Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
217
security advisorysecurity issuekernel updateOracle Linux 9: ELSA-2025-0059 Important Kernel Security Advisory
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-0059 http://linux.oracle.com/errata/ELSA-2025-0059.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: bpftool-7.4.0-503.21.1.el9_5.x86_64.rpm kernel-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-abi-stablelists-5.14.0-503.21.1.el9_5.noarch.rpm kernel-core-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-debug-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-debug-core-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-debug-devel-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-debug-devel-matched-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-debug-modules-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-debug-modules-core-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-debug-modules-extra-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-debug-uki-virt-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-devel-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-devel-matched-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-doc-5.14.0-503.21.1.el9_5.noarch.rpm kernel-headers-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-modules-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-modules-core-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-modules-extra-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-tools-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-tools-libs-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-uki-virt-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-uki-virt-addons-5.14.0-503.21.1.el9_5.x86_64.rpm perf-5.14.0-503.21.1.el9_5.x86_64.rpm python3-perf-5.14.0-503.21.1.el9_5.x86_64.rpm rtla-5.14.0-503.21.1.el9_5.x86_64.rpm rv-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-cross-headers-5.14.0-503.21.1.el9_5.x86_64.rpm kernel-tools-libs-devel-5.14.0-503.21.1.el9_5.x86_64.rpm libperf-5.14.0-503.21.1.el9_5.x86_64.rpm aarch64: bpftool-7.4.0-503.21.1.el9_5.aarch64.rpm kernel-cross-headers-5.14.0-503.21.1.el9_5.aarch64.rpm kernel-headers-5.14.0-503.21.1.el9_5.aarch64.rpm kernel-tools-5.14.0-503.21.1.el9_5.aarch64.rpm kernel-tools-libs-5.14.0-503.21.1.el9_5.aarch64.rpm kernel-tools-libs-devel-5.14.0-503.21.1.el9_5.aarch64.rpm perf-5.14.0-503.21.1.el9_5.aarch64.rpm python3-perf-5.14.0-503.21.1.el9_5.aarch64.rpm rtla-5.14.0-503.21.1.el9_5.aarch64.rpm rv-5.14.0-503.21.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-503.21.1.el9_5.src.rpm Related CVEs: CVE-2024-46713 CVE-2024-50208 CVE-2024-50252 CVE-2024-53122 Description of changes: [5.14.0-503.21.1.el9_5.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 DEFER}_DELETE (Andreas Gruenbacher) [RHEL-62105 RHEL-60945] - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-62105 RHEL-60945] - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-62105 RHEL-60945] - gfs2: Allow immediate GLF_VERIFY_DELETE work (Andreas Gruenbacher) [RHEL-62105 RHEL-60945] - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-62105 RHEL-60945] - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-62105 RHEL-60945] - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-62105 RHEL-60945] - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-62105 RHEL-60945] - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-62105 RHEL-60945] - smb: client: fix use-after-free of signing key (Jay Shin) [RHEL-69306 RHEL-66206] - net/iucv: fix use after free in iucv_sock_close() (Mete Durlu) [RHEL-60300 RHEL-53992] - KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (CKI Backport Bot) [RHEL-70294] [5.14.0-503.20.1.el9_5] - bnxt_en: Add support for user configured RSS key (Michal Schmidt) [RHEL-68699 RHEL-54645] - bnxt_en: Add function to calculate Toeplitz hash (Michal Schmidt) [RHEL-68699 RHEL-54645] - kvm: Note an RCU quiescent state on guest exit (Leonardo Bras) [RHEL-65734 RHEL-20288] - rcu: Add rcutree.nohz_full_patience_delay to reduce nohz_full OS jitter (Leonardo Bras) [RHEL-65734 RHEL-20288] - context_tracking: Fix KCSAN noinstr violation (Leonardo Bras) [RHEL-65734 RHEL-20288] -perf/aux: Fix AUX buffer serialization (Michael Petlan) [RHEL-67495] {CVE-2024-46713} - RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (Mohammad Heib) [RHEL-66669 RHEL-52759] {CVE-2024-50208} _______________________________________________ El-errata mailing list
Jan 14, 2025
•Important
Oracle
217
security advisorysecurity issuefirefox updateOracle Linux 8 ELSA-2024-6682 Important Firefox Security Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-6682 http://linux.oracle.com/errata/ELSA-2024-6682.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-128.2.0-1.0.1.el8_10.x86_64.rpm aarch64: firefox-128.2.0-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//firefox-128.2.0-1.0.1.el8_10.src.rpm Related CVEs: CVE-2024-7652 CVE-2024-8381 CVE-2024-8382 CVE-2024-8383 CVE-2024-8384 CVE-2024-8385 CVE-2024-8386 CVE-2024-8387 Description of changes: [128.2.0-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file [128.2.0] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [128.2.0-1] - Update to 128.2.0 _______________________________________________ El-errata mailing list
Sep 19, 2024
•Important
Oracle
217
security advisorysecurity issuecriticalOracle Linux 9 ELSA-2024-1462 Critical: Golang Security Risk
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-1462 https://linux.oracle.com/errata/ELSA-2024-1462.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: go-toolset-1.20.12-2.el9_3.x86_64.rpm golang-1.20.12-2.el9_3.x86_64.rpm golang-bin-1.20.12-2.el9_3.x86_64.rpm golang-docs-1.20.12-2.el9_3.noarch.rpm golang-misc-1.20.12-2.el9_3.noarch.rpm golang-src-1.20.12-2.el9_3.noarch.rpm golang-tests-1.20.12-2.el9_3.noarch.rpm aarch64: go-toolset-1.20.12-2.el9_3.aarch64.rpm golang-1.20.12-2.el9_3.aarch64.rpm golang-bin-1.20.12-2.el9_3.aarch64.rpm golang-docs-1.20.12-2.el9_3.noarch.rpm golang-misc-1.20.12-2.el9_3.noarch.rpm golang-src-1.20.12-2.el9_3.noarch.rpm golang-tests-1.20.12-2.el9_3.noarch.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//golang-1.20.12-2.el9_3.src.rpm Related CVEs: CVE-2024-1394 Description of changes: [1.20.12-2] - Fix CVE-2024-1394 - Resolves: RHEL-27189 _______________________________________________ El-errata mailing list
Mar 22, 2024
•Critical
Oracle
217
security advisorycritical issuekernel updateOracle Linux 9 ELSA-2024-12208 Critical: Kernel Security Issue
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12208 https://linux.oracle.com/errata/ELSA-2024-12208.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: aarch64: bpftool-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-core-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-debug-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-debug-core-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-devel-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-doc-5.15.0-204.147.6.2.el9uek.noarch.rpm kernel-uek-modules-5.15.0-204.147.6.2.el9uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-204.147.6.2.el9uek.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//kernel-uek-5.15.0-204.147.6.2.el9uek.src.rpm Related CVEs: CVE-2024-1085 Description of changes: [5.15.0-204.147.6.2.el9uek] - smb3: Replace smb2pdu 1-element arrays with flex-arrays (Kees Cook) [Orabug: 36353543] - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Shradha Gupta) [Orabug: 36358874] - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (Souradeep Chakrabarti) - hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (Michael Kelley) - netfilter: ipset: Missing gc cancellations fixed (Jozsef Kadlecsik) - netfilter: ipset: fix performance regression in swap operation (Jozsef Kadlecsik) - netfilter: nft_set_rbtree: skip end interval element from gc (Pablo Neira Ayuso) - netfilter: nf_tables: set dormant flag on hook register failure (Florian Westphal) [5.15.0-204.147.6.1.el9uek] - arm64: Minimize tlb flush due to vttbr writes on AmpereOne (Ganapatrao Kulkarni) [Orabug:36359078] [5.15.0-204.147.6.el9uek] - keys, dns: Fix size check of V1 server-list header (David Howells) - net/rds: Supporting SIOCOUTQ to read pending sends (Devesh Sharma) [Orabug: 34460809] - KVM: x86: smm: preserve interrupt shadow in SMRAM (Maxim Levitsky) [Orabug: 36171472] [5.15.0-204.147.5.el9uek] - tcp: fix excessive TLP and RACK timeouts from HZ rounding (Neal Cardwell) [Orabug: 36289786] - uek-rpm: Make few builtin options to modules back -- hardening (Harshit Mogalapalli) [Orabug: 36196579] - iommufd/iova_bitmap: Consider page offset for the pages to be pinned (Joao Martins) [Orabug: 36197723] - iommufd/iova_bitmap: Handle recording beyond the mapped pages (Joao Martins) [Orabug: 36197723] - iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (Joao Martins) [Orabug: 36197723] - iommufd/iova_bitmap: Bounds check mapped::pages access (Joao Martins) [Orabug: 36197723] - Revert "iommu/amd: Improve dirty read io-pgtable walker" (Joao Martins) [Orabug: 36197723] [5.15.0-204.147.4.el9uek] - uek-rpm: Disable MCORE2 in container kernel configs (Harshit Mogalapalli) [Orabug: 36267828] - md: fix regression for null-ptr-deference in __md_stop() (Yu Kuai) [Orabug: 36230125] - md: Free resources in __md_stop (Xiao Ni) [Orabug: 36230125] - md: Change active_io to percpu (Xiao Ni) [Orabug: 36230125] - md: Factor out is_md_suspended helper (Xiao Ni) [Orabug: 36230125] - hwmon: (opbmc) E6/AST2600 platform enabled (Jan Zdarek) [Orabug: 36222931] [5.15.0-204.147.3.el9uek] - Revert "tcp: fix excessive TLP and RACK timeouts from HZ rounding" (Sherry Yang) [Orabug: 36241828] - mm: avoid heavy swap lock contention when unmapping with padata (Anthony Yznaga) [Orabug: 36073084] - mm: use less threads when unmapping some large VMAs (Anthony Yznaga) [Orabug: 36073084] - crypto: qat - add NULL pointer check (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - fix mutex ordering in adf_rl (Damian Muszynski) [Orabug: 36156923] - crypto: qat - fix error path in add_update_sla() (DamianMuszynski) [Orabug: 36156923] - crypto: qat - add sysfs_added flag for rate limiting (Damian Muszynski) [Orabug: 36156923] - crypto: qat - add sysfs_added flag for ras (Damian Muszynski) [Orabug: 36156923] - crypto: qat - prevent underflow in rp2srv_store() (Dan Carpenter) [Orabug: 36156923] - Documentation: ABI: debugfs-driver-qat: fix fw_counters path (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - move adf_cfg_services (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - add num_rps sysfs attribute (Ciunas Bennett) [Orabug: 36156923] - crypto: qat - add rp2svc sysfs attribute (Ciunas Bennett) [Orabug: 36156923] - crypto: qat - add rate limiting sysfs interface (Ciunas Bennett) [Orabug: 36156923] - crypto: qat - add rate limiting feature to qat_4xxx (Damian Muszynski) [Orabug: 36156923] - units: add missing header (Andy Shevchenko) [Orabug: 36156923] - units: Add BYTES_PER_*BIT (Damian Muszynski) [Orabug: 36156923] - crypto: qat - add retrieval of fw capabilities (Damian Muszynski) [Orabug: 36156923] - crypto: qat - add bits.h to icp_qat_hw.h (Damian Muszynski) [Orabug: 36156923] - crypto: qat - move admin api (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - fix ring to service map for QAT GEN4 (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - use masks for AE groups (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - refactor fw config related functions (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - count QAT GEN4 errors (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add error counters (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add handling of errors from ERRSOU3 for QAT GEN4 (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add adf_get_aram_base() helper function (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add handling of compression related errors for QAT GEN4 (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add handling of errors from ERRSOU2 for QAT GEN4 (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add reporting of errorsfrom ERRSOU1 for QAT GEN4 (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add reporting of correctable errors for QAT GEN4 (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add infrastructure for error reporting (Shashank Gupta) [Orabug: 36156923] - crypto: qat - fix double free during reset (Svyatoslav Pankratov) [Orabug: 36156923] - crypto: qat - add cnv_errors debugfs file (Lucas Segarra Fernandez) [Orabug: 36156923] - crypto: qat - add pm_status debugfs file (Lucas Segarra Fernandez) [Orabug: 36156923] - crypto: qat - refactor included headers (Lucas Segarra Fernandez) [Orabug: 36156923] - crypto: qat - add namespace to driver (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - Remove zlib-deflate (Herbert Xu) [Orabug: 36156923] - crypto: qat - enable dc chaining service (Adam Guerin) [Orabug: 36156923] - crypto: qat - consolidate services structure (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - fix unregistration of compression algorithms (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - fix unregistration of crypto algorithms (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - ignore subsequent state up commands (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - do not shadow error code (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - fix state machines cleanup paths (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - refactor deprecated strncpy (Justin Stitt) [Orabug: 36156923] - crypto: qat - Use list_for_each_entry() helper (Jinjie Ruan) [Orabug: 36156923] - crypto: qat - fix crypto capability detection for 4xxx (Adam Guerin) [Orabug: 36156923] - crypto: qat - Remove unused function declarations (Yue Haibing) [Orabug: 36156923] - crypto: qat - use kfree_sensitive instead of memset/kfree() (Yang Yingliang) [Orabug: 36156923] - crypto: qat - replace the if statement with min() (You Kangren) [Orabug: 36156923] - crypto: qat - add heartbeat counters check (Damian Muszynski) [Orabug: 36156923] - crypto: qat - add heartbeat feature (Damian Muszynski) [Orabug: 36156923] - crypto: qat - add measure clock frequency (Damian Muszynski) [Orabug: 36156923] - crypto: qat - drop obsolete heartbeat interface (Damian Muszynski) [Orabug: 36156923] - crypto: qat - add internal timer for qat 4xxx (Damian Muszynski) [Orabug: 36156923] - crypto: qat - add fw_counters debugfs file (Lucas Segarra Fernandez) [Orabug: 36156923] - crypto: qat - change value of default idle filter (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - do not export adf_init_admin_pm() (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - expose pm_idle_enabled through sysfs (Lucas Segarra Fernandez) [Orabug: 36156923] - crypto: qat - extend configuration for 4xxx (Adam Guerin) [Orabug: 36156923] - Documentation: qat: change kernel version (Meadhbh) [Orabug: 36156923] - Documentation: qat: rewrite description (Bagas Sanjaya) [Orabug: 36156923] - Documentation: qat: Use code block for qat sysfs example (Bagas Sanjaya) [Orabug: 36156923] - crypto: qat - refactor fw config logic for 4xxx (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - make fw images name constant (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - move returns to default case (Adam Guerin) [Orabug: 36156923] - crypto: qat - update slice mask for 4xxx devices (Karthikeyan Gopal) [Orabug: 36156923] - crypto: qat - set deprecated capabilities as reserved (Karthikeyan Gopal) [Orabug: 36156923] - crypto: qat - add missing function declaration in adf_dbgfs.h (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - move dbgfs init to separate file (Damian Muszynski) [Orabug: 36156923] - crypto: qat - Move driver to drivers/crypto/intel/qat (Tom Zanussi) [Orabug: 36156923] - crypto: qat - drop redundant adf_enable_aer() (Bjorn Helgaas) [Orabug: 36156923] - crypto: qat - simplify adf_enable_aer() (Uwe Kleine-König) [Orabug: 36156923] - crypto: qat - fix apply custom thread-service mapping for dc service (Shashank Gupta) [Orabug: 36156923] - crypto: qat - add support for 402xx devices (Damian Muszynski) [Orabug:36156923] - crypto: qat - make state machine functions static (Shashank Gupta) [Orabug: 36156923] - crypto: qat - refactor device restart logic (Shashank Gupta) [Orabug: 36156923] - crypto: qat - replace state machine calls (Shashank Gupta) [Orabug: 36156923] - crypto: qat - remove ADF_STATUS_PF_RUNNING flag from probe (Shashank Gupta) [Orabug: 36156923] - crypto: qat - fix concurrency issue when device state changes (Shashank Gupta) [Orabug: 36156923] - crypto: qat - expose device config through sysfs for 4xxx (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - delay sysfs initialization (Shashank Gupta) [Orabug: 36156923] - crypto: qat - Include algapi.h for low-level Crypto API (Herbert Xu) [Orabug: 36156923] - crypto: qat - Use request_complete helpers (Herbert Xu) [Orabug: 36156923] - crypto: qat - add qat_zlib_deflate (Lucas Segarra Fernandez) [Orabug: 36156923] - crypto: qat - extend buffer list logic interface (Lucas Segarra Fernandez) [Orabug: 36156923] - crypto: qat - fix spelling mistakes from 'bufer' to 'buffer' (Meadhbh Fitzpatrick) [Orabug: 36156923] - crypto: qat - add limit to linked list parsing (Adam Guerin) [Orabug: 36156923] - crypto: qat - add check to validate firmware images (Srinivas Kerekare) [Orabug: 36156923] - crypto: qat - relocate and rename adf_sriov_prepare_restart() (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - change behaviour of adf_cfg_add_key_value_param() (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - Removes the x86 dependency on the QAT drivers (Yoan Picchi) [Orabug: 36156923] - crypto: qat - Fix unsigned function returning negative constant (Haowen Bai) [Orabug: 36156923] - crypto: qat - remove line wrapping for pfvf_ops functions (Marco Chiappero) [Orabug: 36156923] - crypto: qat - use u32 variables in all GEN4 pfvf_ops (Marco Chiappero) [Orabug: 36156923] - crypto: qat - replace disable_vf2pf_interrupts() (Marco Chiappero) [Orabug: 36156923] - crypto: qat - leverage the GEN2 VF mask definiton (Marco Chiappero) [Orabug: 36156923] -crypto: qat - rework the VF2PF interrupt handling logic (Marco Chiappero) [Orabug: 36156923] - crypto: qat - fix off-by-one error in PFVF debug print (Marco Chiappero) [Orabug: 36156923] - crypto: qat - fix wording and formatting in code comment (Marco Chiappero) [Orabug: 36156923] - crypto: qat - test PFVF registers for spurious interrupts on GEN4 (Marco Chiappero) [Orabug: 36156923] - crypto: qat - add check for invalid PFVF protocol version 0 (Wojciech Ziemba) [Orabug: 36156923] - crypto: qat - add missing restarting event notification in VFs (Marco Chiappero) [Orabug: 36156923] - crypto: qat - remove unnecessary tests to detect PFVF support (Marco Chiappero) [Orabug: 36156923] - crypto: qat - remove unused PFVF stubs (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - remove unneeded braces (Marco Chiappero) [Orabug: 36156923] - crypto: qat - fix ETR sources enabled by default on GEN2 devices (Marco Chiappero) [Orabug: 36156923] - crypto: qat - stop using iommu_present() (Robin Murphy) [Orabug: 36156923] - crypto: qat - remove unneeded assignment (Giovanni Cabiddu) [Orabug: 36156923] - crypto: qat - don't cast parameter in bit operations (Andy Shevchenko) [Orabug: 36156923] - Revert "selftests/bpf: Test tail call counting with bpf2bpf and data on stack" (Samasth Norway Ananda) [Orabug: 36204961] - netfilter: nf_tables: check if catch-all set element is active in next generation (Pablo Neira Ayuso) [Orabug: 36250951] {CVE-2024-1085} [5.15.0-204.147.2.el9uek] - LTS version: v5.15.147 (Vijayendra Suman) - net: usb: ax88179_178a: move priv to driver_priv (Justin Chen) - net: usb: ax88179_178a: remove redundant init code (Justin Chen) - tracing/kprobes: Fix symbol counting logic by looking at modules as well (Andrii Nakryiko) - kallsyms: Make module_kallsyms_on_each_symbol generally available (Jiri Olsa) - netfilter: nf_tables: Reject tables of unsupported family (Phil Sutter) - perf inject: Fix GEN_ELF_TEXT_OFFSET for jit (Adrian Hunter) - ipv6: remove max_size check inline with ipv4(Jon Maxwell) - net: tls, update curr on splice as well (John Fastabend) - mmc: sdhci-sprd: Fix eMMC init failure after hw reset (Wenchao Chen) - mmc: core: Cancel delayed work before releasing host (Geert Uytterhoeven) - mmc: rpmb: fixes pause retune on all RPMB partitions. (Jorge Ramirez-Ortiz) - mmc: meson-mx-sdhc: Fix initialization frozen issue (Ziyang Huang) - mm: fix unmap_mapping_range high bits shift bug (Jiajun Xie) - x86/kprobes: fix incorrect return address calculation in kprobe_emulate_call_indirect (Jinghao Jia) - firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards (Takashi Sakamoto) - mm/memory-failure: check the mapcount of the precise page (Matthew Wilcox (Oracle)) - selftests: secretmem: floor the memory size to the multiple of page_size (Muhammad Usama Anjum) - net: Implement missing SO_TIMESTAMPING_NEW cmsg support (Thomas Lange) - bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters() (Michael Chan) - asix: Add check for usbnet_get_endpoints (Chen Ni) - octeontx2-af: Re-enable MAC TX in otx2_stop processing (Naveen Mamindlapalli) - octeontx2-af: Always configure NIX TX link credits based on max frame size (Naveen Mamindlapalli) - octeontx2-af: Set NIX link credits based on max LMAC (Sunil Goutham) - octeontx2-af: Don't enable Pause frames by default (Hariprasad Kelam) - net/qla3xxx: fix potential memleak in ql_alloc_buffer_queues (Dinghao Liu) - igc: Fix hicredit calculation (Rodrigo Cataldo) - i40e: Restore VF MSI-X state during PCI reset (Andrii Staikov) - ASoC: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux (Mark Brown) - ASoC: meson: g12a-toacodec: Fix event generation (Mark Brown) - ASoC: meson: g12a-tohdmitx: Validate written enum values (Mark Brown) - ASoC: meson: g12a-toacodec: Validate written enum values (Mark Brown) - i40e: fix use-after-free in i40e_aqc_add_filters() (Ke Xiao) - net: Save and restore msg_namelen in sock_sendmsg (Marc Dionne) - netfilter: nft_immediate: drop chainreference counter on error (Pablo Neira Ayuso) - net: bcmgenet: Fix FCS generation for fragmented skbuffs (Adrian Cinal) - sfc: fix a double-free bug in efx_probe_filters (Zhipeng Lu) - ARM: sun9i: smp: Fix array-index-out-of-bounds read in sunxi_mc_smp_init (Stefan Wahren) - net-timestamp: extend SOF_TIMESTAMPING_OPT_ID to HW timestamps (Vadim Fedorenko) - can: raw: add support for SO_MARK (Marc Kleine-Budde) - can: raw: add support for SO_TXTIME/SCM_TXTIME (Marc Kleine-Budde) - net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (Jörn-Thorben Hinz) - r8169: Fix PCI error on system resume (Kai-Heng Feng) - net: sched: em_text: fix possible memory leak in em_text_destroy() (Hangyu Hua) - mlxbf_gige: fix receive packet race condition (David Thompson) - ASoC: fsl_rpmsg: Fix error handler with pm_runtime_enable (Chancel Liu) - igc: Check VLAN EtherType mask (Kurt Kanzenbach) - igc: Check VLAN TCI mask (Kurt Kanzenbach) - igc: Report VLAN EtherType matching back to user (Kurt Kanzenbach) - i40e: Fix filter input checks to prevent config with invalid values (Sudheer Mogilappagari) - drm/i915/dp: Fix passing the correct DPCD_REV for drm_dp_set_phy_test_pattern (Khaled Almahallawy) - octeontx2-af: Fix marking couple of structure as __packed (Suman Ghosh) - nfc: llcp_core: Hold a ref to llcp_local-> dev when holding a ref to llcp_local (Siddh Raman Pant) - drm/bridge: ti-sn65dsi86: Never store more than msg-> size bytes in AUX xfer (Douglas Anderson) - Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()" (Bjorn Helgaas) - ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6 (Siddhesh Dharme) - block: Don't invalidate pagecache for invalid falloc modes (Sarthak Kukreti) [5.15.0-204.146.1.el9uek] - uek-rpm: Update the kABI files for new symbol (Yifei Liu) [Orabug: 36183477] - x86: KVM: SVM: refresh AVIC inhibition in svm_leave_nested() (Maxim Levitsky) [Orabug: 36183624] - KVM: x86: SVM: allow AVIC to co-exist with a nested guest running (Maxim Levitsky) [Orabug: 36183624] -KVM: x86: allow per cpu apicv inhibit reasons (Maxim Levitsky) [Orabug: 36183624] - rds: Add count for ready receive cache (Hans Westgaard Ry) [Orabug: 36186035] _______________________________________________ El-errata mailing list
Mar 13, 2024
•Critical
Oracle
217
security advisorycritical updatesecurity patchOracle Linux 9 ELSA-2023-0611 Critical: Git Security Update
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-0611 https://linux.oracle.com/errata/ELSA-2023-0611.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: git-2.31.1-3.el9_1.x86_64.rpm git-all-2.31.1-3.el9_1.noarch.rpm git-core-2.31.1-3.el9_1.x86_64.rpm git-core-doc-2.31.1-3.el9_1.noarch.rpm git-credential-libsecret-2.31.1-3.el9_1.x86_64.rpm git-daemon-2.31.1-3.el9_1.x86_64.rpm git-email-2.31.1-3.el9_1.noarch.rpm git-gui-2.31.1-3.el9_1.noarch.rpm git-instaweb-2.31.1-3.el9_1.noarch.rpm git-subtree-2.31.1-3.el9_1.x86_64.rpm git-svn-2.31.1-3.el9_1.noarch.rpm gitk-2.31.1-3.el9_1.noarch.rpm gitweb-2.31.1-3.el9_1.noarch.rpm perl-Git-2.31.1-3.el9_1.noarch.rpm perl-Git-SVN-2.31.1-3.el9_1.noarch.rpm aarch64: git-2.31.1-3.el9_1.aarch64.rpm git-all-2.31.1-3.el9_1.noarch.rpm git-core-2.31.1-3.el9_1.aarch64.rpm git-core-doc-2.31.1-3.el9_1.noarch.rpm git-credential-libsecret-2.31.1-3.el9_1.aarch64.rpm git-daemon-2.31.1-3.el9_1.aarch64.rpm git-email-2.31.1-3.el9_1.noarch.rpm git-gui-2.31.1-3.el9_1.noarch.rpm git-instaweb-2.31.1-3.el9_1.noarch.rpm git-subtree-2.31.1-3.el9_1.aarch64.rpm git-svn-2.31.1-3.el9_1.noarch.rpm gitk-2.31.1-3.el9_1.noarch.rpm gitweb-2.31.1-3.el9_1.noarch.rpm perl-Git-2.31.1-3.el9_1.noarch.rpm perl-Git-SVN-2.31.1-3.el9_1.noarch.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//git-2.31.1-3.el9_1.src.rpm Related CVEs: CVE-2022-23521 CVE-2022-41903 Description of changes: [2.31.1-3] - Fixes CVE-2022-23521 and CVE-2022-41903 - Tests: try harder to find open ports for apache, git, and svn - Resolves: #2162069 _______________________________________________ El-errata mailing list
Feb 07, 2023
•Critical
Oracle
217
security advisorysecurity issuesoftware updateOracle Linux 8 ELSA-2022-0350 Moderate: Nodejs Security Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-0350 https://linux.oracle.com/errata/ELSA-2022-0350.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-14.18.2-2.module+el8.5.0+20489+261d51d3.x86_64.rpm nodejs-devel-14.18.2-2.module+el8.5.0+20489+261d51d3.x86_64.rpm nodejs-docs-14.18.2-2.module+el8.5.0+20489+261d51d3.noarch.rpm nodejs-full-i18n-14.18.2-2.module+el8.5.0+20489+261d51d3.x86_64.rpm nodejs-nodemon-2.0.15-1.module+el8.5.0+20489+261d51d3.noarch.rpm nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm npm-6.14.15-1.14.18.2.2.module+el8.5.0+20489+261d51d3.x86_64.rpm aarch64: nodejs-14.18.2-2.module+el8.5.0+20489+261d51d3.aarch64.rpm nodejs-devel-14.18.2-2.module+el8.5.0+20489+261d51d3.aarch64.rpm nodejs-docs-14.18.2-2.module+el8.5.0+20489+261d51d3.noarch.rpm nodejs-full-i18n-14.18.2-2.module+el8.5.0+20489+261d51d3.aarch64.rpm nodejs-nodemon-2.0.15-1.module+el8.5.0+20489+261d51d3.noarch.rpm nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpm npm-6.14.15-1.14.18.2.2.module+el8.5.0+20489+261d51d3.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates/nodejs-14.18.2-2.module+el8.5.0+20489+261d51d3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/nodejs-nodemon-2.0.15-1.module+el8.5.0+20489+261d51d3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.src.rpm Related CVEs: CVE-2020-7788 CVE-2020-28469 CVE-2021-3807 CVE-2021-3918 CVE-2021-22959 CVE-2021-22960 CVE-2021-33502 CVE-2021-37701 CVE-2021-37712 Description of changes: nodejs [1:14.18.2-2] - Add missing fixes - Resolves: RHBZ#2027642, RHBZ#2027635 [1:14.18.2-1] - Resolves: RHBZ#2027609 - Resolves: RHBZ#2027649, RHBZ#2027646, RHBZ#2027642, RHBZ#2027635 - Rebase to new version to fix CVEs _______________________________________________ El-errata mailinglist
Feb 02, 2022
Oracle
89
security advisorymoderatesecurity updateFedora 28: FEDORA-2018-2b96ea9fec Moderate: Podman Security Update
Weekly release. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-2b96ea9fec 2018-06-28 14:06:06.103771 --------------------------------------------------------------------------------Name : podman Product : Fedora 28 Version : 0.6.4 Release : 1.gitd5beb2f.fc28 URL : https://github.com/containers/podman Summary : Manage Pods, Containers and Container Images Description : Manage Pods, Containers and Container Images libpod provides a library for applications looking to use the Container Pod concept popularized by Kubernetes. --------------------------------------------------------------------------------Update Information: Weekly release --------------------------------------------------------------------------------ChangeLog: * Fri Jun 22 2018 baude - 0.6.4-1.gitd5beb2f4f - Upstream 0.6.4 * Fri Jun 15 2018 baude - 0.6.3-1.gitcd39b628d - Upstream 0.6.3 release * Mon Jun 11 2018 Dan Walsh - 0.6.2-10.git72c0b4f Bump to v0.6.2 * Fri Jun 8 2018 Dan Walsh - 0.6.2-8.git72c0b4f Bump to v0.6.2 * Fri Jun 1 2018 baude - 0.6.1-1.git3e0ff12 - Upstream release 0.6.1 * Fri May 25 2018 baude - 0.5.4-1.git1f2e2a2 - Upstream release 0.5.4 * Sat May 19 2018 baude - 0.5.3-2.gitdc3f9df - Correcting varlink socket paths and tighten security of sockets * Fri May 18 2018 baude - 0.5.3-1.gitdc3f9df - Upstream release 0.5.3 * Fri May 11 2018 baude - 0.5.2-1.git4631586 - Upstream release 0.5.2 * Fri May 4 2018 baude - 0.5.1-1.gitd0fbfdc - Upstream release 0.5.1 * Tue May 1 2018 baude - 0.4.4-2.git9924956 - Do not mount default volumes - Fix varlink systemd service file * Fri Apr 27 2018 baude - 0.4.3-2.git4c0d8b0 - Upstream release 0.4.4 * Fri Apr 20 2018 baude - 0.4.3-1.git4c0d8b0d - Upstream release 0.4.3 * Fri Apr 13 2018 baude - 0.4.2-1.gitf740ee0b - Upstream release 0.4.2 - Update conmon for new console-relatedfeatures --------------------------------------------------------------------------------References: [ 1 ] Bug #1592167 - CVE-2018-10856 podman: Containers run as non-root users do not drop capabilities [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1592167 [ 2 ] Bug #1575027 - Cannot start exited container if disabled : false for oci-register-machine https://bugzilla.redhat.com/show_bug.cgi?id=1575027 [ 3 ] Bug #1592489 - unable to run containers; fork/exec /usr/sbin/iptables: permission denied https://bugzilla.redhat.com/show_bug.cgi?id=1592489 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-2b96ea9fec' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 28, 2018
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!