Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELBA-2025-4872

Опубликовано: 09 июн. 2025
Источник: oracle-oval
Платформа: Oracle Linux 10

Описание

ELBA-2025-4872: rpm-ostree bug fix and enhancement update (MODERATE)

[2025.5-1]

  • Rebase to rpm-ostree 2025.5

[2025.4-1]

  • Rebase to rpm-ostree 2025.4

[2025.3-1]

  • Rebase to rpm-ostree 2025.3

[2025.2-1]

  • Rebase to rpm-ostree 2025.2

[2025.1-1]

  • Rebase to rpm-ostree 2025.1

[2024.9-5]

  • Reapply 'Flip bcond for ostree_ext off'

[2024.9-4]

  • Revert 'Flip bcond for ostree_ext off'

[2024.9-3]

  • Flip bcond for ostree_ext off

[2024.9-2]

  • Add a bcond for ostree_ext

[2024.9-1]

  • Release 2024.9

[2024.8-3]

  • Bump release for October 2024 mass rebuild:

[2024.8-2]

[2024.8-1]

  • Rebase to 2024.8

[2024.7-2]

[2024.7-1]

  • Release 2024.7

[2024.6-2]

  • Bump release for June 2024 mass rebuild

[2024.6-1]

  • Release 2024.6

[2024.5-1]

  • Resolves #RHEL-30414

[2024.2-2]

  • Add gating yaml

[2024.2-1]

  • Release 2024.2

[2024.1-4]

[2024.1-2]

[2023.12-1]

[2023.11-1]

[2023.10-4]

  • Setup rpm-ostree-countme.timer according to presets

[2023.10-3]

[2023.8-3]

  • Update python3 macros and dependency.

[2023.8-2]

[2023.6-2]

[2023.5-2]

[2023.5-1]

[2023.4-5]

  • Switch License tags to SPDX

[2023.4-4]

  • Backport libdnf patches to work with rpm-4.19

[2023.4-3]

[2023.4-2]

[2023.3-1]

[2023.2-1]

[2023.1-4]

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

rpm-ostree

2025.5-1.el10

rpm-ostree-libs

2025.5-1.el10

Oracle Linux x86_64

rpm-ostree

2025.5-1.el10

rpm-ostree-libs

2025.5-1.el10

Связанные CVE

CVE-2024-2905

Ссылки на источники

Связанные уязвимости

redhat логотип

CVE-2024-2905

CVSS3: 6.2
redhat
больше 1 года назад

A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.

nvd логотип

CVE-2024-2905

CVSS3: 6.2
nvd
больше 1 года назад

A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.

msrc логотип

CVE-2024-2905

CVSS3: 6.2
msrc
2 месяца назад

Описание отсутствует

oracle-oval логотип

ELSA-2024-3823

oracle-oval
около 1 года назад

ELSA-2024-3823: rpm-ostree security update (MODERATE)

fstec логотип

BDU:2024-05542

CVSS3: 6.2
fstec
больше 1 года назад

Уязвимость пакета rpm-ostree операционных систем Red Hat Enterprise Linux и Fedora, позволяющая нарушителю получить несанкционированный доступ к аутентификационным данным