ELSA-2025-7118

Опубликовано: 16 мая 2025

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2025-7118: osbuild and osbuild-composer security update (IMPORTANT)

osbuild [141-1.0.1]

Add runner for ol8 and ol9 [Orabug: 36400619]

[141-1]

New upstream release

[140-1]

New upstream release

[139-1]

New upstream release

[138-1]

New upstream release

[137-1]

New upstream release

[136-1]

New upstream release

[135-1]

New upstream release

[132-1]

New upstream release

[131-1]

New upstream release

[130-1]

New upstream release

osbuild-composer [132-1.0.1]

Add support to create OpenScap images [JIRA: OLDIS-35301]
Simplify repository names [JIRA: OLDIS-35893]
Refactor patches to fix some naming and set a correct kernel for Oracle Linux [Orabug: 37253643]
Support using OCI variables inside built images [JIRA: OLDIS-35302]
Support using repository definitons with OCI variables [JIRA: OLDIS-38657]
Update repositories to contain OCI variables
Remove image types Minimal-raw and wsl [JIRA: OLDIS-38123]
Increase default /boot size to 1GB [Orabug: 36827079]
Add support for OCI hybrid images [JIRA: OLDIS-33593]
enable aarch64 OCI image builds [JIRA: OLDIS-33593]
support for building OL8/9 images on Oracle Linux 9 [Orabug: 36400619]

[132-1]

New upstream release

[131-1]

New upstream release

[128-1]

New upstream release

[127-1]

New upstream release

[126-1]

New upstream release

[125-1]

New upstream release

[124-1]

New upstream release

[123-1]

New upstream release

[122-1]

New upstream release

[121-1]

New upstream release

[118-1]

New upstream release

[117-1]

New upstream release

[116-1]

New upstream release

[115-1]

New upstream release

[114-1]

New upstream release

[113-1]

New upstream release

[110-1]

New upstream release

[109-1]

New upstream release

[108-1]

New upstream release

[104-1]

New upstream release

[102-1]

New upstream release

[101-1]

New upstream release

[100-1]

New upstream release

[99-1]

New upstream release

[98-1]

New upstream release

[96-1]

New upstream release

[95-1]

New upstream release

[94-1]

New upstream release

[93-1]

New upstream release

[92-1]

New upstream release

[91-1]

New upstream release

[89-1]

New upstream release

[88-1]

New upstream release

[87-1]

New upstream release

[86-1]

New upstream release

[85-1]

New upstream release

[84-1]

New upstream release

[82-1]

New upstream release

[80-1]

New upstream release

[79-1]

New upstream release

[77-1]

New upstream release

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

osbuild

141-1.0.1.el9

osbuild-composer-core

132-1.0.2.el9

osbuild-ostree

141-1.0.1.el9

python3-osbuild

141-1.0.1.el9

osbuild-composer

132-1.0.2.el9

osbuild-composer-worker

132-1.0.2.el9

osbuild-depsolve-dnf

141-1.0.1.el9

osbuild-luks2

141-1.0.1.el9

osbuild-lvm2

141-1.0.1.el9

osbuild-selinux

141-1.0.1.el9

Oracle Linux x86_64

osbuild

141-1.0.1.el9

osbuild-composer

132-1.0.2.el9

osbuild-composer-core

132-1.0.2.el9

osbuild-composer-worker

132-1.0.2.el9

osbuild-depsolve-dnf

141-1.0.1.el9

osbuild-luks2

141-1.0.1.el9

osbuild-lvm2

141-1.0.1.el9

osbuild-ostree

141-1.0.1.el9

osbuild-selinux

141-1.0.1.el9

python3-osbuild

141-1.0.1.el9

Связанные CVE

CVE-2024-9355

CVE-2024-1394

CVE-2024-34158

Ссылки на источники

Связанные уязвимости

CVE-2024-9355

CVSS3: 6.5

redhat

9 месяцев назад

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum. It is also possible to force a derived key to be all zeros instead of an unpredictable value. This may have follow-on implications for the Go TLS stack.