What Are You Looking For?

Popular Tags

Sign Up
Oracle Linux Security Advisory ELSA-2023-4418

https://linux.oracle.com/errata/ELSA-2023-4418.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm
cjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm
mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.x86_64.rpm

aarch64:
cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm
cjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm
mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.aarch64.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates//cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates//mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm

Related CVEs:

CVE-2023-37464




Description of changes:

cjose
[0.6.1-3]
- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual
  Authentication Tag provided in the JWE
  Resolves: rhbz#2223308

mod_auth_openidc
[2.4.9.4-1]
- Resolves: rhbz#2025368 - Rebase to new version


_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2023-4418: mod_auth_openidc:2.3 Important Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

cjose [0.6.1-3] - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz#2223308 mod_auth_openidc [2.4.9.4-1] - Resolves: rhbz#2025368 - Rebase to new version

SRPMs

https://oss.oracle.com/ol8/SRPMS-updates//cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.src.rpm https://oss.oracle.com/ol8/SRPMS-updates//mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm

x86_64

cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm cjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.x86_64.rpm

aarch64

cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm cjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.aarch64.rpm

i386

Severity
Related CVEs: CVE-2023-37464

Related News

Long-term Support for Linux Kernel to Be Cut as Maintenance Remains Under Strain

Sep 21, 2023

Linux Mint 21.2 “EDGE” ISO Released with Linux Kernel 6.2, Secure Boot Support

Oct 3, 2023

Akira Ransomware Mutates to Target Linux Systems, Adds TTPs

Sep 27, 2023

Pros And Cons Of Linux Programming

Oct 1, 2023

News

Advisories

HOWTOs

Features

Everything You Need to Know About Linux Proxy Servers
Simple Steps for Identifying & Troubleshooting a Kernel Panic
Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy
Supercharging Linux: Tips & Tricks to Beat the Threat Landscape
LinuxSecurity.com Migrates to Joomla 4 and PHP 8: Our Experience & Key Takeaways

About Us

Powered By

Footer Logo

Feedback