.2.0-33.el8.x86_64.rpm ol-automation-manager-cli-2.2.0-33.el8.noarch.rpm python311-olamkit-2.2.0-33.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//ol-automation-manager-2.2.0-33.el8.src.rpm Related CVEs: CVE-2025-27152 Description of changes: [2.2.0-33.el8] - OLAM-707 Apply patch for CVE-2025-27152 [2.2.0-32.el8] - OLAM-318 Replace var ANSIBLE_COLLECTIONS_PATHS for singular form (ANSIBLE_COLLECTIONS_PATH). From el-errata at oss.oracle.com Thu May 22 07:49:58 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 22 May 2025 09:49:58 +0200 Subject: [El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (4.1.12-124.94.1) Message-ID: Synopsis: 4.1.12-124.94.1 can now be patched using Ksplice CVEs: CVE-2024-47674 CVE-2024-50218 CVE-2024-50301 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle kernel update, 4.1.12-124.94.1. INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on OL6 and OL7 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-47674: Privilege escalation in MMU-based Paged Memory Management driver. A logic error in the MMU-based Paged Memory Management driver could lead to use of uninitialized memory. A local attacker could use this flaw to escalate privileges. Orabug: 37174202 * CVE-2024-50218: Denial-of-service in OCFS2 file system driver. A missing check when using the OCFS2 file system driver could lead to a kernel assertion failure. A local attacker could use this flaw to cause a denial-of-service. Orabug: 37268566 * CVE-2024-50301: Privilege escalation in Keyring subsystem. A missing check when checking if a key can be used in the Keyring subsystem could lead to an out-of-bounds memory access. A local attacker could use this flaw to escalate privileges. Orabug: 37298829 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Thu May 22 15:32:03 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 22 May 2025 08:32:03 -0700 Subject: [El-errata] ELBA-2025-7552 Oracle Linux 8 llvm-toolset:ol8 bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7552 http://linux.oracle.com/errata/ELBA-2025-7552.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: clang-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm clang-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm clang-analyzer-19.1.7-2.module+el8.10.0+90583+7e562d96.noarch.rpm clang-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm clang-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm clang-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm clang-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm clang-resource-filesystem-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm clang-resource-filesystem-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm clang-tools-extra-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm clang-tools-extra-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm clang-tools-extra-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm clang-tools-extra-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm compiler-rt-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm compiler-rt-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm git-clang-format-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm git-clang-format-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm libomp-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm libomp-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm libomp-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm libomp-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm lld-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm lld-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm lldb-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm lldb-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm lldb-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm lldb-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm lld-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm lld-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm lld-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm lld-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm python3.12-clang-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm python3.12-clang-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm python3.12-lit-19.1.7-2.module+el8.10.0+90583+7e562d96.noarch.rpm python3.12-lldb-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm python3.12-lldb-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm llvm-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-cmake-utils-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm llvm-cmake-utils-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-compat-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.i686.rpm llvm-compat-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-compat-devel-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.i686.rpm llvm-compat-devel-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-compat-libs-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.i686.rpm llvm-compat-libs-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm llvm-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-doc-19.1.7-2.module+el8.10.0+90583+7e562d96.noarch.rpm llvm-googletest-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm llvm-googletest-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm llvm-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-static-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm llvm-static-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-test-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm llvm-test-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm llvm-toolset-19.1.7-2.module+el8.10.0+90583+7e562d96.i686.rpm llvm-toolset-19.1.7-2.module+el8.10.0+90583+7e562d96.x86_64.rpm aarch64: clang-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm clang-analyzer-19.1.7-2.module+el8.10.0+90583+7e562d96.noarch.rpm clang-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm clang-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm clang-resource-filesystem-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm clang-tools-extra-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm clang-tools-extra-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm compiler-rt-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm git-clang-format-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm libomp-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm libomp-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm lld-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm lldb-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm lldb-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm lld-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm lld-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm python3.12-clang-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm python3.12-lit-19.1.7-2.module+el8.10.0+90583+7e562d96.noarch.rpm python3.12-lldb-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-cmake-utils-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-compat-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-compat-devel-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-compat-libs-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-devel-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-doc-19.1.7-2.module+el8.10.0+90583+7e562d96.noarch.rpm llvm-googletest-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-libs-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-static-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-test-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm llvm-toolset-19.1.7-2.module+el8.10.0+90583+7e562d96.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//llvm-19.1.7-2.module+el8.10.0+90583+7e562d96.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//llvm-compat-17.0.6-3.0.1.module+el8.10.0+90583+7e562d96.src.rpm Description of changes: llvm [19.1.7-1] - 19.1.7 Release [19.1.5-2] - Remove compat package [19.1.5-1] - Update to 19.1.5 [19.1.3-4] - Add explicit version requires to libomp for llvm-libs [19.1.3-3] - Use gcc-toolset-14 as the default gcc installation [19.1.3-2] - Default to DWARF-4 [19.1.3-1] - 19.1.3 Release llvm-compat [17.0.6-3.0.1] - Recognize Oracle Linux distros [OraBug: 29422714] [17.0.6-3] - Re-enable debuginfo on ppc64le [17.0.6-2] - Add devel package [17.0.6-1] - 17.0.6 Release [16.0.6-4] - Use install targets for clang as well [16.0.6-3] - Only skip install rpath [16.0.6-2] - Disable rpath [16.0.6-1] - 16.0.6 Release [15.0.7-1] - 15.0.7 Release [14.0.6-1] - 14.0.6 Release [13.0.1-1] - Update to 13.0.1 [12.0.1-4] - Add libclang-cpp.so to package [12.0.1-3] - Enable WebAssembly target [12.0.1-2] - 12.0.1 Release * Tue Jun 01 2021 sguelton at redhat.com - 11.0.1-1 - 11.0.1 Release * Fri Sep 25 2020 sguelton at redhat.com - 10.0.1-1 - 10.0.1 Release * Tue Apr 07 2020 sguelton at redhat.com - 9.0.0-1 - 9.0.0 Release [8.0.1-2] - Limit number of build threads using -l option for ninja [8.0.1-1] - 8.0.1 Release * Tue May 14 2019 sguelton at redhat.com - 7.0.1-8 - Mark llvm-libs and clang-libs = 7 as obsoletes * Mon May 13 2019 sguelton at redhat.com - 7.0.1-7 - Mark llvm-libs and clang-libs < 8 as conflics instead of obsoletes * Mon May 13 2019 sguelton at redhat.com - 7.0.1-6 - Declare obsoletes llvm-libs-7 * Mon May 13 2019 sguelton at redhat.com - 7.0.1-5 - Declare obsoletes clang-libs-7 * Wed May 01 2019 sguelton at redhat.com - 7.0.1-4 - Ship libclang.so [7.0.1-3] - Backport r342725 from trunk [7.0.1-2] - Backport r341969 from LLVM trunk [7.0.1-1] - 7.0.1 Release [7.0.1-0.5.rc3] - Drop compat libs [7.0.1-0.4.rc3] - Fix ambiguous python shebangs [7.0.1-0.3.rc3] - Disable threading in thinLTO [7.0.1-0.2.rc3] - Update cmake options for compat build [7.0.1-0.1.rc3] - 7.0.1-rc3 Release [6.0.1-14] - Don't build llvm-test on i686 [6.0.1-13] - Fix build when python2 is not present on system [6.0.1-12] - Fix multi-lib installation of llvm-devel [6.0.1-11] - Add sub-packages for testing [6.0.1-10] - Drop scl macros [6.0.1-9] - Drop libedit dependency [6.0.1-8] - Only enabled valgrind functionality on arches that support it [6.0.1-7] - BuildRequires: python3-devel [6.0.1-6] - Backport fixes for rhbz#1610053, rhbz#1562196, rhbz#1595996 [6.0.1-5] - Fix ld.so.conf.d path in files list [6.0.1-4] - Fix ld.so.conf.d path [6.0.1-3] - Install ld.so.conf so llvm libs are in the library search path [6.0.1-2] - Re-enable doc package now that BREW-2381 is fixed [6.0.1-1] - 6.0.1 Release [5.0.1-13] - Limit build jobs on ppc64 to avoid OOM errors [5.0.1-12] - Switch to python3-sphinx [5.0.1-11] - Remove conditionals to enable building only the llvm-libs package, we don't needs these for module builds. [5.0.1-10] - Add BuildRequires: libstdc++-static - Resolves: #1580785 [5.0.1-9] - Add conditionals to enable building only the llvm-libs package [5.0.1-8] - Drop BuildRequires: libstdc++-static this package does not exist in RHEL8 [5.0.1-7] - Backport fix for rhbz#1558226 from trunk [5.0.1-6] - Backport fix for rhbz#1550469 from trunk [5.0.1-5] - Backport some retpoline fixes [5.0.1-4] - Backport retpoline support [5.0.1-3] - Backport r315279 to fix an issue with rust [5.0.1-2] - Drop ExculdeArch: ppc64 [5.0.1-1] - 5.0.1 Release [4.0.1-3] - Fix Requires for devel package again. [4.0.1-2] - Fix Requires for llvm-devel [4.0.1-1] - 4.0.1 Release [4.0.0-5] - Build for llvm-toolset-7 rename [4.0.0-4] - Remove multi-lib workarounds [4.0.0-3] - Fix build with llvm-toolset-4 scl [4.0.0-2] - Simplify spec with rpm macros. [4.0.0-1] - LLVM 4.0.0 Final Release * Wed Mar 22 2017 tstellar at redhat.com - 3.9.1-6 - Fix %postun sep for -devel package. [3.9.1-5] - Disable failing tests on ARM. [3.9.1-4] - Fix missing mask on relocation for aarch64 (rhbz 1429050) [3.9.1-3] - revert upstream radeonsi breaking change. [3.9.1-2] - disable sphinx warnings-as-errors [3.9.1-1] - llvm 3.9.1 [3.9.0-8] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild [3.9.0-7] - Apply backports from rust-lang/llvm#55, #57 * Tue Nov 01 2016 Dave Airlie Oracle Linux Security Advisory ELSA-2025-8060 http://linux.oracle.com/errata/ELSA-2025-8060.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.10.1-1.el8_10.x86_64.rpm aarch64: firefox-128.10.1-1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//firefox-128.10.1-1.el8_10.src.rpm Related CVEs: CVE-2025-4918 CVE-2025-4919 Description of changes: [128.10.1-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789] [128.10.1] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.10.1-1] - Update to 128.10.1 From el-errata at oss.oracle.com Thu May 22 15:32:05 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 22 May 2025 08:32:05 -0700 Subject: [El-errata] ELSA-2025-8056 Important: Oracle Linux 8 kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8056 http://linux.oracle.com/errata/ELSA-2025-8056.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.53.1.el8_10.noarch.rpm kernel-core-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.53.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.53.1.el8_10.x86_64.rpm perf-4.18.0-553.53.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.53.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.53.1.el8_10.x86_64.rpm aarch64: bpftool-4.18.0-553.53.1.el8_10.aarch64.rpm kernel-cross-headers-4.18.0-553.53.1.el8_10.aarch64.rpm kernel-headers-4.18.0-553.53.1.el8_10.aarch64.rpm kernel-tools-4.18.0-553.53.1.el8_10.aarch64.rpm kernel-tools-libs-4.18.0-553.53.1.el8_10.aarch64.rpm perf-4.18.0-553.53.1.el8_10.aarch64.rpm python3-perf-4.18.0-553.53.1.el8_10.aarch64.rpm kernel-tools-libs-devel-4.18.0-553.53.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.53.1.el8_10.src.rpm Related CVEs: CVE-2024-40906 CVE-2024-44970 CVE-2025-21756 Description of changes: - [4.18.0-553.53.1.el8_10.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] [4.18.0-553.53.1.el8_10] - net/mlx5: Always stop health timer during driver removal (Michal Schmidt) [RHEL-47712] {CVE-2024-40906} - net/mlx5: Split function_setup() to enable and open functions (Michal Schmidt) [RHEL-47712] - net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Michal Schmidt) [RHEL-57117] {CVE-2024-44970} - net/mlx5e: SHAMPO, Fix incorrect page release (Michal Schmidt) [RHEL-57117] {CVE-2024-46717} - s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (Mete Durlu) [RHEL-88819] - platform/x86: dell-wmi-sysman: Make init_bios_attributes() ACPI object parsing more robust (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Cleanup create_attributes_level_sysfs_files() (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Make sysman_init() return -ENODEV of the interfaces are not found (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Cleanup sysman_init() error-exit handling (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Fix release_attributes_data() getting called twice on init_bios_attributes() failure (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Make it safe to call exit_foo_attributes() multiple times (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Fix possible NULL pointer deref on exit (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Fix crash caused by calling kset_unregister twice (Jay Shin) [RHEL-88714] - x86/kexec: Add EFI config table identity mapping for kexec kernel (Herton R. Krzesinski) [RHEL-71793] - vsock: Orphan socket after transport release (Jay Shin) [RHEL-89099] {CVE-2025-21756} - vsock: Keep the binding until socket destruction (Jay Shin) [RHEL-89099] {CVE-2025-21756} - bpf, vsock: Invoke proto::close on close() (Jay Shin) [RHEL-89099] {CVE-2025-21756} From el-errata at oss.oracle.com Thu May 22 15:32:01 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 22 May 2025 08:32:01 -0700 Subject: [El-errata] ELBA-2025-7550 Oracle Linux 8 rust-toolset:ol8 bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7550 http://linux.oracle.com/errata/ELBA-2025-7550.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: cargo-1.84.1-2.module+el8.10.0+90582+aae0c339.x86_64.rpm clippy-1.84.1-2.module+el8.10.0+90582+aae0c339.x86_64.rpm rust-1.84.1-2.module+el8.10.0+90582+aae0c339.x86_64.rpm rust-analyzer-1.84.1-2.module+el8.10.0+90582+aae0c339.x86_64.rpm rust-debugger-common-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-doc-1.84.1-2.module+el8.10.0+90582+aae0c339.x86_64.rpm rustfmt-1.84.1-2.module+el8.10.0+90582+aae0c339.x86_64.rpm rust-gdb-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-lldb-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-src-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-std-static-1.84.1-2.module+el8.10.0+90582+aae0c339.x86_64.rpm rust-std-static-wasm32-unknown-unknown-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-std-static-wasm32-wasip1-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-toolset-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm aarch64: cargo-1.84.1-2.module+el8.10.0+90582+aae0c339.aarch64.rpm clippy-1.84.1-2.module+el8.10.0+90582+aae0c339.aarch64.rpm rust-1.84.1-2.module+el8.10.0+90582+aae0c339.aarch64.rpm rust-analyzer-1.84.1-2.module+el8.10.0+90582+aae0c339.aarch64.rpm rust-debugger-common-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-doc-1.84.1-2.module+el8.10.0+90582+aae0c339.aarch64.rpm rustfmt-1.84.1-2.module+el8.10.0+90582+aae0c339.aarch64.rpm rust-gdb-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-lldb-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-src-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-std-static-1.84.1-2.module+el8.10.0+90582+aae0c339.aarch64.rpm rust-std-static-wasm32-unknown-unknown-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-std-static-wasm32-wasip1-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm rust-toolset-1.84.1-2.module+el8.10.0+90582+aae0c339.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//rust-1.84.1-2.module+el8.10.0+90582+aae0c339.src.rpm Description of changes: [1.84.1-2] - Use python3.12 prefix for lldb Requires [1.84.1-1] - Update to 1.84.1 [1.84.0-1] - Update to 1.84.0 [1.83.0-1] - Update to 1.83.0 - Remove the subshell in the cargo_install macro [1.82.0-1] - Update to 1.82.0 [1.81.0-1] - Update to 1.81.0 [1.80.1-1] - Update to 1.80.1 [1.79.0-2] - Disable jump threading of float equality [1.79.0-1] - Update to 1.79.0 [1.78.0-1] - Update to 1.78.0 - Make std-static-wasm* noarch again [1.77.2-1] - Update to 1.77.2. [1.76.0-1] - Update to 1.76.0. - Sync rust-toolset macros to rust-packaging v25.2 [1.75.0-1] - Update to 1.75.0. [1.74.1-1] - Update to 1.74.1. [1.73.0-1] - Update to 1.73.0. - Use emmalloc instead of CC0 dlmalloc when bundling wasi-libc [1.72.1-1] - Update to 1.72.1. - Migrated to SPDX license [1.71.1-1] - Update to 1.71.1. - Security fix for CVE-2023-38497 [1.71.0-2] - Relax the suspicious_double_ref_op lint (rhbz2225471) - Enable the profiler runtime for native hosts (rhbz2213875) [1.71.0-1] - Update to 1.71.0. [1.70.0-1] - Update to 1.70.0. [1.69.0-1] - Update to 1.69.0. - Obsolete rust-analysis. [1.68.2-1] - Update to 1.68.2. [1.67.1-1] - Update to 1.67.1. [1.66.1-1] - Update to 1.66.1. [1.65.0-1] - Update to 1.65.0. - rust-analyzer now obsoletes rls. [1.64.0-1] - Update to 1.64.0. - Add rust-analyzer. [1.63.0-1] - Update to 1.63.0. [1.62.1-1] - Update to 1.62.1. [1.62.0-2] - Prevent unsound coercions from functions with opaque return types. [1.62.0-1] - Update to 1.62.0. [1.61.0-1] - Update to 1.61.0. - Add rust-toolset as a subpackage. [1.60.0-1] - Update to 1.60.0. [1.59.0-1] - Update to 1.59.0. [1.58.1-1] - Update to 1.58.1. [1.58.0-1] - Update to 1.58.0. [1.57.0-1] - Update to 1.57.0. [1.56.1-2] - Add rust-std-static-wasm32-wasi Resolves: rhbz#1980080 [1.56.0-1] - Update to 1.56.1. [1.55.0-1] - Update to 1.55.0. - Backport support for LLVM 13. [1.54.0-2] - Make std-static-wasm* arch-specific to avoid s390x. [1.54.0-1] - Update to 1.54.0. [1.53.0-2] - Use llvm-ranlib to fix wasm archives. [1.53.0-1] - Update to 1.53.0. [1.52.1-2] - Set rust.codegen-units-std=1 for all targets again. - Add rust-std-static-wasm32-unknown-unknown. [1.52.1-1] - Update to 1.52.1. Includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162. [1.51.0-1] - Update to 1.51.0. Update to 1.51.0. Includes security fixes for CVE-2021-28875 and CVE-2021-28877. [1.50.0-1] - Update to 1.50.0. [1.49.0-1] - Update to 1.49.0. [1.48.0-1] - Update to 1.48.0. [1.47.0-1] - Update to 1.47.0. [1.46.0-1] - Update to 1.46.0. [1.45.2-1] - Update to 1.45.2. [1.45.0-1] - Update to 1.45.0. [1.44.1-1] - Update to 1.44.1. [1.43.1-1] - Update to 1.43.1. [1.43.0-1] - Update to 1.43.0. [1.42.0-1] - Update to 1.42.0. [1.41.1-1] - Update to 1.41.1. [1.41.0-1] - Update to 1.41.0. [1.40.0-1] - Update to 1.40.0. - Fix compiletest with newer (local-rebuild) libtest - Build compiletest with in-tree libtest - Fix ARM EHABI unwinding [1.39.0-2] - Fix a couple build and test issues with rustdoc. [1.39.0-1] - Update to 1.39.0. [1.38.0-1] - Update to 1.38.0. [1.37.0-1] - Update to 1.37.0. - Disable libssh2 (git+ssh support). [1.36.0-1] - Update to 1.36.0. [1.35.0-2] - Fix compiletest for rebuild testing. [1.35.0-1] - Update to 1.35.0. [1.34.2-1] - Update to 1.34.2 -- fixes CVE-2019-12083. [1.34.1-1] - Update to 1.34.1. [1.34.0-1] - Update to 1.34.0. [1.33.0-1] - Update to 1.33.0. [1.32.0-1] - Update to 1.32.0. [1.31.0-5] - Restore rust-lldb. [1.31.0-4] - Backport fixes for rls. [1.31.0-3] - Update to 1.31.0 -- Rust 2018! - clippy/rls/rustfmt are no longer -preview [1.30.1-2] - Update to 1.30.1. [1.29.2-1] - Update to 1.29.2. [1.28.0-1] - Update to 1.28.0. [1.27.2-1] - Update to 1.27.2. [1.26.2-12] - Fix "fp" target feature for AArch64 (#1632880) [1.26.2-11] - Security fix for str::repeat (pending CVE). [1.26.2-10] - Rebuild without bootstrap binaries. [1.26.2-9] - Bootstrap without SCL packaging. (rhbz1635067) [1.26.2-8] - Use python3 prefix for lldb Requires [1.26.2-7] - Build with platform-python [1.26.2-6] - Exclude rust-src from auto-requires [1.26.2-5] - Rebuild without bootstrap binaries. [1.26.2-4] - Bootstrap as a module. [1.26.2-3] - Update to 1.26.2. [1.26.1-2] - Update to 1.26.1. [1.26.0-1] - Update to 1.26.0. [1.25.0-2] - Filter codegen-backends from Provides too. [1.25.0-1] - Update to 1.25.0. - Add rustfmt-preview as a subpackage. [1.24.0-1] - Update to 1.24.0. [1.23.0-2] - Rebuild without bootstrap binaries. [1.23.0-1] - Bootstrap 1.23 on el8. From el-errata at oss.oracle.com Fri May 23 06:36:41 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 06:36:41 +0000 Subject: [El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2025-20319) References: <885627f7e67625e96166020a0cd51dfd.apache@ksplice.com> Message-ID: Synopsis: ELSA-2025-20319 can now be patched using Ksplice CVEs: CVE-2023-52532 CVE-2024-26982 CVE-2024-35884 CVE-2024-58001 CVE-2024-58017 CVE-2024-58069 CVE-2025-21700 CVE-2025-21702 CVE-2025-21704 CVE-2025-21719 CVE-2025-21731 CVE-2025-21753 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21858 CVE-2025-21920 CVE-2025-21926 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2025-20319. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2025-20319.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on OL7 and OL8 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2023-52532: Denial-of-service in Microsoft Azure Network Adapter (MANA) driver. A logic error when handling a TX CQE error in the Microsoft Azure Network Adapter (MANA) driver could lead to a reference count leak. A local attacker could use this flaw to cause a denial-of-service. Orabug: 36983924 * CVE-2024-26982: Denial-of-service in SquashFS. A missing check when using SquashFS could lead to an out-of-bounds memory access. A local attacker could use this flaw to cause a denial- of-service. * CVE-2024-35884: Denial-of-service in Generic Segmentation Offload driver. An incorrect handling logic of packets in Generic Segmentation Offload code in the Linux kernel networking stack can result in an internal assertion triggering. An attacker can use this flaw to cause denial-of-service. Orabug: 36643088 * CVE-2024-58001: Denial-of-service in OCFS2 filesystem. Incorrect reference counting when using the OCFS2 filesystem could lead to a memory leak. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-58017: Integer overflow in printk. Undefined behaviour in the printk code could lead to an integer overflow. * CVE-2024-58069: Privilege escalation in NXP-PCF85063 RTC chip driver. A logic error when using the rtc-pcf85063 driver could lead to an out-of-bounds memory write. A local attacker could use this flaw to escalate privileges. * CVE-2025-21700: Privilege escalation in network QoS/scheduling driver. A logic error when using the network QoS/scheduling driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21702: Privilege escalation in network QoS/scheduling driver. A missing check when using the network QoS/scheduling driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21704: Memory corruption in USB Modem (CDC ACM) driver. A logic error when using the USB Modem (CDC ACM) driver could lead to an integer underflow. A local attacker could use this flaw to cause memory corruption. * CVE-2025-21719: Denial-of-service in TCP/IP networking stack. A logic error when using the TCP/IP networking stack could lead to a kernel crash. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21731: Privilege escalation in network block device driver. A race condition when using the nbd driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21753: Privilege escalation in BTRFS filesystem. A race condition when using the BTRFS filesystem could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21785: Code execution in Arm64 cacheinfo support. A logic error in Arm64 cacheinfo support (processor cache) can lead to out-of-bounds write. An attacker could use this exploit to execute arbitrary code, but that's not really possible as of now. But let's make the CVE scanners happy. * CVE-2025-21787: Denial-of-service in Ethernet team driver. Incorrect checks on parameters passed from userspace when using the Ethernet team driver could lead to an out-of-bounds memory read. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21791: Privilege escalation in layer 3 master device support. A race condition when using an L3 master device could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21858: Privilege escalation in Generic Network Virtualization Encapsulation driver. A logic error when using the geneve driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21920: Information leak in ethernet VLAN stack. A missing check for device type in the ethernet VLAN stack could lead to kernel address leak. As System.map file is also readable by an unprivileged attacker, KASLR can be bypassed since the attacker can find out the relative offsets and combine that with the leaked address to find the address of any kernel symbol, which can facilitate an attack, like privilege escalation. * CVE-2025-21926: Denial-of-service in UDPv4 Generic Segmentation Offload support. A logic error when using UDPv4 sockets with GSO could lead to a kernel panic. A local attacker could use this flaw to cause a denial-of-service. * Denial-of-service due to controller reset in NVMe driver. A logic error when allocating namespace using the NVMe driver could lead to a deadlock if a controller reset occurs. A local attacker could use this flaw to cause a denial-of-service. Orabug: 37920457 * Information leak in USB Modem (CDC ACM) driver. A missing check when using the USB Modem (CDC ACM) driver could lead to use of uninitialized memory. A local attacker could use this flaw to extract sensitive information. * Note: Oracle has determined some CVEs are not applicable. The kernel is not affected by the following CVEs since the code under consideration is not compiled. CVE-2024-58007, CVE-2024-58010, CVE-2024-58051, CVE-2024-58085, CVE-2025-21715, CVE-2025-21718, CVE-2025-21721, CVE-2025-21722, CVE-2025-21735, CVE-2025-21736, CVE-2025-21749, CVE-2025-21781, CVE-2025-21782, CVE-2025-21811, CVE-2025-21823, CVE-2025-21835, CVE-2025-21859, CVE-2025-21866, CVE-2025-21904, CVE-2025-21914, CVE-2025-21925, CVE-2025-21934, CVE-2025-21935, CVE-2025-39735 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Fri May 23 17:10:35 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:35 -0700 Subject: [El-errata] ELBA-2025-7388 Oracle Linux 9 perl-CPAN bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7388 http://linux.oracle.com/errata/ELBA-2025-7388.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: perl-CPAN-2.29-5.el9_6.noarch.rpm aarch64: perl-CPAN-2.29-5.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//perl-CPAN-2.29-5.el9_6.src.rpm Description of changes: [2.29-5] - Resolves: RHEL-77187 - Update man page [2.29-4] - Resolves: RHEL-77187 - Fix permission for creating site directories From el-errata at oss.oracle.com Fri May 23 17:10:36 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:36 -0700 Subject: [El-errata] ELBA-2025-7390 Oracle Linux 9 delve and golang bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7390 http://linux.oracle.com/errata/ELBA-2025-7390.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: delve-1.24.1-2.0.1.el9_6.x86_64.rpm go-toolset-1.23.6-2.el9_6.x86_64.rpm golang-1.23.6-2.el9_6.x86_64.rpm golang-bin-1.23.6-2.el9_6.x86_64.rpm golang-docs-1.23.6-2.el9_6.noarch.rpm golang-misc-1.23.6-2.el9_6.noarch.rpm golang-race-1.23.6-2.el9_6.x86_64.rpm golang-src-1.23.6-2.el9_6.noarch.rpm golang-tests-1.23.6-2.el9_6.noarch.rpm aarch64: delve-1.24.1-2.0.1.el9_6.aarch64.rpm go-toolset-1.23.6-2.el9_6.aarch64.rpm golang-1.23.6-2.el9_6.aarch64.rpm golang-bin-1.23.6-2.el9_6.aarch64.rpm golang-docs-1.23.6-2.el9_6.noarch.rpm golang-misc-1.23.6-2.el9_6.noarch.rpm golang-race-1.23.6-2.el9_6.aarch64.rpm golang-src-1.23.6-2.el9_6.noarch.rpm golang-tests-1.23.6-2.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//delve-1.24.1-2.0.1.el9_6.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//golang-1.23.6-2.el9_6.src.rpm Description of changes: delve [1.24.1-2.0.1] - Disable DWARF compression which has issues (Alex Burmashev) [1.24.1-2] - Fix 3 test failures - Resolves: RHEL-83939 - Resolves: RHEL-83958 - Resolves: RHEL-7373 [1.24.1-1] - Rebase to Delve 1.24.1 - Resolves: RHEL-64445 golang [1.23.6-2] - Fix runtime usleep issue on s390x (runtime-usleep-s390x.patch) - Resolves: RHEL-81242 [1.23.6-1] - Update to Go 1.23.6 (fips-1) - Resolves: RHEL-80344 [1.23.4-1] - Update to Go 1.23.4 (fips-1) - Resolves: RHEL-61048 - Resolves: RHEL-61223 [1.23.2-1] - Rebase to Go1.23.2 - Remove fix standard crypto panic patch as the source already has changes - Resolves: RHEL-62392 From el-errata at oss.oracle.com Fri May 23 17:10:38 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:38 -0700 Subject: [El-errata] ELBA-2025-7393 Oracle Linux 9 rpm-ostree bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7393 http://linux.oracle.com/errata/ELBA-2025-7393.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: rpm-ostree-2025.6-5.el9_6.x86_64.rpm rpm-ostree-libs-2025.6-5.el9_6.i686.rpm rpm-ostree-libs-2025.6-5.el9_6.x86_64.rpm aarch64: rpm-ostree-2025.6-5.el9_6.aarch64.rpm rpm-ostree-libs-2025.6-5.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//rpm-ostree-2025.6-5.el9_6.src.rpm Description of changes: [2025.6-5] - Backport: https://github.com/coreos/rpm-ostree/pull/5351 Resolves: #RHEL-85683 [2025.6-4] - Backport: https://github.com/coreos/rpm-ostree/pull/5343 Resolves: #RHEL-85391 [2025.6-3] - Backport: https://github.com/coreos/rpm-ostree/pull/5341 Backport: https://github.com/coreos/rpm-ostree/pull/5322 Backport: https://github.com/coreos/rpm-ostree/pull/5339 Resolves: #RHEL-84465 [2025.6-2] - Update to 2025.6 Resolves: #RHEL-82201 From el-errata at oss.oracle.com Fri May 23 17:10:40 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:40 -0700 Subject: [El-errata] ELBA-2025-7399 Oracle Linux 9 crun bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7399 http://linux.oracle.com/errata/ELBA-2025-7399.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: crun-1.21-1.el9_6.x86_64.rpm aarch64: crun-1.21-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//crun-1.21-1.el9_6.src.rpm Description of changes: [1.21-1] - update to https://github.com/containers/crun/releases/tag/1.21 - Resolves: RHEL-84950 [1.20-2] - fix gating.yaml - Resolves: RHEL-83146 [1.20-1] - update to https://github.com/containers/crun/releases/tag/1.20 - Related: RHEL-60277 From el-errata at oss.oracle.com Fri May 23 17:10:41 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:41 -0700 Subject: [El-errata] ELBA-2025-7401 Oracle Linux 9 gnome-kiosk bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7401 http://linux.oracle.com/errata/ELBA-2025-7401.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: gnome-kiosk-40.0-7.el9_6.x86_64.rpm gnome-kiosk-script-session-40.0-7.el9_6.noarch.rpm gnome-kiosk-search-appliance-40.0-7.el9_6.noarch.rpm aarch64: gnome-kiosk-40.0-7.el9_6.aarch64.rpm gnome-kiosk-script-session-40.0-7.el9_6.noarch.rpm gnome-kiosk-search-appliance-40.0-7.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//gnome-kiosk-40.0-7.el9_6.src.rpm Description of changes: [40.0-7] - search-app: Add systemd session files Resolves: https://issues.redhat.com/browse/RHEL-84030 From el-errata at oss.oracle.com Fri May 23 17:10:43 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:43 -0700 Subject: [El-errata] ELBA-2025-7403 Oracle Linux 9 netavark bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7403 http://linux.oracle.com/errata/ELBA-2025-7403.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: netavark-1.14.1-1.el9_6.x86_64.rpm aarch64: netavark-1.14.1-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//netavark-1.14.1-1.el9_6.src.rpm Description of changes: [2:1.14.1-1] - update to https://github.com/containers/netavark/releases/tag/v1.14.1 - Resolves: RHEL-80267 From el-errata at oss.oracle.com Fri May 23 17:10:45 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:45 -0700 Subject: [El-errata] ELBA-2025-7411 Oracle Linux 9 osbuild bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7411 http://linux.oracle.com/errata/ELBA-2025-7411.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: osbuild-141.2-1.0.1.el9_6.noarch.rpm osbuild-depsolve-dnf-141.2-1.0.1.el9_6.noarch.rpm osbuild-luks2-141.2-1.0.1.el9_6.noarch.rpm osbuild-lvm2-141.2-1.0.1.el9_6.noarch.rpm osbuild-ostree-141.2-1.0.1.el9_6.noarch.rpm osbuild-selinux-141.2-1.0.1.el9_6.noarch.rpm python3-osbuild-141.2-1.0.1.el9_6.noarch.rpm aarch64: osbuild-141.2-1.0.1.el9_6.noarch.rpm osbuild-depsolve-dnf-141.2-1.0.1.el9_6.noarch.rpm osbuild-luks2-141.2-1.0.1.el9_6.noarch.rpm osbuild-lvm2-141.2-1.0.1.el9_6.noarch.rpm osbuild-ostree-141.2-1.0.1.el9_6.noarch.rpm osbuild-selinux-141.2-1.0.1.el9_6.noarch.rpm python3-osbuild-141.2-1.0.1.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//osbuild-141.2-1.0.1.el9_6.src.rpm Description of changes: [141.2-1.0.1] - Add runner for ol8 and ol9 [Orabug: 36400619] [141.2.openela.0.2] - Add OpenELA runners [141.2-1] - Resolve RHEL-85560 From el-errata at oss.oracle.com Fri May 23 17:10:44 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:44 -0700 Subject: [El-errata] ELBA-2025-7406 Oracle Linux 9 container-selinux bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7406 http://linux.oracle.com/errata/ELBA-2025-7406.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: container-selinux-2.235.0-2.el9_6.noarch.rpm aarch64: container-selinux-2.235.0-2.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//container-selinux-2.235.0-2.el9_6.src.rpm Description of changes: [4:2.235.0-2] - rebuild - Related: RHEL-85434 From el-errata at oss.oracle.com Fri May 23 17:10:47 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:47 -0700 Subject: [El-errata] ELBA-2025-7413 Oracle Linux 9 nmstate bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7413 http://linux.oracle.com/errata/ELBA-2025-7413.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nmstate-2.2.44-1.el9_6.x86_64.rpm nmstate-libs-2.2.44-1.el9_6.i686.rpm nmstate-libs-2.2.44-1.el9_6.x86_64.rpm python3-libnmstate-2.2.44-1.el9_6.x86_64.rpm nmstate-devel-2.2.44-1.el9_6.i686.rpm nmstate-devel-2.2.44-1.el9_6.x86_64.rpm nmstate-static-2.2.44-1.el9_6.i686.rpm nmstate-static-2.2.44-1.el9_6.x86_64.rpm aarch64: nmstate-2.2.44-1.el9_6.aarch64.rpm nmstate-libs-2.2.44-1.el9_6.aarch64.rpm python3-libnmstate-2.2.44-1.el9_6.aarch64.rpm nmstate-devel-2.2.44-1.el9_6.aarch64.rpm nmstate-static-2.2.44-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nmstate-2.2.44-1.el9_6.src.rpm Description of changes: [2.2.44-1] - Upgrade to 2.2.44 - Fix reapply on interface refered by MAC. RHEL-87793 [2.2.43-1] - Upgrade to 2.2.43 - Support ethtool Forward Error Correction (FEC). RHEL-80786 - Support nm connection with empty connection.interface-name. RHEL-82662 From el-errata at oss.oracle.com Fri May 23 17:10:50 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:50 -0700 Subject: [El-errata] ELBA-2025-7414 Oracle Linux 9 go-rpm-macros bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7414 http://linux.oracle.com/errata/ELBA-2025-7414.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: go-filesystem-3.6.0-10.el9_6.x86_64.rpm go-rpm-macros-3.6.0-10.el9_6.x86_64.rpm go-rpm-templates-3.6.0-10.el9_6.noarch.rpm go-srpm-macros-3.6.0-10.el9_6.noarch.rpm aarch64: go-filesystem-3.6.0-10.el9_6.aarch64.rpm go-rpm-macros-3.6.0-10.el9_6.aarch64.rpm go-rpm-templates-3.6.0-10.el9_6.noarch.rpm go-srpm-macros-3.6.0-10.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//go-rpm-macros-3.6.0-10.el9_6.src.rpm Description of changes: [3.6.0-10] - Add full golist implementation - Resolves: RHEL-86879 - Resolves: RHEL-86880 From el-errata at oss.oracle.com Fri May 23 17:10:51 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:51 -0700 Subject: [El-errata] ELBA-2025-7415 Oracle Linux 9 oci-seccomp-bpf-hook bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7415 http://linux.oracle.com/errata/ELBA-2025-7415.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: oci-seccomp-bpf-hook-1.2.11-1.el9_6.x86_64.rpm aarch64: oci-seccomp-bpf-hook-1.2.11-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//oci-seccomp-bpf-hook-1.2.11-1.el9_6.src.rpm Description of changes: [1.2.11-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.11 - simplify spec - Resolves: RHEL-85582 From el-errata at oss.oracle.com Fri May 23 17:10:53 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:53 -0700 Subject: [El-errata] ELBA-2025-7434 Oracle Linux 9 libvirt bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7434 http://linux.oracle.com/errata/ELBA-2025-7434.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libvirt-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-client-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-client-qemu-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-common-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-config-network-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-config-nwfilter-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-interface-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-network-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-nodedev-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-nwfilter-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-qemu-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-secret-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-core-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-disk-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-iscsi-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-logical-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-mpath-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-rbd-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-scsi-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-kvm-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-lock-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-log-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-plugin-lockd-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-proxy-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-libs-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-nss-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-ssh-proxy-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-daemon-plugin-sanlock-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-devel-10.10.0-7.3.0.1.el9_6.x86_64.rpm libvirt-docs-10.10.0-7.3.0.1.el9_6.x86_64.rpm aarch64: libvirt-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-client-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-client-qemu-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-common-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-config-network-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-config-nwfilter-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-interface-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-network-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-nodedev-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-nwfilter-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-qemu-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-secret-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-core-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-disk-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-iscsi-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-logical-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-mpath-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-rbd-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-scsi-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-kvm-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-lock-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-log-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-plugin-lockd-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-proxy-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-libs-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-nss-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-ssh-proxy-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-daemon-plugin-sanlock-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-devel-10.10.0-7.3.0.1.el9_6.aarch64.rpm libvirt-docs-10.10.0-7.3.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libvirt-10.10.0-7.3.0.1.el9_6.src.rpm Description of changes: [10.10.0-7.3.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] [10.10.0-7.3.el9_6] - Add load average information type into virDomainGetGuestInfo (RHEL-88449) - qemu_agent: Add qemuAgentGetLoadAvg() (RHEL-88449) - qemu: Add support for VIR_DOMAIN_GUEST_INFO_LOAD (RHEL-88449) - virsh: Add support for VIR_DOMAIN_GUEST_INFO_LOAD (RHEL-88449) [10.10.0-7.2.el9_6] - util: introduce object for holding a system inhibitor lock (RHEL-83076) - src: convert drivers over to new virInhibitor APIs (RHEL-83076) - rpc: remove logind support for virNetDaemon (RHEL-83076) - util: fix off-by-1 in inhibitor constants (RHEL-83076) - util: don't attempt to acquire logind inhibitor if not requested (RHEL-83076) - network: Free inhibitor in networkStateCleanup() (RHEL-83076) - conf: parse interface/source/@dev for all interface types (with backend type='passt') (RHEL-84689) - qemu: remove nonsensical sanity check in processNetdevStreamDisconnectedEvent() (RHEL-84782) - qemu: make processNetDevStreamDisconnectedEvent() reusable (RHEL-84782) - qemu: respond to NETDEV_VHOST_USER_DISCONNECTED event (RHEL-84782) - qemu: put vhost-user code that's special for passt in a helper function (RHEL-84782) - qemu: make passt+vhostuser reconnect behave identically to passt+user (RHEL-84782) From el-errata at oss.oracle.com Fri May 23 17:10:54 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:54 -0700 Subject: [El-errata] ELBA-2025-7439 Oracle Linux 9 qemu-kvm bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7439 http://linux.oracle.com/errata/ELBA-2025-7439.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: qemu-guest-agent-9.1.0-15.el9_6.4.x86_64.rpm qemu-img-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-audio-pa-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-block-blkio-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-block-curl-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-block-rbd-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-common-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-core-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-device-display-virtio-gpu-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-device-display-virtio-vga-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-device-usb-host-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-device-usb-redirect-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-docs-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-tools-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-ui-egl-headless-9.1.0-15.el9_6.4.x86_64.rpm qemu-kvm-ui-opengl-9.1.0-15.el9_6.4.x86_64.rpm qemu-pr-helper-9.1.0-15.el9_6.4.x86_64.rpm aarch64: qemu-guest-agent-9.1.0-15.el9_6.4.aarch64.rpm qemu-img-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-audio-pa-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-block-blkio-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-block-curl-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-block-rbd-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-common-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-core-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-device-display-virtio-gpu-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-device-usb-host-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-device-usb-redirect-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-docs-9.1.0-15.el9_6.4.aarch64.rpm qemu-kvm-tools-9.1.0-15.el9_6.4.aarch64.rpm qemu-pr-helper-9.1.0-15.el9_6.4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//qemu-kvm-9.1.0-15.el9_6.4.src.rpm Description of changes: [9.1.0-15.el9_6.4] - kvm-file-posix-probe-discard-alignment-on-Linux-block-de.patch [RHEL-87734] - kvm-block-io-skip-head-tail-requests-on-EINVAL.patch [RHEL-87734] - kvm-file-posix-Fix-crash-on-discard_granularity-0.patch [RHEL-87734] - Resolves: RHEL-87734 (QEMU sends unaligned discards on 4K devices [rhel-9.6.z]) [9.1.0-15.el9_6.3] - kvm-qga-implement-a-guest-get-load-command.patch [RHEL-83000] - Resolves: RHEL-83000 ([qemu-guest-agent][RFE] Report CPU load average [rhel-9.6.z]) From el-errata at oss.oracle.com Fri May 23 17:10:55 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:55 -0700 Subject: [El-errata] ELBA-2025-7443 Oracle Linux 9 glibc bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7443 http://linux.oracle.com/errata/ELBA-2025-7443.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: glibc-2.34-168.0.1.el9_6.14.i686.rpm glibc-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-all-langpacks-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-common-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-devel-2.34-168.0.1.el9_6.14.i686.rpm glibc-devel-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-doc-2.34-168.0.1.el9_6.14.noarch.rpm glibc-gconv-extra-2.34-168.0.1.el9_6.14.i686.rpm glibc-gconv-extra-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-headers-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-aa-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-af-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-agr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ak-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-am-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-an-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-anp-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ar-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-as-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ast-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ayc-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-az-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-be-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-bem-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ber-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-bg-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-bhb-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-bho-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-bi-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-bn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-bo-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-br-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-brx-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-bs-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-byn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ca-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ce-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-chr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ckb-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-cmn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-crh-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-cs-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-csb-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-cv-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-cy-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-da-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-de-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-doi-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-dsb-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-dv-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-dz-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-el-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-en-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-eo-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-es-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-et-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-eu-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-fa-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ff-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-fi-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-fil-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-fo-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-fr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-fur-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-fy-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ga-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-gd-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-gez-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-gl-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-gu-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-gv-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ha-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-hak-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-he-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-hi-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-hif-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-hne-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-hr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-hsb-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ht-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-hu-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-hy-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ia-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-id-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ig-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ik-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-is-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-it-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-iu-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ja-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ka-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-kab-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-kk-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-kl-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-km-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-kn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ko-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-kok-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ks-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ku-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-kw-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ky-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-lb-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-lg-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-li-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-lij-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ln-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-lo-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-lt-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-lv-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-lzh-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mag-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mai-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mfe-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mg-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mhr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mi-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-miq-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mjw-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mk-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ml-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mni-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mnw-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ms-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-mt-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-my-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-nan-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-nb-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-nds-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ne-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-nhn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-niu-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-nl-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-nn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-nr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-nso-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-oc-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-om-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-or-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-os-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-pa-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-pap-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-pl-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ps-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-pt-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-quz-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-raj-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ro-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ru-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-rw-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sa-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sah-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sat-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sc-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sd-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-se-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sgs-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-shn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-shs-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-si-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sid-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sk-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sl-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sm-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-so-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sq-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ss-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-st-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sv-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-sw-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-szl-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ta-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tcy-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-te-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tg-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-th-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-the-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ti-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tig-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tk-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tl-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tn-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-to-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tpi-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tr-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ts-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-tt-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ug-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-uk-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-unm-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ur-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-uz-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-ve-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-vi-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-wa-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-wae-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-wal-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-wo-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-xh-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-yi-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-yo-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-yue-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-yuw-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-zh-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-langpack-zu-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-locale-source-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-minimal-langpack-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-utils-2.34-168.0.1.el9_6.14.x86_64.rpm libnsl-2.34-168.0.1.el9_6.14.i686.rpm libnsl-2.34-168.0.1.el9_6.14.x86_64.rpm nscd-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-benchtests-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-nss-devel-2.34-168.0.1.el9_6.14.i686.rpm glibc-nss-devel-2.34-168.0.1.el9_6.14.x86_64.rpm glibc-static-2.34-168.0.1.el9_6.14.i686.rpm glibc-static-2.34-168.0.1.el9_6.14.x86_64.rpm nss_db-2.34-168.0.1.el9_6.14.i686.rpm nss_db-2.34-168.0.1.el9_6.14.x86_64.rpm nss_hesiod-2.34-168.0.1.el9_6.14.i686.rpm nss_hesiod-2.34-168.0.1.el9_6.14.x86_64.rpm aarch64: glibc-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-all-langpacks-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-common-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-devel-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-doc-2.34-168.0.1.el9_6.14.noarch.rpm glibc-gconv-extra-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-aa-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-af-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-agr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ak-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-am-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-an-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-anp-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ar-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-as-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ast-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ayc-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-az-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-be-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-bem-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ber-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-bg-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-bhb-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-bho-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-bi-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-bn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-bo-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-br-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-brx-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-bs-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-byn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ca-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ce-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-chr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ckb-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-cmn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-crh-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-cs-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-csb-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-cv-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-cy-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-da-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-de-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-doi-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-dsb-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-dv-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-dz-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-el-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-en-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-eo-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-es-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-et-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-eu-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-fa-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ff-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-fi-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-fil-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-fo-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-fr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-fur-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-fy-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ga-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-gd-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-gez-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-gl-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-gu-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-gv-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ha-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-hak-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-he-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-hi-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-hif-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-hne-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-hr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-hsb-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ht-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-hu-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-hy-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ia-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-id-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ig-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ik-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-is-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-it-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-iu-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ja-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ka-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-kab-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-kk-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-kl-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-km-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-kn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ko-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-kok-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ks-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ku-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-kw-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ky-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-lb-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-lg-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-li-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-lij-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ln-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-lo-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-lt-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-lv-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-lzh-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mag-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mai-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mfe-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mg-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mhr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mi-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-miq-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mjw-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mk-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ml-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mni-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mnw-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ms-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-mt-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-my-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-nan-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-nb-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-nds-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ne-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-nhn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-niu-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-nl-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-nn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-nr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-nso-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-oc-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-om-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-or-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-os-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-pa-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-pap-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-pl-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ps-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-pt-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-quz-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-raj-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ro-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ru-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-rw-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sa-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sah-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sat-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sc-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sd-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-se-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sgs-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-shn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-shs-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-si-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sid-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sk-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sl-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sm-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-so-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sq-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ss-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-st-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sv-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-sw-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-szl-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ta-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tcy-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-te-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tg-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-th-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-the-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ti-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tig-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tk-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tl-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tn-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-to-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tpi-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tr-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ts-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-tt-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ug-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-uk-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-unm-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ur-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-uz-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-ve-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-vi-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-wa-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-wae-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-wal-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-wo-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-xh-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-yi-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-yo-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-yue-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-yuw-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-zh-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-langpack-zu-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-locale-source-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-minimal-langpack-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-utils-2.34-168.0.1.el9_6.14.aarch64.rpm libnsl-2.34-168.0.1.el9_6.14.aarch64.rpm nscd-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-benchtests-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-nss-devel-2.34-168.0.1.el9_6.14.aarch64.rpm glibc-static-2.34-168.0.1.el9_6.14.aarch64.rpm nss_db-2.34-168.0.1.el9_6.14.aarch64.rpm nss_hesiod-2.34-168.0.1.el9_6.14.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//glibc-2.34-168.0.1.el9_6.14.src.rpm Description of changes: [2.34-168.0.1.14] - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi Oracle history: March-6-2025 Cupertino Miranda - 2.34-168.0.1 - Forward-port Oracle patches for ol9-u6 Reviewed by: Jose E. Marchesi February-18-2025 Cupertino Miranda - 2.34-160.0.1 - Forward-port Oracle patches for ol9-u6 DP Reviewed by: Jose E. Marchesi November-12-2024 Cupertino Miranda - 2.34-125.0.1.1 - Forward-port Oracle patches for ol9-u5 Reviewed by: Jose E. Marchesi October-1-2024 Cupertino Miranda - 2.34-100.0.1.4 - Forward-port Oracle patches for ol9-u4 Reviewed by: David Faust August-26-2024 Jose E. Marchesi - 2.34-100.0.1.3 - Forward-port Oracle patches for ol9-u4 Reviewed by: David Faust May-24-2024 Cupertino Miranda - 2.34-100.0.1.2 - Forward-port Oracle patches for ol9-u4 Reviewed by: Jose E. Marchesi April-30-2024 Cupertino Miranda - 2.34-100.0.1 - Forward-port Oracle patches for ol9-u4 Reviewed by: Indu Bhagat March-28-2024 Cupertino Miranda - 2.34-100.0.1 - Forward-port Oracle patches for ol9-u4-beta Reviewed by: Jose E. Marchesi March 15 2024 Cupertino Miranda - 2.34-83.0.2.12 - Forward-port Oracle patches for ol9 Reviewed by: Jose E. Marchesi February-26-2024 Cupertino Miranda - 2.34-83.0.2.7 - OraBug 36322437 getaddrinfo does not return correct ipv6 address and family Reviewed by: Jose E. Marchesi October-24-2023 Cupertino Miranda - 2.34-83.0.1.7 - Forward-port Oracle patches for ol9 Reviewed by: Jose E. Marchesi October-4-2023 Cupertino Miranda - 2.34-82.0.1 - Forward-port Oracle patches for ol9 Reviewed by: Jose E. Marchesi April-18-2023 Cupertino Miranda - 2.34-60.0.2 - OraBug 35305078 Glibc tunable to disable huge pages on pthread_create stacks - Created tunable glibc.pthread.stack_hugetlb to control when hugepages can be used for stack allocation. - In case THP are enabled and glibc.pthread.stack_hugetlb is set to 0, glibc will madvise the kernel not to use allow hugepages for stack allocations. Reviewed by: Jose E. Marchesi March-28-2023 Cupertino Miranda - 2.34-60.0.1 - Merge Oracle patches for ol9-u2 beta Reviewed by: Jose E. Marchesi September-28-2022 Patrick McGehearty - 2.34-40.0.1 - Merge Oracle patches for ol9-u1 beta Reviewed by: Jose E. Marchesi April-25-2022 Patrick McGehearty - 2.34-28.0.1 - Merge Oracle patches with ol9 beta - Reviewed-by: Jose E. Marchesi [2.34-168.14] - Increase reliability of stdio-common/tst-setvbuf2 (RHEL-83982) [2.34-168.13] - Extend setvbuf testing (RHEL-83982) [2.34-168.12] - Extend scanf testing (RHEL-84306) [2.34-168.11] - Fortify inet_ntop and inet_pton (RHEL-83984) [2.34-168.10] - Add sched_setattr, sched_getattr, pthread_gettid_np (RHEL-83970) [2.34-168.9] - Improve printf fortification against %n in writeable memory (RHEL-83980) [2.34-168.8] - nptl: extend test coverage for sched_yield (RHEL-83968) [2.34-168.7] - Make test tst-cpuclock2 run more reliably (RHEL-84325) [2.34-168.6] - nptl: Keep __rseq_size consistent (RHEL-80088) [2.34-168.5] - assert: Add test for CVE-2025-0395 (RHEL-83528) [2.34-168.4] - Use rseq area unconditionally in sched_getcpu (RHEL-83525) [2.34-168.3] - tst-fopen-threaded: Only check EOF for failing read (RHEL-83581) [2.34-168.2] - Improve cpuset test coverage (RHEL-82118) [2.34-168.1] - Increase test coverage for standard IO APIs (RHEL-82259) From el-errata at oss.oracle.com Fri May 23 17:10:58 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:58 -0700 Subject: [El-errata] ELBA-2025-7447 Oracle Linux 9 sssd bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7447 http://linux.oracle.com/errata/ELBA-2025-7447.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libipa_hbac-2.9.6-4.0.1.el9_6.2.i686.rpm libipa_hbac-2.9.6-4.0.1.el9_6.2.x86_64.rpm libsss_autofs-2.9.6-4.0.1.el9_6.2.x86_64.rpm libsss_certmap-2.9.6-4.0.1.el9_6.2.i686.rpm libsss_certmap-2.9.6-4.0.1.el9_6.2.x86_64.rpm libsss_idmap-2.9.6-4.0.1.el9_6.2.i686.rpm libsss_idmap-2.9.6-4.0.1.el9_6.2.x86_64.rpm libsss_nss_idmap-2.9.6-4.0.1.el9_6.2.i686.rpm libsss_nss_idmap-2.9.6-4.0.1.el9_6.2.x86_64.rpm libsss_simpleifp-2.9.6-4.0.1.el9_6.2.i686.rpm libsss_simpleifp-2.9.6-4.0.1.el9_6.2.x86_64.rpm libsss_sudo-2.9.6-4.0.1.el9_6.2.x86_64.rpm python3-libipa_hbac-2.9.6-4.0.1.el9_6.2.x86_64.rpm python3-libsss_nss_idmap-2.9.6-4.0.1.el9_6.2.x86_64.rpm python3-sss-2.9.6-4.0.1.el9_6.2.x86_64.rpm python3-sss-murmur-2.9.6-4.0.1.el9_6.2.x86_64.rpm python3-sssdconfig-2.9.6-4.0.1.el9_6.2.noarch.rpm sssd-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-ad-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-client-2.9.6-4.0.1.el9_6.2.i686.rpm sssd-client-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-common-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-common-pac-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-dbus-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-idp-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-ipa-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-kcm-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-krb5-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-krb5-common-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-ldap-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-nfs-idmap-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-passkey-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-polkit-rules-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-proxy-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-tools-2.9.6-4.0.1.el9_6.2.x86_64.rpm sssd-winbind-idmap-2.9.6-4.0.1.el9_6.2.x86_64.rpm libsss_nss_idmap-devel-2.9.6-4.0.1.el9_6.2.i686.rpm libsss_nss_idmap-devel-2.9.6-4.0.1.el9_6.2.x86_64.rpm aarch64: libipa_hbac-2.9.6-4.0.1.el9_6.2.aarch64.rpm libsss_autofs-2.9.6-4.0.1.el9_6.2.aarch64.rpm libsss_certmap-2.9.6-4.0.1.el9_6.2.aarch64.rpm libsss_idmap-2.9.6-4.0.1.el9_6.2.aarch64.rpm libsss_nss_idmap-2.9.6-4.0.1.el9_6.2.aarch64.rpm libsss_simpleifp-2.9.6-4.0.1.el9_6.2.aarch64.rpm libsss_sudo-2.9.6-4.0.1.el9_6.2.aarch64.rpm python3-libipa_hbac-2.9.6-4.0.1.el9_6.2.aarch64.rpm python3-libsss_nss_idmap-2.9.6-4.0.1.el9_6.2.aarch64.rpm python3-sss-2.9.6-4.0.1.el9_6.2.aarch64.rpm python3-sss-murmur-2.9.6-4.0.1.el9_6.2.aarch64.rpm python3-sssdconfig-2.9.6-4.0.1.el9_6.2.noarch.rpm sssd-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-ad-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-client-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-common-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-common-pac-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-dbus-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-idp-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-ipa-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-kcm-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-krb5-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-krb5-common-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-ldap-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-nfs-idmap-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-passkey-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-polkit-rules-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-proxy-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-tools-2.9.6-4.0.1.el9_6.2.aarch64.rpm sssd-winbind-idmap-2.9.6-4.0.1.el9_6.2.aarch64.rpm libsss_nss_idmap-devel-2.9.6-4.0.1.el9_6.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//sssd-2.9.6-4.0.1.el9_6.2.src.rpm Description of changes: [2.9.6-4.0.1.2] - Restore default debug level for sss_cache [Orabug: 32810448] [2.9.6-4.2] - Resolves: RHEL-82419 - Disk cache failure with large db sizes [rhel-9] [2.9.6-4.1] - Resolves: RHEL-82419 - Disk cache failure with large db sizes [rhel-9] From el-errata at oss.oracle.com Fri May 23 17:10:57 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:57 -0700 Subject: [El-errata] ELBA-2025-7446 Oracle Linux 9 NetworkManager bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7446 http://linux.oracle.com/errata/ELBA-2025-7446.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: NetworkManager-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-adsl-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-bluetooth-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-cloud-setup-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-config-connectivity-oracle-1.52.0-3.0.1.el9_6.noarch.rpm NetworkManager-config-server-1.52.0-3.0.1.el9_6.noarch.rpm NetworkManager-dispatcher-routing-rules-1.52.0-3.0.1.el9_6.noarch.rpm NetworkManager-initscripts-updown-1.52.0-3.0.1.el9_6.noarch.rpm NetworkManager-libnm-1.52.0-3.0.1.el9_6.i686.rpm NetworkManager-libnm-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-ovs-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-ppp-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-team-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-tui-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-wifi-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-wwan-1.52.0-3.0.1.el9_6.x86_64.rpm NetworkManager-libnm-devel-1.52.0-3.0.1.el9_6.i686.rpm NetworkManager-libnm-devel-1.52.0-3.0.1.el9_6.x86_64.rpm aarch64: NetworkManager-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-adsl-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-bluetooth-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-cloud-setup-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-config-connectivity-oracle-1.52.0-3.0.1.el9_6.noarch.rpm NetworkManager-config-server-1.52.0-3.0.1.el9_6.noarch.rpm NetworkManager-dispatcher-routing-rules-1.52.0-3.0.1.el9_6.noarch.rpm NetworkManager-initscripts-updown-1.52.0-3.0.1.el9_6.noarch.rpm NetworkManager-libnm-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-ovs-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-ppp-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-team-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-tui-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-wifi-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-wwan-1.52.0-3.0.1.el9_6.aarch64.rpm NetworkManager-libnm-devel-1.52.0-3.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//NetworkManager-1.52.0-3.0.1.el9_6.src.rpm Description of changes: [1:1.52.0-3] - Invalid memory access on Dnsconfd DBUS error (RHEL-84692) - Support IP configuration for secondary interfaces on Oracle VM from metadata (RHEL-84695) [1:1.52.0-2] - core: fail early if we cannot get current FEC value (RHEL-86851) From el-errata at oss.oracle.com Fri May 23 17:11:01 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:01 -0700 Subject: [El-errata] ELBA-2025-7617 Oracle Linux 9 yelp-xsl bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7617 http://linux.oracle.com/errata/ELBA-2025-7617.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: yelp-xsl-40.2-1.el9_6.1.noarch.rpm aarch64: yelp-xsl-40.2-1.el9_6.1.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//yelp-xsl-40.2-1.el9_6.1.src.rpm Description of changes: [40.2-1.1] - Fix CVE-2025-3155 (RHEL-85926) From el-errata at oss.oracle.com Fri May 23 17:10:59 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:10:59 -0700 Subject: [El-errata] ELBA-2025-7588 Oracle Linux 9 ansible-freeipa bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7588 http://linux.oracle.com/errata/ELBA-2025-7588.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: ansible-freeipa-1.14.5-2.el9_6.noarch.rpm ansible-freeipa-collection-1.14.5-2.el9_6.noarch.rpm ansible-freeipa-tests-1.14.5-2.el9_6.noarch.rpm aarch64: ansible-freeipa-1.14.5-2.el9_6.noarch.rpm ansible-freeipa-collection-1.14.5-2.el9_6.noarch.rpm ansible-freeipa-tests-1.14.5-2.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//ansible-freeipa-1.14.5-2.el9_6.src.rpm Description of changes: [1.14.5-2] - Fix IPA requires unique CA certificate subject names Resolves: RHEL-88216 From el-errata at oss.oracle.com Fri May 23 17:11:02 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:02 -0700 Subject: [El-errata] ELBA-2025-7900 Oracle Linux 9 openscap bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7900 http://linux.oracle.com/errata/ELBA-2025-7900.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: openscap-1.3.12-1.el9_6.i686.rpm openscap-1.3.12-1.el9_6.x86_64.rpm openscap-devel-1.3.12-1.el9_6.i686.rpm openscap-devel-1.3.12-1.el9_6.x86_64.rpm openscap-engine-sce-1.3.12-1.el9_6.i686.rpm openscap-engine-sce-1.3.12-1.el9_6.x86_64.rpm openscap-python3-1.3.12-1.el9_6.x86_64.rpm openscap-scanner-1.3.12-1.el9_6.x86_64.rpm openscap-utils-1.3.12-1.el9_6.x86_64.rpm openscap-engine-sce-devel-1.3.12-1.el9_6.i686.rpm openscap-engine-sce-devel-1.3.12-1.el9_6.x86_64.rpm aarch64: openscap-1.3.12-1.el9_6.aarch64.rpm openscap-devel-1.3.12-1.el9_6.aarch64.rpm openscap-engine-sce-1.3.12-1.el9_6.aarch64.rpm openscap-python3-1.3.12-1.el9_6.aarch64.rpm openscap-scanner-1.3.12-1.el9_6.aarch64.rpm openscap-utils-1.3.12-1.el9_6.aarch64.rpm openscap-engine-sce-devel-1.3.12-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//openscap-1.3.12-1.el9_6.src.rpm Description of changes: [1:1.3.12-1] - Upgrade to the latest upstream release (RHEL-88413) - Fix OSCAP_PROBE_IGNORE_PATHS handling From el-errata at oss.oracle.com Fri May 23 17:11:03 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:03 -0700 Subject: [El-errata] ELSA-2025-7387 Important: Oracle Linux 9 webkit2gtk3 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7387 http://linux.oracle.com/errata/ELSA-2025-7387.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: webkit2gtk3-2.48.1-1.el9_6.i686.rpm webkit2gtk3-2.48.1-1.el9_6.x86_64.rpm webkit2gtk3-devel-2.48.1-1.el9_6.i686.rpm webkit2gtk3-devel-2.48.1-1.el9_6.x86_64.rpm webkit2gtk3-jsc-2.48.1-1.el9_6.i686.rpm webkit2gtk3-jsc-2.48.1-1.el9_6.x86_64.rpm webkit2gtk3-jsc-devel-2.48.1-1.el9_6.i686.rpm webkit2gtk3-jsc-devel-2.48.1-1.el9_6.x86_64.rpm aarch64: webkit2gtk3-2.48.1-1.el9_6.aarch64.rpm webkit2gtk3-devel-2.48.1-1.el9_6.aarch64.rpm webkit2gtk3-jsc-2.48.1-1.el9_6.aarch64.rpm webkit2gtk3-jsc-devel-2.48.1-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//webkit2gtk3-2.48.1-1.el9_6.src.rpm Related CVEs: CVE-2024-44192 CVE-2024-54467 CVE-2024-54551 CVE-2025-24208 CVE-2025-24209 CVE-2025-24216 CVE-2025-30427 Description of changes: [2.48.1-1] - Update to 2.48.1 [2.48.0-1] - Update to 2.48.0 From el-errata at oss.oracle.com Fri May 23 17:11:05 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:05 -0700 Subject: [El-errata] ELSA-2025-7389 Moderate: Oracle Linux 9 buildah security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7389 http://linux.oracle.com/errata/ELSA-2025-7389.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: buildah-1.39.4-1.0.1.el9_6.x86_64.rpm buildah-tests-1.39.4-1.0.1.el9_6.x86_64.rpm aarch64: buildah-1.39.4-1.0.1.el9_6.aarch64.rpm buildah-tests-1.39.4-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//buildah-1.39.4-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-27144 Description of changes: [1.39.4-1.0.1] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178] [2:1.39.4-1] - update to https://github.com/containers/buildah/releases/tag/v1.39.4 - Resolves: RHEL-85114 [2:1.39.3-1] - update to https://github.com/containers/buildah/releases/tag/v1.39.3 - Resolves: RHEL-85114 [2:1.39.1-1] - update to https://github.com/containers/buildah/releases/tag/v1.39.1 - Resolves: RHEL-80999 From el-errata at oss.oracle.com Fri May 23 17:11:07 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:07 -0700 Subject: [El-errata] ELSA-2025-7391 Important: Oracle Linux 9 podman security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7391 http://linux.oracle.com/errata/ELSA-2025-7391.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: podman-5.4.0-9.0.1.el9_6.x86_64.rpm podman-docker-5.4.0-9.0.1.el9_6.noarch.rpm podman-plugins-5.4.0-9.0.1.el9_6.x86_64.rpm podman-remote-5.4.0-9.0.1.el9_6.x86_64.rpm podman-tests-5.4.0-9.0.1.el9_6.x86_64.rpm aarch64: podman-5.4.0-9.0.1.el9_6.aarch64.rpm podman-docker-5.4.0-9.0.1.el9_6.noarch.rpm podman-plugins-5.4.0-9.0.1.el9_6.aarch64.rpm podman-remote-5.4.0-9.0.1.el9_6.aarch64.rpm podman-tests-5.4.0-9.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//podman-5.4.0-9.0.1.el9_6.src.rpm Related CVEs: CVE-2025-22869 CVE-2025-27144 Description of changes: [5.4.0-9.0.1] - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404] [5:5.4.0-9] - update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/0ee1d49) - fixes "Rootless container libpod/tmp/persist directories not cleaned up, fill up tmpfs - [RHEL 9.6] 0day" - Resolves: RHEL-86544 [5:5.4.0-8] - update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/a994a04) - fixes "podman tests are failing - [RHEL 9.6] 0day" - Resolves: RHEL-86092 [5:5.4.0-7] - update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/f7bf65c) - fixes "Importing a tar.xz archive as a container fails with error 'layer 0 <...> does not match config's DiffID' - [RHEL 9.6] 0day" - Resolves: RHEL-85218 [5:5.4.0-6] - update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/9ad4842) - fixes "CVE-2025-22869 podman: Potential denial of service in golang.org/x/crypto [rhel-9.6]" - Resolves: RHEL-81319 [5:5.4.0-5] - update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/9d2e54f) - fixes "Excessive memory leak due to uncontrolled accumulation of health.log entries in Podman 5.x - [RHEL - 9.6] ZeroDay" - Resolves: RHEL-83557 [5:5.4.0-4] - update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/45c2d1f) - Resolves: RHEL-82970 [5:5.4.0-3] - update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/e48006b) - Resolves: RHEL-82198 [5:5.4.0-2] - update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/2adbe89) - Resolves: RHEL-79694 From el-errata at oss.oracle.com Fri May 23 17:11:08 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:08 -0700 Subject: [El-errata] ELSA-2025-7395 Moderate: Oracle Linux 9 389-ds-base security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7395 http://linux.oracle.com/errata/ELSA-2025-7395.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: 389-ds-base-2.6.1-8.el9_6.x86_64.rpm 389-ds-base-libs-2.6.1-8.el9_6.x86_64.rpm 389-ds-base-snmp-2.6.1-8.el9_6.x86_64.rpm python3-lib389-2.6.1-8.el9_6.noarch.rpm 389-ds-base-devel-2.6.1-8.el9_6.x86_64.rpm aarch64: 389-ds-base-2.6.1-8.el9_6.aarch64.rpm 389-ds-base-libs-2.6.1-8.el9_6.aarch64.rpm 389-ds-base-snmp-2.6.1-8.el9_6.aarch64.rpm python3-lib389-2.6.1-8.el9_6.noarch.rpm 389-ds-base-devel-2.6.1-8.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//389-ds-base-2.6.1-8.el9_6.src.rpm Related CVEs: CVE-2025-2487 Description of changes: [2.6.1-8] - Resolves: RHEL-83876 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service [rhel-9.6] [2.6.1-7] - Bump version to 2.6.1-7 [2.6.1-6] - Resolves: RHEL-86065 - Backport lib389 fixes required for WebUI [rhel-9.6.z] - Resolves: RHEL-80713 - Increased memory consumption caused by NDN cache [rhel-9.6.z] [2.6.1-5] - Resolves: RHEL-82271 - ipa-restore is failing with "Failed to start Directory Service" [2.6.1-4] - Resolves: RHEL-78722 - Failed to set sslversionmax to TLS1.3 in FIPS mode with dsconf $INSTANCE security set --tls-protocol-max TLS1.3 [2.6.1-3] - Resolves: RHEL-18333 Can't rename users member of automember rule - Resolves: RHEL-61341 After an initial failure, subsequent online backups will not work. - Resolves: RHEL-63887 nsslapd-mdb-max-dbs autotuning doesn't work properly - Resolves: RHEL-63891 dbscan crashes when showing statistics for MDB - Resolves: RHEL-63998 dsconf should check for number of available named databases - Resolves: RHEL-78344 During import of entries without nsUniqueId, a supplier generates duplicate nsUniqueId (LMDB only) [rhel-9] [2.6.1-2] - Resolves: RHEL-76748: ns-slapd crashes with data directory ? 2 days old [2.6.1-1] - Update to 2.6.1 - Resolves: RHEL-5151 - [RFE] defer memberof nested updates - Resolves: RHEL-54148 - leaked_storage: Variable "childelems" going out of scope leaks the storage it points to. - Resolves: RHEL-60135 - deadlock during cleanAllRuv - Resolves: RHEL-61341 - After an initial failure, subsequent online backups will not work. - Resolves: RHEL-61349 - Remove deprecated setting for HR time stamps in logs - Resolves: RHEL-62875 - Passwords are not being updated to use the configured storage scheme ( nsslapd-enable-upgrade-hash is enabled ). - Resolves: RHEL-64438 - VLV errors with RSNv3 and pruning enabled [rhel-9] - Resolves: RHEL-64854 - cleanallruv consums CPU and is slow - Resolves: RHEL-65506 - AddressSanitizer: double-free - Resolves: RHEL-65512 - AddressSanitizer: heap-use-after-free in import_abort_all - Resolves: RHEL-65561 - LeakSanitizer: detected memory leaks in dbmdb_public_db_op - Resolves: RHEL-65662 - Replication issue between masters using cert based authentication - Resolves: RHEL-65664 - LDAP unprotected search query during certificate based authentication - Resolves: RHEL-65665 - Ambiguous warning about SELinux in dscreate for non-root user - Resolves: RHEL-65741 - LeakSanitizer: memory leak in ldbm_entryrdn.c - Resolves: RHEL-65776 - Wrong set of entries returned for some search filters [rhel-9] - Resolves: RHEL-67004 - "dsconf config replace" should handle multivalued attributes. - Resolves: RHEL-67005 - Online backup hangs sporadically. - Resolves: RHEL-67008 - Some replication status data are reset upon a restart. - Resolves: RHEL-67020 - 389DirectoryServer Process Stops When Setting up Sorted VLV Index - Resolves: RHEL-67024 - Some nsslapd-haproxy-trusted-ip values are discarded upon a restart. - Resolves: RHEL-69806 - ipahealthcheck.ds.replication displays WARNING '1 conflict entries found under the replication suffix' - Resolves: RHEL-69826 - "Duplicated DN detected" errors when creating indexes or importing entries. [rhel-9] - Resolves: RHEL-70127 - Crash in attrlist_find() when the Account Policy plugin is enabled. [rhel-9] - Resolves: RHEL-70252 - Freelist ordering causes high wtime - Resolves: RHEL-71218 - Sub suffix causes "id2entry - Could not open id2entry err 0" error when the Directory Server starts [rhel-9] - Resolves: RHEL-74153 - backup/restore broken [rhel-9] - Resolves: RHEL-74158 - If an entry RDN is identical to the suffix, then Entryrdn gets broken during a reindex [rhel-9] - Resolves: RHEL-74163 - Crash during bind when acct policy plugin does not have "alwaysrecordlogin" set [rhel-9] - Resolves: RHEL-74168 - On replica consumer, account policy plugin fails to manage the last login history [rhel-9] - Resolves: RHEL-74174 - Replication broken after backup restore with freeipa configuration [rhel-9] - Resolves: RHEL-74353 - nsslapd-haproxy-trusted-ip is not in schema [rhel-9] - Resolves: RHEL-76019 - IPA LDAP error code T3 when no exceeded time limit from a paged search result [rhel-9] [2.6.0-2] - Fix License tag [2.6.0-1] - Update to 2.6.0 - Resolves: RHEL-67195 - Rebase 389-ds-base to 2.6.0 From el-errata at oss.oracle.com Fri May 23 17:11:09 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:09 -0700 Subject: [El-errata] ELSA-2025-7397 Moderate: Oracle Linux 9 skopeo security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7397 http://linux.oracle.com/errata/ELSA-2025-7397.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: skopeo-1.18.1-1.el9_6.x86_64.rpm skopeo-tests-1.18.1-1.el9_6.x86_64.rpm aarch64: skopeo-1.18.1-1.el9_6.aarch64.rpm skopeo-tests-1.18.1-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//skopeo-1.18.1-1.el9_6.src.rpm Related CVEs: CVE-2025-27144 Description of changes: [2:1.18.1-1] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.18 (https://github.com/containers/skopeo/commit/bfd0850) - fixes "CVE-2025-27144 skopeo: Go JOSE's Parsing Vulnerable to Denial of Service [rhel-9.6.z]" - Resolves: RHEL-82972 From el-errata at oss.oracle.com Fri May 23 17:11:11 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:11 -0700 Subject: [El-errata] ELSA-2025-7402 Moderate: Oracle Linux 9 nginx security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7402 http://linux.oracle.com/errata/ELSA-2025-7402.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nginx-1.20.1-22.0.1.el9_6.2.x86_64.rpm nginx-all-modules-1.20.1-22.0.1.el9_6.2.noarch.rpm nginx-core-1.20.1-22.0.1.el9_6.2.x86_64.rpm nginx-filesystem-1.20.1-22.0.1.el9_6.2.noarch.rpm nginx-mod-http-image-filter-1.20.1-22.0.1.el9_6.2.x86_64.rpm nginx-mod-http-perl-1.20.1-22.0.1.el9_6.2.x86_64.rpm nginx-mod-http-xslt-filter-1.20.1-22.0.1.el9_6.2.x86_64.rpm nginx-mod-mail-1.20.1-22.0.1.el9_6.2.x86_64.rpm nginx-mod-stream-1.20.1-22.0.1.el9_6.2.x86_64.rpm nginx-mod-devel-1.20.1-22.0.1.el9_6.2.x86_64.rpm aarch64: nginx-1.20.1-22.0.1.el9_6.2.aarch64.rpm nginx-all-modules-1.20.1-22.0.1.el9_6.2.noarch.rpm nginx-core-1.20.1-22.0.1.el9_6.2.aarch64.rpm nginx-filesystem-1.20.1-22.0.1.el9_6.2.noarch.rpm nginx-mod-http-image-filter-1.20.1-22.0.1.el9_6.2.aarch64.rpm nginx-mod-http-perl-1.20.1-22.0.1.el9_6.2.aarch64.rpm nginx-mod-http-xslt-filter-1.20.1-22.0.1.el9_6.2.aarch64.rpm nginx-mod-mail-1.20.1-22.0.1.el9_6.2.aarch64.rpm nginx-mod-stream-1.20.1-22.0.1.el9_6.2.aarch64.rpm nginx-mod-devel-1.20.1-22.0.1.el9_6.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nginx-1.20.1-22.0.1.el9_6.2.src.rpm Related CVEs: CVE-2022-41741 CVE-2022-41742 CVE-2024-7347 Description of changes: [1.20.1-22.0.1.2] - Reference oracle-indexhtml within Requires [Orabug: 33802044] - Remove Red Hat references [Orabug: 29498217] - Update upstream references [Orabug: 36579090] [2:1.20.1-22.2] - Resolves: RHEL-85556 - nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742) - Resolves: RHEL-91446 - nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741) [2:1.20.1-22.1] - Resolves: RHEL-84477 - nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347) From el-errata at oss.oracle.com Fri May 23 17:11:12 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:12 -0700 Subject: [El-errata] ELSA-2025-7404 Important: Oracle Linux 9 grafana security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7404 http://linux.oracle.com/errata/ELSA-2025-7404.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: grafana-10.2.6-11.el9_6.x86_64.rpm grafana-selinux-10.2.6-11.el9_6.x86_64.rpm aarch64: grafana-10.2.6-11.el9_6.aarch64.rpm grafana-selinux-10.2.6-11.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//grafana-10.2.6-11.el9_6.src.rpm Related CVEs: CVE-2025-30204 Description of changes: [10.2.6-11] - Resolves RHEL-84636: CVE-2025-30204 [10.2.6-10] - Resolves RHEL-75919: grafana selinux issue with autofs_t From el-errata at oss.oracle.com Fri May 23 17:11:13 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:13 -0700 Subject: [El-errata] ELSA-2025-7409 Moderate: Oracle Linux 9 git security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7409 http://linux.oracle.com/errata/ELSA-2025-7409.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: git-2.47.1-2.el9_6.x86_64.rpm git-all-2.47.1-2.el9_6.noarch.rpm git-core-2.47.1-2.el9_6.x86_64.rpm git-core-doc-2.47.1-2.el9_6.noarch.rpm git-credential-libsecret-2.47.1-2.el9_6.x86_64.rpm git-daemon-2.47.1-2.el9_6.x86_64.rpm git-email-2.47.1-2.el9_6.noarch.rpm git-gui-2.47.1-2.el9_6.noarch.rpm git-instaweb-2.47.1-2.el9_6.noarch.rpm git-subtree-2.47.1-2.el9_6.x86_64.rpm git-svn-2.47.1-2.el9_6.noarch.rpm gitk-2.47.1-2.el9_6.noarch.rpm gitweb-2.47.1-2.el9_6.noarch.rpm perl-Git-2.47.1-2.el9_6.noarch.rpm perl-Git-SVN-2.47.1-2.el9_6.noarch.rpm aarch64: git-2.47.1-2.el9_6.aarch64.rpm git-all-2.47.1-2.el9_6.noarch.rpm git-core-2.47.1-2.el9_6.aarch64.rpm git-core-doc-2.47.1-2.el9_6.noarch.rpm git-credential-libsecret-2.47.1-2.el9_6.aarch64.rpm git-daemon-2.47.1-2.el9_6.aarch64.rpm git-email-2.47.1-2.el9_6.noarch.rpm git-gui-2.47.1-2.el9_6.noarch.rpm git-instaweb-2.47.1-2.el9_6.noarch.rpm git-subtree-2.47.1-2.el9_6.aarch64.rpm git-svn-2.47.1-2.el9_6.noarch.rpm gitk-2.47.1-2.el9_6.noarch.rpm gitweb-2.47.1-2.el9_6.noarch.rpm perl-Git-2.47.1-2.el9_6.noarch.rpm perl-Git-SVN-2.47.1-2.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//git-2.47.1-2.el9_6.src.rpm Related CVEs: CVE-2024-52005 Description of changes: [2.47.1-2] - add the option to sanitize sideband channel messages - Resolves: RHEL-84513 From el-errata at oss.oracle.com Fri May 23 17:11:15 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:15 -0700 Subject: [El-errata] ELSA-2025-7410 Important: Oracle Linux 9 libxslt security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7410 http://linux.oracle.com/errata/ELSA-2025-7410.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libxslt-1.1.34-13.0.1.el9_6.i686.rpm libxslt-1.1.34-13.0.1.el9_6.x86_64.rpm libxslt-devel-1.1.34-13.0.1.el9_6.i686.rpm libxslt-devel-1.1.34-13.0.1.el9_6.x86_64.rpm aarch64: libxslt-1.1.34-13.0.1.el9_6.aarch64.rpm libxslt-devel-1.1.34-13.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libxslt-1.1.34-13.0.1.el9_6.src.rpm Related CVEs: CVE-2024-55549 Description of changes: [1.1.34-13.0.1] - Fix memory leak in exclPrefixPush [Orabug: 37871881] - Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball [1.1.34-13] - Rebuild for z-stream/0day - Resolves: RHEL-83514 - Resolves: RHEL-85988 [1.1.34-12] - Include alloc changes into previous patch (RHEL-83514) [1.1.34-11] - Fix CVE-2024-55549 (RHEL-83514) From el-errata at oss.oracle.com Fri May 23 17:11:16 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:16 -0700 Subject: [El-errata] ELSA-2025-7416 Important: Oracle Linux 9 gvisor-tap-vsock security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7416 http://linux.oracle.com/errata/ELSA-2025-7416.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: gvisor-tap-vsock-0.8.5-1.el9_6.x86_64.rpm gvisor-tap-vsock-gvforwarder-0.8.5-1.el9_6.x86_64.rpm aarch64: gvisor-tap-vsock-0.8.5-1.el9_6.aarch64.rpm gvisor-tap-vsock-gvforwarder-0.8.5-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//gvisor-tap-vsock-0.8.5-1.el9_6.src.rpm Related CVEs: CVE-2025-22869 Description of changes: [0.8.5-1] - Fix CVE-2025-22869 by updating to 0.8.5 - Resolves: RHEL-81313 From el-errata at oss.oracle.com Fri May 23 17:11:19 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:19 -0700 Subject: [El-errata] ELSA-2025-7417 Important: Oracle Linux 9 gimp security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7417 http://linux.oracle.com/errata/ELSA-2025-7417.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: gimp-2.99.8-4.el9_6.x86_64.rpm gimp-libs-2.99.8-4.el9_6.i686.rpm gimp-libs-2.99.8-4.el9_6.x86_64.rpm aarch64: gimp-2.99.8-4.el9_6.aarch64.rpm gimp-libs-2.99.8-4.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//gimp-2.99.8-4.el9_6.src.rpm Related CVEs: CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 Description of changes: [2.99.8-4] - Applying fixes for vulnerabilities that led to possible RCE conditions. - Fixes: CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 - Resolves: RHEL-86049 RHEL-86046 RHEL-86043 RHEL-86040 From el-errata at oss.oracle.com Fri May 23 17:11:20 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:20 -0700 Subject: [El-errata] ELSA-2025-7419 Important: Oracle Linux 9 mod_auth_openidc security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7419 http://linux.oracle.com/errata/ELSA-2025-7419.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: mod_auth_openidc-2.4.10-1.el9_6.1.x86_64.rpm aarch64: mod_auth_openidc-2.4.10-1.el9_6.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//mod_auth_openidc-2.4.10-1.el9_6.1.src.rpm Related CVEs: CVE-2025-31492 Description of changes: [2.4.10-1.el9_6.1] Resolves: RHEL-86224 - mod_auth_openidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data (CVE-2025-31492) From el-errata at oss.oracle.com Fri May 23 17:11:22 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:22 -0700 Subject: [El-errata] ELSA-2025-7422 Moderate: Oracle Linux 9 ghostscript security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7422 http://linux.oracle.com/errata/ELSA-2025-7422.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: ghostscript-9.54.0-18.el9_6.x86_64.rpm ghostscript-doc-9.54.0-18.el9_6.noarch.rpm ghostscript-tools-dvipdf-9.54.0-18.el9_6.x86_64.rpm ghostscript-tools-fonts-9.54.0-18.el9_6.x86_64.rpm ghostscript-tools-printing-9.54.0-18.el9_6.x86_64.rpm ghostscript-x11-9.54.0-18.el9_6.x86_64.rpm libgs-9.54.0-18.el9_6.i686.rpm libgs-9.54.0-18.el9_6.x86_64.rpm ghostscript-9.54.0-18.el9_6.i686.rpm ghostscript-tools-fonts-9.54.0-18.el9_6.i686.rpm ghostscript-tools-printing-9.54.0-18.el9_6.i686.rpm libgs-devel-9.54.0-18.el9_6.i686.rpm libgs-devel-9.54.0-18.el9_6.x86_64.rpm aarch64: ghostscript-9.54.0-18.el9_6.aarch64.rpm ghostscript-doc-9.54.0-18.el9_6.noarch.rpm ghostscript-tools-dvipdf-9.54.0-18.el9_6.aarch64.rpm ghostscript-tools-fonts-9.54.0-18.el9_6.aarch64.rpm ghostscript-tools-printing-9.54.0-18.el9_6.aarch64.rpm ghostscript-x11-9.54.0-18.el9_6.aarch64.rpm libgs-9.54.0-18.el9_6.aarch64.rpm libgs-devel-9.54.0-18.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//ghostscript-9.54.0-18.el9_6.src.rpm Related CVEs: CVE-2023-46751 CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46954 CVE-2024-46956 Description of changes: [9.54.0-18] - RHEL-18397 CVE-2023-46751 ghostscript: dangling pointer in gdev_prn_open_printer_seekable() - RHEL-67048 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space - RHEL-67053 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding - RHEL-67053 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript - RHEL-67053 CVE-2024-46956 ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution From el-errata at oss.oracle.com Fri May 23 17:11:24 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:24 -0700 Subject: [El-errata] ELSA-2025-7425 Important: Oracle Linux 9 osbuild-composer security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7425 http://linux.oracle.com/errata/ELSA-2025-7425.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: osbuild-composer-132.2-1.0.1.el9_6.x86_64.rpm osbuild-composer-core-132.2-1.0.1.el9_6.x86_64.rpm osbuild-composer-worker-132.2-1.0.1.el9_6.x86_64.rpm aarch64: osbuild-composer-132.2-1.0.1.el9_6.aarch64.rpm osbuild-composer-core-132.2-1.0.1.el9_6.aarch64.rpm osbuild-composer-worker-132.2-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//osbuild-composer-132.2-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-30204 Description of changes: [132.2-1.0.1] - Switch to UEKR8 repositories for OL9.6 [Orabug: 37962207] - Add support to create OpenScap images [JIRA: OLDIS-35301] - Simplify repository names [JIRA: OLDIS-35893] - Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643] - Support using OCI variables inside built images [JIRA: OLDIS-35302] - Support using repository definitons with OCI variables [JIRA: OLDIS-38657] - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123] - Increase default /boot size to 1GB [Orabug: 36827079] - Add support for OCI hybrid images [JIRA: OLDIS-33593] - enable aarch64 OCI image builds [JIRA: OLDIS-33593] - support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619] [132.2-1] - New upstream release [132.1-1] - New upstream release From el-errata at oss.oracle.com Fri May 23 17:11:26 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:26 -0700 Subject: [El-errata] ELSA-2025-7426 Moderate: Oracle Linux 9 nodejs:20 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7426 http://linux.oracle.com/errata/ELSA-2025-7426.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-20.19.1-1.module+el9.6.0+90590+fd42b52a.x86_64.rpm nodejs-devel-20.19.1-1.module+el9.6.0+90590+fd42b52a.x86_64.rpm nodejs-docs-20.19.1-1.module+el9.6.0+90590+fd42b52a.noarch.rpm nodejs-full-i18n-20.19.1-1.module+el9.6.0+90590+fd42b52a.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.noarch.rpm nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm npm-10.8.2-1.20.19.1.1.module+el9.6.0+90590+fd42b52a.x86_64.rpm aarch64: nodejs-20.19.1-1.module+el9.6.0+90590+fd42b52a.aarch64.rpm nodejs-devel-20.19.1-1.module+el9.6.0+90590+fd42b52a.aarch64.rpm nodejs-docs-20.19.1-1.module+el9.6.0+90590+fd42b52a.noarch.rpm nodejs-full-i18n-20.19.1-1.module+el9.6.0+90590+fd42b52a.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.noarch.rpm nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.3.0+90066+12d4a8d7.noarch.rpm npm-10.8.2-1.20.19.1.1.module+el9.6.0+90590+fd42b52a.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nodejs-20.19.1-1.module+el9.6.0+90590+fd42b52a.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el9.3.0+90066+12d4a8d7.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-packaging-2021.06-4.module+el9.3.0+90066+12d4a8d7.src.rpm Related CVEs: CVE-2025-31498 Description of changes: nodejs [1:20.19.1-1] - Update to version 20.19.1 Resolves: RHEL-78764 [1:20.18.2-3] - Update c-ares to 1.34.5 to address CVE-2025-31498 nodejs-nodemon nodejs-packaging From el-errata at oss.oracle.com Fri May 23 17:11:27 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:27 -0700 Subject: [El-errata] ELSA-2025-7427 Low: Oracle Linux 9 xterm security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7427 http://linux.oracle.com/errata/ELSA-2025-7427.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: xterm-366-10.el9_6.x86_64.rpm xterm-resize-366-10.el9_6.x86_64.rpm aarch64: xterm-366-10.el9_6.aarch64.rpm xterm-resize-366-10.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//xterm-366-10.el9_6.src.rpm Related CVEs: CVE-2022-45063 Description of changes: [366-10] - Fix CVE-2022-45063 - Resolves: RHEL-87485 From el-errata at oss.oracle.com Fri May 23 17:11:29 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:29 -0700 Subject: [El-errata] ELSA-2025-7428 Important: Oracle Linux 9 firefox security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7428 http://linux.oracle.com/errata/ELSA-2025-7428.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.10.0-1.0.1.el9_6.x86_64.rpm firefox-x11-128.10.0-1.0.1.el9_6.x86_64.rpm aarch64: firefox-128.10.0-1.0.1.el9_6.aarch64.rpm firefox-x11-128.10.0-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//firefox-128.10.0-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 Description of changes: [128.10.0-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [128.10.0] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.10.0-1] - Update to 128.10.0 build1 From el-errata at oss.oracle.com Fri May 23 17:11:30 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:30 -0700 Subject: [El-errata] ELSA-2025-7430 Important: Oracle Linux 9 yelp security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7430 http://linux.oracle.com/errata/ELSA-2025-7430.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: yelp-40.3-2.el9_6.1.x86_64.rpm yelp-libs-40.3-2.el9_6.1.i686.rpm yelp-libs-40.3-2.el9_6.1.x86_64.rpm yelp-devel-40.3-2.el9_6.1.i686.rpm yelp-devel-40.3-2.el9_6.1.x86_64.rpm aarch64: yelp-40.3-2.el9_6.1.aarch64.rpm yelp-libs-40.3-2.el9_6.1.aarch64.rpm yelp-devel-40.3-2.el9_6.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//yelp-40.3-2.el9_6.1.src.rpm Related CVEs: CVE-2025-3155 Description of changes: [2:40.3-2.1] - Fix CVE-2025-3155 (RHEL-85926) From el-errata at oss.oracle.com Fri May 23 17:11:31 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:31 -0700 Subject: [El-errata] ELSA-2025-7435 Important: Oracle Linux 9 thunderbird security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7435 http://linux.oracle.com/errata/ELSA-2025-7435.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.10.0-1.0.1.el9_6.x86_64.rpm aarch64: thunderbird-128.10.0-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-128.10.0-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 Description of changes: [128.10.0-1.0.1] - Fix prefs for new nss [Orabug: 37079813] - Add Oracle prefs From el-errata at oss.oracle.com Fri May 23 17:11:33 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:33 -0700 Subject: [El-errata] ELSA-2025-7436 Important: Oracle Linux 9 libsoup security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7436 http://linux.oracle.com/errata/ELSA-2025-7436.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libsoup-2.72.0-10.el9_6.1.i686.rpm libsoup-2.72.0-10.el9_6.1.x86_64.rpm libsoup-devel-2.72.0-10.el9_6.1.i686.rpm libsoup-devel-2.72.0-10.el9_6.1.x86_64.rpm aarch64: libsoup-2.72.0-10.el9_6.1.aarch64.rpm libsoup-devel-2.72.0-10.el9_6.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libsoup-2.72.0-10.el9_6.1.src.rpm Related CVEs: CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32907 CVE-2025-32911 CVE-2025-32913 CVE-2025-46420 CVE-2025-46421 Description of changes: [2.72.0-10.1] - Backport patches for various CVEs, plus test improvements Resolves: RHEL-85906 Resolves: RHEL-85912 Resolves: RHEL-85919 Resolves: RHEL-87061 Resolves: RHEL-87069 Resolves: RHEL-87102 Resolves: RHEL-87120 Resolves: RHEL-88364 Resolves: RHEL-88367 From el-errata at oss.oracle.com Fri May 23 17:11:34 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:34 -0700 Subject: [El-errata] ELSA-2025-7437 Moderate: Oracle Linux 9 avahi security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7437 http://linux.oracle.com/errata/ELSA-2025-7437.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: avahi-0.8-22.el9_6.i686.rpm avahi-0.8-22.el9_6.x86_64.rpm avahi-autoipd-0.8-22.el9_6.x86_64.rpm avahi-glib-0.8-22.el9_6.i686.rpm avahi-glib-0.8-22.el9_6.x86_64.rpm avahi-libs-0.8-22.el9_6.i686.rpm avahi-libs-0.8-22.el9_6.x86_64.rpm avahi-tools-0.8-22.el9_6.x86_64.rpm avahi-compat-howl-0.8-22.el9_6.i686.rpm avahi-compat-howl-0.8-22.el9_6.x86_64.rpm avahi-compat-howl-devel-0.8-22.el9_6.i686.rpm avahi-compat-howl-devel-0.8-22.el9_6.x86_64.rpm avahi-compat-libdns_sd-0.8-22.el9_6.i686.rpm avahi-compat-libdns_sd-0.8-22.el9_6.x86_64.rpm avahi-compat-libdns_sd-devel-0.8-22.el9_6.i686.rpm avahi-compat-libdns_sd-devel-0.8-22.el9_6.x86_64.rpm avahi-devel-0.8-22.el9_6.i686.rpm avahi-devel-0.8-22.el9_6.x86_64.rpm avahi-glib-devel-0.8-22.el9_6.i686.rpm avahi-glib-devel-0.8-22.el9_6.x86_64.rpm avahi-gobject-0.8-22.el9_6.i686.rpm avahi-gobject-0.8-22.el9_6.x86_64.rpm avahi-gobject-devel-0.8-22.el9_6.i686.rpm avahi-gobject-devel-0.8-22.el9_6.x86_64.rpm aarch64: avahi-0.8-22.el9_6.aarch64.rpm avahi-autoipd-0.8-22.el9_6.aarch64.rpm avahi-glib-0.8-22.el9_6.aarch64.rpm avahi-libs-0.8-22.el9_6.aarch64.rpm avahi-tools-0.8-22.el9_6.aarch64.rpm avahi-compat-howl-0.8-22.el9_6.aarch64.rpm avahi-compat-howl-devel-0.8-22.el9_6.aarch64.rpm avahi-compat-libdns_sd-0.8-22.el9_6.aarch64.rpm avahi-compat-libdns_sd-devel-0.8-22.el9_6.aarch64.rpm avahi-devel-0.8-22.el9_6.aarch64.rpm avahi-glib-devel-0.8-22.el9_6.aarch64.rpm avahi-gobject-0.8-22.el9_6.aarch64.rpm avahi-gobject-devel-0.8-22.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//avahi-0.8-22.el9_6.src.rpm Related CVEs: CVE-2024-52616 Description of changes: [0.8-22] - Fix CVE-2024-52616 (RHEL-67722) From el-errata at oss.oracle.com Fri May 23 17:11:36 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:36 -0700 Subject: [El-errata] ELSA-2025-7440 Low: Oracle Linux 9 vim security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7440 http://linux.oracle.com/errata/ELSA-2025-7440.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: vim-X11-8.2.2637-22.0.1.el9_6.x86_64.rpm vim-common-8.2.2637-22.0.1.el9_6.x86_64.rpm vim-enhanced-8.2.2637-22.0.1.el9_6.x86_64.rpm vim-filesystem-8.2.2637-22.0.1.el9_6.noarch.rpm vim-minimal-8.2.2637-22.0.1.el9_6.x86_64.rpm aarch64: vim-X11-8.2.2637-22.0.1.el9_6.aarch64.rpm vim-common-8.2.2637-22.0.1.el9_6.aarch64.rpm vim-enhanced-8.2.2637-22.0.1.el9_6.aarch64.rpm vim-filesystem-8.2.2637-22.0.1.el9_6.noarch.rpm vim-minimal-8.2.2637-22.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//vim-8.2.2637-22.0.1.el9_6.src.rpm Related CVEs: CVE-2023-4752 Description of changes: [8.2.2637-22.0.1] - Remove upstream references [Orabug: 31197557] [2:8.2.2637-22] - RHEL-2159 vim: Heap Use After Free in function ins_compl_get_exp in vim/vim From el-errata at oss.oracle.com Fri May 23 17:11:37 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:37 -0700 Subject: [El-errata] ELSA-2025-7444 Moderate: Oracle Linux 9 expat security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7444 http://linux.oracle.com/errata/ELSA-2025-7444.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: expat-2.5.0-5.el9_6.i686.rpm expat-2.5.0-5.el9_6.x86_64.rpm expat-devel-2.5.0-5.el9_6.i686.rpm expat-devel-2.5.0-5.el9_6.x86_64.rpm aarch64: expat-2.5.0-5.el9_6.aarch64.rpm expat-devel-2.5.0-5.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//expat-2.5.0-5.el9_6.src.rpm Related CVEs: CVE-2024-8176 Description of changes: [2.5.0-5] - Fix CVE-2024-8176 - Resolves: RHEL-57489 [2.5.0-4] - Fix CVE-2024-50602 - Resolves: RHEL-65066 From el-errata at oss.oracle.com Fri May 23 17:11:39 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:39 -0700 Subject: [El-errata] ELSA-2025-7586 Moderate: Oracle Linux 9 ghostscript security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7586 http://linux.oracle.com/errata/ELSA-2025-7586.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: ghostscript-9.54.0-19.el9_6.x86_64.rpm ghostscript-doc-9.54.0-19.el9_6.noarch.rpm ghostscript-tools-dvipdf-9.54.0-19.el9_6.x86_64.rpm ghostscript-tools-fonts-9.54.0-19.el9_6.x86_64.rpm ghostscript-tools-printing-9.54.0-19.el9_6.x86_64.rpm ghostscript-x11-9.54.0-19.el9_6.x86_64.rpm libgs-9.54.0-19.el9_6.i686.rpm libgs-9.54.0-19.el9_6.x86_64.rpm ghostscript-9.54.0-19.el9_6.i686.rpm ghostscript-tools-fonts-9.54.0-19.el9_6.i686.rpm ghostscript-tools-printing-9.54.0-19.el9_6.i686.rpm libgs-devel-9.54.0-19.el9_6.i686.rpm libgs-devel-9.54.0-19.el9_6.x86_64.rpm aarch64: ghostscript-9.54.0-19.el9_6.aarch64.rpm ghostscript-doc-9.54.0-19.el9_6.noarch.rpm ghostscript-tools-dvipdf-9.54.0-19.el9_6.aarch64.rpm ghostscript-tools-fonts-9.54.0-19.el9_6.aarch64.rpm ghostscript-tools-printing-9.54.0-19.el9_6.aarch64.rpm ghostscript-x11-9.54.0-19.el9_6.aarch64.rpm libgs-9.54.0-19.el9_6.aarch64.rpm libgs-devel-9.54.0-19.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//ghostscript-9.54.0-19.el9_6.src.rpm Related CVEs: CVE-2025-27832 Description of changes: [9.54.0-19] - RHEL-88966 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow [9.54.0-18] - RHEL-18397 CVE-2023-46751 ghostscript: dangling pointer in gdev_prn_open_printer_seekable() - RHEL-67048 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space - RHEL-67053 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding - RHEL-67053 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript - RHEL-67053 CVE-2024-46956 ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution From el-errata at oss.oracle.com Fri May 23 17:11:40 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:40 -0700 Subject: [El-errata] ELSA-2025-7598 Important: Oracle Linux 9 .NET 8.0 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7598 http://linux.oracle.com/errata/ELSA-2025-7598.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-8.0-8.0.16-1.0.1.el9_6.x86_64.rpm aspnetcore-runtime-dbg-8.0-8.0.16-1.0.1.el9_6.x86_64.rpm aspnetcore-targeting-pack-8.0-8.0.16-1.0.1.el9_6.x86_64.rpm dotnet-apphost-pack-8.0-8.0.16-1.0.1.el9_6.x86_64.rpm dotnet-hostfxr-8.0-8.0.16-1.0.1.el9_6.x86_64.rpm dotnet-runtime-8.0-8.0.16-1.0.1.el9_6.x86_64.rpm dotnet-runtime-dbg-8.0-8.0.16-1.0.1.el9_6.x86_64.rpm dotnet-sdk-8.0-8.0.116-1.0.1.el9_6.x86_64.rpm dotnet-sdk-dbg-8.0-8.0.116-1.0.1.el9_6.x86_64.rpm dotnet-targeting-pack-8.0-8.0.16-1.0.1.el9_6.x86_64.rpm dotnet-templates-8.0-8.0.116-1.0.1.el9_6.x86_64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.116-1.0.1.el9_6.x86_64.rpm aarch64: aspnetcore-runtime-8.0-8.0.16-1.0.1.el9_6.aarch64.rpm aspnetcore-runtime-dbg-8.0-8.0.16-1.0.1.el9_6.aarch64.rpm aspnetcore-targeting-pack-8.0-8.0.16-1.0.1.el9_6.aarch64.rpm dotnet-apphost-pack-8.0-8.0.16-1.0.1.el9_6.aarch64.rpm dotnet-hostfxr-8.0-8.0.16-1.0.1.el9_6.aarch64.rpm dotnet-runtime-8.0-8.0.16-1.0.1.el9_6.aarch64.rpm dotnet-runtime-dbg-8.0-8.0.16-1.0.1.el9_6.aarch64.rpm dotnet-sdk-8.0-8.0.116-1.0.1.el9_6.aarch64.rpm dotnet-sdk-dbg-8.0-8.0.116-1.0.1.el9_6.aarch64.rpm dotnet-targeting-pack-8.0-8.0.16-1.0.1.el9_6.aarch64.rpm dotnet-templates-8.0-8.0.116-1.0.1.el9_6.aarch64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.116-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//dotnet8.0-8.0.116-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-26646 Description of changes: [8.0.116-1.0.1] - Add support for Oracle Linux [8.0.116-1] - Update to .NET SDK 8.0.116 and Runtime 8.0.16 - Resolves: RHEL-89448 From el-errata at oss.oracle.com Fri May 23 17:11:42 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:42 -0700 Subject: [El-errata] ELSA-2025-7600 Important: Oracle Linux 9 .NET 9.0 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7600 http://linux.oracle.com/errata/ELSA-2025-7600.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-9.0-9.0.5-1.0.1.el9_6.x86_64.rpm aspnetcore-runtime-dbg-9.0-9.0.5-1.0.1.el9_6.x86_64.rpm aspnetcore-targeting-pack-9.0-9.0.5-1.0.1.el9_6.x86_64.rpm dotnet-apphost-pack-9.0-9.0.5-1.0.1.el9_6.x86_64.rpm dotnet-host-9.0.5-1.0.1.el9_6.x86_64.rpm dotnet-hostfxr-9.0-9.0.5-1.0.1.el9_6.x86_64.rpm dotnet-runtime-9.0-9.0.5-1.0.1.el9_6.x86_64.rpm dotnet-runtime-dbg-9.0-9.0.5-1.0.1.el9_6.x86_64.rpm dotnet-sdk-9.0-9.0.106-1.0.1.el9_6.x86_64.rpm dotnet-sdk-aot-9.0-9.0.106-1.0.1.el9_6.x86_64.rpm dotnet-sdk-dbg-9.0-9.0.106-1.0.1.el9_6.x86_64.rpm dotnet-targeting-pack-9.0-9.0.5-1.0.1.el9_6.x86_64.rpm dotnet-templates-9.0-9.0.106-1.0.1.el9_6.x86_64.rpm netstandard-targeting-pack-2.1-9.0.106-1.0.1.el9_6.x86_64.rpm dotnet-sdk-9.0-source-built-artifacts-9.0.106-1.0.1.el9_6.x86_64.rpm aarch64: aspnetcore-runtime-9.0-9.0.5-1.0.1.el9_6.aarch64.rpm aspnetcore-runtime-dbg-9.0-9.0.5-1.0.1.el9_6.aarch64.rpm aspnetcore-targeting-pack-9.0-9.0.5-1.0.1.el9_6.aarch64.rpm dotnet-apphost-pack-9.0-9.0.5-1.0.1.el9_6.aarch64.rpm dotnet-host-9.0.5-1.0.1.el9_6.aarch64.rpm dotnet-hostfxr-9.0-9.0.5-1.0.1.el9_6.aarch64.rpm dotnet-runtime-9.0-9.0.5-1.0.1.el9_6.aarch64.rpm dotnet-runtime-dbg-9.0-9.0.5-1.0.1.el9_6.aarch64.rpm dotnet-sdk-9.0-9.0.106-1.0.1.el9_6.aarch64.rpm dotnet-sdk-aot-9.0-9.0.106-1.0.1.el9_6.aarch64.rpm dotnet-sdk-dbg-9.0-9.0.106-1.0.1.el9_6.aarch64.rpm dotnet-targeting-pack-9.0-9.0.5-1.0.1.el9_6.aarch64.rpm dotnet-templates-9.0-9.0.106-1.0.1.el9_6.aarch64.rpm netstandard-targeting-pack-2.1-9.0.106-1.0.1.el9_6.aarch64.rpm dotnet-sdk-9.0-source-built-artifacts-9.0.106-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//dotnet9.0-9.0.106-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-26646 Description of changes: [9.0.106-1.0.1] - Add support for Oracle Linux [9.0.106-1] - Update to .NET SDK 9.0.106 and Runtime 9.0.5 - Resolves: RHEL-89453 From el-errata at oss.oracle.com Fri May 23 17:11:43 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:43 -0700 Subject: [El-errata] ELSA-2025-7672 Moderate: Oracle Linux 9 xdg-utils security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7672 http://linux.oracle.com/errata/ELSA-2025-7672.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: xdg-utils-1.1.3-13.el9_6.noarch.rpm aarch64: xdg-utils-1.1.3-13.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//xdg-utils-1.1.3-13.el9_6.src.rpm Related CVEs: CVE-2022-4055 Description of changes: [1.1.3-13] - Update documentation for CVE-2022-4055 (RHEL-87487) [1.1.3-12] - Fix CVE-2022-4055 (RHEL-87487) From el-errata at oss.oracle.com Fri May 23 17:11:44 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:44 -0700 Subject: [El-errata] ELSA-2025-7893 Important: Oracle Linux 9 grafana security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7893 http://linux.oracle.com/errata/ELSA-2025-7893.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: grafana-10.2.6-13.el9_6.x86_64.rpm grafana-selinux-10.2.6-13.el9_6.x86_64.rpm aarch64: grafana-10.2.6-13.el9_6.aarch64.rpm grafana-selinux-10.2.6-13.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//grafana-10.2.6-13.el9_6.src.rpm Related CVEs: CVE-2025-4123 Description of changes: [10.2.6-13] - Resolves RHEL-89954: CVE-2025-4123 [10.2.6-12] - Resolves RHEL-88922: Move home directory of grafana to /var/lib/grafana [10.2.6-11] - Resolves RHEL-84636: CVE-2025-30204 [10.2.6-10] - Resolves RHEL-75919: grafana selinux issue with autofs_t From el-errata at oss.oracle.com Fri May 23 17:11:47 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:47 -0700 Subject: [El-errata] ELSA-2025-7937 Important: Oracle Linux 9 compat-openssl11 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7937 http://linux.oracle.com/errata/ELSA-2025-7937.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: compat-openssl11-1.1.1k-5.el9_6.1.i686.rpm compat-openssl11-1.1.1k-5.el9_6.1.x86_64.rpm aarch64: compat-openssl11-1.1.1k-5.el9_6.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//compat-openssl11-1.1.1k-5.el9_6.1.src.rpm Related CVEs: CVE-2023-0286 Description of changes: [1:1.1.1k-5.1] - Fixes cve-2023-0286 X.400 address type confusion in X.509 GeneralName Resolves: RHEL-88969 [1:1.1.1k-5] - Update expired certificates used in the testsuite Resolves: RHEL-5297 From el-errata at oss.oracle.com Fri May 23 17:11:48 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:48 -0700 Subject: [El-errata] ELSA-2025-7995 Important: Oracle Linux 9 webkit2gtk3 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7995 http://linux.oracle.com/errata/ELSA-2025-7995.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: webkit2gtk3-2.48.2-1.el9_6.i686.rpm webkit2gtk3-2.48.2-1.el9_6.x86_64.rpm webkit2gtk3-devel-2.48.2-1.el9_6.i686.rpm webkit2gtk3-devel-2.48.2-1.el9_6.x86_64.rpm webkit2gtk3-jsc-2.48.2-1.el9_6.i686.rpm webkit2gtk3-jsc-2.48.2-1.el9_6.x86_64.rpm webkit2gtk3-jsc-devel-2.48.2-1.el9_6.i686.rpm webkit2gtk3-jsc-devel-2.48.2-1.el9_6.x86_64.rpm aarch64: webkit2gtk3-2.48.2-1.el9_6.aarch64.rpm webkit2gtk3-devel-2.48.2-1.el9_6.aarch64.rpm webkit2gtk3-jsc-2.48.2-1.el9_6.aarch64.rpm webkit2gtk3-jsc-devel-2.48.2-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//webkit2gtk3-2.48.2-1.el9_6.src.rpm Related CVEs: CVE-2025-31205 CVE-2025-31257 Description of changes: [2.48.2-1] - Update to 2.48.2 - Reenable JIT From el-errata at oss.oracle.com Fri May 23 17:11:50 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 23 May 2025 10:11:50 -0700 Subject: [El-errata] ELSA-2025-8049 Important: Oracle Linux 9 firefox security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8049 http://linux.oracle.com/errata/ELSA-2025-8049.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.10.1-1.0.1.el9_6.x86_64.rpm firefox-x11-128.10.1-1.0.1.el9_6.x86_64.rpm aarch64: firefox-128.10.1-1.0.1.el9_6.aarch64.rpm firefox-x11-128.10.1-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//firefox-128.10.1-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-4918 CVE-2025-4919 Description of changes: [128.10.1-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [128.10.1] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.10.1-1] - Update to 128.10.1 From el-errata at oss.oracle.com Mon May 26 17:28:20 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 26 May 2025 17:28:20 +0000 Subject: [El-errata] New Ksplice updates for UEKR7 5.15.0 on OL8 and OL9 (ELSA-2025-20320) Message-ID: Synopsis: ELSA-2025-20320 can now be patched using Ksplice CVEs: CVE-2024-25742 CVE-2024-25743 CVE-2024-26982 CVE-2024-57801 CVE-2024-58001 CVE-2024-58069 CVE-2025-21662 CVE-2025-21675 CVE-2025-21700 CVE-2025-21701 CVE- 2025-21702 CVE-2025-21704 CVE-2025-21719 CVE-2025-21727 CVE-2025-21731 CVE-2025- 21745 CVE-2025-21753 CVE-2025-21756 CVE-2025-21779 CVE-2025-21785 CVE-2025-21787 CVE-2025-21791 CVE-2025-21795 CVE-2025-21796 CVE-2025-21844 CVE-2025-21858 CVE- 2025-21887 CVE-2025-21919 CVE-2025-21920 CVE-2025-21926 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2025-20320. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2025-20320.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR7 5.15.0 on OL8 and OL9 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2024-25742, CVE-2024-25743: Disruption of AMD SEV-SNP With Interrupts. A missing check in the AMD SEV Linux kernel driver can result in malicious interrupts injection. An attacker with an access to a hypervisor can potentially break confidentiality and integrity of Linux SEV-SNP guests. Orabug: 37687865 * CVE-2024-26982: Denial-of-service in SquashFS. A missing check when using SquashFS could lead to an out-of-bounds memory access. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-57801: Privilege escalation in Mellanox SRIOV E-Switch driver. A logic error when using the Mellanox SRIOV E-Switch driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. Orabug: 37710815 * CVE-2024-58001: Denial-of-service in OCFS2 filesystem. Incorrect reference counting when using the OCFS2 filesystem could lead to a memory leak. A local attacker could use this flaw to cause a denial-of-service. * CVE-2024-58069: Privilege escalation in NXP-PCF85063 RTC driver. A logic error when using the rtc-pcf85063 driver could lead to an out-of-bounds memory write. A local attacker could use this flaw to escalate privileges. * CVE-2025-21662: Denial-of-service in Mellanox devices driver. Missing complete call when using the Mellanox devices driver could lead to kthread hang. A local attacker could use this flaw to cause a denial-of-service. Orabug: 37710815 * CVE-2025-21675: Denial-of-service in Mellanox devices driver. A logic error when using the Mellanox devices driver could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. Orabug: 37710815 * CVE-2025-21700: Privilege escalation in QoS and/or fair queueing driver. A logic error when using the QoS and/or fair queueing driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21701: Denial-of-service in Networking driver. A race condition when using the Networking driver could lead to a kernel assertion failure. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21702: Privilege escalation in network QoS/scheduling driver. A missing check when using the network QoS/scheduling driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21704: Memory corruption in USB Modem (CDC ACM) driver. A logic error when using the USB Modem (CDC ACM) driver could lead to an integer underflow. A local attacker could use this flaw to cause memory corruption. * CVE-2025-21719: Denial-of-service in TCP/IP networking driver. A logic error when using the TCP/IP networking driver could lead to a kernel crash. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21727: Privilege escalation in PADATA. A race condition when using the interface to proccess data streams in parallel could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21731: Privilege escalation in network block device driver. A race condition when using the NBD driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21745: Denial-of-service in IO controller driver. Incorrect reference counting when using the IO controller driver could lead to a reference count leak. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21753: Privilege escalation in Btrfs filesystem. A race condition when using the Btrfs filesystem could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21756: Privilege escalation in Virtual Socket protocol driver. A logic error when using the Virtual Socket protocol driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21779: Denial-of-service in Kernel-based Virtual Machine (KVM). A logic error when using the KVM could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21785: Code execution in Arm64 cacheinfo support. A logic error in Arm64 cacheinfo support (processor cache) can lead to out-of-bounds write. An attacker could use this exploit to execute arbitrary code, but that's not really possible as of now. But let's make the CVE scanners happy. * CVE-2025-21787: Denial-of-service in Ethernet team driver. Incorrect checks on parameters passed from userspace when using the Ethernet team driver could lead to an out-of-bounds memory read. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21791: Privilege escalation in layer 3 master device support. A race condition when using an L3 master device could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21795: Remote denial-of-service in NFS server driver. A logic error when using the NFS server driver could lead to ~15 minutes long hang. A remote attacker could use this flaw to cause a denial-of-service. * CVE-2025-21796: Privilege escalation in NFS server for the NFSv2 ACL protocol extension driver. Logic error when using the NFS server for the NFSv2 ACL protocol extension driver could lead to a kernel panic. A local attacker could use this flaw to escalate privileges. * CVE-2025-21844: Denial-of-service in Common Internet File System (CIFS). A missing check when using the SMB3 client could lead to a NULL pointer dereference. A local attacker could use this flaw to cause a denial-of-service. * CVE-2025-21858: Privilege escalation in Generic Network Virtualization Encapsulation driver. A logic error when using the GENEVE driver could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21887: Privilege escalation in Overlay filesystem. A logic error when using the Overlay filesystem could lead to a use-after-free. A local attacker could use this flaw to escalate privileges. * CVE-2025-21919: Memory corruption in Completely Fair Scheduler (CFS). A logic error when using the Completely Fair Scheduler could lead to an out-of-bounds memory access. A local attacker could use this flaw to cause memory corruption. * CVE-2025-21920: Information leak in ethernet VLAN stack. A missing check for device type in the ethernet VLAN stack could lead to kernel address leak. As System.map file is also readable by an unprivileged attacker, KASLR can be bypassed since the attacker can find out the relative offsets and combine that with the leaked address to find the address of any kernel symbol, which can facilitate an attack, like privilege escalation. * CVE-2025-21926: Denial-of-service in UDPv4 Generic Segmentation Offload support. A logic error when using UDPv4 sockets with GSO could lead to a kernel panic. A local attacker could use this flaw to cause a denial-of-service. * Delayed send operations in the RDS Protocol driver. A logic error in the RDS Protocol driver can cause delayed work for send operations to fail to queue for execution when expected.? This can lead to increased latency in RDS traffic. Orabug: 37783021, 37260584, 37551309 * Denial-of-service in Bridged IP/ARP packets filtering driver. A logic error when using the Bridged IP/ARP packets filtering driver could lead to the bridge dropping IP packets under specific conditions. Orabug: 37847171 * Information leak in USB Modem (CDC ACM) driver. A missing check when using the USB Modem (CDC ACM) driver could lead to use of uninitialized memory. A local attacker could use this flaw to extract sensitive information. * Performance degradation in Transparent Hugepage Memory Management. A logic error when very large number of processes are executed from the same binary could lead to resource contention issue. That can lead to performance degradation. Orabug: 37608058 * Note: Oracle has determined some CVEs are not applicable. The kernel is not affected by the following CVEs since the code under consideration is not compiled. CVE-2024-47726, CVE-2024-50252, CVE-2024-57834, CVE-2024-58007, CVE-2024-58010, CVE-2024-58016, CVE-2024-58051, CVE-2024-58076, CVE-2024-58085, CVE-2024-58086, CVE-2025-21684, CVE-2025-21711, CVE-2025-21715, CVE-2025-21718, CVE-2025-21735, CVE-2025-21736, CVE-2025-21748, CVE-2025-21749, CVE-2025-21781, CVE-2025-21782, CVE-2025-21799, CVE-2025-21802, CVE-2025-21804, CVE-2025-21811, CVE-2025-21835, CVE-2025-21859, CVE-2025-21866, CVE-2025-21878, CVE-2025-21904, CVE-2025-21914, CVE-2025-21924, CVE-2025-21925, CVE-2025-21934, CVE-2025-21935, CVE-2025-21943, CVE-2025-21950, CVE-2025-39735 Orabug: 37710815 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Tue May 27 17:09:07 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:09:07 -0700 Subject: [El-errata] ELBA-2025-20337 Oracle Linux 9 rsyslog bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20337 http://linux.oracle.com/errata/ELBA-2025-20337.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: rsyslog-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-crypto-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-doc-8.2412.0-1.0.1.el9.noarch.rpm rsyslog-elasticsearch-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-gnutls-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-gssapi-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-kafka-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-logrotate-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-mmaudit-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-mmfields-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-mmjsonparse-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-mmkubernetes-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-mmnormalize-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-mmsnmptrapd-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-mysql-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-omamqp1-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-openssl-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-pgsql-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-relp-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-snmp-8.2412.0-1.0.1.el9.x86_64.rpm rsyslog-udpspoof-8.2412.0-1.0.1.el9.x86_64.rpm aarch64: rsyslog-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-crypto-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-doc-8.2412.0-1.0.1.el9.noarch.rpm rsyslog-elasticsearch-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-gnutls-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-gssapi-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-kafka-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-logrotate-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-mmaudit-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-mmfields-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-mmjsonparse-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-mmkubernetes-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-mmnormalize-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-mmsnmptrapd-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-mysql-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-omamqp1-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-openssl-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-pgsql-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-relp-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-snmp-8.2412.0-1.0.1.el9.aarch64.rpm rsyslog-udpspoof-8.2412.0-1.0.1.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//rsyslog-8.2412.0-1.0.1.el9.src.rpm Description of changes: [8.2412.0-1.0.1] - Fixes rsyslog segfault during shutdown when relp is configured with TLS [Orabug: 37588023] From el-errata at oss.oracle.com Tue May 27 17:09:09 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:09:09 -0700 Subject: [El-errata] ELBA-2025-20339 Oracle Linux 9 redis bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20339 http://linux.oracle.com/errata/ELBA-2025-20339.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: redis-7.2.8-1.0.1.module+el9.6.0+90593+d01c6809.x86_64.rpm redis-devel-7.2.8-1.0.1.module+el9.6.0+90593+d01c6809.x86_64.rpm redis-doc-7.2.8-1.0.1.module+el9.6.0+90593+d01c6809.noarch.rpm aarch64: redis-7.2.8-1.0.1.module+el9.6.0+90593+d01c6809.aarch64.rpm redis-devel-7.2.8-1.0.1.module+el9.6.0+90593+d01c6809.aarch64.rpm redis-doc-7.2.8-1.0.1.module+el9.6.0+90593+d01c6809.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//redis-7.2.8-1.0.1.module+el9.6.0+90593+d01c6809.src.rpm Description of changes: [7.2.8-1.0.1] - Build with 64k pages to support redis on UEK on aarch64 [7.2.8-1] - rebase to 7.2.8 for CVE-2025-21605 [7.2.7-1] - rebase to 7.2.7 for CVE-2024-46981 and CVE-2024-51741 [7.2.6-1] - rebase to 7.2.6 RHEL-26628 [7.0.12-1] - rebase to 7.0.12 #2221899 [7.0.11-1] - rebase to 7.0.11 for new redis:7 stream #2129826 From el-errata at oss.oracle.com Tue May 27 17:16:57 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:16:57 -0700 Subject: [El-errata] ELBA-2025-7394 Oracle Linux 9 .NET 9.0 bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7394 http://linux.oracle.com/errata/ELBA-2025-7394.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-9.0-9.0.4-2.0.1.el9_6.x86_64.rpm aspnetcore-runtime-dbg-9.0-9.0.4-2.0.1.el9_6.x86_64.rpm aspnetcore-targeting-pack-9.0-9.0.4-2.0.1.el9_6.x86_64.rpm dotnet-apphost-pack-9.0-9.0.4-2.0.1.el9_6.x86_64.rpm dotnet-host-9.0.4-2.0.1.el9_6.x86_64.rpm dotnet-hostfxr-9.0-9.0.4-2.0.1.el9_6.x86_64.rpm dotnet-runtime-9.0-9.0.4-2.0.1.el9_6.x86_64.rpm dotnet-runtime-dbg-9.0-9.0.4-2.0.1.el9_6.x86_64.rpm dotnet-sdk-9.0-9.0.105-2.0.1.el9_6.x86_64.rpm dotnet-sdk-aot-9.0-9.0.105-2.0.1.el9_6.x86_64.rpm dotnet-sdk-dbg-9.0-9.0.105-2.0.1.el9_6.x86_64.rpm dotnet-targeting-pack-9.0-9.0.4-2.0.1.el9_6.x86_64.rpm dotnet-templates-9.0-9.0.105-2.0.1.el9_6.x86_64.rpm netstandard-targeting-pack-2.1-9.0.105-2.0.1.el9_6.x86_64.rpm dotnet-sdk-9.0-source-built-artifacts-9.0.105-2.0.1.el9_6.x86_64.rpm aarch64: aspnetcore-runtime-9.0-9.0.4-2.0.1.el9_6.aarch64.rpm aspnetcore-runtime-dbg-9.0-9.0.4-2.0.1.el9_6.aarch64.rpm aspnetcore-targeting-pack-9.0-9.0.4-2.0.1.el9_6.aarch64.rpm dotnet-apphost-pack-9.0-9.0.4-2.0.1.el9_6.aarch64.rpm dotnet-host-9.0.4-2.0.1.el9_6.aarch64.rpm dotnet-hostfxr-9.0-9.0.4-2.0.1.el9_6.aarch64.rpm dotnet-runtime-9.0-9.0.4-2.0.1.el9_6.aarch64.rpm dotnet-runtime-dbg-9.0-9.0.4-2.0.1.el9_6.aarch64.rpm dotnet-sdk-9.0-9.0.105-2.0.1.el9_6.aarch64.rpm dotnet-sdk-aot-9.0-9.0.105-2.0.1.el9_6.aarch64.rpm dotnet-sdk-dbg-9.0-9.0.105-2.0.1.el9_6.aarch64.rpm dotnet-targeting-pack-9.0-9.0.4-2.0.1.el9_6.aarch64.rpm dotnet-templates-9.0-9.0.105-2.0.1.el9_6.aarch64.rpm netstandard-targeting-pack-2.1-9.0.105-2.0.1.el9_6.aarch64.rpm dotnet-sdk-9.0-source-built-artifacts-9.0.105-2.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//dotnet9.0-9.0.105-2.0.1.el9_6.src.rpm Description of changes: [9.0.105-2.0.1] - Add support for Oracle Linux [9.0.105-2] - Update to .NET SDK 9.0.105 and Runtime 9.0.4 - Resolves: RHEL-85280 From el-errata at oss.oracle.com Tue May 27 17:16:59 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:16:59 -0700 Subject: [El-errata] ELBA-2025-7396 Oracle Linux 9 pcp bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7396 http://linux.oracle.com/errata/ELBA-2025-7396.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: pcp-6.3.7-1.el9_6.x86_64.rpm pcp-conf-6.3.7-1.el9_6.x86_64.rpm pcp-devel-6.3.7-1.el9_6.i686.rpm pcp-devel-6.3.7-1.el9_6.x86_64.rpm pcp-doc-6.3.7-1.el9_6.noarch.rpm pcp-export-pcp2elasticsearch-6.3.7-1.el9_6.x86_64.rpm pcp-export-pcp2graphite-6.3.7-1.el9_6.x86_64.rpm pcp-export-pcp2influxdb-6.3.7-1.el9_6.x86_64.rpm pcp-export-pcp2json-6.3.7-1.el9_6.x86_64.rpm pcp-export-pcp2openmetrics-6.3.7-1.el9_6.x86_64.rpm pcp-export-pcp2spark-6.3.7-1.el9_6.x86_64.rpm pcp-export-pcp2xml-6.3.7-1.el9_6.x86_64.rpm pcp-export-pcp2zabbix-6.3.7-1.el9_6.x86_64.rpm pcp-export-zabbix-agent-6.3.7-1.el9_6.x86_64.rpm pcp-geolocate-6.3.7-1.el9_6.x86_64.rpm pcp-gui-6.3.7-1.el9_6.x86_64.rpm pcp-import-collectl2pcp-6.3.7-1.el9_6.x86_64.rpm pcp-import-ganglia2pcp-6.3.7-1.el9_6.x86_64.rpm pcp-import-iostat2pcp-6.3.7-1.el9_6.x86_64.rpm pcp-import-mrtg2pcp-6.3.7-1.el9_6.x86_64.rpm pcp-import-sar2pcp-6.3.7-1.el9_6.x86_64.rpm pcp-libs-6.3.7-1.el9_6.i686.rpm pcp-libs-6.3.7-1.el9_6.x86_64.rpm pcp-libs-devel-6.3.7-1.el9_6.i686.rpm pcp-libs-devel-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-activemq-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-apache-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-bash-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-bcc-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-bind2-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-bonding-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-bpf-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-bpftrace-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-cifs-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-cisco-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-dbping-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-denki-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-dm-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-docker-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-ds389-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-ds389log-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-elasticsearch-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-farm-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-gfs2-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-gluster-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-gpfs-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-gpsd-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-hacluster-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-haproxy-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-infiniband-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-json-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-libvirt-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-lio-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-lmsensors-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-logger-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-lustre-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-lustrecomm-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-mailq-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-memcache-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-mic-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-mongodb-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-mounts-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-mssql-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-mysql-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-named-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-netcheck-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-netfilter-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-news-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-nfsclient-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-nginx-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-nvidia-gpu-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-openmetrics-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-openvswitch-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-oracle-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-pdns-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-perfevent-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-podman-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-postfix-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-postgresql-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-rabbitmq-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-redis-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-resctrl-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-roomtemp-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-rsyslog-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-samba-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-sendmail-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-shping-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-slurm-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-smart-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-snmp-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-sockets-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-statsd-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-summary-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-systemd-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-trace-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-unbound-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-uwsgi-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-weblog-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-zimbra-6.3.7-1.el9_6.x86_64.rpm pcp-pmda-zswap-6.3.7-1.el9_6.x86_64.rpm pcp-selinux-6.3.7-1.el9_6.x86_64.rpm pcp-system-tools-6.3.7-1.el9_6.x86_64.rpm pcp-testsuite-6.3.7-1.el9_6.i686.rpm pcp-testsuite-6.3.7-1.el9_6.x86_64.rpm pcp-zeroconf-6.3.7-1.el9_6.x86_64.rpm perl-PCP-LogImport-6.3.7-1.el9_6.x86_64.rpm perl-PCP-LogSummary-6.3.7-1.el9_6.x86_64.rpm perl-PCP-MMV-6.3.7-1.el9_6.x86_64.rpm perl-PCP-PMDA-6.3.7-1.el9_6.x86_64.rpm python3-pcp-6.3.7-1.el9_6.x86_64.rpm aarch64: pcp-6.3.7-1.el9_6.aarch64.rpm pcp-conf-6.3.7-1.el9_6.aarch64.rpm pcp-devel-6.3.7-1.el9_6.aarch64.rpm pcp-doc-6.3.7-1.el9_6.noarch.rpm pcp-export-pcp2elasticsearch-6.3.7-1.el9_6.aarch64.rpm pcp-export-pcp2graphite-6.3.7-1.el9_6.aarch64.rpm pcp-export-pcp2influxdb-6.3.7-1.el9_6.aarch64.rpm pcp-export-pcp2json-6.3.7-1.el9_6.aarch64.rpm pcp-export-pcp2openmetrics-6.3.7-1.el9_6.aarch64.rpm pcp-export-pcp2spark-6.3.7-1.el9_6.aarch64.rpm pcp-export-pcp2xml-6.3.7-1.el9_6.aarch64.rpm pcp-export-pcp2zabbix-6.3.7-1.el9_6.aarch64.rpm pcp-export-zabbix-agent-6.3.7-1.el9_6.aarch64.rpm pcp-geolocate-6.3.7-1.el9_6.aarch64.rpm pcp-gui-6.3.7-1.el9_6.aarch64.rpm pcp-import-collectl2pcp-6.3.7-1.el9_6.aarch64.rpm pcp-import-ganglia2pcp-6.3.7-1.el9_6.aarch64.rpm pcp-import-iostat2pcp-6.3.7-1.el9_6.aarch64.rpm pcp-import-mrtg2pcp-6.3.7-1.el9_6.aarch64.rpm pcp-import-sar2pcp-6.3.7-1.el9_6.aarch64.rpm pcp-libs-6.3.7-1.el9_6.aarch64.rpm pcp-libs-devel-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-activemq-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-apache-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-bash-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-bcc-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-bind2-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-bonding-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-bpf-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-bpftrace-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-cifs-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-cisco-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-dbping-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-denki-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-dm-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-docker-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-ds389-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-ds389log-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-elasticsearch-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-farm-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-gfs2-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-gluster-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-gpfs-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-gpsd-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-hacluster-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-haproxy-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-infiniband-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-json-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-libvirt-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-lio-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-lmsensors-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-logger-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-lustre-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-lustrecomm-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-mailq-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-memcache-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-mic-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-mongodb-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-mounts-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-mysql-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-named-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-netcheck-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-netfilter-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-news-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-nfsclient-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-nginx-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-nvidia-gpu-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-openmetrics-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-openvswitch-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-oracle-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-pdns-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-perfevent-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-podman-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-postfix-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-postgresql-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-rabbitmq-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-redis-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-roomtemp-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-rsyslog-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-samba-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-sendmail-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-shping-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-slurm-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-smart-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-snmp-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-sockets-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-statsd-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-summary-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-systemd-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-trace-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-unbound-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-uwsgi-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-weblog-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-zimbra-6.3.7-1.el9_6.aarch64.rpm pcp-pmda-zswap-6.3.7-1.el9_6.aarch64.rpm pcp-selinux-6.3.7-1.el9_6.aarch64.rpm pcp-system-tools-6.3.7-1.el9_6.aarch64.rpm pcp-testsuite-6.3.7-1.el9_6.aarch64.rpm pcp-zeroconf-6.3.7-1.el9_6.aarch64.rpm perl-PCP-LogImport-6.3.7-1.el9_6.aarch64.rpm perl-PCP-LogSummary-6.3.7-1.el9_6.aarch64.rpm perl-PCP-MMV-6.3.7-1.el9_6.aarch64.rpm perl-PCP-PMDA-6.3.7-1.el9_6.aarch64.rpm python3-pcp-6.3.7-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//pcp-6.3.7-1.el9_6.src.rpm Description of changes: [6.3.7-1] - Update selinux policy (RHEL-39508, RHEL-83594, RHEL-83954) - Improvements to pmseries archive --load handling (RHEL-83914) - Support pmproxy REST API /metrics scrape filtering (RHEL-59228) [6.3.4-1] - Endian issue affecting s390 with v3 archives fixed (RHEL-61501) - Improvement to the NVIDIA metrics install process (RHEL-80722) - Resolved zeroconf install pmieconf-failure warning (RHEL-78187) - Fixes to the pmproxy and pmlogger labels handling (RHEL-67227) - Fixed the pmcd/pmdaproc/pmproxy access.conf mechanism (RHEL-60891) - Added new per-NUMA-node per-hugepage metrics (RHEL-45876) From el-errata at oss.oracle.com Tue May 27 17:17:01 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:17:01 -0700 Subject: [El-errata] ELBA-2025-7398 Oracle Linux 9 .NET 8.0 bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7398 http://linux.oracle.com/errata/ELBA-2025-7398.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-8.0-8.0.15-2.0.1.el9_6.x86_64.rpm aspnetcore-runtime-dbg-8.0-8.0.15-2.0.1.el9_6.x86_64.rpm aspnetcore-targeting-pack-8.0-8.0.15-2.0.1.el9_6.x86_64.rpm dotnet-apphost-pack-8.0-8.0.15-2.0.1.el9_6.x86_64.rpm dotnet-hostfxr-8.0-8.0.15-2.0.1.el9_6.x86_64.rpm dotnet-runtime-8.0-8.0.15-2.0.1.el9_6.x86_64.rpm dotnet-runtime-dbg-8.0-8.0.15-2.0.1.el9_6.x86_64.rpm dotnet-sdk-8.0-8.0.115-2.0.1.el9_6.x86_64.rpm dotnet-sdk-dbg-8.0-8.0.115-2.0.1.el9_6.x86_64.rpm dotnet-targeting-pack-8.0-8.0.15-2.0.1.el9_6.x86_64.rpm dotnet-templates-8.0-8.0.115-2.0.1.el9_6.x86_64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.115-2.0.1.el9_6.x86_64.rpm aarch64: aspnetcore-runtime-8.0-8.0.15-2.0.1.el9_6.aarch64.rpm aspnetcore-runtime-dbg-8.0-8.0.15-2.0.1.el9_6.aarch64.rpm aspnetcore-targeting-pack-8.0-8.0.15-2.0.1.el9_6.aarch64.rpm dotnet-apphost-pack-8.0-8.0.15-2.0.1.el9_6.aarch64.rpm dotnet-hostfxr-8.0-8.0.15-2.0.1.el9_6.aarch64.rpm dotnet-runtime-8.0-8.0.15-2.0.1.el9_6.aarch64.rpm dotnet-runtime-dbg-8.0-8.0.15-2.0.1.el9_6.aarch64.rpm dotnet-sdk-8.0-8.0.115-2.0.1.el9_6.aarch64.rpm dotnet-sdk-dbg-8.0-8.0.115-2.0.1.el9_6.aarch64.rpm dotnet-targeting-pack-8.0-8.0.15-2.0.1.el9_6.aarch64.rpm dotnet-templates-8.0-8.0.115-2.0.1.el9_6.aarch64.rpm dotnet-sdk-8.0-source-built-artifacts-8.0.115-2.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//dotnet8.0-8.0.115-2.0.1.el9_6.src.rpm Description of changes: [8.0.115-2.0.1] - Add support for Oracle Linux [8.0.115-2] - Update to .NET SDK 8.0.115 and Runtime 8.0.15 - Resolves: RHEL-85276 From el-errata at oss.oracle.com Tue May 27 17:17:03 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:17:03 -0700 Subject: [El-errata] ELSA-2025-8126 Important: Oracle Linux 9 libsoup security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8126 http://linux.oracle.com/errata/ELSA-2025-8126.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libsoup-2.72.0-10.el9_6.2.i686.rpm libsoup-2.72.0-10.el9_6.2.x86_64.rpm libsoup-devel-2.72.0-10.el9_6.2.i686.rpm libsoup-devel-2.72.0-10.el9_6.2.x86_64.rpm aarch64: libsoup-2.72.0-10.el9_6.2.aarch64.rpm libsoup-devel-2.72.0-10.el9_6.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libsoup-2.72.0-10.el9_6.2.src.rpm Related CVEs: CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 CVE-2025-32914 Description of changes: [2.72.0-10.2] - Backport patches for various CVEs Resolves: RHEL-85888 Resolves: RHEL-87081 Resolves: RHEL-88332 Resolves: RHEL-92285 From el-errata at oss.oracle.com Tue May 27 17:17:06 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:17:06 -0700 Subject: [El-errata] ELSA-2025-8136 Important: Oracle Linux 9 python-tornado security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8136 http://linux.oracle.com/errata/ELSA-2025-8136.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: python3-tornado-6.4.2-2.el9_6.2.x86_64.rpm aarch64: python3-tornado-6.4.2-2.el9_6.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//python-tornado-6.4.2-2.el9_6.2.src.rpm Related CVEs: CVE-2025-47287 Description of changes: [6.4.2-2.2] - tests: add ci_test.fmf + update gating.yaml Related: RHEL-91999 [6.4.2-2.1] - httputil: Raise errors instead of logging in multipart/form-data parsing Resolves: RHEL-91999 From el-errata at oss.oracle.com Tue May 27 17:17:08 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:17:08 -0700 Subject: [El-errata] ELSA-2025-8183 Important: Oracle Linux 9 gstreamer1-plugins-bad-free security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8183 http://linux.oracle.com/errata/ELSA-2025-8183.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: gstreamer1-plugins-bad-free-1.22.12-4.el9_6.i686.rpm gstreamer1-plugins-bad-free-1.22.12-4.el9_6.x86_64.rpm gstreamer1-plugins-bad-free-libs-1.22.12-4.el9_6.i686.rpm gstreamer1-plugins-bad-free-libs-1.22.12-4.el9_6.x86_64.rpm gstreamer1-plugins-bad-free-devel-1.22.12-4.el9_6.i686.rpm gstreamer1-plugins-bad-free-devel-1.22.12-4.el9_6.x86_64.rpm aarch64: gstreamer1-plugins-bad-free-1.22.12-4.el9_6.aarch64.rpm gstreamer1-plugins-bad-free-libs-1.22.12-4.el9_6.aarch64.rpm gstreamer1-plugins-bad-free-devel-1.22.12-4.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//gstreamer1-plugins-bad-free-1.22.12-4.el9_6.src.rpm Related CVEs: CVE-2025-3887 Description of changes: [1.22.12-4] - fix for CVE-2025-3887 Resolves: RHEL-93063 From el-errata at oss.oracle.com Tue May 27 17:26:08 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:26:08 -0700 Subject: [El-errata] ELBA-2025-7400 Oracle Linux 9 qemu-kvm bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7400 http://linux.oracle.com/errata/ELBA-2025-7400.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: qemu-guest-agent-9.1.0-15.el9_6.2.x86_64.rpm qemu-img-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-audio-pa-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-block-blkio-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-block-curl-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-block-rbd-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-common-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-core-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-device-display-virtio-gpu-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-device-display-virtio-gpu-pci-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-device-display-virtio-vga-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-device-usb-host-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-device-usb-redirect-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-docs-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-tools-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-ui-egl-headless-9.1.0-15.el9_6.2.x86_64.rpm qemu-kvm-ui-opengl-9.1.0-15.el9_6.2.x86_64.rpm qemu-pr-helper-9.1.0-15.el9_6.2.x86_64.rpm aarch64: qemu-guest-agent-9.1.0-15.el9_6.2.aarch64.rpm qemu-img-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-audio-pa-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-block-blkio-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-block-curl-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-block-rbd-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-common-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-core-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-device-display-virtio-gpu-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-device-display-virtio-gpu-pci-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-device-usb-host-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-device-usb-redirect-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-docs-9.1.0-15.el9_6.2.aarch64.rpm qemu-kvm-tools-9.1.0-15.el9_6.2.aarch64.rpm qemu-pr-helper-9.1.0-15.el9_6.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//qemu-kvm-9.1.0-15.el9_6.2.src.rpm Description of changes: [9.1.0-15.el9_6.2] - kvm-net-vhost-user-add-QAPI-events-to-report-connection-.patch [RHEL-80622] - Resolves: RHEL-80622 (Allow libvirt to restart passt/vhost-user when the process is killed [rhel-9]) From el-errata at oss.oracle.com Tue May 27 17:26:11 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:26:11 -0700 Subject: [El-errata] ELBA-2025-7405 Oracle Linux 9 xorg-x11-drv-libinput bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7405 http://linux.oracle.com/errata/ELBA-2025-7405.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: xorg-x11-drv-libinput-1.0.1-4.el9_6.x86_64.rpm xorg-x11-drv-libinput-devel-1.0.1-4.el9_6.i686.rpm xorg-x11-drv-libinput-devel-1.0.1-4.el9_6.x86_64.rpm aarch64: xorg-x11-drv-libinput-1.0.1-4.el9_6.aarch64.rpm xorg-x11-drv-libinput-devel-1.0.1-4.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//xorg-x11-drv-libinput-1.0.1-4.el9_6.src.rpm Description of changes: [1.0.1-4] - Map some high keycodes into the FK20-FK23 range (RHEL-84833) From el-errata at oss.oracle.com Tue May 27 17:26:15 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:26:15 -0700 Subject: [El-errata] ELBA-2025-7408 Oracle Linux 9 postgresql:16 bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7408 http://linux.oracle.com/errata/ELBA-2025-7408.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: pgaudit-16.0-1.module+el9.4.0+90394+9e4f3cba.x86_64.rpm pg_repack-1.5.1-1.module+el9.6.0+90592+523cb846.x86_64.rpm pgvector-0.6.2-2.module+el9.6.0+90592+523cb846.x86_64.rpm postgres-decoderbufs-2.4.0-1.Final.module+el9.4.0+90394+9e4f3cba.x86_64.rpm postgresql-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-contrib-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-docs-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-plperl-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-plpython3-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-pltcl-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-private-devel-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-private-libs-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-server-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-server-devel-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-static-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-test-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-test-rpm-macros-16.8-1.module+el9.6.0+90592+523cb846.noarch.rpm postgresql-upgrade-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm postgresql-upgrade-devel-16.8-1.module+el9.6.0+90592+523cb846.x86_64.rpm aarch64: pgaudit-16.0-1.module+el9.4.0+90394+9e4f3cba.aarch64.rpm pg_repack-1.5.1-1.module+el9.6.0+90592+523cb846.aarch64.rpm pgvector-0.6.2-2.module+el9.6.0+90592+523cb846.aarch64.rpm postgres-decoderbufs-2.4.0-1.Final.module+el9.4.0+90394+9e4f3cba.aarch64.rpm postgresql-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-contrib-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-docs-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-plperl-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-plpython3-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-pltcl-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-private-devel-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-private-libs-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-server-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-server-devel-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-static-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-test-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-test-rpm-macros-16.8-1.module+el9.6.0+90592+523cb846.noarch.rpm postgresql-upgrade-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm postgresql-upgrade-devel-16.8-1.module+el9.6.0+90592+523cb846.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//pgaudit-16.0-1.module+el9.4.0+90394+9e4f3cba.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//pg_repack-1.5.1-1.module+el9.6.0+90592+523cb846.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//pgvector-0.6.2-2.module+el9.6.0+90592+523cb846.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//postgres-decoderbufs-2.4.0-1.Final.module+el9.4.0+90394+9e4f3cba.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//postgresql-16.8-1.module+el9.6.0+90592+523cb846.src.rpm Description of changes: pgaudit pg_repack pgvector [0.6.2-2] - Enable Portable build - Resolves: RHEL-84405 postgres-decoderbufs postgresql From el-errata at oss.oracle.com Tue May 27 17:26:18 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:26:18 -0700 Subject: [El-errata] ELBA-2025-7412 Oracle Linux 9 osbuild-composer bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7412 http://linux.oracle.com/errata/ELBA-2025-7412.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: osbuild-composer-132.1-1.0.1.el9_6.x86_64.rpm osbuild-composer-core-132.1-1.0.1.el9_6.x86_64.rpm osbuild-composer-worker-132.1-1.0.1.el9_6.x86_64.rpm aarch64: osbuild-composer-132.1-1.0.1.el9_6.aarch64.rpm osbuild-composer-core-132.1-1.0.1.el9_6.aarch64.rpm osbuild-composer-worker-132.1-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//osbuild-composer-132.1-1.0.1.el9_6.src.rpm Description of changes: [132.1-1.0.1] - Switch to UEKR8 repositories for OL9.6 [Orabug: 37962207] - Add support to create OpenScap images [JIRA: OLDIS-35301] - Simplify repository names [JIRA: OLDIS-35893] - Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643] - Support using OCI variables inside built images [JIRA: OLDIS-35302] - Support using repository definitons with OCI variables [JIRA: OLDIS-38657] - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123] - Increase default /boot size to 1GB [Orabug: 36827079] - Add support for OCI hybrid images [JIRA: OLDIS-33593] - enable aarch64 OCI image builds [JIRA: OLDIS-33593] - support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619] [132.1-1] - New upstream release From el-errata at oss.oracle.com Tue May 27 17:26:20 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:26:20 -0700 Subject: [El-errata] ELBA-2025-7420 Oracle Linux 9 libvirt bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7420 http://linux.oracle.com/errata/ELBA-2025-7420.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libvirt-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-client-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-client-qemu-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-common-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-config-network-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-config-nwfilter-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-interface-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-network-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-nodedev-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-nwfilter-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-qemu-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-secret-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-core-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-disk-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-iscsi-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-logical-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-mpath-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-rbd-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-driver-storage-scsi-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-kvm-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-lock-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-log-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-plugin-lockd-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-proxy-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-libs-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-nss-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-ssh-proxy-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-daemon-plugin-sanlock-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-devel-10.10.0-7.2.0.1.el9_6.x86_64.rpm libvirt-docs-10.10.0-7.2.0.1.el9_6.x86_64.rpm aarch64: libvirt-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-client-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-client-qemu-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-common-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-config-network-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-config-nwfilter-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-interface-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-network-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-nodedev-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-nwfilter-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-qemu-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-secret-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-core-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-disk-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-iscsi-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-logical-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-mpath-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-rbd-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-driver-storage-scsi-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-kvm-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-lock-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-log-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-plugin-lockd-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-proxy-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-libs-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-nss-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-ssh-proxy-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-daemon-plugin-sanlock-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-devel-10.10.0-7.2.0.1.el9_6.aarch64.rpm libvirt-docs-10.10.0-7.2.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libvirt-10.10.0-7.2.0.1.el9_6.src.rpm Description of changes: [10.10.0-7.2.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] [10.10.0-7.2.el9_6] - util: introduce object for holding a system inhibitor lock (RHEL-83076) - src: convert drivers over to new virInhibitor APIs (RHEL-83076) - rpc: remove logind support for virNetDaemon (RHEL-83076) - util: fix off-by-1 in inhibitor constants (RHEL-83076) - util: don't attempt to acquire logind inhibitor if not requested (RHEL-83076) - network: Free inhibitor in networkStateCleanup() (RHEL-83076) - conf: parse interface/source/@dev for all interface types (with backend type='passt') (RHEL-84689) - qemu: remove nonsensical sanity check in processNetdevStreamDisconnectedEvent() (RHEL-84782) - qemu: make processNetDevStreamDisconnectedEvent() reusable (RHEL-84782) - qemu: respond to NETDEV_VHOST_USER_DISCONNECTED event (RHEL-84782) - qemu: put vhost-user code that's special for passt in a helper function (RHEL-84782) - qemu: make passt+vhostuser reconnect behave identically to passt+user (RHEL-84782) From el-errata at oss.oracle.com Tue May 27 17:26:25 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:26:25 -0700 Subject: [El-errata] ELSA-2025-7418 Important: Oracle Linux 9 php:8.3 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7418 http://linux.oracle.com/errata/ELSA-2025-7418.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: apcu-panel-5.1.23-1.module+el9.6.0+90525+5083e899.noarch.rpm php-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-bcmath-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-cli-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-common-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-dba-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-dbg-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-devel-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-embedded-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-enchant-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-ffi-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-fpm-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-gd-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-gmp-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-intl-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-ldap-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-mbstring-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-mysqlnd-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-odbc-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-opcache-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-pdo-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-pecl-apcu-5.1.23-1.module+el9.6.0+90525+5083e899.x86_64.rpm php-pecl-apcu-devel-5.1.23-1.module+el9.6.0+90525+5083e899.x86_64.rpm php-pecl-redis6-6.1.0-2.module+el9.6.0+90525+5083e899.x86_64.rpm php-pecl-rrd-2.0.3-4.module+el9.6.0+90525+5083e899.x86_64.rpm php-pecl-xdebug3-3.3.1-1.module+el9.6.0+90525+5083e899.x86_64.rpm php-pecl-zip-1.22.3-1.module+el9.6.0+90525+5083e899.x86_64.rpm php-pgsql-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-process-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-snmp-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-soap-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm php-xml-8.3.19-1.module+el9.6.0+90584+da8065b7.x86_64.rpm aarch64: apcu-panel-5.1.23-1.module+el9.6.0+90525+5083e899.noarch.rpm php-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-bcmath-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-cli-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-common-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-dba-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-dbg-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-devel-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-embedded-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-enchant-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-ffi-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-fpm-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-gd-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-gmp-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-intl-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-ldap-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-mbstring-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-mysqlnd-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-odbc-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-opcache-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-pdo-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-pecl-apcu-5.1.23-1.module+el9.6.0+90525+5083e899.aarch64.rpm php-pecl-apcu-devel-5.1.23-1.module+el9.6.0+90525+5083e899.aarch64.rpm php-pecl-redis6-6.1.0-2.module+el9.6.0+90525+5083e899.aarch64.rpm php-pecl-rrd-2.0.3-4.module+el9.6.0+90525+5083e899.aarch64.rpm php-pecl-xdebug3-3.3.1-1.module+el9.6.0+90525+5083e899.aarch64.rpm php-pecl-zip-1.22.3-1.module+el9.6.0+90525+5083e899.aarch64.rpm php-pgsql-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-process-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-snmp-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-soap-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm php-xml-8.3.19-1.module+el9.6.0+90584+da8065b7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//php-8.3.19-1.module+el9.6.0+90584+da8065b7.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-apcu-5.1.23-1.module+el9.6.0+90525+5083e899.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-redis6-6.1.0-2.module+el9.6.0+90525+5083e899.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-rrd-2.0.3-4.module+el9.6.0+90525+5083e899.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-xdebug3-3.3.1-1.module+el9.6.0+90525+5083e899.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-zip-1.22.3-1.module+el9.6.0+90525+5083e899.src.rpm Related CVEs: CVE-2024-11235 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 Description of changes: php [8.3.19-1] - rebase to 8.3.19 [8.3.15-1] - rebase to 8.3.15 [8.3.12-1] - rebase to 8.3.12 RHEL-62189 - enable command history in phpdbg - backport Argon2 password hashing in OpenSSL ext - build sockets extension statically - switch to nikic/php-parser version 5 - openssl: always warn about missing curve_name [8.2.13-1] - rebase to 8.2.13 RHEL-14699 - add %__phpize and %__phpconfig macros - move httpd/nginx wants directives to config files in /etc - php-fpm.conf: move include directive after [global] section following upstream example, allowing overriding - use SPDX license IDs php-pecl-apcu php-pecl-redis6 [6.1.0-2] - ignore 1 ONLINE test [6.1.0-1] - RHEL build [6.1.0-1] - update to 6.1.0 - drop patch merged upstream [6.1.0~RC2-1] - update to 6.1.0RC2 - fix test suite with redis 6.2 using patch from https://github.com/phpredis/phpredis/pull/2555 [6.0.2-3] - cleanup and modernize spec file [6.0.2-2] - use valkey on Fedora 41 - add upstream patch for PHP 8.4 [6.0.2-1] - update to 6.0.2 [6.0.1-1] - update to 6.0.1 [6.0.0-1] - cleanup SCL stuff for Fedora review [6.0.0-1] php-pecl-rrd php-pecl-xdebug3 [3.3.1-1] - update to 3.3.1 for PHP 8.3 php-pecl-zip From el-errata at oss.oracle.com Tue May 27 17:26:27 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:26:27 -0700 Subject: [El-errata] ELSA-2025-7423 Important: Oracle Linux 9 kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7423 http://linux.oracle.com/errata/ELSA-2025-7423.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-abi-stablelists-5.14.0-570.16.1.0.1.el9_6.noarch.rpm kernel-core-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-debug-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-debug-core-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-matched-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-core-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-extra-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-debug-uki-virt-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-devel-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-devel-matched-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-doc-5.14.0-570.16.1.0.1.el9_6.noarch.rpm kernel-headers-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-modules-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-modules-core-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-modules-extra-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-tools-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-addons-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm perf-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm python3-perf-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm rtla-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm rv-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-cross-headers-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-devel-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm libperf-5.14.0-570.16.1.0.1.el9_6.x86_64.rpm aarch64: kernel-headers-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm kernel-tools-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm perf-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm python3-perf-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm rtla-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm rv-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm kernel-cross-headers-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-devel-5.14.0-570.16.1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-570.16.1.0.1.el9_6.src.rpm Related CVEs: CVE-2024-58005 CVE-2024-58007 CVE-2024-58069 CVE-2025-21633 CVE-2025-21927 CVE-2025-21993 Description of changes: [5.14.0-570.16.1.0.1.el9_6.OL9] - nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5] - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535] - Add Oracle Linux IMA certificates [5.14.0-570.16.1.el9_6] - soc: qcom: socinfo: Avoid out of bounds read of serial number (Jared Kangas) [RHEL-88252] {CVE-2024-58007} - soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (Jared Kangas) [RHEL-88252] - soc: qcom: Add check devm_kasprintf() returned value (Jared Kangas) [RHEL-88252] [5.14.0-570.15.1.el9_6] - ice: ensure periodic output start time is in the future (Petr Oros) [RHEL-86021] - ice: fix PHY Clock Recovery availability check (Petr Oros) [RHEL-86021] - ice: Drop auxbus use for PTP to finalize ice_adapter move (Petr Oros) [RHEL-86021] - ice: Use ice_adapter for PTP shared data instead of auxdev (Petr Oros) [RHEL-86021] - ice: Initial support for E825C hardware in ice_adapter (Petr Oros) [RHEL-86021] - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (Petr Oros) [RHEL-86021] - ice: Introduce ice_get_phy_model() wrapper (Petr Oros) [RHEL-86021] - ice: Enable 1PPS out from CGU for E825C products (Petr Oros) [RHEL-86021] - ice: Read SDP section from NVM for pin definitions (Petr Oros) [RHEL-86021] - ice: Disable shared pin on E810 on setfunc (Petr Oros) [RHEL-86021] - ice: Cache perout/extts requests and check flags (Petr Oros) [RHEL-86021] - ice: Align E810T GPIO to other products (Petr Oros) [RHEL-86021] - ice: Add SDPs support for E825C (Petr Oros) [RHEL-86021] - ice: Implement ice_ptp_pin_desc (Petr Oros) [RHEL-86021] [5.14.0-570.14.1.el9_6] - smb: client: fix regression with guest option (Paulo Alcantara) [RHEL-83859] - io_uring/sqpoll: zero sqd->thread on tctx errors (CKI Backport Bot) [RHEL-87264] {CVE-2025-21633} - nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (Chris Leech) [RHEL-86915] {CVE-2025-21927} - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CKI Backport Bot) [RHEL-86840] {CVE-2025-21993} - certs: Add ECDSA signature verification self-test (Herbert Xu) [RHEL-82247] - certs: Move RSA self-test data to separate file (Herbert Xu) [RHEL-82247] - certs: Break circular dependency when selftest is modular (Herbert Xu) [RHEL-82247] - KEYS: Include linux/errno.h in linux/verification.h (Herbert Xu) [RHEL-82247] - crypto: certs: fix FIPS selftest dependency (Herbert Xu) [RHEL-82247] - New configs in certs/Kconfig (Fedora Kernel Team) [RHEL-82247] - certs: Add support for using elliptic curve keys for signing modules (Herbert Xu) [RHEL-82247] - certs: Trigger creation of RSA module signing key if it's not an RSA key (Herbert Xu) [RHEL-82247] - tpm: Change to kvalloc() in eventlog/acpi.c (?t?p?n Hor??ek) [RHEL-82147] {CVE-2024-58005} [5.14.0-570.13.1.el9_6] - scsi: storvsc: Set correct data length for sending SCSI command without payload (Cathy Avery) [RHEL-83049] - hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (Maxim Levitsky) [RHEL-85942] - net: netvsc: Update default VMBus channels (Maxim Levitsky) [RHEL-85942] - net: mana: cleanup mana struct after debugfs_remove() (Maxim Levitsky) [RHEL-85942] - net: mana: Cleanup "mana" debugfs dir after cleanup of all children (Maxim Levitsky) [RHEL-85942] - net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (Maxim Levitsky) [RHEL-85942] - net: mana: Fix memory leak in mana_gd_setup_irqs (Maxim Levitsky) [RHEL-85942] - net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (Maxim Levitsky) [RHEL-85942] - net: mana: use ethtool string helpers (Maxim Levitsky) [RHEL-85942] - net: mana: Enable debugfs files for MANA device (Maxim Levitsky) [RHEL-85942] - net: mana: Add get_link and get_link_ksettings in ethtool (Maxim Levitsky) [RHEL-85942] - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (Maxim Levitsky) [RHEL-85942] - net: mana: Improve mana_set_channels() in low mem conditions (Maxim Levitsky) [RHEL-85942] - net: mana: Implement get_ringparam/set_ringparam for mana (Maxim Levitsky) [RHEL-85942] - net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (Maxim Levitsky) [RHEL-85942] - ice: Fix signedness bug in ice_init_interrupt_scheme() (Petr Oros) [RHEL-80557] - ice: init flow director before RDMA (Petr Oros) [RHEL-80557] - ice: simplify VF MSI-X managing (Petr Oros) [RHEL-80557] - ice: enable_rdma devlink param (Petr Oros) [RHEL-80557] - ice: treat dyn_allowed only as suggestion (Petr Oros) [RHEL-80557] - ice, irdma: move interrupts code to irdma (Petr Oros) [RHEL-80557] - ice: get rid of num_lan_msix field (Petr Oros) [RHEL-80557] - ice: remove splitting MSI-X between features (Petr Oros) [RHEL-80557] - ice: devlink PF MSI-X max and min parameter (Petr Oros) [RHEL-80557] - ice: ice_probe: init ice_adapter after HW init (Petr Oros) [RHEL-80557] - ice: minor: rename goto labels from err to unroll (Petr Oros) [RHEL-80557] - ice: split ice_init_hw() out from ice_init_dev() (Petr Oros) [RHEL-80557] - ice: c827: move wait for FW to ice_init_hw() (Petr Oros) [RHEL-80557] - smb: client: don't retry IO on failed negprotos with soft mounts (Jay Shin) [RHEL-85524] - cgroup: Remove steal time from usage_usec (Waiman Long) [RHEL-85398] - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (CKI Backport Bot) [RHEL-85395] {CVE-2024-58069} From el-errata at oss.oracle.com Tue May 27 17:26:29 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:26:29 -0700 Subject: [El-errata] ELSA-2025-7429 Important: Oracle Linux 9 redis:7 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7429 http://linux.oracle.com/errata/ELSA-2025-7429.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: redis-7.2.8-1.module+el9.6.0+90585+92fe29a9.x86_64.rpm redis-devel-7.2.8-1.module+el9.6.0+90585+92fe29a9.x86_64.rpm redis-doc-7.2.8-1.module+el9.6.0+90585+92fe29a9.noarch.rpm aarch64: redis-7.2.8-1.module+el9.6.0+90585+92fe29a9.aarch64.rpm redis-devel-7.2.8-1.module+el9.6.0+90585+92fe29a9.aarch64.rpm redis-doc-7.2.8-1.module+el9.6.0+90585+92fe29a9.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//redis-7.2.8-1.module+el9.6.0+90585+92fe29a9.src.rpm Related CVEs: CVE-2025-21605 Description of changes: [7.2.8-1] - rebase to 7.2.8 for CVE-2025-21605 [7.2.7-1] - rebase to 7.2.7 for CVE-2024-46981 and CVE-2024-51741 [7.2.6-1] - rebase to 7.2.6 RHEL-26628 [7.0.12-1] - rebase to 7.0.12 #2221899 [7.0.11-1] - rebase to 7.0.11 for new redis:7 stream #2129826 From el-errata at oss.oracle.com Tue May 27 17:34:07 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:34:07 -0700 Subject: [El-errata] ELBA-2025-7442 Oracle Linux 9 selinux-policy bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-7442 http://linux.oracle.com/errata/ELBA-2025-7442.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: selinux-policy-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-devel-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-doc-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-mls-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-sandbox-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-targeted-38.1.53-5.0.1.el9_6.noarch.rpm aarch64: selinux-policy-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-devel-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-doc-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-mls-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-sandbox-38.1.53-5.0.1.el9_6.noarch.rpm selinux-policy-targeted-38.1.53-5.0.1.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//selinux-policy-38.1.53-5.0.1.el9_6.src.rpm Description of changes: [38.1.53-5.0.1] - Fixed avc for agetty checkpoint restore denied [Orabug: 36893425] - Change reference in /etc/selinux/config to point to Oracle doc [Orabug: 36899915] - Allow user_mail_domain to manage exim_log_t and exim_spool_t link files [Orabug: 36617121] - Allow exim read network sysctls [Orabug: 36606051] - Allow exim_t to read exim_log_t and manage exim_spool_t link files [Orabug: 36430005] - Allow cgred_t to get attributes of cgroup filesystems [Orabug: 36176655] - Allow kdumpctl_t to execmem [Orabug: 35381156] - Allow NetworkManager_dispatcher_dhclient_t to execute shells without a domain transition [Orabug: 35091334] - Allow NetworkManager_dispatcher_dhclient_t to read the DHCP configuration files [Orabug: 35122619] - Label /var/log/kdump.log with kdump_log_t [Orabug: 33810371] - Allow rpm_t sys_admin capability [Orabug: 34250651] - Make systemd_tmpfiles_t MLS trusted for lowering the level of files [Orabug: 33841245] - Allow nfsd_t to list exports_t dirs [Orabug: 33844301] - Allow fsadm_t to get attributes of cgroup filesystems [Orabug: 33841268] - Allow tuned_t to read the process state of all domains [Orabug: 33520684] - Make import-state work with mls policy [Orabug: 32636699] - Add map permission to lvm_t on lvm_metadata_t. [Orabug: 31405325] - Add comment for map on lvm_metadata_t. [Orabug: 31405325] - Make iscsiadm work with mls policy [Orabug: 32725411] - Make cloud-init work with mls policy [Orabug: 32430460] - Allow systemd-pstore to transfer files from /sys/fs/pstore [Orabug: 31594666] - Make smartd work with mls policy [Orabug: 32430379] - Allow sysadm_t to mmap modules_object_t files [Orabug: 32411855] - Allow tuned_t to execute systemd_systemctl_exec_t files [Orabug: 32355342] - Make udev work with mls policy [Orabug: 31405299] - Make tuned work with mls policy [Orabug: 31396024] - Make lsmd, rngd, and kdumpctl work with mls policy [Orabug: 31405378] - Allow virt_domain to mmap virt_content_t files [Orabug: 30932671] - Enable NetworkManager and dhclient to use initramfs-configured DHCP connection [Orabug: 30537515] - Allow udev_t to load modules [Orabug: 28260775] - Add vhost-scsi to be vhost_device_t type [Orabug: 27774921] - Fix container selinux policy [Orabug: 26427364] - Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type. [Orabug: 13333429] [38.1.53-5] - automotive: Deny unknown classes/permissions (RHEL-87350) [38.1.53-4] - Allow afterburn to mount and read config drives Resolves: RHEL-82276 From el-errata at oss.oracle.com Tue May 27 17:34:10 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:34:10 -0700 Subject: [El-errata] ELEA-2025-7445 Oracle Linux 9 tzdata bug fix and enhancement update Message-ID: Oracle Linux Enhancement Advisory ELEA-2025-7445 http://linux.oracle.com/errata/ELEA-2025-7445.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: tzdata-2025b-1.el9.noarch.rpm tzdata-java-2025b-1.el9.noarch.rpm aarch64: tzdata-2025b-1.el9.noarch.rpm tzdata-java-2025b-1.el9.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//tzdata-2025b-1.el9.src.rpm Description of changes: [2025b-1] - Update to tzdata-2025b (RHEL-84741) - Chile's Ays?n Region moves from -04/-03 to -03 year-round, diverging from America/Santiago and creating a new zone America/Coyhaique. From el-errata at oss.oracle.com Tue May 27 17:34:12 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:34:12 -0700 Subject: [El-errata] ELSA-2025-7431 Moderate: Oracle Linux 9 php security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7431 http://linux.oracle.com/errata/ELSA-2025-7431.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: php-8.0.30-3.el9_6.x86_64.rpm php-bcmath-8.0.30-3.el9_6.x86_64.rpm php-cli-8.0.30-3.el9_6.x86_64.rpm php-common-8.0.30-3.el9_6.x86_64.rpm php-dba-8.0.30-3.el9_6.x86_64.rpm php-dbg-8.0.30-3.el9_6.x86_64.rpm php-devel-8.0.30-3.el9_6.x86_64.rpm php-embedded-8.0.30-3.el9_6.x86_64.rpm php-enchant-8.0.30-3.el9_6.x86_64.rpm php-ffi-8.0.30-3.el9_6.x86_64.rpm php-fpm-8.0.30-3.el9_6.x86_64.rpm php-gd-8.0.30-3.el9_6.x86_64.rpm php-gmp-8.0.30-3.el9_6.x86_64.rpm php-intl-8.0.30-3.el9_6.x86_64.rpm php-ldap-8.0.30-3.el9_6.x86_64.rpm php-mbstring-8.0.30-3.el9_6.x86_64.rpm php-mysqlnd-8.0.30-3.el9_6.x86_64.rpm php-odbc-8.0.30-3.el9_6.x86_64.rpm php-opcache-8.0.30-3.el9_6.x86_64.rpm php-pdo-8.0.30-3.el9_6.x86_64.rpm php-pgsql-8.0.30-3.el9_6.x86_64.rpm php-process-8.0.30-3.el9_6.x86_64.rpm php-snmp-8.0.30-3.el9_6.x86_64.rpm php-soap-8.0.30-3.el9_6.x86_64.rpm php-xml-8.0.30-3.el9_6.x86_64.rpm aarch64: php-8.0.30-3.el9_6.aarch64.rpm php-bcmath-8.0.30-3.el9_6.aarch64.rpm php-cli-8.0.30-3.el9_6.aarch64.rpm php-common-8.0.30-3.el9_6.aarch64.rpm php-dba-8.0.30-3.el9_6.aarch64.rpm php-dbg-8.0.30-3.el9_6.aarch64.rpm php-devel-8.0.30-3.el9_6.aarch64.rpm php-embedded-8.0.30-3.el9_6.aarch64.rpm php-enchant-8.0.30-3.el9_6.aarch64.rpm php-ffi-8.0.30-3.el9_6.aarch64.rpm php-fpm-8.0.30-3.el9_6.aarch64.rpm php-gd-8.0.30-3.el9_6.aarch64.rpm php-gmp-8.0.30-3.el9_6.aarch64.rpm php-intl-8.0.30-3.el9_6.aarch64.rpm php-ldap-8.0.30-3.el9_6.aarch64.rpm php-mbstring-8.0.30-3.el9_6.aarch64.rpm php-mysqlnd-8.0.30-3.el9_6.aarch64.rpm php-odbc-8.0.30-3.el9_6.aarch64.rpm php-opcache-8.0.30-3.el9_6.aarch64.rpm php-pdo-8.0.30-3.el9_6.aarch64.rpm php-pgsql-8.0.30-3.el9_6.aarch64.rpm php-process-8.0.30-3.el9_6.aarch64.rpm php-snmp-8.0.30-3.el9_6.aarch64.rpm php-soap-8.0.30-3.el9_6.aarch64.rpm php-xml-8.0.30-3.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//php-8.0.30-3.el9_6.src.rpm Related CVEs: CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 Description of changes: [8.0.30-3] - Fix libxml streams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP wrapper does not fail for headers without colon CVE-2025-1734 - Fix Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 From el-errata at oss.oracle.com Tue May 27 17:34:17 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:34:17 -0700 Subject: [El-errata] ELSA-2025-7432 Moderate: Oracle Linux 9 php:8.2 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7432 http://linux.oracle.com/errata/ELSA-2025-7432.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: apcu-panel-5.1.23-1.module+el9.4.0+90261+af5cc950.noarch.rpm php-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-bcmath-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-cli-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-common-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-dba-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-dbg-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-devel-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-embedded-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-enchant-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-ffi-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-fpm-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-gd-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-gmp-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-intl-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-ldap-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-mbstring-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-mysqlnd-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-odbc-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-opcache-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-pdo-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-pecl-apcu-5.1.23-1.module+el9.4.0+90261+af5cc950.x86_64.rpm php-pecl-apcu-devel-5.1.23-1.module+el9.4.0+90261+af5cc950.x86_64.rpm php-pecl-rrd-2.0.3-4.module+el9.4.0+90261+af5cc950.x86_64.rpm php-pecl-xdebug3-3.2.2-2.module+el9.4.0+90261+af5cc950.x86_64.rpm php-pecl-zip-1.22.3-1.module+el9.4.0+90261+af5cc950.x86_64.rpm php-pgsql-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-process-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-snmp-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-soap-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm php-xml-8.2.28-1.module+el9.6.0+90591+1cdbd55b.x86_64.rpm aarch64: apcu-panel-5.1.23-1.module+el9.4.0+90261+af5cc950.noarch.rpm php-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-bcmath-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-cli-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-common-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-dba-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-dbg-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-devel-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-embedded-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-enchant-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-ffi-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-fpm-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-gd-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-gmp-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-intl-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-ldap-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-mbstring-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-mysqlnd-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-odbc-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-opcache-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-pdo-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-pecl-apcu-5.1.23-1.module+el9.4.0+90261+af5cc950.aarch64.rpm php-pecl-apcu-devel-5.1.23-1.module+el9.4.0+90261+af5cc950.aarch64.rpm php-pecl-rrd-2.0.3-4.module+el9.4.0+90261+af5cc950.aarch64.rpm php-pecl-xdebug3-3.2.2-2.module+el9.4.0+90261+af5cc950.aarch64.rpm php-pecl-zip-1.22.3-1.module+el9.4.0+90261+af5cc950.aarch64.rpm php-pgsql-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-process-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-snmp-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-soap-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm php-xml-8.2.28-1.module+el9.6.0+90591+1cdbd55b.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//php-8.2.28-1.module+el9.6.0+90591+1cdbd55b.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-apcu-5.1.23-1.module+el9.4.0+90261+af5cc950.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-rrd-2.0.3-4.module+el9.4.0+90261+af5cc950.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-xdebug3-3.2.2-2.module+el9.4.0+90261+af5cc950.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-zip-1.22.3-1.module+el9.4.0+90261+af5cc950.src.rpm Related CVEs: CVE-2024-8929 CVE-2024-11233 CVE-2024-11234 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 Description of changes: php [8.2.28-1] - rebase to 8.2.28 [8.2.25-1] - rebase to 8.2.25 RHEL-65837 [8.2.13-1] - rebase to 8.2.13 RHEL-14699 - add %__phpize and %__phpconfig macros - move httpd/nginx wants directives to config files in /etc - php-fpm.conf: move include directive after [global] section following upstream example, allowing overriding - use SPDX license IDs php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 [3.2.2-2] - drop inet_ntoa usage using upstream patch [3.2.2-1] - update to 3.2.2 for PHP 8.2 RHEL-14699 [3.1.4-1] - update to 3.1.4 for PHP 8.1 #2070040 [3.1.2-1] - update to 3.1.2 rhbz#2030322 php-pecl-zip From el-errata at oss.oracle.com Tue May 27 17:34:20 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:34:20 -0700 Subject: [El-errata] ELSA-2025-7433 Important: Oracle Linux 9 nodejs:22 security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7433 http://linux.oracle.com/errata/ELSA-2025-7433.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-22.15.0-1.module+el9.6.0+90588+1a9ecb62.x86_64.rpm nodejs-devel-22.15.0-1.module+el9.6.0+90588+1a9ecb62.x86_64.rpm nodejs-docs-22.15.0-1.module+el9.6.0+90588+1a9ecb62.noarch.rpm nodejs-full-i18n-22.15.0-1.module+el9.6.0+90588+1a9ecb62.x86_64.rpm nodejs-libs-22.15.0-1.module+el9.6.0+90588+1a9ecb62.x86_64.rpm nodejs-nodemon-3.0.1-1.module+el9.6.0+90588+1a9ecb62.noarch.rpm nodejs-packaging-2021.06-4.module+el9.6.0+90588+1a9ecb62.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.6.0+90588+1a9ecb62.noarch.rpm npm-10.9.2-1.22.15.0.1.module+el9.6.0+90588+1a9ecb62.x86_64.rpm v8-12.4-devel-12.4.254.21-1.22.15.0.1.module+el9.6.0+90588+1a9ecb62.x86_64.rpm aarch64: nodejs-22.15.0-1.module+el9.6.0+90588+1a9ecb62.aarch64.rpm nodejs-devel-22.15.0-1.module+el9.6.0+90588+1a9ecb62.aarch64.rpm nodejs-docs-22.15.0-1.module+el9.6.0+90588+1a9ecb62.noarch.rpm nodejs-full-i18n-22.15.0-1.module+el9.6.0+90588+1a9ecb62.aarch64.rpm nodejs-libs-22.15.0-1.module+el9.6.0+90588+1a9ecb62.aarch64.rpm nodejs-nodemon-3.0.1-1.module+el9.6.0+90588+1a9ecb62.noarch.rpm nodejs-packaging-2021.06-4.module+el9.6.0+90588+1a9ecb62.noarch.rpm nodejs-packaging-bundler-2021.06-4.module+el9.6.0+90588+1a9ecb62.noarch.rpm npm-10.9.2-1.22.15.0.1.module+el9.6.0+90588+1a9ecb62.aarch64.rpm v8-12.4-devel-12.4.254.21-1.22.15.0.1.module+el9.6.0+90588+1a9ecb62.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nodejs-22.15.0-1.module+el9.6.0+90588+1a9ecb62.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el9.6.0+90588+1a9ecb62.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//nodejs-packaging-2021.06-4.module+el9.6.0+90588+1a9ecb62.src.rpm Related CVEs: CVE-2025-3277 CVE-2025-31498 Description of changes: nodejs [1:22.15.0-1] - Update to 22.15.0 - Drop upstream patches Resolves: RHEL-87319 RHEL-86586 [1:22.13.1-4] - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87319 [1:22.13.1-3] - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86586 [1:22.13.1-2] - Remove obsolete lua pretransaction script from spec file Resolves: RHEL-81119 - Disable npm update notifications for users Resolves: RHEL-81158 [1:22.13.1-1] - Update to version 22.13.1 Fixes CVE-2025-23083 CVE-2025-23085 CVE-2025-22150 Resolves: RHEL-76354 [1:22.11.0-1] - Update to version 22.11.0 [22.4.1-4] - Initial import of nodeJS 22 nodejs-nodemon nodejs-packaging From el-errata at oss.oracle.com Tue May 27 17:34:23 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:34:23 -0700 Subject: [El-errata] ELSA-2025-7438 Important: Oracle Linux 9 redis security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7438 http://linux.oracle.com/errata/ELSA-2025-7438.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: redis-6.2.18-1.el9_6.x86_64.rpm redis-devel-6.2.18-1.el9_6.i686.rpm redis-devel-6.2.18-1.el9_6.x86_64.rpm redis-doc-6.2.18-1.el9_6.noarch.rpm aarch64: redis-6.2.18-1.el9_6.aarch64.rpm redis-devel-6.2.18-1.el9_6.aarch64.rpm redis-doc-6.2.18-1.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//redis-6.2.18-1.el9_6.src.rpm Related CVEs: CVE-2025-21605 Description of changes: [6.2.18-1] - rebase to 6.2.18 for CVE-2025-21605 From el-errata at oss.oracle.com Tue May 27 17:34:25 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 27 May 2025 10:34:25 -0700 Subject: [El-errata] ELSA-2025-7903 Important: Oracle Linux 9 kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-7903 http://linux.oracle.com/errata/ELSA-2025-7903.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-abi-stablelists-5.14.0-570.17.1.0.1.el9_6.noarch.rpm kernel-core-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-core-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-matched-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-core-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-extra-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-debug-uki-virt-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-devel-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-devel-matched-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-doc-5.14.0-570.17.1.0.1.el9_6.noarch.rpm kernel-headers-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-modules-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-modules-core-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-modules-extra-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-tools-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-addons-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm perf-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm python3-perf-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm rtla-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm rv-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-cross-headers-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-devel-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm libperf-5.14.0-570.17.1.0.1.el9_6.x86_64.rpm aarch64: kernel-headers-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm kernel-tools-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm perf-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm python3-perf-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm rtla-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm rv-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm kernel-cross-headers-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-devel-5.14.0-570.17.1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-570.17.1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-21756 CVE-2025-21966 CVE-2025-37749 Description of changes: [5.14.0-570.17.1.0.1.el9_6.OL9] - nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5] - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535] - Add Oracle Linux IMA certificates [5.14.0-570.17.1.el9_6] - vsock: Orphan socket after transport release (Jay Shin) [RHEL-89113] {CVE-2025-21756} - vsock: Keep the binding until socket destruction (Jay Shin) [RHEL-89113] {CVE-2025-21756} - bpf, vsock: Invoke proto::close on close() (Jay Shin) [RHEL-89113] {CVE-2025-21756} - net: ppp: Add bound checking for skb data on ppp_sync_txmung (Guillaume Nault) [RHEL-89646] {CVE-2025-37749} - cgroup/cpuset: Add warnings to catch inconsistency in exclusive CPUs (Waiman Long) [RHEL-88640] - selftest/cgroup: Add a remote partition transition test to test_cpuset_prs.sh (Waiman Long) [RHEL-88640] - selftest/cgroup: Clean up and restructure test_cpuset_prs.sh (Waiman Long) [RHEL-88640] - selftest/cgroup: Update test_cpuset_prs.sh to use | as effective CPUs and state separator (Waiman Long) [RHEL-88640] - cgroup/cpuset: Code cleanup and comment update (Waiman Long) [RHEL-88640] - cgroup/cpuset: Remove remote_partition_check() & make update_cpumasks_hier() handle remote partition (Waiman Long) [RHEL-88640] - cgroup/cpuset: Fix error handling in remote_partition_disable() (Waiman Long) [RHEL-88640] - cgroup/cpuset: Fix incorrect isolated_cpus update in update_parent_effective_cpumask() (Waiman Long) [RHEL-88640] - cgroup/cpuset: Fix race between newly created partition and dying one (Waiman Long) [RHEL-88640] - cgroup/cpuset: Prevent leakage of isolated CPUs into sched domains (Waiman Long) [RHEL-88640] - cgroup/cpuset: Enforce at most one rebuild_sched_domains_locked() call per operation (Waiman Long) [RHEL-88640] - cgroup/cpuset: Revert "Allow suppression of sched domain rebuild in update_cpumasks_hier()" (Waiman Long) [RHEL-88640] - cgroup/cpuset: Fix spelling errors in file kernel/cgroup/cpuset.c (Waiman Long) [RHEL-88640] - selftest/cgroup: Make test_cpuset_prs.sh deal with pre-isolated CPUs (Waiman Long) [RHEL-88640] - cgroup/cpuset: Account for boot time isolated CPUs (Waiman Long) [RHEL-88640] - cgroup/cpuset: remove use_parent_ecpus of cpuset (Waiman Long) [RHEL-88640] - cgroup/cpuset: remove fetch_xcpus (Waiman Long) [RHEL-88640] - selftest/cgroup: Add new test cases to test_cpuset_prs.sh (Waiman Long) [RHEL-88640] - cgroup/cpuset: remove child_ecpus_count (Waiman Long) [RHEL-88640] - cpuset: use Union-Find to optimize the merging of cpumasks (Waiman Long) [RHEL-88640] - Union-Find: add a new module in kernel library (Waiman Long) [RHEL-88640] - dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (CKI Backport Bot) [RHEL-86899] {CVE-2025-21966} - ixgbe: fix media type detection for E610 device (Corinna Vinschen) [RHEL-85809] - ixgbevf: Add support for Intel(R) E610 device (Corinna Vinschen) [RHEL-85809] - PCI: Add PCI_VDEVICE_SUB helper macro (Corinna Vinschen) [RHEL-85809] - ixgbe: fix media cage present detection for E610 device (Corinna Vinschen) [RHEL-85809] - ixgbe: Enable link management in E610 device (Corinna Vinschen) [RHEL-85809] - ixgbe: Clean up the E610 link management related code (Corinna Vinschen) [RHEL-85809] - ixgbe: Add ixgbe_x540 multiple header inclusion protection (Corinna Vinschen) [RHEL-85809] - ixgbe: Add support for EEPROM dump in E610 device (Corinna Vinschen) [RHEL-85809] - ixgbe: Add support for NVM handling in E610 device (Corinna Vinschen) [RHEL-85809] - ixgbe: Add link management support for E610 device (Corinna Vinschen) [RHEL-85809] - ixgbe: Add support for E610 device capabilities detection (Corinna Vinschen) [RHEL-85809] - ixgbe: Add support for E610 FW Admin Command Interface (Corinna Vinschen) [RHEL-85809] [5.14.0-570.16.1.el9_6] - soc: qcom: socinfo: Avoid out of bounds read of serial number (Jared Kangas) [RHEL-88252] {CVE-2024-58007} - soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (Jared Kangas) [RHEL-88252] - soc: qcom: Add check devm_kasprintf() returned value (Jared Kangas) [RHEL-88252] [5.14.0-570.15.1.el9_6] - ice: ensure periodic output start time is in the future (Petr Oros) [RHEL-86021] - ice: fix PHY Clock Recovery availability check (Petr Oros) [RHEL-86021] - ice: Drop auxbus use for PTP to finalize ice_adapter move (Petr Oros) [RHEL-86021] - ice: Use ice_adapter for PTP shared data instead of auxdev (Petr Oros) [RHEL-86021] - ice: Initial support for E825C hardware in ice_adapter (Petr Oros) [RHEL-86021] - ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (Petr Oros) [RHEL-86021] - ice: Introduce ice_get_phy_model() wrapper (Petr Oros) [RHEL-86021] - ice: Enable 1PPS out from CGU for E825C products (Petr Oros) [RHEL-86021] - ice: Read SDP section from NVM for pin definitions (Petr Oros) [RHEL-86021] - ice: Disable shared pin on E810 on setfunc (Petr Oros) [RHEL-86021] - ice: Cache perout/extts requests and check flags (Petr Oros) [RHEL-86021] - ice: Align E810T GPIO to other products (Petr Oros) [RHEL-86021] - ice: Add SDPs support for E825C (Petr Oros) [RHEL-86021] - ice: Implement ice_ptp_pin_desc (Petr Oros) [RHEL-86021] [5.14.0-570.14.1.el9_6] - smb: client: fix regression with guest option (Paulo Alcantara) [RHEL-83859] - io_uring/sqpoll: zero sqd->thread on tctx errors (CKI Backport Bot) [RHEL-87264] {CVE-2025-21633} - nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (Chris Leech) [RHEL-86915] {CVE-2025-21927} - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CKI Backport Bot) [RHEL-86840] {CVE-2025-21993} - certs: Add ECDSA signature verification self-test (Herbert Xu) [RHEL-82247] - certs: Move RSA self-test data to separate file (Herbert Xu) [RHEL-82247] - certs: Break circular dependency when selftest is modular (Herbert Xu) [RHEL-82247] - KEYS: Include linux/errno.h in linux/verification.h (Herbert Xu) [RHEL-82247] - crypto: certs: fix FIPS selftest dependency (Herbert Xu) [RHEL-82247] - New configs in certs/Kconfig (Fedora Kernel Team) [RHEL-82247] - certs: Add support for using elliptic curve keys for signing modules (Herbert Xu) [RHEL-82247] - certs: Trigger creation of RSA module signing key if it's not an RSA key (Herbert Xu) [RHEL-82247] - tpm: Change to kvalloc() in eventlog/acpi.c (?t?p?n Hor??ek) [RHEL-82147] {CVE-2024-58005} [5.14.0-570.13.1.el9_6] - scsi: storvsc: Set correct data length for sending SCSI command without payload (Cathy Avery) [RHEL-83049] - hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (Maxim Levitsky) [RHEL-85942] - net: netvsc: Update default VMBus channels (Maxim Levitsky) [RHEL-85942] - net: mana: cleanup mana struct after debugfs_remove() (Maxim Levitsky) [RHEL-85942] - net: mana: Cleanup "mana" debugfs dir after cleanup of all children (Maxim Levitsky) [RHEL-85942] - net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (Maxim Levitsky) [RHEL-85942] - net: mana: Fix memory leak in mana_gd_setup_irqs (Maxim Levitsky) [RHEL-85942] - net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (Maxim Levitsky) [RHEL-85942] - net: mana: use ethtool string helpers (Maxim Levitsky) [RHEL-85942] - net: mana: Enable debugfs files for MANA device (Maxim Levitsky) [RHEL-85942] - net: mana: Add get_link and get_link_ksettings in ethtool (Maxim Levitsky) [RHEL-85942] - net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (Maxim Levitsky) [RHEL-85942] - net: mana: Improve mana_set_channels() in low mem conditions (Maxim Levitsky) [RHEL-85942] - net: mana: Implement get_ringparam/set_ringparam for mana (Maxim Levitsky) [RHEL-85942] - net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (Maxim Levitsky) [RHEL-85942] - ice: Fix signedness bug in ice_init_interrupt_scheme() (Petr Oros) [RHEL-80557] - ice: init flow director before RDMA (Petr Oros) [RHEL-80557] - ice: simplify VF MSI-X managing (Petr Oros) [RHEL-80557] - ice: enable_rdma devlink param (Petr Oros) [RHEL-80557] - ice: treat dyn_allowed only as suggestion (Petr Oros) [RHEL-80557] - ice, irdma: move interrupts code to irdma (Petr Oros) [RHEL-80557] - ice: get rid of num_lan_msix field (Petr Oros) [RHEL-80557] - ice: remove splitting MSI-X between features (Petr Oros) [RHEL-80557] - ice: devlink PF MSI-X max and min parameter (Petr Oros) [RHEL-80557] - ice: ice_probe: init ice_adapter after HW init (Petr Oros) [RHEL-80557] - ice: minor: rename goto labels from err to unroll (Petr Oros) [RHEL-80557] - ice: split ice_init_hw() out from ice_init_dev() (Petr Oros) [RHEL-80557] - ice: c827: move wait for FW to ice_init_hw() (Petr Oros) [RHEL-80557] - smb: client: don't retry IO on failed negprotos with soft mounts (Jay Shin) [RHEL-85524] - cgroup: Remove steal time from usage_usec (Waiman Long) [RHEL-85398] - rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (CKI Backport Bot) [RHEL-85395] {CVE-2024-58069} From el-errata at oss.oracle.com Wed May 28 14:12:26 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:26 -0700 Subject: [El-errata] ELSA-2025-8132 Important: Oracle Linux 8 libsoup security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8132 http://linux.oracle.com/errata/ELSA-2025-8132.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libsoup-2.62.3-9.el8_10.i686.rpm libsoup-2.62.3-9.el8_10.x86_64.rpm libsoup-devel-2.62.3-9.el8_10.i686.rpm libsoup-devel-2.62.3-9.el8_10.x86_64.rpm aarch64: libsoup-2.62.3-9.el8_10.aarch64.rpm libsoup-devel-2.62.3-9.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//libsoup-2.62.3-9.el8_10.src.rpm Related CVEs: CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 CVE-2025-32914 Description of changes: [2.62.3-9] - Add patches to improve test reliability - Backport patches for various CVEs Resolves: RHEL-85879 Resolves: RHEL-92280 Resolves: RHEL-93031 Resolves: RHEL-93032 From el-errata at oss.oracle.com Wed May 28 14:12:28 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:28 -0700 Subject: [El-errata] ELSA-2025-8201 Important: Oracle Linux 8 gstreamer1-plugins-bad-free security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8201 http://linux.oracle.com/errata/ELSA-2025-8201.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: gstreamer1-plugins-bad-free-1.16.1-5.0.1.el8_10.i686.rpm gstreamer1-plugins-bad-free-1.16.1-5.0.1.el8_10.x86_64.rpm gstreamer1-plugins-bad-free-devel-1.16.1-5.0.1.el8_10.i686.rpm gstreamer1-plugins-bad-free-devel-1.16.1-5.0.1.el8_10.x86_64.rpm aarch64: gstreamer1-plugins-bad-free-1.16.1-5.0.1.el8_10.aarch64.rpm gstreamer1-plugins-bad-free-devel-1.16.1-5.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//gstreamer1-plugins-bad-free-1.16.1-5.0.1.el8_10.src.rpm Related CVEs: CVE-2025-3887 Description of changes: [1.16.1-5.0.1] - Update origin URL [Orabug: 36209826] [1.16.1-5] - fix for CVE-2025-3887 Resolves: RHEL-93051 From el-errata at oss.oracle.com Wed May 28 14:12:39 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:39 -0700 Subject: [El-errata] ELBA-2025-8200 Oracle Linux 9 virt-v2v bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-8200 http://linux.oracle.com/errata/ELBA-2025-8200.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: virt-v2v-2.7.1-8.0.1.el9_6.x86_64.rpm virt-v2v-bash-completion-2.7.1-8.0.1.el9_6.noarch.rpm virt-v2v-man-pages-ja-2.7.1-8.0.1.el9_6.noarch.rpm virt-v2v-man-pages-uk-2.7.1-8.0.1.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//virt-v2v-2.7.1-8.0.1.el9_6.src.rpm Description of changes: [2.7.1-8.0.1] - Replaced bugzilla.oracle.com references [Orabug: 34202300] - replaced upstream references [Orabug:34089586] [1:2.7.1-8] - Add -io vddk-file option resolves: RHEL-91098 [1:2.7.1-6] - Print blkhash of converted image in virt-v2v debugging output resolves: RHEL-85833 [1:2.7.1-5] - Rebase to upstream development version 2.7.1 resolves: RHEL-56813 - Replace Jansson with json-c resolves: RHEL-65296 - Find drivers for win2025 guests resolves: RHEL-65010 - in-place: Add new -O option to write inspector XML resolves: RHEL-58032 - mldrivers/linux_bootloaders.ml: Don't overwrite EFI grub2 wrapper resolves: RHEL-77989 - convert: Use yum/apt/... for package removals resolves: RHEL-71522 - Fix failure if the kernel-source package is installed in the source VM resolves: RHEL-80080 [1:2.5.9-1] - Rebase to upstream development version 2.5.9 - Fix display of incorrect Windows 11 version resolves: RHEL-56784 - Add customization options for post-conversion modification resolves: RHEL-55761 - convert: windows: Ignore sriov drivers on virtio-win disk resolves: RHEL-56383 [1:2.5.6-4] - convert: windows: Online all virtio disks at first boot resolves: RHEL-55763 [1:2.5.6-3] - Further fixes for QEMU Guest Agent install & VMware Tools removal resolves: RHEL-49761, RHEL-51169 [1:2.5.6-2] - Document uninstallation of VMware Tools on Windows resolves: RHEL-51169 [1:2.5.6-1] - Further fixes for QEMU Guest Agent resolves: RHEL-49761 - Place Windows firstboot files under C:\Program Files\Guestfs\Firstboot - Improve debugging output [1:2.5.5-3] - Allow virt-v2v --mac gw and len fields to be optional resolves: RHEL-50731 [1:2.5.5-2] - Fix installation of QEMU Guest Agent resolves: RHEL-49761 [1:2.5.5-1] - Rebase to virt-v2v 2.5.5 - Enhance -o kubevirt output resolves: RHEL-45992 [1:2.5.4-2] - Package virt-v2v-in-place in libexec as unsupported tool - Add warning about virt-v2v-in-place not being supported resolves: RHEL-40903 - Add more fields to virt-inspector output related: MTV-1079 - Revert "docs: Remove paragraph about -ip passwords and ssh/scp" resolves: RHEL-45527 [1:2.5.4-1] - Rebase to virt-v2v 2.5.4 - Add missing firmware types and enhance -o kubevirt resolves: RHEL-28197 - Fix RHV JSON transfer bug resolves: RHEL-32105 - docs: Add VDDK prereq that server must not be in maintenance mode resolves: RHEL-33699 - convert: windows: Install blnsvr from virtio-win resolves: RHEL-36591 [1:2.4.0-2] - Rebase to virt-v2v 2.4.0 - -it ssh: Double quote ssh command which tests remote file exists resolves: RHEL-12105 - Implement --key all:... resolves: RHEL-18142 - Fix off-by-one error causing rare crash resolves: RHEL-19061 - Improve the error message for -i vmx with a .vmdk file resolves: RHEL-19564 - Fix -i vmx when remote filename contains literal '*' resolves: RHEL-21365 - Fix virt-v2v --version output resolves: RHEL-22262 [1:2.3.4-5] - improve UX when running as root and we can't chown v2v tmpdir or socks - make the appliance kernel UP in %check, for working around RHBZ#2216496 resolves: rhbz#2182024 [1:2.3.4-3] - recognize "--key /dev/mapper/VG-LV:key:password" - enable the %check tests for real resolves: rhbz#2168506 From el-errata at oss.oracle.com Wed May 28 14:12:41 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:41 -0700 Subject: [El-errata] ELBA-2025-8202 Oracle Linux 9 libguestfs bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-8202 http://linux.oracle.com/errata/ELBA-2025-8202.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libguestfs-1.54.0-8.0.1.el9_6.x86_64.rpm libguestfs-appliance-1.54.0-8.0.1.el9_6.x86_64.rpm libguestfs-bash-completion-1.54.0-8.0.1.el9_6.noarch.rpm libguestfs-inspect-icons-1.54.0-8.0.1.el9_6.noarch.rpm libguestfs-rescue-1.54.0-8.0.1.el9_6.x86_64.rpm libguestfs-rsync-1.54.0-8.0.1.el9_6.x86_64.rpm libguestfs-xfs-1.54.0-8.0.1.el9_6.x86_64.rpm perl-Sys-Guestfs-1.54.0-8.0.1.el9_6.x86_64.rpm python3-libguestfs-1.54.0-8.0.1.el9_6.x86_64.rpm libguestfs-devel-1.54.0-8.0.1.el9_6.x86_64.rpm libguestfs-gobject-1.54.0-8.0.1.el9_6.x86_64.rpm libguestfs-gobject-devel-1.54.0-8.0.1.el9_6.x86_64.rpm libguestfs-man-pages-ja-1.54.0-8.0.1.el9_6.noarch.rpm libguestfs-man-pages-uk-1.54.0-8.0.1.el9_6.noarch.rpm lua-guestfs-1.54.0-8.0.1.el9_6.x86_64.rpm ocaml-libguestfs-1.54.0-8.0.1.el9_6.x86_64.rpm ocaml-libguestfs-devel-1.54.0-8.0.1.el9_6.x86_64.rpm php-libguestfs-1.54.0-8.0.1.el9_6.x86_64.rpm ruby-libguestfs-1.54.0-8.0.1.el9_6.x86_64.rpm aarch64: libguestfs-1.54.0-8.0.1.el9_6.aarch64.rpm libguestfs-appliance-1.54.0-8.0.1.el9_6.aarch64.rpm libguestfs-bash-completion-1.54.0-8.0.1.el9_6.noarch.rpm libguestfs-inspect-icons-1.54.0-8.0.1.el9_6.noarch.rpm libguestfs-rescue-1.54.0-8.0.1.el9_6.aarch64.rpm libguestfs-rsync-1.54.0-8.0.1.el9_6.aarch64.rpm libguestfs-xfs-1.54.0-8.0.1.el9_6.aarch64.rpm perl-Sys-Guestfs-1.54.0-8.0.1.el9_6.aarch64.rpm python3-libguestfs-1.54.0-8.0.1.el9_6.aarch64.rpm libguestfs-devel-1.54.0-8.0.1.el9_6.aarch64.rpm libguestfs-gobject-1.54.0-8.0.1.el9_6.aarch64.rpm libguestfs-gobject-devel-1.54.0-8.0.1.el9_6.aarch64.rpm libguestfs-man-pages-ja-1.54.0-8.0.1.el9_6.noarch.rpm libguestfs-man-pages-uk-1.54.0-8.0.1.el9_6.noarch.rpm lua-guestfs-1.54.0-8.0.1.el9_6.aarch64.rpm ocaml-libguestfs-1.54.0-8.0.1.el9_6.aarch64.rpm ocaml-libguestfs-devel-1.54.0-8.0.1.el9_6.aarch64.rpm php-libguestfs-1.54.0-8.0.1.el9_6.aarch64.rpm ruby-libguestfs-1.54.0-8.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//libguestfs-1.54.0-8.0.1.el9_6.src.rpm Description of changes: [1.54.0-8.0.1] - Add btrfs-progs to the packages installed in the appliance [Orabug: 34137448] - Replace upstream references from a description tag - Fix build on Oracle Linux [Orabug: 29319324] - Set DISTRO_ORACLE_LINUX correspeonding to ol [1:1.54.0-8] - daemon: inspect: Remove duplicate root mountpoints in /etc/fstab resolves: RHEL-92597 [1:1.54.0-7] - Run the fstrim command twice to workaround RHEL 9.5 kernel trimming bug resolves: RHEL-89046 [1:1.54.0-6] - Fix virt-v2v conversion of split /usr Ubuntu 22+ resolves: RHEL-88804 [1:1.54.0-5] - Include host kernel information in libguestfs debugging output resolves: RHEL-83032 [1:1.54.0-4] - Add new APIs to allow command output > 4MB resolves: RHEL-80159 [1:1.54.0-3] - Rebase to libguestfs 1.54.0 resolves: RHEL-56809 - Fix osinfo for Windows Server 2025 resolves: RHEL-62935 - Replace Jansson with json-c resolves: RHEL-65292 [1:1.50.2-1] - Update to libguestfs 1.50.2 resolves: RHEL-46775 [1:1.50.1-12] - inspection: Resolve PARTUUID= and PARTLABEL= in /etc/fstab resolves: RHEL-40142, RHEL-46596 [1:1.50.1-11] - Fix (rare) undetected truncation of 64 bit int results to 32 bits resolves: RHEL-45466 [1:1.50.1-10] - Remove bundled ocaml-augeas resolves: RHEL-32142 [1:1.50.1-9] - Add support for nbd+unix:// URIs resolves: RHEL-33851 [1:1.50.1-7] - Add --key all:... selector resolves: RHEL-19367 - Add miscellaneous other upstream fixes since 1.50.1 [1:1.50.1-6] - enable the ".gdb_index" section in the Perl bindings debug info resolves: rhbz#2209279 From el-errata at oss.oracle.com Wed May 28 14:12:48 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:48 -0700 Subject: [El-errata] ELSA-2025-8203 Important: Oracle Linux 9 thunderbird security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8203 http://linux.oracle.com/errata/ELSA-2025-8203.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.10.1-1.0.1.el9_6.x86_64.rpm aarch64: thunderbird-128.10.1-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-128.10.1-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-3875 CVE-2025-3877 CVE-2025-3909 CVE-2025-3932 Description of changes: [128.10.1-1.0.1] - Fix prefs for new nss [Orabug: 37079813] - Add Oracle prefs [128.10.1] - Add OpenELA debranding [128.10.1-1] - Update to 128.10.1 From el-errata at oss.oracle.com Wed May 28 14:12:34 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:34 -0700 Subject: [El-errata] ELBA-2025-8056-1 Oracle Linux 8 kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-8056-1 http://linux.oracle.com/errata/ELBA-2025-8056-1.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.53.1.0.1.el8_10.noarch.rpm kernel-core-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.53.1.0.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm perf-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.53.1.0.1.el8_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.53.1.0.1.el8_10.src.rpm Description of changes: - [4.18.0-553.53.1.0.1.el8_10.OL8] - scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230] - [4.18.0-553.53.1.el8_10.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] [4.18.0-553.53.1.el8_10] - net/mlx5: Always stop health timer during driver removal (Michal Schmidt) [RHEL-47712] {CVE-2024-40906} - net/mlx5: Split function_setup() to enable and open functions (Michal Schmidt) [RHEL-47712] - net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Michal Schmidt) [RHEL-57117] {CVE-2024-44970} - net/mlx5e: SHAMPO, Fix incorrect page release (Michal Schmidt) [RHEL-57117] {CVE-2024-46717} - s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (Mete Durlu) [RHEL-88819] - platform/x86: dell-wmi-sysman: Make init_bios_attributes() ACPI object parsing more robust (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Cleanup create_attributes_level_sysfs_files() (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Make sysman_init() return -ENODEV of the interfaces are not found (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Cleanup sysman_init() error-exit handling (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Fix release_attributes_data() getting called twice on init_bios_attributes() failure (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Make it safe to call exit_foo_attributes() multiple times (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Fix possible NULL pointer deref on exit (Jay Shin) [RHEL-88714] - platform/x86: dell-wmi-sysman: Fix crash caused by calling kset_unregister twice (Jay Shin) [RHEL-88714] - x86/kexec: Add EFI config table identity mapping for kexec kernel (Herton R. Krzesinski) [RHEL-71793] - vsock: Orphan socket after transport release (Jay Shin) [RHEL-89099] {CVE-2025-21756} - vsock: Keep the binding until socket destruction (Jay Shin) [RHEL-89099] {CVE-2025-21756} - bpf, vsock: Invoke proto::close on close() (Jay Shin) [RHEL-89099] {CVE-2025-21756} From el-errata at oss.oracle.com Wed May 28 14:12:46 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:46 -0700 Subject: [El-errata] ELSA-2025-8197 Moderate: Oracle Linux 9 unbound security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8197 http://linux.oracle.com/errata/ELSA-2025-8197.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: python3-unbound-1.16.2-18.el9_6.x86_64.rpm unbound-1.16.2-18.el9_6.x86_64.rpm unbound-dracut-1.16.2-18.el9_6.x86_64.rpm unbound-libs-1.16.2-18.el9_6.i686.rpm unbound-libs-1.16.2-18.el9_6.x86_64.rpm unbound-devel-1.16.2-18.el9_6.i686.rpm unbound-devel-1.16.2-18.el9_6.x86_64.rpm aarch64: python3-unbound-1.16.2-18.el9_6.aarch64.rpm unbound-1.16.2-18.el9_6.aarch64.rpm unbound-dracut-1.16.2-18.el9_6.aarch64.rpm unbound-libs-1.16.2-18.el9_6.aarch64.rpm unbound-devel-1.16.2-18.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//unbound-1.16.2-18.el9_6.src.rpm Related CVEs: CVE-2024-8508 Description of changes: [1.16.2-18] - Prevent unbounded name compression (CVE-2024-8508) From el-errata at oss.oracle.com Wed May 28 14:12:43 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:43 -0700 Subject: [El-errata] ELSA-2025-8142 Moderate: Oracle Linux 9 kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8142 http://linux.oracle.com/errata/ELSA-2025-8142.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-abi-stablelists-5.14.0-570.18.1.0.1.el9_6.noarch.rpm kernel-core-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-cross-headers-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-debug-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-debug-core-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-debug-devel-matched-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-core-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-debug-modules-extra-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-debug-uki-virt-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-devel-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-devel-matched-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-doc-5.14.0-570.18.1.0.1.el9_6.noarch.rpm kernel-headers-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-modules-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-modules-core-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-modules-extra-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-tools-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-tools-libs-devel-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm kernel-uki-virt-addons-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm libperf-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm perf-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm python3-perf-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm rtla-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm rv-5.14.0-570.18.1.0.1.el9_6.x86_64.rpm aarch64: kernel-cross-headers-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm kernel-headers-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm kernel-tools-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm kernel-tools-libs-devel-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm perf-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm python3-perf-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm rtla-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm rv-5.14.0-570.18.1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-570.18.1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-21964 Description of changes: [5.14.0-570.18.1.0.1.el9_6.OL9] - nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5] - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535] - Add Oracle Linux IMA certificates [5.14.0-570.18.1.el9_6] - gitlab-ci: use rhel9.6 builder image (Michael Hofmann) - cifs: Fix integer overflow while processing acregmax mount option (CKI Backport Bot) [RHEL-87921] {CVE-2025-21964} - Bluetooth: btusb: Add one more ID 0x0489:0xe0f3 for Qualcomm WCN785x (David Marlin) [RHEL-85647] - drm/i915/dp_mst: Don't require DSC hblank quirk for a non-DSC compatible mode (Jocelyn Falempe) [RHEL-85393] - drm/i915/dp_mst: Handle error during DSC BW overhead/slice calculation (Jocelyn Falempe) [RHEL-85393] - drm/i915/display: Use joined pipes in dsc helpers for slices, bpp (Jocelyn Falempe) [RHEL-85393] - drm/i915/display: Use joined pipes in intel_mode_valid_max_plane_size (Jocelyn Falempe) [RHEL-85393] - drm/i915/display: Use joined pipes in intel_dp_joiner_needs_dsc (Jocelyn Falempe) [RHEL-85393] - drm/i915/display: Simplify intel_joiner_num_pipes and its usage (Jocelyn Falempe) [RHEL-85393] - drm/i915/display: Check whether platform supports joiner (Jocelyn Falempe) [RHEL-85393] - Revert "drm/i915/dp_mst: Handle error during DSC BW overhead/slice calculation" (Jocelyn Falempe) [RHEL-85393] - Revert "drm/i915/dp_mst: Don't require DSC hblank quirk for a non-DSC compatible mode" (Jocelyn Falempe) [RHEL-85393] From el-errata at oss.oracle.com Wed May 28 14:12:57 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:12:57 -0700 Subject: [El-errata] ELBA-2025-20336 Oracle Linux 8 oVirt 4.5 ovirt-ansible-collection bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20336 http://linux.oracle.com/errata/ELBA-2025-20336.html The following updated rpms for Oracle Linux 8 oVirt 4.5 have been uploaded to the Unbreakable Linux Network: x86_64: ovirt-ansible-collection-3.2.0-1.23.el8.noarch.rpm cockpit-ovirt-dashboard-0.16.2-6.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//ovirt-ansible-collection-3.2.0-1.23.el8.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//cockpit-ovirt-0.16.2-6.el8.src.rpm Description of changes: ovirt-ansible-collection [3.2.0-1.23] - Fix cockpit SHE package install and keycloak failures [3.2.0-1.22] - Added credential variables for yum proxy cockpit-ovirt [0.16.2-6] - Added a button to select ip type during SHE install. From el-errata at oss.oracle.com Wed May 28 14:13:20 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:13:20 -0700 Subject: [El-errata] ELBA-2025-20338 Oracle Linux 9 btrfs-progs bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20338 http://linux.oracle.com/errata/ELBA-2025-20338.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: btrfs-progs-6.12.0-1.el9.x86_64.rpm btrfs-progs-devel-6.12.0-1.el9.x86_64.rpm libbtrfs-6.12.0-1.el9.x86_64.rpm libbtrfsutil-6.12.0-1.el9.x86_64.rpm python3-btrfsutil-6.12.0-1.el9.x86_64.rpm aarch64: btrfs-progs-6.12.0-1.el9.aarch64.rpm btrfs-progs-devel-6.12.0-1.el9.aarch64.rpm libbtrfs-6.12.0-1.el9.aarch64.rpm libbtrfsutil-6.12.0-1.el9.aarch64.rpm python3-btrfsutil-6.12.0-1.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//btrfs-progs-6.12.0-1.el9.src.rpm Description of changes: [6.12.0-1.el9] - btrfs-progs: release 6.12.0-1 (Anand Jain) - btrfs-progs: resize: remove the misleading warning for the 'max' option (Anand Jain) - btrfs-progs: btrfstune: add ability to remove squotas (Boris Burkov) - btrfs-progs: add a helper for clearing all the items in a tree (Boris Burkov) - btrfs-progs: btrfstune: fix documentation for --enable-simple-quota (Boris Burkov) From el-errata at oss.oracle.com Wed May 28 14:13:15 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 28 May 2025 07:13:15 -0700 Subject: [El-errata] OLAMBA-2025-0005 Oracle Linux 8 ol-automation-manager bug fix update Message-ID: Oracle Linux Bug Fix Advisory OLAMBA-2025-0005 http://linux.oracle.com/errata/OLAMBA-2025-0005.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: ol-automation-manager-2.2.0-34.el8.x86_64.rpm ol-automation-manager-cli-2.2.0-34.el8.noarch.rpm python311-olamkit-2.2.0-34.el8.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//ol-automation-manager-2.2.0-34.el8.src.rpm Description of changes: [2.2.0-34.el8] - OLAM-428 Remove Inventory Source for "Template additional groups and hostvars at runtime" option - OLAM-696 Correct outdated hyperlink to reference current documentation - OLAM-699 Correct outdated hyperlink to reference YAML syntax ansible docs From el-errata at oss.oracle.com Fri May 30 16:09:28 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:28 -0700 Subject: [El-errata] ELSA-2025-8246 Moderate: Oracle Linux 8 kernel security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8246 http://linux.oracle.com/errata/ELSA-2025-8246.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.54.1.el8_10.noarch.rpm kernel-core-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.54.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.54.1.el8_10.x86_64.rpm perf-4.18.0-553.54.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.54.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.54.1.el8_10.x86_64.rpm aarch64: bpftool-4.18.0-553.54.1.el8_10.aarch64.rpm kernel-cross-headers-4.18.0-553.54.1.el8_10.aarch64.rpm kernel-headers-4.18.0-553.54.1.el8_10.aarch64.rpm kernel-tools-4.18.0-553.54.1.el8_10.aarch64.rpm kernel-tools-libs-4.18.0-553.54.1.el8_10.aarch64.rpm perf-4.18.0-553.54.1.el8_10.aarch64.rpm python3-perf-4.18.0-553.54.1.el8_10.aarch64.rpm kernel-tools-libs-devel-4.18.0-553.54.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.54.1.el8_10.src.rpm Related CVEs: CVE-2024-43842 Description of changes: [4.18.0-553.54.1.el8_10.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] [4.18.0-553.54.1.el8_10] - ice: fix stats being updated by way too large values (CKI Backport Bot) [RHEL-70834] - wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (CKI Backport Bot) [RHEL-54802] {CVE-2024-43842} - sched/rt: Fix race in push_rt_task (Phil Auld) [RHEL-84963] From el-errata at oss.oracle.com Fri May 30 16:09:26 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:26 -0700 Subject: [El-errata] ELSA-2025-20343 Important: Oracle Linux 8 systemd security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20343 http://linux.oracle.com/errata/ELSA-2025-20343.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: systemd-239-82.0.4.el8_10.5.i686.rpm systemd-239-82.0.4.el8_10.5.x86_64.rpm systemd-container-239-82.0.4.el8_10.5.i686.rpm systemd-container-239-82.0.4.el8_10.5.x86_64.rpm systemd-devel-239-82.0.4.el8_10.5.i686.rpm systemd-devel-239-82.0.4.el8_10.5.x86_64.rpm systemd-journal-remote-239-82.0.4.el8_10.5.x86_64.rpm systemd-libs-239-82.0.4.el8_10.5.i686.rpm systemd-libs-239-82.0.4.el8_10.5.x86_64.rpm systemd-pam-239-82.0.4.el8_10.5.x86_64.rpm systemd-tests-239-82.0.4.el8_10.5.x86_64.rpm systemd-udev-239-82.0.4.el8_10.5.x86_64.rpm aarch64: systemd-239-82.0.4.el8_10.5.aarch64.rpm systemd-container-239-82.0.4.el8_10.5.aarch64.rpm systemd-devel-239-82.0.4.el8_10.5.aarch64.rpm systemd-journal-remote-239-82.0.4.el8_10.5.aarch64.rpm systemd-libs-239-82.0.4.el8_10.5.aarch64.rpm systemd-pam-239-82.0.4.el8_10.5.aarch64.rpm systemd-tests-239-82.0.4.el8_10.5.aarch64.rpm systemd-udev-239-82.0.4.el8_10.5.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//systemd-239-82.0.4.el8_10.5.src.rpm Related CVEs: CVE-2025-4598 Description of changes: [239-82.0.4.5] - coredump: use %d in kernel core pattern - CVE-2025-4598 From el-errata at oss.oracle.com Fri May 30 16:09:25 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:25 -0700 Subject: [El-errata] ELBA-2025-20341 Oracle Linux 8 oracle-ocne-release-el8 bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20341 http://linux.oracle.com/errata/ELBA-2025-20341.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: oracle-ocne-release-el8-1.0-14.el8.x86_64.rpm aarch64: oracle-ocne-release-el8-1.0-14.el8.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//oracle-ocne-release-el8-1.0-14.el8.src.rpm Description of changes: [1.0-14] - Remove post scriptlet used to update ociregion file which is nolonger required [1.0-14.el8] - Add developer channels for ocne [1.0-14.el8] - Deprecate the package with old name of olcne and rename it to ocne - Added ocne 2.0 repositories for x86_64 and aarch64 on ol8 and ol9 [1.0-14.el8] - Added olcne version 1.9 repository for x86_64 and aarch64 on ol8 and ol9 [1.0-14.el8] - Disable all OCNE channels by default [1.0-14.el8] - Added olcne version 1.8 repository for x86_64 and aarch64 on ol8 and ol9 [1.0-8] - Added olcne version 1.7 repository for x86_64 and ol8_developer_olcne repo for aarch64 [1.0-7] - Added olcne version 1.6 repository for x86_64 [OraBug: 35182554] [1.0-6] - Added olcne version 1.5 repository for x86_64 [OraBug: 34111597] [1.0-5] - Added olcne developer repository [OraBug: 33820720] [1.0-4] - Added olcne version 1.4 repository for aarch64 [OraBug: 33641138] [1.0-3] - Added olcne version 1.3 repository for aarch64 [OraBug: 33010226] [1.0-2] - Added olcne version 1.3 repository [OraBug: 32914245] [1.0-1] - Initial package From el-errata at oss.oracle.com Fri May 30 16:09:29 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:29 -0700 Subject: [El-errata] ELSA-2025-8308 Important: Oracle Linux 8 firefox security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8308 http://linux.oracle.com/errata/ELSA-2025-8308.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.11.0-1.0.1.el8_10.x86_64.rpm aarch64: firefox-128.11.0-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//firefox-128.11.0-1.0.1.el8_10.src.rpm Related CVEs: CVE-2025-5263 CVE-2025-5264 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5269 Description of changes: [128.11.0-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079789] [128.11.0] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.11.0-1] - Update to 128.11.0 From el-errata at oss.oracle.com Fri May 30 16:09:35 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:35 -0700 Subject: [El-errata] ELBA-2025-8246-1 Oracle Linux 8 kernel bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-8246-1 http://linux.oracle.com/errata/ELBA-2025-8246-1.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-abi-stablelists-4.18.0-553.54.1.0.1.el8_10.noarch.rpm kernel-core-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-cross-headers-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-debug-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-debug-core-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-debug-devel-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-debug-modules-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-debug-modules-extra-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-devel-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-doc-4.18.0-553.54.1.0.1.el8_10.noarch.rpm kernel-headers-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-modules-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-modules-extra-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-tools-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-tools-libs-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm perf-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm python3-perf-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm kernel-tools-libs-devel-4.18.0-553.54.1.0.1.el8_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.54.1.0.1.el8_10.src.rpm Description of changes: [4.18.0-553.54.1.0.1.el8_10.OL8] - scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] [4.18.0-553.54.1.el8_10] - ice: fix stats being updated by way too large values (CKI Backport Bot) [RHEL-70834] - wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (CKI Backport Bot) [RHEL-54802] {CVE-2024-43842} - sched/rt: Fix race in push_rt_task (Phil Auld) [RHEL-84963] From el-errata at oss.oracle.com Fri May 30 16:09:40 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:40 -0700 Subject: [El-errata] ELBA-2025-20340 Oracle Linux 9 oraclelinux-release bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20340 http://linux.oracle.com/errata/ELBA-2025-20340.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: oraclelinux-release-9.6-1.0.8.el9.x86_64.rpm oraclelinux-sb-certs-9.6-1.0.8.el9.noarch.rpm aarch64: oraclelinux-release-9.6-1.0.8.el9.aarch64.rpm oraclelinux-sb-certs-9.6-1.0.8.el9.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//oraclelinux-release-9.6-1.0.8.el9.src.rpm Description of changes: [9.6-1.0.8] - Updated release notes for OL9.6 GA. From el-errata at oss.oracle.com Fri May 30 16:09:41 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:41 -0700 Subject: [El-errata] ELBA-2025-20342 Oracle Linux 9 oracle-ocne-release-el9 bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-20342 http://linux.oracle.com/errata/ELBA-2025-20342.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: oracle-ocne-release-el9-1.0-7.el9.x86_64.rpm aarch64: oracle-ocne-release-el9-1.0-7.el9.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//oracle-ocne-release-el9-1.0-7.el9.src.rpm Description of changes: [1.0-14] - Remove post scriptlet used to update ociregion file which is nolonger required [1.0-7.el9] - Add developer channels for ocne [1.0-7.el9] - Deprecate the package with old name of olcne and rename it to ocne - Added ocne 2.0 repositories for x86_64 and aarch64 on ol8 and ol9 [1.0-7.el9] - Added olcne version 1.9 repository for x86_64 and aarch64 on ol8 and ol9 [1.0-7.el9] - Disable all OCNE channels by default [1.0-7.el9] - Added olcne version 1.8 repository for x86_64 and aarch64 on ol8 and ol9 [1.0-8] - Added olcne version 1.7 repository for x86_64 and ol8_developer_olcne repo for aarch64 From el-errata at oss.oracle.com Fri May 30 16:09:43 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:43 -0700 Subject: [El-errata] ELSA-2025-20344 Important: Oracle Linux 9 systemd security update Message-ID: Oracle Linux Security Advisory ELSA-2025-20344 http://linux.oracle.com/errata/ELSA-2025-20344.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: systemd-252-51.0.2.el9.i686.rpm systemd-252-51.0.2.el9.x86_64.rpm systemd-devel-252-51.0.2.el9.i686.rpm systemd-devel-252-51.0.2.el9.x86_64.rpm systemd-libs-252-51.0.2.el9.i686.rpm systemd-libs-252-51.0.2.el9.x86_64.rpm systemd-resolved-252-51.0.2.el9.x86_64.rpm systemd-boot-unsigned-252-51.0.2.el9.x86_64.rpm rhel-net-naming-sysattrs-252-51.0.2.el9.noarch.rpm systemd-container-252-51.0.2.el9.i686.rpm systemd-container-252-51.0.2.el9.x86_64.rpm systemd-oomd-252-51.0.2.el9.x86_64.rpm systemd-pam-252-51.0.2.el9.x86_64.rpm systemd-rpm-macros-252-51.0.2.el9.noarch.rpm systemd-udev-252-51.0.2.el9.x86_64.rpm systemd-journal-remote-252-51.0.2.el9.x86_64.rpm systemd-ukify-252-51.0.2.el9.noarch.rpm aarch64: systemd-252-51.0.2.el9.aarch64.rpm systemd-libs-252-51.0.2.el9.aarch64.rpm systemd-resolved-252-51.0.2.el9.aarch64.rpm systemd-boot-unsigned-252-51.0.2.el9.aarch64.rpm rhel-net-naming-sysattrs-252-51.0.2.el9.noarch.rpm systemd-container-252-51.0.2.el9.aarch64.rpm systemd-oomd-252-51.0.2.el9.aarch64.rpm systemd-pam-252-51.0.2.el9.aarch64.rpm systemd-rpm-macros-252-51.0.2.el9.noarch.rpm systemd-udev-252-51.0.2.el9.aarch64.rpm systemd-devel-252-51.0.2.el9.aarch64.rpm systemd-journal-remote-252-51.0.2.el9.aarch64.rpm systemd-ukify-252-51.0.2.el9.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//systemd-252-51.0.2.el9.src.rpm Related CVEs: CVE-2025-4598 Description of changes: [252-51.0.2] - coredump: use %d in kernel core pattern - CVE-2025-4598 From el-errata at oss.oracle.com Fri May 30 16:09:44 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:44 -0700 Subject: [El-errata] ELBA-2025-8309 Oracle Linux 9 nmstate bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2025-8309 http://linux.oracle.com/errata/ELBA-2025-8309.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: nmstate-2.2.45-1.el9_6.x86_64.rpm nmstate-libs-2.2.45-1.el9_6.i686.rpm nmstate-libs-2.2.45-1.el9_6.x86_64.rpm python3-libnmstate-2.2.45-1.el9_6.x86_64.rpm nmstate-devel-2.2.45-1.el9_6.i686.rpm nmstate-devel-2.2.45-1.el9_6.x86_64.rpm nmstate-static-2.2.45-1.el9_6.i686.rpm nmstate-static-2.2.45-1.el9_6.x86_64.rpm aarch64: nmstate-2.2.45-1.el9_6.aarch64.rpm nmstate-libs-2.2.45-1.el9_6.aarch64.rpm python3-libnmstate-2.2.45-1.el9_6.aarch64.rpm nmstate-devel-2.2.45-1.el9_6.aarch64.rpm nmstate-static-2.2.45-1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//nmstate-2.2.45-1.el9_6.src.rpm Description of changes: [2.2.45-1] - Upgrade to 2.2.25 - Fix OVS stuck on nmstatectl show. RHEL-93175 From el-errata at oss.oracle.com Fri May 30 16:09:45 2025 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 30 May 2025 09:09:45 -0700 Subject: [El-errata] ELSA-2025-8293 Important: Oracle Linux 9 firefox security update Message-ID: Oracle Linux Security Advisory ELSA-2025-8293 http://linux.oracle.com/errata/ELSA-2025-8293.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.11.0-1.0.1.el9_6.x86_64.rpm firefox-x11-128.11.0-1.0.1.el9_6.x86_64.rpm aarch64: firefox-128.11.0-1.0.1.el9_6.aarch64.rpm firefox-x11-128.11.0-1.0.1.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//firefox-128.11.0-1.0.1.el9_6.src.rpm Related CVEs: CVE-2025-5263 CVE-2025-5264 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5269 Description of changes: [128.11.0-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [128.11.0] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.11.0-1] - Update to 128.11.0