Oracle Linux 6254 Published by

Oracle Linux has received some new updates, including qt5-qtbase, java-11-openjdk, emacs, net-snmp, and nginx bug fixes and enhancements:

ELSA-2024-4564 Important: Oracle Linux 7 java-11-openjdk security update (aarch64)
ELSA-2024-4647 Important: Oracle Linux 7 qt5-qtbase security update (aarch64)
ELSA-2024-4564 Important: Oracle Linux 7 java-11-openjdk security update
ELSA-2024-6510 Moderate: Oracle Linux 9 emacs security update
ELBA-2024-6469 Oracle Linux 9 net-snmp bug fix update
ELBA-2024-6190 Oracle Linux 9 nginx bug fix and enhancement update




ELSA-2024-4564 Important: Oracle Linux 7 java-11-openjdk security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-4564

http://linux.oracle.com/errata/ELSA-2024-4564.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
java-11-openjdk-11.0.23.0.9-2.0.3.el7_9.aarch64.rpm
java-11-openjdk-devel-11.0.23.0.9-2.0.3.el7_9.aarch64.rpm
java-11-openjdk-headless-11.0.23.0.9-2.0.3.el7_9.aarch64.rpm
java-11-openjdk-demo-11.0.23.0.9-2.0.3.el7_9.aarch64.rpm
java-11-openjdk-javadoc-11.0.23.0.9-2.0.3.el7_9.aarch64.rpm
java-11-openjdk-javadoc-zip-11.0.23.0.9-2.0.3.el7_9.aarch64.rpm
java-11-openjdk-jmods-11.0.23.0.9-2.0.3.el7_9.aarch64.rpm
java-11-openjdk-src-11.0.23.0.9-2.0.3.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-11-openjdk-11.0.23.0.9-2.0.3.el7_9.src.rpm

Related CVEs:

CVE-2024-21131
CVE-2024-21138
CVE-2024-21140
CVE-2024-21144
CVE-2024-21145
CVE-2024-21147

Description of changes:

[1:11.0.23.0.9-2.0.3]
- Fixes below CVE's
- CVE-2024-21131 Improve-UTF8-String-supports
- CVE-2024-21138 Better-symbol-storage
- Fixes malformed control flow openjdk bug8303466
- CVE-2024-21140 Improved-loop-handling
- CVE-2024-21144 Enhance-Pack-200-loading
- CVE-2024-21145 Improve-2D-image-handling
- CVE-2024-21147 Improve-array-management



ELSA-2024-4647 Important: Oracle Linux 7 qt5-qtbase security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-4647

http://linux.oracle.com/errata/ELSA-2024-4647.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
qt5-qtbase-5.9.7-5.0.1.el7_9.aarch64.rpm
qt5-qtbase-common-5.9.7-5.0.1.el7_9.noarch.rpm
qt5-qtbase-devel-5.9.7-5.0.1.el7_9.aarch64.rpm
qt5-qtbase-gui-5.9.7-5.0.1.el7_9.aarch64.rpm
qt5-qtbase-mysql-5.9.7-5.0.1.el7_9.aarch64.rpm
qt5-qtbase-odbc-5.9.7-5.0.1.el7_9.aarch64.rpm
qt5-qtbase-postgresql-5.9.7-5.0.1.el7_9.aarch64.rpm
qt5-rpm-macros-5.9.7-5.0.1.el7_9.noarch.rpm
qt5-qtbase-doc-5.9.7-5.0.1.el7_9.aarch64.rpm
qt5-qtbase-examples-5.9.7-5.0.1.el7_9.aarch64.rpm
qt5-qtbase-static-5.9.7-5.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//qt5-qtbase-5.9.7-5.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-39936

Description of changes:

[5.9.7-5.0.1]
- Backport fix for CVE-2024-39936 [Orabug: 36904373]



ELSA-2024-4564 Important: Oracle Linux 7 java-11-openjdk security update


Oracle Linux Security Advisory ELSA-2024-4564

http://linux.oracle.com/errata/ELSA-2024-4564.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
java-11-openjdk-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm
java-11-openjdk-demo-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-demo-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm
java-11-openjdk-devel-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-devel-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm
java-11-openjdk-headless-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-headless-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm
java-11-openjdk-javadoc-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-javadoc-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm
java-11-openjdk-javadoc-zip-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-javadoc-zip-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm
java-11-openjdk-jmods-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-jmods-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm
java-11-openjdk-src-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-src-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm
java-11-openjdk-static-libs-11.0.23.0.9-2.0.3.el7_9.i686.rpm
java-11-openjdk-static-libs-11.0.23.0.9-2.0.3.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//java-11-openjdk-11.0.23.0.9-2.0.3.el7_9.src.rpm

Related CVEs:

CVE-2024-21131
CVE-2024-21138
CVE-2024-21140
CVE-2024-21144
CVE-2024-21145
CVE-2024-21147

Description of changes:

[1:11.0.23.0.9-2.0.3]
- Fixes below CVE's
- CVE-2024-21131 Improve-UTF8-String-supports
- CVE-2024-21138 Better-symbol-storage
- Fixes malformed control flow openjdk bug8303466
- CVE-2024-21140 Improved-loop-handling
- CVE-2024-21144 Enhance-Pack-200-loading
- CVE-2024-21145 Improve-2D-image-handling
- CVE-2024-21147 Improve-array-management



ELSA-2024-6510 Moderate: Oracle Linux 9 emacs security update


Oracle Linux Security Advisory ELSA-2024-6510

http://linux.oracle.com/errata/ELSA-2024-6510.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
emacs-27.2-10.el9_4.x86_64.rpm
emacs-common-27.2-10.el9_4.x86_64.rpm
emacs-filesystem-27.2-10.el9_4.noarch.rpm
emacs-lucid-27.2-10.el9_4.x86_64.rpm
emacs-nox-27.2-10.el9_4.x86_64.rpm

aarch64:
emacs-27.2-10.el9_4.aarch64.rpm
emacs-common-27.2-10.el9_4.aarch64.rpm
emacs-filesystem-27.2-10.el9_4.noarch.rpm
emacs-lucid-27.2-10.el9_4.aarch64.rpm
emacs-nox-27.2-10.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//emacs-27.2-10.el9_4.src.rpm

Related CVEs:

CVE-2024-39331

Description of changes:

[1:27.2-10]
- org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code (CVE-2024-39331)
- Disable xwidgets (RHEL-33447)



ELBA-2024-6469 Oracle Linux 9 net-snmp bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-6469

http://linux.oracle.com/errata/ELBA-2024-6469.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
net-snmp-5.9.1-13.0.1.el9_4.2.x86_64.rpm
net-snmp-agent-libs-5.9.1-13.0.1.el9_4.2.i686.rpm
net-snmp-agent-libs-5.9.1-13.0.1.el9_4.2.x86_64.rpm
net-snmp-devel-5.9.1-13.0.1.el9_4.2.i686.rpm
net-snmp-devel-5.9.1-13.0.1.el9_4.2.x86_64.rpm
net-snmp-libs-5.9.1-13.0.1.el9_4.2.i686.rpm
net-snmp-libs-5.9.1-13.0.1.el9_4.2.x86_64.rpm
net-snmp-perl-5.9.1-13.0.1.el9_4.2.x86_64.rpm
net-snmp-utils-5.9.1-13.0.1.el9_4.2.x86_64.rpm
python3-net-snmp-5.9.1-13.0.1.el9_4.2.x86_64.rpm

aarch64:
net-snmp-5.9.1-13.0.1.el9_4.2.aarch64.rpm
net-snmp-agent-libs-5.9.1-13.0.1.el9_4.2.aarch64.rpm
net-snmp-devel-5.9.1-13.0.1.el9_4.2.aarch64.rpm
net-snmp-libs-5.9.1-13.0.1.el9_4.2.aarch64.rpm
net-snmp-perl-5.9.1-13.0.1.el9_4.2.aarch64.rpm
net-snmp-utils-5.9.1-13.0.1.el9_4.2.aarch64.rpm
python3-net-snmp-5.9.1-13.0.1.el9_4.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//net-snmp-5.9.1-13.0.1.el9_4.2.src.rpm

Description of changes:

[5.9.1-13.0.1.2]
- fix error index value when snmpget is used a proxy pass [Orabug: 35010262]

[1:5.9.1-13.2]
- fix segfault with error on subcontainer (RHEL-46039)

[1:5.9.1-13.1]
- fix unexpected header length with new kernel (RHEL-40403)

[1:5.9.1-13]
- add support for SQLite db background of rpm (RHEL-6854)

[1:5.9.1-12]
- fix message severity issue (RHEL-13960)

[1:5.9.1-11]
- fix python3 missing epoch

[1:5.9.1-10]
- fix sendmsg error code for new kernel (#2210892)

[1:5.9.1-9]
- fix CVE-2022-44792 and CVE-2022-44793 (#2141902) and (#2141906)
- fix memory leak when ipv6 disable set to 1 (#2151540)



ELBA-2024-6190 Oracle Linux 9 nginx bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2024-6190

http://linux.oracle.com/errata/ELBA-2024-6190.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
nginx-1.20.1-16.0.1.el9_4.1.x86_64.rpm
nginx-all-modules-1.20.1-16.0.1.el9_4.1.noarch.rpm
nginx-core-1.20.1-16.0.1.el9_4.1.x86_64.rpm
nginx-filesystem-1.20.1-16.0.1.el9_4.1.noarch.rpm
nginx-mod-http-image-filter-1.20.1-16.0.1.el9_4.1.x86_64.rpm
nginx-mod-http-perl-1.20.1-16.0.1.el9_4.1.x86_64.rpm
nginx-mod-http-xslt-filter-1.20.1-16.0.1.el9_4.1.x86_64.rpm
nginx-mod-mail-1.20.1-16.0.1.el9_4.1.x86_64.rpm
nginx-mod-stream-1.20.1-16.0.1.el9_4.1.x86_64.rpm
nginx-mod-devel-1.20.1-16.0.1.el9_4.1.x86_64.rpm

aarch64:
nginx-1.20.1-16.0.1.el9_4.1.aarch64.rpm
nginx-all-modules-1.20.1-16.0.1.el9_4.1.noarch.rpm
nginx-core-1.20.1-16.0.1.el9_4.1.aarch64.rpm
nginx-filesystem-1.20.1-16.0.1.el9_4.1.noarch.rpm
nginx-mod-http-image-filter-1.20.1-16.0.1.el9_4.1.aarch64.rpm
nginx-mod-http-perl-1.20.1-16.0.1.el9_4.1.aarch64.rpm
nginx-mod-http-xslt-filter-1.20.1-16.0.1.el9_4.1.aarch64.rpm
nginx-mod-mail-1.20.1-16.0.1.el9_4.1.aarch64.rpm
nginx-mod-stream-1.20.1-16.0.1.el9_4.1.aarch64.rpm
nginx-mod-devel-1.20.1-16.0.1.el9_4.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//nginx-1.20.1-16.0.1.el9_4.1.src.rpm

Description of changes:

[1:1.20.1-16.0.1.1]
- Resolves: RHEL-48791 - nginx worker processes memory leak

[1:1.20.1-14.0.2.1]
- Update upstream references [Orabug: 36579090]

[1:1.20.1-14.0.1.1]
- Resolves: RHEL-12518 - nginx: HTTP/2: Multiple HTTP/2 enabled web servers are
vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

[1.20.1-14.0.1]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]

[1:1.20.1-14]
- Resolves: #2086527 - Fix logrotate config and nginx log dir permissions