Oracle Linux 6162 Published by

A grub2 bug fix update has been released for Oracle Linux 7.

ELBA-2023-12998 Oracle Linux 7 grub2 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2023-12998

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:



Description of changes:

- Replace reference [Orabug: 35477723]
- Backport kernel EFI allocation pacthes [Orabug: 34301086]
- Add to the list CVE-2021-3695, CVE-2021-3696, CVE-2021-3697,
CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 [JIRA: OLDIS-16371]
- bump SBAT generation [JIRA: OLDIS-16371]
- Cleanup XEN shell script (Alex Burmashev) [Orabug: 33851417]
- Update SBAT data (Alex Burmashev) [Orabug: 33851417]
- efinet: change SNP open call (Alex Burmashev) [Orabug: 32646964]
- disable buggy 0183-efinet-retransmit-if-our-device-is-busy.patch [Orabug: 27982684]
- Patch multiboot2 to the recent state [Orabug: 32950597]
- Enable multiboot2 for UEFI ( non Secureboot ) mode [Orabug: 32950597]
- Update signing certificate [Orabug: 32670043]
- Update shim and certificates dependencies [Orabug: 32670043]
- xfs: Don't attempt to iterate over empty directory [Orabug: 32584717]
- add SBAT metadata for Oracle Linux grub2
- Use similar format for menu entry in grub environment block
- config file. [Orabug: 32172943]
- Fix degradation in multiboot2 code [Orabug: 32069510]
- Update signing certificate for efi binaries
- Update upstream references [Orabug: 30138841]
- Restore symlink to grub environment file, that was removed during grub2-efi update
if grub2 package is also installed on UEFI machines [Orabug: 27345750]
- fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481]
- Fix comparison in patch for [Orabug: 18504756]
- Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481]
- replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev)
- Put "with" in menuentry instead of "using" [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]

- Bump sbat
- Resolves: CVE-2022-28733

- Backport the relevant CVE fixes from the 2022-05-24 drop
- Resolves: CVE-2022-28733

- Bump for signing
- Resolves: #1892860

- Fix accidental reboot in grub_exit
- Resolves: #1892860

- Fix boot failures in ppc64le caused by storage race condition (diegodo)
Resolves: rhbz#1942148

- Fix ppc64le performance issues (diegodo)
Resolves: rhbz#1759298

- Add the at keyboard patches that weren't included
Resolves: rhbz#1892240

- add keylayouts and at_keyboard modules to EFI binary
Resolves: rhbz#1892240

- at_keyboard: use set 1 when keyboard is in Translate mode (rmetrich)
Resolves: rhbz#1892240

- Fix another batch of CVEs
Resolves: CVE-2020-14372
Resolves: CVE-2020-25632
Resolves: CVE-2020-25647
Resolves: CVE-2020-27749
Resolves: CVE-2020-27779
Resolves: CVE-2021-20225
Resolves: CVE-2021-20233

- Fix keyboards that report IBM PC AT scan codes
Resolves: rhbz#1892240