Oracle Linux 8 : container-tools:ol8 (ELSA-2026-3428)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3428 advisory. - rebuild for CVE-2025-61729 - rebuild for CVE-2025-22871 - rebuild for CVE-2025-61729 - rebuild for CVE-2025-61729 Tenable has extracted the preceding...

Security update for SUSE Manager Client Tools

This update fixes the following issues: scap-security-guide was updated to version 0.1.75 jscECO-3319: Added Ism profile for OL8, OL9 Added new product kylinserver10 Created OL10 product Release SLMicro5 product Replaced two date injections by SOURCEDATEEPOCH to make reproducible bsc1230361 Updat...

go-toolset:ol8 security update

delve golang 1.21.13-3 - Add evp-digest-sign-final.patch - Resolves: RHEL-61109 go-toolset...

container-tools:ol8 security update

aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp netavark oci-seccomp-bpf-hook podman 4.9.4-13.0.1 - Fixes issue of container created in cgroupv2 not start in cgroupv1 Orabug: 36136813 - Fixes container...

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.8-4 - rebuild for golang fixes - Related: RHEL-28452 cockpit-podman 84.1-1 - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1 - Related: Jira:RHEL-25557 conmon 3:2.1.10-1 - update to https://github.com/containers/conmon/releases/tag/v2.1.10...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.334.6.el7 - loop: Fix a race between loop detach and loop open Gulam Mohamed Orabug: 36197800 - x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs Alexandre Chartre Orabug: 36672495 - x86/bhi: Avoid warning in DB handler due to BHI mitigation Alexandre Chartre...

container-tools:ol8 bug fix and enhancement update

aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...

go-toolset:ol8 security update

delve golang 1.21.9-1 - Fix CVE-2023-45288 - Resolves: RHEL-31915 go-toolset 1.21.9-1 - Fix CVE-2023-45288 - Resolves: RHEL-31915...

container-tools:ol8 security update

aardvark-dns buildah 2:1.33.7-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/b95e962 - Resolves: RHEL-28224 cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu 3.18-5 -...

container-tools:ol8 security and bug fix update

aardvark-dns buildah 1:1.31.5-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.31 https://github.com/containers/buildah/commit/5fd539c - Resolves: RHEL-26772 1:1.31.3-3 - Make the module buildable again - Resolves: RHEL-16299 1:1.31.3-2 - Rebuild with golan...

go-toolset:ol8 security update

delve 1.20.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.20.2-1 - Rebase to 1.20.2 - Resolves: rhbz2186495 golang 1.20.12-3 - Fix CVE-2024-1394 - Resolves: RHEL-27928 1.20.12-2 - Fix sources file - Related: RHEL-19231 go-toolset...

kernel security update

4.18.0-513.18.0.19.OL8 - drivers: net: slip: fix NPD bug in sltxtimeout CVE-2022-41858 - nfp: fix use-after-free in areacacheget CVE-2022-3545 - HID: check empty reportlist in hidvalidatevalues CVE-2023-1073 - Fix double fget in vhostnetsetbackend CVE-2023-1838 - can: afcan: fix NULL pointer...

go-toolset:ol8 security update

delve 1.20.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.20.2-1 - Rebase to 1.20.2 - Resolves: rhbz2186495 golang 1.20.12-1 - Update to Go 1.20.12 - Fix CVE-2023-39326 CVE-2023-45285 go-toolset 1.20.12-1 - Update to Go 1.20.12 - CVE-2023-39326 golang: net/http/internal:...

edk2 security update

20230821 - Create new 20230821 release for OL8 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...

rust-toolset:ol8 security update

1.66.1-2 - rust-cargo: cargo does not respect the umask when extracting dependencies CVE-2023-38497...

kernel security and bug fix update

4.18.0-477.21.18.OL8 - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM Tamas Koczka CVE-2022-42896 - net/sched: tcindex: update imperfect hash filters respecting rcu Jamal Hadi Salim CVE-2023-1281 - net/sched: tcindex: search key must be 16 bits Jamal Hadi Salim CVE-2023-1281 ...

kubernetes security update

kubernetes 1.24.8-2 - libct/cg: add misc controller to v1 drivers upstream runc patch 1.24.8-1 - Added Oracle specific build files for Kubernetes olcne 1.5.13-1 - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.24.15 - Added script to support upgrade from OL7 to OL8 using leapp...

samba security update

4.16.4-4.0.1 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8 Orabug: 30205755 4.16.4-4 - related: rhbz2154369 - Add additional patch for CVE-2022-38023 4.16.4-3 - resolves: rhbz2154369 - Fix CVE-2022-38023 4.16.4-2 - resolves: rhbz2120956 - Do not require samb...

spacewalk-backend spacewalk-java security update

spacewalk-backend 2.10.28-1.0.13 - Fix HTTP 500 and ORA-01830 on client scap report Orabug: 34823889 2.10.28-1.0.12 - Handle remote commands that return no output. Orabug: 32530545 2.10.28-1.0.11 - Make spacewalk-debug copy symlink target instead of the symlink itself. Orabug: 32514543...

samba security and bug fix update

4.15.5-10.0.1 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8 Orabug: 30205755 4.15.5-10 - resolves: rhbz2126041 - Do not require samba package in python3-samba 4.15.5-9 - Fix CVE-2022-32742 - resolves: rhbz2125552...