Oracle Linux 6254 Published by

The following security updates have been released for Oracle Linux:

ELBA-2024-5736 Oracle Linux 8 ca-certificates bug fix and enhancement update
ELSA-2024-5694 Important: Oracle Linux 8 tomcat security update
ELSA-2024-5531 Important: Oracle Linux 8 python3.12-setuptools security update




ELBA-2024-5736 Oracle Linux 8 ca-certificates bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2024-5736

http://linux.oracle.com/errata/ELBA-2024-5736.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ca-certificates-2024.2.69_v8.0.303-80.0.el8_10.noarch.rpm

aarch64:
ca-certificates-2024.2.69_v8.0.303-80.0.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//ca-certificates-2024.2.69_v8.0.303-80.0.el8_10.src.rpm

Description of changes:

[2024.2.69_v8.0.303-80.0]
- Update to CKBI 2.69_v8.0.303 from NSS 3.101.1
- Removing:
- # Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
- # Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
- # Certificate "Security Communication Root CA"
- # Certificate "Camerfirma Chambers of Commerce Root"
- # Certificate "Hongkong Post Root CA 1"
- # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068"
- # Certificate "Symantec Class 1 Public Primary Certification Authority - G6"
- # Certificate "Symantec Class 2 Public Primary Certification Authority - G6"
- # Certificate "TrustCor RootCert CA-1"
- # Certificate "TrustCor RootCert CA-2"
- # Certificate "TrustCor ECA-1"
- # Certificate "FNMT-RCM"
- Adding:
- # Certificate "LAWtrust Root CA2 (4096)"
- # Certificate "Sectigo Public Email Protection Root E46"
- # Certificate "Sectigo Public Email Protection Root R46"
- # Certificate "Sectigo Public Server Authentication Root E46"
- # Certificate "Sectigo Public Server Authentication Root R46"
- # Certificate "SSL.com TLS RSA Root CA 2022"
- # Certificate "SSL.com TLS ECC Root CA 2022"
- # Certificate "SSL.com Client ECC Root CA 2022"
- # Certificate "SSL.com Client RSA Root CA 2022"
- # Certificate "Atos TrustedRoot Root CA ECC G2 2020"
- # Certificate "Atos TrustedRoot Root CA RSA G2 2020"
- # Certificate "Atos TrustedRoot Root CA ECC TLS 2021"
- # Certificate "Atos TrustedRoot Root CA RSA TLS 2021"
- # Certificate "TrustAsia Global Root CA G3"
- # Certificate "TrustAsia Global Root CA G4"
- # Certificate "CommScope Public Trust ECC Root-01"
- # Certificate "CommScope Public Trust ECC Root-02"
- # Certificate "CommScope Public Trust RSA Root-01"
- # Certificate "CommScope Public Trust RSA Root-02"
- # Certificate "D-Trust SBR Root CA 1 2022"
- # Certificate "D-Trust SBR Root CA 2 2022"
- # Certificate "Telekom Security SMIME ECC Root 2021"
- # Certificate "Telekom Security TLS ECC Root 2020"
- # Certificate "Telekom Security SMIME RSA Root 2023"
- # Certificate "Telekom Security TLS RSA Root 2023"
- # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB"
- # Certificate "SECOM Trust.net"
- # Certificate "Chambers of Commerce Root"
- # Certificate "VeriSign Class 2 Public Primary Certification Authority - G3"
- # Certificate "SSL.com Code Signing RSA Root CA 2022"
- # Certificate "SSL.com Code Signing ECC Root CA 2022"



ELSA-2024-5694 Important: Oracle Linux 8 tomcat security update


Oracle Linux Security Advisory ELSA-2024-5694

http://linux.oracle.com/errata/ELSA-2024-5694.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
tomcat-9.0.87-1.el8_10.2.noarch.rpm
tomcat-admin-webapps-9.0.87-1.el8_10.2.noarch.rpm
tomcat-docs-webapp-9.0.87-1.el8_10.2.noarch.rpm
tomcat-el-3.0-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-lib-9.0.87-1.el8_10.2.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-webapps-9.0.87-1.el8_10.2.noarch.rpm

aarch64:
tomcat-9.0.87-1.el8_10.2.noarch.rpm
tomcat-admin-webapps-9.0.87-1.el8_10.2.noarch.rpm
tomcat-docs-webapp-9.0.87-1.el8_10.2.noarch.rpm
tomcat-el-3.0-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-jsp-2.3-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-lib-9.0.87-1.el8_10.2.noarch.rpm
tomcat-servlet-4.0-api-9.0.87-1.el8_10.2.noarch.rpm
tomcat-webapps-9.0.87-1.el8_10.2.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//tomcat-9.0.87-1.el8_10.2.src.rpm

Related CVEs:

CVE-2024-34750

Description of changes:

[1:9.0.87-1.el8_10.2]
- Resolves: RHEL-46167
tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)



ELSA-2024-5531 Important: Oracle Linux 8 python3.12-setuptools security update


Oracle Linux Security Advisory ELSA-2024-5531

http://linux.oracle.com/errata/ELSA-2024-5531.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.12-setuptools-68.2.2-4.el8_10.noarch.rpm
python3.12-setuptools-wheel-68.2.2-4.el8_10.noarch.rpm

aarch64:
python3.12-setuptools-68.2.2-4.el8_10.noarch.rpm
python3.12-setuptools-wheel-68.2.2-4.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//python3.12-setuptools-68.2.2-4.el8_10.src.rpm

Related CVEs:

CVE-2024-6345

Description of changes:

[68.2.2-4]
- Security fix for CVE-2024-6345
Resolves: RHEL-50475