Oracle Linux Security Advisory ELSA-2024-2002

http://linux.oracle.com/errata/ELSA-2024-2002.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
grub2-2.02-0.87.0.26.el7_9.14.x86_64.rpm
grub2-common-2.02-0.87.0.26.el7_9.14.noarch.rpm
grub2-efi-ia32-2.02-0.87.0.26.el7_9.14.x86_64.rpm
grub2-efi-ia32-cdboot-2.02-0.87.0.26.el7_9.14.x86_64.rpm
grub2-efi-ia32-modules-2.02-0.87.0.26.el7_9.14.noarch.rpm
grub2-efi-x64-2.02-0.87.0.26.el7_9.14.x86_64.rpm
grub2-efi-x64-cdboot-2.02-0.87.0.26.el7_9.14.x86_64.rpm
grub2-efi-x64-modules-2.02-0.87.0.26.el7_9.14.noarch.rpm
grub2-pc-2.02-0.87.0.26.el7_9.14.x86_64.rpm
grub2-pc-modules-2.02-0.87.0.26.el7_9.14.noarch.rpm
grub2-tools-2.02-0.87.0.26.el7_9.14.x86_64.rpm
grub2-tools-extra-2.02-0.87.0.26.el7_9.14.x86_64.rpm
grub2-tools-minimal-2.02-0.87.0.26.el7_9.14.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//grub2-2.02-0.87.0.26.el7_9.14.src.rpm

Related CVEs:

CVE-2022-2601




Description of changes:

[2.02-0.87.0.26.el7.14]
- Replace bugzilla.oracle.com reference [Orabug: 35477723]
- Backport kernel EFI allocation pacthes [Orabug: 34301086]
- Add to the list CVE-2021-3695, CVE-2021-3696, CVE-2021-3697,
  CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 [JIRA: OLDIS-16371]
- bump SBAT generation [JIRA: OLDIS-16371]
- Cleanup XEN shell script (Alex Burmashev) [Orabug: 33851417]
- Update SBAT data (Alex Burmashev) [Orabug: 33851417]
- efinet: change SNP open call (Alex Burmashev) [Orabug: 32646964]
- disable buggy 0183-efinet-retransmit-if-our-device-is-busy.patch [Orabug: 27982684]
- Patch multiboot2 to the recent state [Orabug: 32950597]
- Enable multiboot2 for UEFI ( non Secureboot ) mode [Orabug: 32950597]
- Update signing certificate [Orabug: 32670043]
- Update shim and certificates dependencies [Orabug: 32670043]
- xfs: Don't attempt to iterate over empty directory [Orabug: 32584717]
- add SBAT metadata for Oracle Linux grub2
- Use similar format for menu entry in grub environment block
- config file. [Orabug: 32172943]
- Fix degradation in multiboot2 code [Orabug: 32069510]
- Update signing certificate for efi binaries
- Update upstream references [Orabug: 30138841]
- Restore symlink to grub environment file, that was removed during grub2-efi update
  if grub2 package is also installed on UEFI machines [Orabug: 27345750]
- fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481]
- Fix comparison in patch for [Orabug: 18504756]
- Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481]
- replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev)
- Put "with" in menuentry instead of "using" [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2024-2002: grub2 security Moderate Security Advisory Updates

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[2.02-0.87.0.26.el7.14] - Replace bugzilla.oracle.com reference [Orabug: 35477723] - Backport kernel EFI allocation pacthes [Orabug: 34301086] - Add to the list CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 [JIRA: OLDIS-16371] - bump SBAT generation [JIRA: OLDIS-16371] - Cleanup XEN shell script (Alex Burmashev) [Orabug: 33851417] - Update SBAT data (Alex Burmashev) [Orabug: 33851417] - efinet: change SNP open call (Alex Burmashev) [Orabug: 32646964] - disable buggy 0183-efinet-retransmit-if-our-device-is-busy.patch [Orabug: 27982684] - Patch multiboot2 to the recent state [Orabug: 32950597] - Enable multiboot2 for UEFI ( non Secureboot ) mode [Orabug: 32950597] - Update signing certificate [Orabug: 32670043] - Update shim and certificates dependencies [Orabug: 32670043] - xfs: Don't attempt to iterate over empty directory [Orabug: 32584717] - add SBAT metadata for Oracle Linux grub2 - Use similar format for menu entry in grub environment block - config file. [Orabug: 32172943] - Fix degradation in multiboot2 code [Orabug: 32069510] - Update signing certificate for efi binaries - Update upstream references [Orabug: 30138841] - Restore symlink to grub environment file, that was removed during grub2-efi update if grub2 package is also installed on UEFI machines [Orabug: 27345750] - fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481] - Fix comparison in patch for [Orabug: 18504756] - Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481] - replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev) - Put "with" in menuentry instead of "using" [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756]

SRPMs

http://oss.oracle.com/ol7/SRPMS-updates//grub2-2.02-0.87.0.26.el7_9.14.src.rpm

x86_64

grub2-2.02-0.87.0.26.el7_9.14.x86_64.rpm grub2-common-2.02-0.87.0.26.el7_9.14.noarch.rpm grub2-efi-ia32-2.02-0.87.0.26.el7_9.14.x86_64.rpm grub2-efi-ia32-cdboot-2.02-0.87.0.26.el7_9.14.x86_64.rpm grub2-efi-ia32-modules-2.02-0.87.0.26.el7_9.14.noarch.rpm grub2-efi-x64-2.02-0.87.0.26.el7_9.14.x86_64.rpm grub2-efi-x64-cdboot-2.02-0.87.0.26.el7_9.14.x86_64.rpm grub2-efi-x64-modules-2.02-0.87.0.26.el7_9.14.noarch.rpm grub2-pc-2.02-0.87.0.26.el7_9.14.x86_64.rpm grub2-pc-modules-2.02-0.87.0.26.el7_9.14.noarch.rpm grub2-tools-2.02-0.87.0.26.el7_9.14.x86_64.rpm grub2-tools-extra-2.02-0.87.0.26.el7_9.14.x86_64.rpm grub2-tools-minimal-2.02-0.87.0.26.el7_9.14.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2022-2601

Related News

28.Lock Globe Esm H320
1 - 2 min read
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in
6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved