Oracle Linux 6255 Published by

Oracle Linux has received several security updates, including for Python 3.11, Grafana, NetworkManager-libreswan, and a Linux firmware update:

ELSA-2024-8374 Moderate: Oracle Linux 9 python3.11 security update
ELSA-2024-8327 Important: Oracle Linux 8 grafana security update
ELSA-2024-8353 Important: Oracle Linux 8 NetworkManager-libreswan security update
ELSA-2024-12797 Moderate: Oracle Linux 8 linux-firmware security update




ELSA-2024-8374 Moderate: Oracle Linux 9 python3.11 security update


Oracle Linux Security Advisory ELSA-2024-8374

http://linux.oracle.com/errata/ELSA-2024-8374.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3.11-3.11.7-1.el9_4.6.x86_64.rpm
python3.11-devel-3.11.7-1.el9_4.6.i686.rpm
python3.11-devel-3.11.7-1.el9_4.6.x86_64.rpm
python3.11-libs-3.11.7-1.el9_4.6.i686.rpm
python3.11-libs-3.11.7-1.el9_4.6.x86_64.rpm
python3.11-tkinter-3.11.7-1.el9_4.6.x86_64.rpm
python3.11-3.11.7-1.el9_4.6.i686.rpm
python3.11-debug-3.11.7-1.el9_4.6.i686.rpm
python3.11-debug-3.11.7-1.el9_4.6.x86_64.rpm
python3.11-idle-3.11.7-1.el9_4.6.i686.rpm
python3.11-idle-3.11.7-1.el9_4.6.x86_64.rpm
python3.11-test-3.11.7-1.el9_4.6.i686.rpm
python3.11-test-3.11.7-1.el9_4.6.x86_64.rpm
python3.11-tkinter-3.11.7-1.el9_4.6.i686.rpm

aarch64:
python3.11-3.11.7-1.el9_4.6.aarch64.rpm
python3.11-devel-3.11.7-1.el9_4.6.aarch64.rpm
python3.11-libs-3.11.7-1.el9_4.6.aarch64.rpm
python3.11-tkinter-3.11.7-1.el9_4.6.aarch64.rpm
python3.11-debug-3.11.7-1.el9_4.6.aarch64.rpm
python3.11-idle-3.11.7-1.el9_4.6.aarch64.rpm
python3.11-test-3.11.7-1.el9_4.6.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//python3.11-3.11.7-1.el9_4.6.src.rpm

Related CVEs:

CVE-2024-6232

Description of changes:

[3.11.7-1.6]
- Security fix for CVE-2024-6232
Resolves: RHEL-57411



ELSA-2024-8327 Important: Oracle Linux 8 grafana security update


Oracle Linux Security Advisory ELSA-2024-8327

http://linux.oracle.com/errata/ELSA-2024-8327.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
grafana-9.2.10-20.el8_10.x86_64.rpm
grafana-selinux-9.2.10-20.el8_10.x86_64.rpm

aarch64:
grafana-9.2.10-20.el8_10.aarch64.rpm
grafana-selinux-9.2.10-20.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//grafana-9.2.10-20.el8_10.src.rpm

Related CVEs:

CVE-2024-9355
CVE-2024-47875

Description of changes:

[9.2.10-20]
- Resolves RHEL-62307: CVE-2024-47875

[9.2.10-19]
- Resolves RHEL-61779: CVE-2024-9355



ELSA-2024-8353 Important: Oracle Linux 8 NetworkManager-libreswan security update


Oracle Linux Security Advisory ELSA-2024-8353

http://linux.oracle.com/errata/ELSA-2024-8353.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
NetworkManager-libreswan-1.2.10-7.el8_10.x86_64.rpm
NetworkManager-libreswan-gnome-1.2.10-7.el8_10.x86_64.rpm

aarch64:
NetworkManager-libreswan-1.2.10-7.el8_10.aarch64.rpm
NetworkManager-libreswan-gnome-1.2.10-7.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//NetworkManager-libreswan-1.2.10-7.el8_10.src.rpm

Related CVEs:

CVE-2024-9050

Description of changes:

[1.2.10-7]
- Unbreak validation of unknown keys

[1.2.10-6]
- Fix improper escaping of Libreswan configuration (CVE-2024-9050)



ELSA-2024-12797 Moderate: Oracle Linux 8 linux-firmware security update


Oracle Linux Security Advisory ELSA-2024-12797

http://linux.oracle.com/errata/ELSA-2024-12797.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.35.el8.noarch.rpm
iwl100-firmware-39.31.5.1-999.35.el8.noarch.rpm
iwl105-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl135-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl2000-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl2030-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl3160-firmware-25.30.13.0-999.35.el8.noarch.rpm
iwl3945-firmware-15.32.2.9-999.35.el8.noarch.rpm
iwl4965-firmware-228.61.2.24-999.35.el8.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.35.el8.noarch.rpm
iwl5150-firmware-8.24.2.2-999.35.el8.noarch.rpm
iwl6000-firmware-9.221.4.1-999.35.el8.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl6050-firmware-41.28.5.1-999.35.el8.noarch.rpm
iwl7260-firmware-25.30.13.0-999.35.el8.noarch.rpm
iwlax2xx-firmware-20241003-999.35.el8.noarch.rpm
libertas-sd8686-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
libertas-sd8787-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
libertas-usb8388-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
libertas-usb8388-olpc-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
linux-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
linux-firmware-core-20241003-999.35.git95bfe086.el8.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.35.el8.noarch.rpm
iwl100-firmware-39.31.5.1-999.35.el8.noarch.rpm
iwl105-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl135-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl2000-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl2030-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl3160-firmware-25.30.13.0-999.35.el8.noarch.rpm
iwl3945-firmware-15.32.2.9-999.35.el8.noarch.rpm
iwl4965-firmware-228.61.2.24-999.35.el8.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.35.el8.noarch.rpm
iwl5150-firmware-8.24.2.2-999.35.el8.noarch.rpm
iwl6000-firmware-9.221.4.1-999.35.el8.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.35.el8.noarch.rpm
iwl6050-firmware-41.28.5.1-999.35.el8.noarch.rpm
iwl7260-firmware-25.30.13.0-999.35.el8.noarch.rpm
iwlax2xx-firmware-20241003-999.35.el8.noarch.rpm
libertas-sd8686-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
libertas-sd8787-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
libertas-usb8388-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
libertas-usb8388-olpc-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
linux-firmware-20241003-999.35.git95bfe086.el8.noarch.rpm
linux-firmware-core-20241003-999.35.git95bfe086.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//linux-firmware-20241003-999.35.git95bfe086.el8.src.rpm

Related CVEs:

CVE-2023-20584
CVE-2023-31356

Description of changes:

[20241003-999.35.git95bfe086.el8]
- Rebase to latest upstream [Orabug: 37132142]
- Fix build error in ol7 due to linking in copy-firmware.sh [Orabug: 37132515]
- Bring back drirectory structure qcom/sc8280xp [Orabug: 37132142]