Oracle Releases Critical Enterprise Linux Patches

By Marc Handelman on July 23rd, 2009

oracle_redwood_shores_twin_dolphin

Oracle Corporation (NasdaqGS: ORCL) has announced the availability of new Enterprise Linux updates, this time mitigating issues with the company’s Enterprise Linux version 5, 4 and 3 implementations. The updates to Oracle’s Enterprise Linux operating system are available via the company’s Unbreakable Linux Network (ULN) site. Oracle Enterprise Linux is a variant of RED HAT, INC.’s (NYSE: RHT) Red Hat Enterprise Linux OS. Additional information consisting of release notes and links appears after the jump.

Enterprise Linux Bug Fix Advisory ELBA-2009-1161

https://rhn.redhat.com/errata/RHBA-2009-1161.html

The following updated rpms for Enterprise Linux 5 have been uploaded to the Unbreakable Linux Network:

i386:
nspr-4.7.4-1.el5_3.1.i386.rpm
nspr-devel-4.7.4-1.el5_3.1.i386.rpm
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
nss-tools-3.12.3.99.3-1.el5_3.2.i386.rpm

x86_64:
nspr-4.7.4-1.el5_3.1.i386.rpm
nspr-4.7.4-1.el5_3.1.x86_64.rpm
nspr-devel-4.7.4-1.el5_3.1.i386.rpm
nspr-devel-4.7.4-1.el5_3.1.x86_64.rpm
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
nss-3.12.3.99.3-1.el5_3.2.x86_64.rpm
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
nss-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm
nss-tools-3.12.3.99.3-1.el5_3.2.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/nspr-4.7.4-1.el5_3.1.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/nss-3.12.3.99.3-1.el5_3.2.src.rpm

Description of changes:

nspr:

[4.7.4-1.el5_3.1]
- create z-stream version

[4.7.4-1]
- Update to NSPR 4.7.4

nss:

[3.12.3.99.3-1.el5_3.2]
- adjust ssl cipher count constant (bug 505650)

[3.12.3.99.3-1.el5_3.1]
- create z-stream version

[3.12.3.99.3-1]
- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75

[3.12.3-5]
- updated patch to seckey

[3.12.3-4]
- add a patch to seckey

[3.12.3-3]
- remove references to SEED

[3.12.3-2]
- update to NSS 3.12.3

—

Enterprise Linux Security Advisory ELSA-2009-1164

https://rhn.redhat.com/errata/RHSA-2009-1164.html

The following updated rpms for Enterprise Linux 5 have been uploaded to the Unbreakable Linux Network:

i386:
tomcat5-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-jasper-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2.i386.rpm
tomcat5-webapps-5.5.23-0jpp.7.el5_3.2.i386.rpm

x86_64:
tomcat5-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-admin-webapps-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-common-lib-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-jasper-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-jasper-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-jsp-2.0-api-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-server-lib-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-servlet-2.4-api-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.7.el5_3.2.x86_64.rpm
tomcat5-webapps-5.5.23-0jpp.7.el5_3.2.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/tomcat5-5.5.23-0jpp.7.el5_3.2.src.rpm

Description of changes:

[5.5.23-0jpp.7.2]
- Actually add the patch files this time
Resolves: rhbz#427779
Resolves: rhbz#504758
Resolves: rhbz#503980
Resolves: rhbz#504162

[5.5.23-0jpp.7.2]
- add patch for CVE-2007-5333
Resolves: rhbz#427779
- add patch for CVE-2008-5515
Resolves: rhbz#504758
- add patch for CVE-2009-0033
- add patch for CVE-2009-0580
Resolves: rhbz#503980
- add patch for CVE-2009-0783
Resolves: rhbz#504162

—

Enterprise Linux Bug Fix Advisory ELBA-2009-1165

https://rhn.redhat.com/errata/RHBA-2009-1165.html

The following updated rpms for Enterprise Linux 5 have been uploaded to the Unbreakable Linux Network:

i386:
ksh-20080202-2.el5_3.1.i386.rpm

x86_64:
ksh-20080202-2.el5_3.1.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/ksh-20080202-2.el5_3.1.src.rpm

Description of changes:

[20080202-2.1]
- fix #510712 – ksh typeset does not assign value in an asynchronously
called function
—
Enterprise Linux Security Advisory ELSA-2009-1162

https://rhn.redhat.com/errata/RHSA-2009-1162.html

The following updated rpms for Enterprise Linux 5 have been uploaded to the Unbreakable Linux Network:

i386:
firefox-3.0.12-1.0.1.el5_3.i386.rpm
xulrunner-1.9.0.12-1.0.1.el5_3.i386.rpm
xulrunner-devel-1.9.0.12-1.0.1.el5_3.i386.rpm
xulrunner-devel-unstable-1.9.0.12-1.0.1.el5_3.i386.rpm

x86_64:
firefox-3.0.12-1.0.1.el5_3.i386.rpm
firefox-3.0.12-1.0.1.el5_3.x86_64.rpm
xulrunner-1.9.0.12-1.0.1.el5_3.i386.rpm
xulrunner-1.9.0.12-1.0.1.el5_3.x86_64.rpm
xulrunner-devel-1.9.0.12-1.0.1.el5_3.i386.rpm
xulrunner-devel-1.9.0.12-1.0.1.el5_3.x86_64.rpm
xulrunner-devel-unstable-1.9.0.12-1.0.1.el5_3.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/firefox-3.0.12-1.0.1.el5_3.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/xulrunner-1.9.0.12-1.0.1.el5_3.src.rpm

Description of changes:

firefox:
[3.0.12-1.0.1.el5_3]
- Update firstrun and homepage URLs
- Added
firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html
and removed the corresponding Red Hat ones
- Added patch oracle-firefox-branding.patch

[3.0.12-1]
- Update to 3.0.12

xulrunner:

[1.9.0.12-1.0.1.el5_3]
- Added xulrunner-oracle-default-prefs.js
- Removed RedHat corresponding one

[1.9.0.12-1]
- Update to 1.9.0.12
—
Enterprise Linux Security Advisory ELSA-2009-1162

https://rhn.redhat.com/errata/RHSA-2009-1162.html

The following updated rpms for Enterprise Linux 4 have been uploaded to the Unbreakable Linux Network:

i386:
firefox-3.0.12-1.0.1.el4.i386.rpm

x86_64:
firefox-3.0.12-1.0.1.el4.x86_64.rpm

ia64:
firefox-3.0.12-1.0.1.el4.ia64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/firefox-3.0.12-1.0.1.el4.src.rpm

Description of changes:

[3.0.12-1.0.1.el4]
- Update firstrun and homepage URLS
- Add oracle-firefox-branding.patch
- Add firefox-oracle-default-prefs.js and
firefox-oracle-default-bookmarks.html
and remove the corresponding RedHat ones

[3.0.12-1.el4]
- Update to 3.0.12
—
Enterprise Linux Security Advisory ELSA-2009-1163

https://rhn.redhat.com/errata/RHSA-2009-1163.html

The following updated rpms for Enterprise Linux 3 have been uploaded to the Unbreakable Linux Network:

i386:
seamonkey-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-chat-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-devel-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-mail-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-nspr-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-nss-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.40.0.1.el3.i386.rpm

x86_64:
seamonkey-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-nspr-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.40.0.1.el3.i386.rpm
seamonkey-nss-1.0.9-0.40.0.1.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.40.0.1.el3.x86_64.rpm

SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/seamonkey-1.0.9-0.40.0.1.el3.src.rpm

Description of changes:

[1.0.9-0.40.0.1.el3]
- Add mozilla-oracle-default-prefs.js,mozilla-oracle-default-bookmarks.html
and removed the corresponding RedHat ones

[1.0.9-0.40.el3]
- Added fixes from 1.9.0.12

—
Enterprise Linux Security Advisory ELSA-2009-1163

https://rhn.redhat.com/errata/RHSA-2009-1163.html

The following updated rpms for Enterprise Linux 4 have been uploaded to the Unbreakable Linux Network:

i386:
seamonkey-1.0.9-45.0.1.el4_8.i386.rpm
seamonkey-chat-1.0.9-45.0.1.el4_8.i386.rpm
seamonkey-devel-1.0.9-45.0.1.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-45.0.1.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-45.0.1.el4_8.i386.rpm
seamonkey-mail-1.0.9-45.0.1.el4_8.i386.rpm

x86_64:
seamonkey-1.0.9-45.0.1.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-45.0.1.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-45.0.1.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-45.0.1.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-45.0.1.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-45.0.1.el4_8.x86_64.rpm

ia64:
seamonkey-1.0.9-45.0.1.el4_8.ia64.rpm
seamonkey-chat-1.0.9-45.0.1.el4_8.ia64.rpm
seamonkey-devel-1.0.9-45.0.1.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-45.0.1.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-45.0.1.el4_8.ia64.rpm
seamonkey-mail-1.0.9-45.0.1.el4_8.ia64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/seamonkey-1.0.9-45.0.1.el4_8.src.rpm

Description of changes:
[1.0.9-45.0.1.el4_8]
- Added mozilla-oracle-default-prefs.js, and
mozilla-oracle-default-bookmarks.html
and removed corresponding Redhat ones

[1.0.9-45.el4]
- Added fixes from 1.9.0.12
—
Enterprise Linux Bug Fix Advisory ELBA-2009-1174

https://rhn.redhat.com/errata/RHBA-2009-1174.html

The following updated rpms for Enterprise Linux 4 have been uploaded to the Unbreakable Linux Network:

i386:
compat-openldap-2.1.30-12.el4_8.2.i386.rpm
openldap-2.2.13-12.el4_8.2.i386.rpm
openldap-clients-2.2.13-12.el4_8.2.i386.rpm
openldap-devel-2.2.13-12.el4_8.2.i386.rpm
openldap-servers-2.2.13-12.el4_8.2.i386.rpm
openldap-servers-sql-2.2.13-12.el4_8.2.i386.rpm

x86_64:
compat-openldap-2.1.30-12.el4_8.2.i386.rpm
compat-openldap-2.1.30-12.el4_8.2.x86_64.rpm
openldap-2.2.13-12.el4_8.2.i386.rpm
openldap-2.2.13-12.el4_8.2.x86_64.rpm
openldap-clients-2.2.13-12.el4_8.2.x86_64.rpm
openldap-devel-2.2.13-12.el4_8.2.x86_64.rpm
openldap-servers-2.2.13-12.el4_8.2.x86_64.rpm
openldap-servers-sql-2.2.13-12.el4_8.2.x86_64.rpm

ia64:
compat-openldap-2.1.30-12.el4_8.2.i386.rpm
compat-openldap-2.1.30-12.el4_8.2.ia64.rpm
openldap-2.2.13-12.el4_8.2.i386.rpm
openldap-2.2.13-12.el4_8.2.ia64.rpm
openldap-clients-2.2.13-12.el4_8.2.ia64.rpm
openldap-devel-2.2.13-12.el4_8.2.ia64.rpm
openldap-servers-2.2.13-12.el4_8.2.ia64.rpm
openldap-servers-sql-2.2.13-12.el4_8.2.ia64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/openldap-2.2.13-12.el4_8.2.src.rpm

Description of changes:

[2.2.13-12.2]
- fix unnecessary assertion in slapd_clr_write (#510233)

[2.2.13-12.1]
- fix crash when ldapmodify follows referrals (#474788)

Categories: Open Source, Open Source Security, Open Source Software Security, Operating System Security, Oracle Enterprise Linux, Oracle Linux, Oracle Security
Tags: Open Source Security, Open Source Software, Oracle Enterprise Linux, Oracle Security, Redhat Enterprise Linux