Oracle Linux 6255 Published by

The following updates are available for Oracle Linux:

ELBA-2024-6170 Oracle Linux 9 libdnf bug fix update
ELSA-2024-6147 Moderate: Oracle Linux 9 nodejs:18 security update
ELSA-2024-6356 Important: Oracle Linux 9 bubblewrap and flatpak security update
ELBA-2024-6287 Oracle Linux 9 libguestfs bug fix and enhancement update
ELBA-2024-6171 Oracle Linux 9 grub2 bug fix update
ELEA-2024-6300 Oracle Linux 9 greenboot bug fix and enhancement update
ELBA-2024-12607 Oracle Linux 9 osbuild-composer bug fix update
ELSA-2024-6309 Moderate: Oracle Linux 8 fence-agents security update
ELBA-2024-5811 Oracle Linux 8 scap-security-guide bug fix and enhancement update
ELSA-2024-6148 Moderate: Oracle Linux 8 nodejs:18 security update
ELBA-2024-12608 Oracle Linux 8 osbuild-composer bug fix update
ELSA-2024-4622 Important: Oracle Linux 7 libndp security update (aarch64)
ELSA-2024-4622 Important: Oracle Linux 7 libndp security update




ELBA-2024-6170 Oracle Linux 9 libdnf bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-6170

http://linux.oracle.com/errata/ELBA-2024-6170.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libdnf-0.69.0-8.0.1.el9_4.1.i686.rpm
libdnf-0.69.0-8.0.1.el9_4.1.x86_64.rpm
python3-hawkey-0.69.0-8.0.1.el9_4.1.x86_64.rpm
python3-libdnf-0.69.0-8.0.1.el9_4.1.x86_64.rpm
libdnf-devel-0.69.0-8.0.1.el9_4.1.i686.rpm
libdnf-devel-0.69.0-8.0.1.el9_4.1.x86_64.rpm

aarch64:
libdnf-0.69.0-8.0.1.el9_4.1.aarch64.rpm
python3-hawkey-0.69.0-8.0.1.el9_4.1.aarch64.rpm
python3-libdnf-0.69.0-8.0.1.el9_4.1.aarch64.rpm
libdnf-devel-0.69.0-8.0.1.el9_4.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//libdnf-0.69.0-8.0.1.el9_4.1.src.rpm

Description of changes:

[0.69.0-8.0.1.1]
- Recognise new kernel-uek RPMs as multiversion and installonlypkg [Orabug: 36053872]
- Replaced bugzilla.oracle.com references [Orabug: 34202300]
- Update OL9 dnf to recognize UEK7(kernel-uek-core & kernel-uek-modules) as installonlypkgs package [Orabug: 33861607]
- Replaced bugzilla.redhat.com with bugzilla.oracle.com in config [Orabug: 29656932]
- Add support for apps that use libdnf to access yum url with 'ociregion' variable [Orabug: 30121584]
- Update OL8 dnf to recognise kernel-uek as installonlypkgs package [Orabug: 31018668]
- Disable rhsm [Orabug: 29901202]



ELSA-2024-6147 Moderate: Oracle Linux 9 nodejs:18 security update


Oracle Linux Security Advisory ELSA-2024-6147

http://linux.oracle.com/errata/ELSA-2024-6147.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-18.20.4-1.module+el9.4.0+90400+35c5e203.x86_64.rpm
nodejs-devel-18.20.4-1.module+el9.4.0+90400+35c5e203.x86_64.rpm
nodejs-docs-18.20.4-1.module+el9.4.0+90400+35c5e203.noarch.rpm
nodejs-full-i18n-18.20.4-1.module+el9.4.0+90400+35c5e203.x86_64.rpm
nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.noarch.rpm
nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
npm-10.7.0-1.18.20.4.1.module+el9.4.0+90400+35c5e203.x86_64.rpm

aarch64:
nodejs-18.20.4-1.module+el9.4.0+90400+35c5e203.aarch64.rpm
nodejs-devel-18.20.4-1.module+el9.4.0+90400+35c5e203.aarch64.rpm
nodejs-docs-18.20.4-1.module+el9.4.0+90400+35c5e203.noarch.rpm
nodejs-full-i18n-18.20.4-1.module+el9.4.0+90400+35c5e203.aarch64.rpm
nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.noarch.rpm
nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el9.1.0+20762+f52d7401.noarch.rpm
npm-10.7.0-1.18.20.4.1.module+el9.4.0+90400+35c5e203.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-18.20.4-1.module+el9.4.0+90400+35c5e203.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el9.3.0+90167+01064547.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//nodejs-packaging-2021.06-4.module+el9.1.0+20762+f52d7401.src.rpm

Related CVEs:

CVE-2024-22020
CVE-2024-28863

Description of changes:

nodejs
[1:18.20.4-1]
- Update to 18.20.4
Fixes: CVE-2024-22020 CVE-2024-28863

nodejs-nodemon
nodejs-packaging



ELSA-2024-6356 Important: Oracle Linux 9 bubblewrap and flatpak security update


Oracle Linux Security Advisory ELSA-2024-6356

http://linux.oracle.com/errata/ELSA-2024-6356.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bubblewrap-0.4.1-7.el9_4.x86_64.rpm
flatpak-1.12.9-3.el9_4.x86_64.rpm
flatpak-libs-1.12.9-3.el9_4.i686.rpm
flatpak-libs-1.12.9-3.el9_4.x86_64.rpm
flatpak-selinux-1.12.9-3.el9_4.noarch.rpm
flatpak-session-helper-1.12.9-3.el9_4.x86_64.rpm
flatpak-1.12.9-3.el9_4.i686.rpm
flatpak-devel-1.12.9-3.el9_4.i686.rpm
flatpak-devel-1.12.9-3.el9_4.x86_64.rpm
flatpak-session-helper-1.12.9-3.el9_4.i686.rpm

aarch64:
bubblewrap-0.4.1-7.el9_4.aarch64.rpm
flatpak-1.12.9-3.el9_4.aarch64.rpm
flatpak-libs-1.12.9-3.el9_4.aarch64.rpm
flatpak-selinux-1.12.9-3.el9_4.noarch.rpm
flatpak-session-helper-1.12.9-3.el9_4.aarch64.rpm
flatpak-devel-1.12.9-3.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//bubblewrap-0.4.1-7.el9_4.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//flatpak-1.12.9-3.el9_4.src.rpm

Related CVEs:

CVE-2024-42472

Description of changes:

bubblewrap
[0.4.1-7]
- Add support for --bind-fd and --ro-bind-fd (CVE-2024-42472)

flatpak
[1.12.9-3]
- Fix previous changelog entry

[1.12.9-2]
- Backport upstream patches for CVE-2024-42472
- Require bubblewrap version that has new --bind-fd option backported for
addressing CVE-2024-42472



ELBA-2024-6287 Oracle Linux 9 libguestfs bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2024-6287

http://linux.oracle.com/errata/ELBA-2024-6287.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libguestfs-devel-1.50.1-8.0.1.el9_4.x86_64.rpm
libguestfs-gobject-1.50.1-8.0.1.el9_4.x86_64.rpm
libguestfs-gobject-devel-1.50.1-8.0.1.el9_4.x86_64.rpm
libguestfs-man-pages-ja-1.50.1-8.0.1.el9_4.noarch.rpm
libguestfs-man-pages-uk-1.50.1-8.0.1.el9_4.noarch.rpm
lua-guestfs-1.50.1-8.0.1.el9_4.x86_64.rpm
ocaml-libguestfs-1.50.1-8.0.1.el9_4.x86_64.rpm
ocaml-libguestfs-devel-1.50.1-8.0.1.el9_4.x86_64.rpm
php-libguestfs-1.50.1-8.0.1.el9_4.x86_64.rpm
ruby-libguestfs-1.50.1-8.0.1.el9_4.x86_64.rpm
libguestfs-1.50.1-8.0.1.el9_4.x86_64.rpm
libguestfs-appliance-1.50.1-8.0.1.el9_4.x86_64.rpm
libguestfs-bash-completion-1.50.1-8.0.1.el9_4.noarch.rpm
libguestfs-inspect-icons-1.50.1-8.0.1.el9_4.noarch.rpm
libguestfs-rescue-1.50.1-8.0.1.el9_4.x86_64.rpm
libguestfs-rsync-1.50.1-8.0.1.el9_4.x86_64.rpm
libguestfs-xfs-1.50.1-8.0.1.el9_4.x86_64.rpm
perl-Sys-Guestfs-1.50.1-8.0.1.el9_4.x86_64.rpm
python3-libguestfs-1.50.1-8.0.1.el9_4.x86_64.rpm

aarch64:
libguestfs-devel-1.50.1-8.0.1.el9_4.aarch64.rpm
libguestfs-gobject-1.50.1-8.0.1.el9_4.aarch64.rpm
libguestfs-gobject-devel-1.50.1-8.0.1.el9_4.aarch64.rpm
libguestfs-man-pages-ja-1.50.1-8.0.1.el9_4.noarch.rpm
libguestfs-man-pages-uk-1.50.1-8.0.1.el9_4.noarch.rpm
lua-guestfs-1.50.1-8.0.1.el9_4.aarch64.rpm
ocaml-libguestfs-1.50.1-8.0.1.el9_4.aarch64.rpm
ocaml-libguestfs-devel-1.50.1-8.0.1.el9_4.aarch64.rpm
php-libguestfs-1.50.1-8.0.1.el9_4.aarch64.rpm
ruby-libguestfs-1.50.1-8.0.1.el9_4.aarch64.rpm
libguestfs-1.50.1-8.0.1.el9_4.aarch64.rpm
libguestfs-appliance-1.50.1-8.0.1.el9_4.aarch64.rpm
libguestfs-bash-completion-1.50.1-8.0.1.el9_4.noarch.rpm
libguestfs-inspect-icons-1.50.1-8.0.1.el9_4.noarch.rpm
libguestfs-rescue-1.50.1-8.0.1.el9_4.aarch64.rpm
libguestfs-rsync-1.50.1-8.0.1.el9_4.aarch64.rpm
libguestfs-xfs-1.50.1-8.0.1.el9_4.aarch64.rpm
perl-Sys-Guestfs-1.50.1-8.0.1.el9_4.aarch64.rpm
python3-libguestfs-1.50.1-8.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//libguestfs-1.50.1-8.0.1.el9_4.src.rpm

Description of changes:

[1.50.1-8.0.1]
- Add btrfs-progs to the packages installed in the appliance [Orabug: 34137448]
- Replace upstream references from a description tag
- Fix build on Oracle Linux [Orabug: 29319324]
- Set DISTRO_ORACLE_LINUX correspeonding to ol

[1:1.50.1-8]
- daemon: part_get_gpt_type: Remove unhelpful MBR fallback behaviour
resolves: RHEL-56697



ELBA-2024-6171 Oracle Linux 9 grub2 bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-6171

http://linux.oracle.com/errata/ELBA-2024-6171.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
grub2-common-2.06-82.0.1.el9_4.noarch.rpm
grub2-efi-aa64-modules-2.06-82.0.1.el9_4.noarch.rpm
grub2-efi-x64-2.06-82.0.1.el9_4.x86_64.rpm
grub2-efi-x64-cdboot-2.06-82.0.1.el9_4.x86_64.rpm
grub2-efi-x64-modules-2.06-82.0.1.el9_4.noarch.rpm
grub2-pc-2.06-82.0.1.el9_4.x86_64.rpm
grub2-pc-modules-2.06-82.0.1.el9_4.noarch.rpm
grub2-tools-2.06-82.0.1.el9_4.x86_64.rpm
grub2-tools-efi-2.06-82.0.1.el9_4.x86_64.rpm
grub2-tools-extra-2.06-82.0.1.el9_4.x86_64.rpm
grub2-tools-minimal-2.06-82.0.1.el9_4.x86_64.rpm

aarch64:
grub2-common-2.06-82.0.1.el9_4.noarch.rpm
grub2-efi-aa64-2.06-82.0.1.el9_4.aarch64.rpm
grub2-efi-aa64-cdboot-2.06-82.0.1.el9_4.aarch64.rpm
grub2-efi-aa64-modules-2.06-82.0.1.el9_4.noarch.rpm
grub2-efi-x64-modules-2.06-82.0.1.el9_4.noarch.rpm
grub2-tools-2.06-82.0.1.el9_4.aarch64.rpm
grub2-tools-extra-2.06-82.0.1.el9_4.aarch64.rpm
grub2-tools-minimal-2.06-82.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//grub2-2.06-82.0.1.el9_4.src.rpm

Description of changes:

[2.06-82.0.1]
- Rework the scripts to cover both in-place upgrade and update scenarios [Orabug: 36768566]
- Restore correct order of processing config files [Orabug: 36758359]
- Support setting custom kernels as default kernels [Orabug: 36043978]
- Bump SBAT metadata for grub to 3 [Orabug: 34872719]
- Fix CVE-2022-3775 [Orabug: 34871953]
- Enable signing for aarch64 EFI
- Fix signing certificate names
- Enable back btrfs grub module for EFI pre-built image [Orabug: 34360986]
- Replaced bugzilla.oracle.com references [Orabug: 34202300]
- Update provided certificate version to 202204 [JIRA: OLDIS-16371]
- Various coverity fixes [JIRA: OLDIS-16371]
- bump SBAT generation
- Update bug url [Orabug: 34202300]
- Revert provided certificate version back to 202102 [JIRA: OLDIS-16371]
- Update signing certificate [JIRA: OLDIS-16371]
- fix SBAT data [JIRA: OLDIS-16371]
- Update requires [JIRA: OLDIS-16371]
- Rebuild for SecureBoot signatures [Orabug: 33801813]
- Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033]
- Update Oracle SBAT data [Orabug: 32670033]
- Use new signing certificate [Orabug: 32670033]
- honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497]
- set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597]
- Update upstream references [Orabug: 26388226]
- Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955]
- Put "with" in menuentry instead of "using" [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]

[2.06-82]
- Bump to assign correct tag
- Related: #RHEL-40362

[2.06-81]
- grub.cfg: Fix an issue when doing a major version upgrade
- Resolves: #RHEL-40362



ELEA-2024-6300 Oracle Linux 9 greenboot bug fix and enhancement update


Oracle Linux Enhancement Advisory ELEA-2024-6300

http://linux.oracle.com/errata/ELEA-2024-6300.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
greenboot-0.15.5-2.el9_4.x86_64.rpm
greenboot-default-health-checks-0.15.5-2.el9_4.x86_64.rpm

aarch64:
greenboot-0.15.5-2.el9_4.aarch64.rpm
greenboot-default-health-checks-0.15.5-2.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//greenboot-0.15.5-2.el9_4.src.rpm

Description of changes:

[0.15.5-2]
- Reorder files, don't overwrite configs on update

[0.15.5-1]
- The 0.15.5 release
- Auto-detect image type and use correct rollback
- Support for read only /boot mount
- Warn users of missing disabled healthchecks
- Add feature to disable healthchecks



ELBA-2024-12607 Oracle Linux 9 osbuild-composer bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12607

http://linux.oracle.com/errata/ELBA-2024-12607.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-101-1.0.5.el9.x86_64.rpm
osbuild-composer-core-101-1.0.5.el9.x86_64.rpm
osbuild-composer-worker-101-1.0.5.el9.x86_64.rpm

aarch64:
osbuild-composer-101-1.0.5.el9.aarch64.rpm
osbuild-composer-core-101-1.0.5.el9.aarch64.rpm
osbuild-composer-worker-101-1.0.5.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//osbuild-composer-101-1.0.5.el9.src.rpm

Description of changes:

[101-1.0.5]
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]



ELSA-2024-6309 Moderate: Oracle Linux 8 fence-agents security update


Oracle Linux Security Advisory ELSA-2024-6309

http://linux.oracle.com/errata/ELSA-2024-6309.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
fence-agents-all-4.2.1-129.el8_10.4.x86_64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.4.x86_64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.4.x86_64.rpm
fence-agents-lpar-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-mpath-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.4.x86_64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.4.noarch.rpm

aarch64:
fence-agents-all-4.2.1-129.el8_10.4.aarch64.rpm
fence-agents-amt-ws-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-apc-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-apc-snmp-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-bladecenter-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-brocade-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-cisco-mds-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-cisco-ucs-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-common-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-compute-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-drac5-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-eaton-snmp-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-emerson-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-eps-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-heuristics-ping-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-hpblade-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ibm-powervs-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ibm-vpc-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ibmblade-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ifmib-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ilo-moonshot-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ilo-mp-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ilo-ssh-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ilo2-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-intelmodular-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ipdu-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-ipmilan-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-kdump-4.2.1-129.el8_10.4.aarch64.rpm
fence-agents-kubevirt-4.2.1-129.el8_10.4.aarch64.rpm
fence-agents-mpath-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-redfish-4.2.1-129.el8_10.4.aarch64.rpm
fence-agents-rhevm-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-rsa-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-rsb-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-sbd-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-scsi-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-virsh-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-vmware-rest-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-vmware-soap-4.2.1-129.el8_10.4.noarch.rpm
fence-agents-wti-4.2.1-129.el8_10.4.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//fence-agents-4.2.1-129.el8_10.4.src.rpm

Related CVEs:

CVE-2024-6345
CVE-2024-37891

Description of changes:

[4.2.1-129.4]
- bundled setuptools: fix CVE-2024-6345
Resolves: RHEL-50223

[4.2.1-129.3]
- bundled urllib3: fix CVE-2024-37891
Resolves: RHEL-43568

[4.2.1-129.2]
- fence_eps: add fence_epsr2 for ePowerSwitch R2 and newer
Resolves: RHEL-7734
- bundled jinja2: fix CVE-2024-34064
Resolves: RHEL-35655



ELBA-2024-5811 Oracle Linux 8 scap-security-guide bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2024-5811

http://linux.oracle.com/errata/ELBA-2024-5811.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
scap-security-guide-0.1.74-3.0.1.el8_10.noarch.rpm
scap-security-guide-doc-0.1.74-3.0.1.el8_10.noarch.rpm

aarch64:
scap-security-guide-0.1.74-3.0.1.el8_10.noarch.rpm
scap-security-guide-doc-0.1.74-3.0.1.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//scap-security-guide-0.1.74-3.0.1.el8_10.src.rpm

Description of changes:

[0.1.74-3.0.1]
- Rebase Oracle patches to 0.1.74.openela.1.0 [Orabug: 36996310]
- Fix bash bug for rules account_disable_inactivity* [Orabug: 36879143]
- Finish ansible implementation for OL9 STIG [Orabug: 37006303]
- Create ISM profile for OL9 [Orabug: 37006308]
- Hide CJIS profile in OL8 [Orabug: 36996310]

[0.1.74.openela.1.0]
- Make OpenELA a derivative of RHEL

[0.1.74-3]
- fix build
- keep firefox and rhel8 ds-1.2 files in the package in form of symbolic links to regular ds files

[0.1.74-2]
- include RHEL 7 artifacts from the last RHEL 7 build

[0.1.74-1]
- Rebase to a new upstream release 0.1.74 (RHEL-53913)
- Improve Rsyslog rules to support RainerScript syntax (RHEL-1816)
- Update password hashing settings for ANSSI-BP-028 (RHEL-54390)

[0.1.73-2]
- Switch gating to tmt plan (RHEL-43242)



ELSA-2024-6148 Moderate: Oracle Linux 8 nodejs:18 security update


Oracle Linux Security Advisory ELSA-2024-6148

http://linux.oracle.com/errata/ELSA-2024-6148.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
nodejs-18.20.4-1.module+el8.10.0+90402+68b79193.x86_64.rpm
nodejs-devel-18.20.4-1.module+el8.10.0+90402+68b79193.x86_64.rpm
nodejs-docs-18.20.4-1.module+el8.10.0+90402+68b79193.noarch.rpm
nodejs-full-i18n-18.20.4-1.module+el8.10.0+90402+68b79193.x86_64.rpm
nodejs-nodemon-3.0.1-1.module+el8.10.0+90402+68b79193.noarch.rpm
nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
npm-10.7.0-1.18.20.4.1.module+el8.10.0+90402+68b79193.x86_64.rpm

aarch64:
nodejs-18.20.4-1.module+el8.10.0+90402+68b79193.aarch64.rpm
nodejs-devel-18.20.4-1.module+el8.10.0+90402+68b79193.aarch64.rpm
nodejs-docs-18.20.4-1.module+el8.10.0+90402+68b79193.noarch.rpm
nodejs-full-i18n-18.20.4-1.module+el8.10.0+90402+68b79193.aarch64.rpm
nodejs-nodemon-3.0.1-1.module+el8.10.0+90402+68b79193.noarch.rpm
nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
nodejs-packaging-bundler-2021.06-4.module+el8.9.0+90157+ed89dc20.noarch.rpm
npm-10.7.0-1.18.20.4.1.module+el8.10.0+90402+68b79193.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-18.20.4-1.module+el8.10.0+90402+68b79193.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-nodemon-3.0.1-1.module+el8.10.0+90402+68b79193.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//nodejs-packaging-2021.06-4.module+el8.9.0+90157+ed89dc20.src.rpm

Related CVEs:

CVE-2024-22020
CVE-2024-28863

Description of changes:

nodejs
[1:18.20.4-1]
- Update to 18.20.4
Fixes: CVE-2024-22020 CVE-2024-28863

nodejs-nodemon
nodejs-packaging



ELBA-2024-12608 Oracle Linux 8 osbuild-composer bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12608

http://linux.oracle.com/errata/ELBA-2024-12608.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
osbuild-composer-101-1.0.4.el8.x86_64.rpm
osbuild-composer-worker-101-1.0.4.el8.x86_64.rpm
osbuild-composer-core-101-1.0.4.el8.x86_64.rpm

aarch64:
osbuild-composer-101-1.0.4.el8.aarch64.rpm
osbuild-composer-worker-101-1.0.4.el8.aarch64.rpm
osbuild-composer-core-101-1.0.4.el8.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//osbuild-composer-101-1.0.4.el8.src.rpm

Description of changes:

[101-1.0.4]
- Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]



ELSA-2024-4622 Important: Oracle Linux 7 libndp security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-4622

http://linux.oracle.com/errata/ELSA-2024-4622.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
libndp-1.2-10.0.1.el7_9.aarch64.rpm
libndp-devel-1.2-10.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//libndp-1.2-10.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-5564

Description of changes:

[1.2-10.0.1]
- Increasing release number as per Oracle package release policy



ELSA-2024-4622 Important: Oracle Linux 7 libndp security update


Oracle Linux Security Advisory ELSA-2024-4622

http://linux.oracle.com/errata/ELSA-2024-4622.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
libndp-1.2-10.0.1.el7_9.i686.rpm
libndp-1.2-10.0.1.el7_9.x86_64.rpm
libndp-devel-1.2-10.0.1.el7_9.i686.rpm
libndp-devel-1.2-10.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//libndp-1.2-10.0.1.el7_9.src.rpm

Related CVEs:

CVE-2024-5564

Description of changes:

[1.2-10.0.1]
- Increasing release number as per Oracle package release policy