Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 57 articles for you...
100
security advisorycriticalsoftware patchSUSE: 2024:1002-1 Critical MozillaFirefox Update and Security Issues
* bsc#1220048 * bsc#1221327 * bsc#1221850 Cross-References: . # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:1002-1 Rating: critical References: * bsc#1220048 * bsc#1221327 * bsc#1221850 Cross-References: * CVE-2023-5388 * CVE-2024-0743 * CVE-2024-1546 * CVE-2024-1547 * CVE-2024-1548 * CVE-2024-1549 * CVE-2024-1550 * CVE-2024-1551 * CVE-2024-1552 * CVE-2024-1553 * CVE-2024-2605 * CVE-2024-2607 * CVE-2024-2608 * CVE-2024-2610 * CVE-2024-2611 * CVE-2024-2612 * CVE-2024-2614 * CVE-2024-2616 * CVE-2024-29944 CVSS scores: * CVE-2023-5388 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0743 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0743 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2605 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2607 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2608 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2610 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2611 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2612 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2614 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2616 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 19 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 (bsc#1221850). * CVE-2024-29944: Privileged JavaScript Execution via Event Handlers (bmo#1886852). Firefox Extended Support Release 115.9.0 ESR (bsc#1221327): * CVE-2024-0743: Crash in NSS TLS method (bmo#1867408). * CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector (bmo#1872920). * CVE-2024-2607: JIT code failed to save return registers on Armv7-A (bmo#1879939). * CVE-2024-2608: Integer overflow could have led to out of bounds write (bmo#1880692). * CVE-2024-2616: Improve handling of out-of-memory conditions in ICU (bmo#1846197). * CVE-2023-5388: NSS susceptible to timing attack against RSA decryption (bmo#1780432). * CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage (bmo#1871112). * CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions (bmo#1876675). * CVE-2024-2612: Self referencing object could have potentially led to a use- after-free (bmo#1879444). * CVE-2024-2614: Memory safety bugs fixed in Firefox 124,Firefox ESR 115.9, and Thunderbird 115.9 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1002=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1002=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1002=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1002=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1002=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1002=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1002=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1002=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1002=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1002=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1002=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1002=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1002=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1002=1 ##Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-branding-upstream-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing ESPOS15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) *MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 *MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5388.html * https://www.suse.com/security/cve/CVE-2024-0743.html * https://www.suse.com/security/cve/CVE-2024-1546.html * https://www.suse.com/security/cve/CVE-2024-1547.html * https://www.suse.com/security/cve/CVE-2024-1548.html * https://www.suse.com/security/cve/CVE-2024-1549.html * https://www.suse.com/security/cve/CVE-2024-1550.html * https://www.suse.com/security/cve/CVE-2024-1551.html * https://www.suse.com/security/cve/CVE-2024-1552.html * https://www.suse.com/security/cve/CVE-2024-1553.html * https://www.suse.com/security/cve/CVE-2024-2605.html * https://www.suse.com/security/cve/CVE-2024-2607.html * https://www.suse.com/security/cve/CVE-2024-2608.html * https://www.suse.com/security/cve/CVE-2024-2610.html * https://www.suse.com/security/cve/CVE-2024-2611.html * https://www.suse.com/security/cve/CVE-2024-2612.html * https://www.suse.com/security/cve/CVE-2024-2614.html * https://www.suse.com/security/cve/CVE-2024-2616.html * https://www.suse.com/security/cve/CVE-2024-29944.html * https://bugzilla.suse.com/show_bug.cgi?id=1220048 * https://bugzilla.suse.com/show_bug.cgi?id=1221327 * https://bugzilla.suse.com/show_bug.cgi?id=1221850 . Critical security enhancement released for Mozilla Firefox addressing multiple weaknesses, including patch instructions specifically for openSUSE users.. MozillaFirefox Security Update, SUSE Critical Patch, Application Vulnerability Fix. . Severity: Critical. LinuxSecurity.com Team
Mar 27, 2024
•Critical
SuSE
217
security advisorysecurity updatesoftware patchOracle Linux 8 ELSA-2024-0748 Critical: Container Tools Security Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-0748 https://linux.oracle.com/errata/ELSA-2024-0748.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm buildah-1.24.6-7.module+el8.9.0+90148+6046e3c3.x86_64.rpm buildah-tests-1.24.6-7.module+el8.9.0+90148+6046e3c3.x86_64.rpm cockpit-podman-46-1.module+el8.9.0+90148+6046e3c3.noarch.rpm conmon-2.1.4-2.module+el8.9.0+90148+6046e3c3.x86_64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90148+6046e3c3.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm container-selinux-2.205.0-3.module+el8.9.0+90148+6046e3c3.noarch.rpm crit-3.15-3.module+el8.9.0+90148+6046e3c3.x86_64.rpm criu-3.15-3.module+el8.9.0+90148+6046e3c3.x86_64.rpm criu-devel-3.15-3.module+el8.9.0+90148+6046e3c3.x86_64.rpm criu-libs-3.15-3.module+el8.9.0+90148+6046e3c3.x86_64.rpm crun-1.8.7-1.module+el8.9.0+90148+6046e3c3.x86_64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90148+6046e3c3.x86_64.rpm libslirp-4.4.0-1.module+el8.9.0+90148+6046e3c3.x86_64.rpm libslirp-devel-4.4.0-1.module+el8.9.0+90148+6046e3c3.x86_64.rpm netavark-1.0.1-38.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90148+6046e3c3.x86_64.rpm podman-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm podman-catatonit-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm podman-docker-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.noarch.rpm podman-gvproxy-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm podman-plugins-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm podman-remote-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm podman-tests-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.x86_64.rpm python3-criu-3.15-3.module+el8.9.0+90148+6046e3c3.x86_64.rpm python3-podman-4.0.0-2.module+el8.9.0+90148+6046e3c3.noarch.rpm runc-1.1.12-1.module+el8.9.0+90148+6046e3c3.x86_64.rpm skopeo-1.6.2-9.module+el8.9.0+90148+6046e3c3.x86_64.rpm skopeo-tests-1.6.2-9.module+el8.9.0+90148+6046e3c3.x86_64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90148+6046e3c3.x86_64.rpm udica-0.2.6-4.module+el8.9.0+90148+6046e3c3.noarch.rpm aarch64: aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm buildah-1.24.6-7.module+el8.9.0+90148+6046e3c3.aarch64.rpm buildah-tests-1.24.6-7.module+el8.9.0+90148+6046e3c3.aarch64.rpm cockpit-podman-46-1.module+el8.9.0+90148+6046e3c3.noarch.rpm conmon-2.1.4-2.module+el8.9.0+90148+6046e3c3.aarch64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90148+6046e3c3.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm container-selinux-2.205.0-3.module+el8.9.0+90148+6046e3c3.noarch.rpm crit-3.15-3.module+el8.9.0+90148+6046e3c3.aarch64.rpm criu-3.15-3.module+el8.9.0+90148+6046e3c3.aarch64.rpm criu-devel-3.15-3.module+el8.9.0+90148+6046e3c3.aarch64.rpm criu-libs-3.15-3.module+el8.9.0+90148+6046e3c3.aarch64.rpm crun-1.8.7-1.module+el8.9.0+90148+6046e3c3.aarch64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90148+6046e3c3.aarch64.rpm libslirp-4.4.0-1.module+el8.9.0+90148+6046e3c3.aarch64.rpm libslirp-devel-4.4.0-1.module+el8.9.0+90148+6046e3c3.aarch64.rpm netavark-1.0.1-38.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90148+6046e3c3.aarch64.rpm podman-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm podman-catatonit-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm podman-docker-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.noarch.rpm podman-gvproxy-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm podman-plugins-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm podman-remote-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm podman-tests-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.aarch64.rpm python3-criu-3.15-3.module+el8.9.0+90148+6046e3c3.aarch64.rpm python3-podman-4.0.0-2.module+el8.9.0+90148+6046e3c3.noarch.rpm runc-1.1.12-1.module+el8.9.0+90148+6046e3c3.aarch64.rpm skopeo-1.6.2-9.module+el8.9.0+90148+6046e3c3.aarch64.rpm skopeo-tests-1.6.2-9.module+el8.9.0+90148+6046e3c3.aarch64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90148+6046e3c3.aarch64.rpm udica-0.2.6-4.module+el8.9.0+90148+6046e3c3.noarch.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//buildah-1.24.6-7.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//cockpit-podman-46-1.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//conmon-2.1.4-2.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//containernetworking-plugins-1.1.1-6.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//containers-common-1-38.0.1.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//container-selinux-2.205.0-3.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//criu-3.15-3.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//crun-1.8.7-1.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//fuse-overlayfs-1.9-2.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//podman-4.0.2-25.0.1.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//python-podman-4.0.0-2.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//runc-1.1.12-1.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//skopeo-1.6.2-9.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//slirp4netns-1.1.8-3.module+el8.9.0+90148+6046e3c3.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//udica-0.2.6-4.module+el8.9.0+90148+6046e3c3.src.rpm Related CVEs: CVE-2023-45287 CVE-2024-21626 Description of changes: buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman [2:4.0.2-25.0.1] - update to the latest content ofhttps://github.com/containers/podman/tree/v4.0-rhel (https://github.com/containers/podman/commit/427a15f) - Resolves: RHEL-17145 running containers python-podman runc [1:1.1.12-1] - update to https://github.com/opencontainers/runc/releases/tag/v1.1.12 - Resolves: RHEL-21863 skopeo slirp4netns udica _______________________________________________ El-errata mailing list
Feb 16, 2024
•Critical
Oracle
217
security advisorysecurity issueupdateOracle Linux 8 ELSA-2024-0143 moderate: ipa invalid CSRF
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-0143 https://linux.oracle.com/errata/ELSA-2024-0143.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: bind-dyndb-ldap-11.6-4.module+el8.9.0+90094+20819f5a.x86_64.rpm custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm ipa-client-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.x86_64.rpm ipa-client-common-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-client-epn-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.x86_64.rpm ipa-client-samba-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.x86_64.rpm ipa-common-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-healthcheck-0.12-3.module+el8.9.0+90094+20819f5a.noarch.rpm ipa-healthcheck-core-0.12-3.module+el8.9.0+90094+20819f5a.noarch.rpm ipa-python-compat-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-selinux-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-server-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.x86_64.rpm ipa-server-common-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-server-dns-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-server-trust-ad-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.x86_64.rpm opendnssec-2.1.7-1.module+el8.9.0+90094+20819f5a.x86_64.rpm python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm python3-ipaclient-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-ipalib-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-ipaserver-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-ipatests-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-jwcrypto-0.5.0-1.1.module+el8.9.0+90094+20819f5a.noarch.rpm python3-kdcproxy-0.4-5.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm python3-qrcode-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm python3-qrcode-core-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm slapi-nis-0.60.0-4.module+el8.9.0+90094+20819f5a.x86_64.rpm softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm aarch64: bind-dyndb-ldap-11.6-4.module+el8.9.0+90094+20819f5a.aarch64.rpm custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm ipa-client-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.aarch64.rpm ipa-client-common-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-client-epn-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.aarch64.rpm ipa-client-samba-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.aarch64.rpm ipa-common-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-healthcheck-0.12-3.module+el8.9.0+90094+20819f5a.noarch.rpm ipa-healthcheck-core-0.12-3.module+el8.9.0+90094+20819f5a.noarch.rpm ipa-python-compat-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-selinux-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-server-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.aarch64.rpm ipa-server-common-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-server-dns-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm ipa-server-trust-ad-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.aarch64.rpm opendnssec-2.1.7-1.module+el8.9.0+90094+20819f5a.aarch64.rpm python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm python3-ipaclient-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-ipalib-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-ipaserver-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-ipatests-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-jwcrypto-0.5.0-1.1.module+el8.9.0+90094+20819f5a.noarch.rpm python3-kdcproxy-0.4-5.module+el8.9.0+90122+3305dc1d.noarch.rpm python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm python3-qrcode-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm python3-qrcode-core-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm slapi-nis-0.60.0-4.module+el8.9.0+90094+20819f5a.aarch64.rpm softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//bind-dyndb-ldap-11.6-4.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//ipa-4.9.12-11.0.1.module+el8.9.0+90122+3305dc1d.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//ipa-healthcheck-0.12-3.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//opendnssec-2.1.7-1.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//python-jwcrypto-0.5.0-1.1.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//python-kdcproxy-0.4-5.module+el8.9.0+90122+3305dc1d.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//python-qrcode-5.1-12.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//python-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//slapi-nis-0.60.0-4.module+el8.9.0+90094+20819f5a.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.src.rpm Related CVEs: CVE-2020-17049 CVE-2023-5455 Description of changes: bind-dyndb-ldap custodia ipa [4.9.12-11.0.1] - Resolves: 2242828 Invalid CSRF protection (CVE-2023-5455) ipa-healthcheck opendnssec python-jwcrypto python-kdcproxy [0.4-5] - Always buffer TCP data in __handle_recv() - Resolves: #1747144 [0.4-4] - Correct addrs sorting to be by TCP/UDP - Resolves: #1732898 python-qrcode python-yubico pyusb slapi-nis softhsm _______________________________________________ El-errata mailing list
Jan 15, 2024
Oracle
100
security advisoryupdatesecurity enhancementSUSE: 2024:134-2 medium: suse/postgres update with security patches
The container suse/postgres was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/postgres ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:133-1 Container Tags : suse/postgres:16 , suse/postgres:16-3.5 , suse/postgres:16.1 , suse/postgres:16.1-3.5 , suse/postgres:latest Container Release : 3.5 Severity : low Type : security References : 1217969 CVE-2023-39804 ----------------------------------------------------------------- The container suse/postgres was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:70-1 Released: Tue Jan 9 18:29:39 2024 Summary: Security update for tar Type: security Severity: low References: 1217969,CVE-2023-39804 This update for tar fixes the following issues: - CVE-2023-39804: Fixed extension attributes in PAX archives incorrect hanling (bsc#1217969). The following package changes have been done: - tar-1.34-150000.3.34.1 updated - container:sles15-image-15.0.0-36.5.71 updated . The SUSE Container Security Bulletin for suse/postgres presents essential updates addressing vulnerabilities for system security. SUSE PostgreSQL Security Patch, SUSE Container Update, PostgreSQL Patch, SUSE Update Advisory. . Severity: Low. LinuxSecurity.com Team
Jan 10, 2024
•Low
SuSE
100
security advisorysecurity enhancementimportantSUSE: 2023:1247-2 Critical Update for bci/dotnet-aspnet Container
The container bci/dotnet-aspnet was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-aspnet ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3243-1 Container Tags : bci/dotnet-aspnet:7.0 , bci/dotnet-aspnet:7.0-15.3 , bci/dotnet-aspnet:7.0.11 , bci/dotnet-aspnet:7.0.11-15.3 , bci/dotnet-aspnet:latest Container Release : 15.3 Severity : important Type : security References : 1211078 CVE-2023-22652 CVE-2023-30078 CVE-2023-30079 CVE-2023-32181 ----------------------------------------------------------------- The container bci/dotnet-aspnet was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3954-1 Released: Tue Oct 3 20:09:47 2023 Summary: Security update for libeconf Type: security Severity: important References: 1211078,CVE-2023-22652,CVE-2023-30078,CVE-2023-30079,CVE-2023-32181 This update for libeconf fixes the following issues: Update to version 0.5.2. - CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econf_writeFile' function (bsc#1211078). - CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'read_file' function. (bsc#1211078) The following package changes have been done: - libeconf0-0.5.2-150400.3.6.1 updated - container:sles15-image-15.0.0-36.5.38 updated . Boost the protection of your container by integrating the recent update for SUSE on bci/dotnet-core, which tackles essential security flaws.. SUSE Container Update, dotnet-aspnet, security patches, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team
Oct 05, 2023
•Important
SuSE
89
security advisorysecurity updateFedoraFedora 37: FEDORA-2023-83aeb73043 Moderate: Drupal 7 Security Update
- [7.98]() - [7.97]() - [7.96]() - [SA- CORE-2023-005]() - [7.95]() - [SA-. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-83aeb73043 2023-10-04 15:47:53.759443 -------------------------------------------------------------------------------- Name : drupal7 Product : Fedora 37 Version : 7.98 Release : 1.fc37 URL : Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. -------------------------------------------------------------------------------- Update Information: - [7.98]() - [7.97]() - [7.96]() - [SA- CORE-2023-005]() - [7.95]() - [SA- CORE-2023-004]() - [7.94]() - [7.93]() -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 26 2023 Shawn Iwinski - 7.98-1 - Update to 7.98 (RHBZ #2217253) - SA-CORE-2023-004 - SA-CORE-2023-005 (RHBZ #2188106, 2188107, 2188108) * Wed Jul 19 2023 Fedora Release Engineering - 7.92-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering - 7.92-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2188107 - drupal7: drupal: File download facility doesn't sufficiently sanitize file paths [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2188107 [ 2 ] Bug #2188108 - drupal7: drupal: File download facility doesn't sufficiently sanitize file paths [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=2188108 [ 3 ] Bug #2217253 - drupal7-7.98 is available https://bugzilla.redhat.com/show_bug.cgi?id=2217253 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-83aeb73043' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Oct 04, 2023
Fedora
217
security advisorycritical issuekernel updateOracle Linux 8 ELSA-2023-12839: Important Kernel Security Fix
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-12839 https://linux.oracle.com/errata/ELSA-2023-12839.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-core-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-cross-headers-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-debug-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-debug-core-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-debug-devel-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-debug-modules-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-debug-modules-extra-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-devel-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-doc-4.18.0-477.27.1.el8_8.noarch.rpm kernel-headers-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-modules-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-modules-extra-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-tools-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-tools-libs-4.18.0-477.27.1.el8_8.x86_64.rpm perf-4.18.0-477.27.1.el8_8.x86_64.rpm python3-perf-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-tools-libs-devel-4.18.0-477.27.1.el8_8.x86_64.rpm kernel-abi-stablelists-4.18.0-477.27.1.el8_8.noarch.rpm aarch64: bpftool-4.18.0-477.27.1.el8_8.aarch64.rpm kernel-cross-headers-4.18.0-477.27.1.el8_8.aarch64.rpm kernel-headers-4.18.0-477.27.1.el8_8.aarch64.rpm kernel-tools-4.18.0-477.27.1.el8_8.aarch64.rpm kernel-tools-libs-4.18.0-477.27.1.el8_8.aarch64.rpm perf-4.18.0-477.27.1.el8_8.aarch64.rpm python3-perf-4.18.0-477.27.1.el8_8.aarch64.rpm kernel-tools-libs-devel-4.18.0-477.27.1.el8_8.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//kernel-4.18.0-477.27.1.el8_8.src.rpm Related CVEs: CVE-2023-3390 CVE-2023-20593 Description of changes: [4.18.0-477.27.1.el8_8.OL8] - x86/microcode/intel: Expose collect_cpu_info_early() for IFS - x86/cpu: Load microcode during restore_processor_state() - x86/microcode: DeprecateMICROCODE_OLD_INTERFACE - x86/microcode: Rip out the OLD_INTERFACE - x86/microcode: Default-disable late loading - x86/microcode: Taint and warn on late loading - x86/microcode: Remove unnecessary perf callback - x86/microcode: Print previous version of microcode after reload - x86/microcode: Rip out the subsys interface gunk - x86/microcode: Simplify init path even more - x86/microcode/AMD: Rename a couple of functions {CVE-2023-20593} - x86/microcode: Add a parameter to microcode_check() to store CPU capabilities {CVE-2023-20593} - x86/microcode: Check CPU capabilities after late microcode update correctly {CVE-2023-20593} - x86/microcode: Adjust late loading result reporting message {CVE-2023-20593} - x86/amd: Cache debug register values in percpu variables {CVE-2023-20593} - x86/microcode: Remove -> request_microcode_user() - x86/microcode: Kill refresh_fw - x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter {CVE-2023-20593} - x86/microcode: Drop struct ucode_cpu_info.valid - x86/microcode/AMD: Add a @cpu parameter to the reloading functions {CVE-2023-20593} - x86/microcode/AMD: Track patch allocation size explicitly - x86/microcode/AMD: Fix mixed steppings support {CVE-2023-20593} - x86/microcode/core: Return an error only when necessary {CVE-2023-20593} - x86/apic: Don't disable x2APIC if locked - x86/cpu/amd: Move the errata checking functionality up {CVE-2023-20593} - x86/cpu: Remove redundant extern x86_read_arch_cap_msr() - x86/cpu, kvm: Add support for CPUID_80000021_EAX - KVM: x86: Advertise that the SMM_CTL MSR is not supported - KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code - x86/cpu, kvm: Add the NO_NESTED_DATA_BP feature - x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3 - x86/cpu: Support AMD Automatic IBRS - x86/CPU/AMD: Make sure EFER[AIBRSE] is set - x86/cpu/amd: Add a Zenbleed fix {CVE-2023-20593} - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE{CVE-2023-3390} _______________________________________________ El-errata mailing list
Sep 29, 2023
•Important
Oracle
217
security advisorysoftware updatepackage updateOracle Linux 8 ELSA-2023-5259 Moderate: MariaDB 10.3 Fixes
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-5259 https://linux.oracle.com/errata/ELSA-2023-5259.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: galera-25.3.37-1.module+el8.8.0+21165+f6462f70.x86_64.rpm Judy-1.0.5-18.0.1.module+el8.3.0+9616+7a81225f.x86_64.rpm mariadb-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-backup-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-common-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-devel-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-embedded-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-embedded-devel-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-errmsg-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-gssapi-server-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-oqgraph-engine-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-server-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-server-galera-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-server-utils-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm mariadb-test-10.3.39-1.module+el8.8.0+21165+f6462f70.x86_64.rpm aarch64: galera-25.3.37-1.module+el8.8.0+21165+f6462f70.aarch64.rpm Judy-1.0.5-18.0.1.module+el8.3.0+9616+7a81225f.aarch64.rpm mariadb-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-backup-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-common-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-devel-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-embedded-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-embedded-devel-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-errmsg-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-gssapi-server-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-oqgraph-engine-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-server-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-server-galera-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-server-utils-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm mariadb-test-10.3.39-1.module+el8.8.0+21165+f6462f70.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//galera-25.3.37-1.module+el8.8.0+21165+f6462f70.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//Judy-1.0.5-18.0.1.module+el8.3.0+9616+7a81225f.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//mariadb-10.3.39-1.module+el8.8.0+21165+f6462f70.src.rpm Related CVEs: CVE-2022-32084 CVE-2022-32091 CVE-2022-38791 CVE-2022-47015 Description of changes: galera [25.3.37-1] - Rebase to 25.3.37 Judy [1.0.5-18.0.1] - Rebuild [Orabug: 31667911] mariadb [3:10.3.39-1] - [MariaDB 10.3.32] socat: E Failed to set SNI host "" (SST failure) - Rebase to 10.3.39 - CVEs fixed: CVE-2022-47015, CVE-2018-25032, CVE-2022-32091, CVE-2022-32084 _______________________________________________ El-errata mailing list
Sep 21, 2023
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!