• Home
  • Et Cetera

Infosecurity.US

Oracle Releases This Week’s Crop of OEL Security Updates

By Marc Handelman on February 20th, 2009

Oracle TUX

Oracle Corporation (NasdaqGS: ORCL) has released a trio of updates to the database giant’s Enterprise Linux distribution [essentially Red Hat Inc.'s (NYSE: RHT) Enterprise Linux]. The three updates, entitled ELSA-2009-0308, ELSA-2009-0275 and ELBA-2009-0309 deal with cups, imap and strace respectively. Detailed descriptions of each update appears after the jump.

Oracle Security Advisories
Enterprise Linux Security Advisory ELSA-2009-0308
The following updated rpms for Enterprise Linux 3 have been uploaded to the Unbreakable Linux Network:
i386:cups-1.1.17-13.3.56.i386.rpm, cups-devel-1.1.17-13.3.56.i386.rpm, cups-libs-1.1.17-13.3.56.i386.rpm
x86_64:cups-1.1.17-13.3.56.x86_64.rpm, cups-devel-1.1.17-13.3.56.x86_64.rpm, cups-libs-1.1.17-13.3.56.i386.rpm, cups-libs1.1.17-13.3.56.x86_64.rpm
SRPMS:http://oss.oracle.com/el3/SRPMS-updates/cups-1.1.17-13.3.56.src.rpm
Description of changes: [1.1.17-13.3.56] – Applied patch to fix CVE-2008-3640 (STR #2919, bug #486052), which was not fixed in previous attempt.
—
Enterprise Linux Security Advisory ELSA-2009-0275
https://rhn.redhat.com/errata/RHSA-2009-0275.html
The following updated rpms for Enterprise Linux 3 have been uploaded to the Unbreakable Linux Network:
i386:imap-2002d-15.i386.rpm, imap-devel-2002d-15.i386.rpm, imap-utils-2002d-15.i386.rpm
x86_64:imap-2002d-15.x86_64.rpm, imap-devel-2002d-15.x86_64.rpm, imap-utils-2002d-15.x86_64.rpm
SRPMS:http://oss.oracle.com/el3/SRPMS-updates/imap-2002d-15.src.rpm
Description of changes: [2002d-15] – Backport patch for buffer overflows in dmail and tmail from upstream version 2007d (CVE-2008-5005, #469667)
—–
Enterprise Linux Bug Fix Advisory ELBA-2009-0309
The following updated rpms for Enterprise Linux 5 have been uploaded to the Unbreakable Linux Network:
i386:strace-4.5.18-2.el5_3.3.i386.rpm
x86_64:strace-4.5.18-2.el5_3.3.x86_64.rpm
SRPMS:http://oss.oracle.com/el5/SRPMS-updates/strace-4.5.18-2.el5_3.3.src.rpm
Description of changes: [4.5.18-2.el5_3.3]
- Partial sync up with upsteam #1: whitespace changes
- Partial sync up with upsteam #2: trivial changes (comments etc)
- Partial sync up with upsteam #3: flock reporting, fix network ops selection
- Partial sync up with upsteam #4: support -D option, blackfin cpu support
- Partial sync up with upsteam #5: update SIGKILL detection machinery
- Improve fairness – do not allow a few threads to usurp strace’s attention
- Resolves: RHBZ #484074

—-
  • Red Hat to help liberate Oracle ‘hostages’ (theregister.co.uk)
  • Cuba launches its own version of Linux called Nova: No more depending on Windows (crunchgear.com)
  • Silverlight shines on Linux (vnunet.com)
Reblog this post [with Zemanta]

Categories: Network Security, Oracle Enterprise Linux, Oracle Linux, Oracle Security
Tags: Buffer overflow, CUPS, IMAP, LINUX, Linux distribution, Oracle Corporation, Oracle Enterprise Linux, Red Hat, Red Hat Enterprise Linux, RPM Package Manager, STRACE

Related Headlines

    Related posts:

    1. Oracle Announces Mid-Week Enterprise Linux Updates
    2. Weekend Patching Redux: Oracle Updates Enterprise Linux
    3. Oracle Releases Critical OEL Updates
    4. Oracle Patches Enterprise Linux, Fixes for UP2DATE, OCFS2
    5. Oracle Releases New Linux Security Updates

Comments are closed.

« Wondermark: Conference A Rain Forested Weekend Hiatus… »
  • Latest
  • Random
  • Bookmarks
  • Archives
  • Steve Benson: Persian Lights…
  • New, Pernicious BotNet Emerges
  • VMWare Announces ESX Console Security Update
  • Nick Anderson: Egg
  • Doppelgänger Infinitus
  • Robert Ariall: Iran For Cover
  • Data Leakage Wednesdays: Old Printer Vector
  • XKCD: Exoplanets
  • Apple Releases Magic Footpad, Raises Ante On Bipedal Computer Controls
  • Science Tuesday: Asteroidal Discoveries Mapped, 01980 – 02010
  • TrueCrypt 6 Released
  • Widenius: Bug Ridden MySQL 5.1 GA Released
  • XKCD
  • Wondermark: Frog
  • Dinosaur Comics: Parking Tickets
  • Amazon’s Cloud Opened For Schools
  • French Embassy in Beijing Under Cyber Attack
  • Size Matters: Charlie Miller – ‘MAC OS X Attack Surface Wide Enough For 747 Landing, Sideways’
  • Apple Opens Up To Window
  • US-CERT Releases Weekly Vulnerability Summary
  • Apple
  • BSD
  • Closson
  • Darknet
  • Debian
  • Finnigan
  • ha.ckers
  • Hoff
  • Insecure
  • Krebs
  • Layer8
  • MSRC
  • Network Security Blog
  • NSA SEL
  • openSUSE
  • RedHat
  • SANS
  • Schneier
  • Security Eunoia
  • Securosis
  • Shimel
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
Subscribe

Featured Blog - Blogs.com SANS Security Reading Room KnotOriginal: fine art to hang on your body and walls Member - Security Bloggers Network

Dilbert

KnotOriginal

Featured Video

QOTD

RSS Security Bloggers Network

  • Two Wheel EV Recumbant: Zerotracer 2010/09/02 Davi Ottenheimer
  • Ben Franklin’s Endpoint Security Advice 2010/09/02 Jeff Hughes
  • Configuring Conditional SSH Connections 2010/09/02 Xavier
  • Truecrypt and USB drives 2010/09/02 always peace
  • LogChat Podcast 1: Anton Chuvakin and Andrew Hay Talk Logs 2010/09/02 Andrew Hay
  • Safe Web Surfing Rule # 1: READ the URL 2010/09/02 Tom Kelchner
  • Heartland Set To Pay Discover $5M For 2008 Data Breach 2010/09/02 spinman
  • User’s Opinions on Malware Infections 2010/09/02 spinman
  • Acunetix Web Vulnerability Scanner 7 Released 2010/09/02 spinman
  • LogChat Podcast 1: Anton Chuvakin and Andrew Hay Talk Logs 2010/09/02 Anton Chuvakin

RSS Cryptography

  • Monitor: Schrodinger's cat and mouse 2010/09/02
  • How to configure a Junos security device 2010/09/02
  • Net Effect: Hay-what? 2010/09/02
  • The Art of Proof 2010/09/02
  • Quantum crypto cracked, researchers say 2010/09/01

RSS SANS ISC

  • Microsoft EMETv2 released, (Thu, Sep 2nd) 2010/09/02
  • SDF, please!, (Thu, Sep 2nd) 2010/09/02
  • Month of Undisclosed 0-day Bugs, (Wed, Sep 1st) 2010/09/01
  • Microsoft issues updates to sysinternals ProcDump and Process Monitor: http://blogs.technet.com/b/sysinternals/archive/2010/08/30/updates-procdump-process-monitor-and-a-new-mark-s-blog-post.aspx, (Wed, Sep 1st) 2010/09/01
  • VMWARE releases 2 security advisories for ESX Service Console: http://lists.vmware.com/pipermail/security-announce/2010/000103.html and http://lists.vmware.com/pipermail/security-announce/2010/000104.html, (Wed, Sep 1st) 2010/09/01

RSS Oracle

  • Going to Oracle OpenWorld 2010? 2010/09/02
  • Automatic Time Zone support in Application Express 4.0 2010/09/02
  • EBS, Collaborate, Security, BPEL, OWB, Blog of Note, Hyperion, EPM, Burnout, WiFi 2010/09/02
  • Details of Tuxedo sessions at OOW 2010/09/02
  • JavaOne Preview on TechCast Live! (Tues., Sept. 7, 10am PT) 2010/09/02
  • links for 2010-09-02 2010/09/02
  • Join us for a Bersin & Associates Webcast - "Evolution of ERPs: Driving Business Value through Integrated Talent Management" 2010/09/02

RSS MySQL

  • Join MySQL at OSCON 2010/07/02
  • TechCast Live: Jono Bacon and Luke Kowalski on MySQL Community 2010/05/21
  • What's New in the MySQL Enterprise Spring 2010 Release? - Interview with Mark Matthews and Andy Bang 2010/05/17
  • Introduction to MySQL 5.5 2010/04/13
  • Why Should I Check Out a MySQL-Based Column Database ? 2010/02/12
  • A deep look at MySQL 5.5 partitioning enhancements 2009/12/24
  • Sun "Tech Days" Conference World Tour Kicks Off in Brazil 2009/12/07

RSS Linux

  • A Guide to Today's Top 10 Linux Distributions - NetworkWorld.com 2010/09/02
  • Embedded Linux Conference videos available - LWN.net 2010/09/02
  • Net Applications' iOS vs Linux Report Confuses Me - Muktware (blog) 2010/09/02
  • Cloudlinux Named Editor's Choice By Web Host Magazine & Buyer's Guide - PR Urgent 2010/09/02
  • Samsung's 3D TV remote let's you take the screen with you - Geek.com 2010/09/02

RSS MAC OSX

  • Samsung Reveals Half-Pint iPad, The Galaxy Tab 2010/09/02 Eli Milchman
  • Daily Deals: New nano, touch and Apple TV 2010/09/02 Ed Sutherland
  • iPhone 4 Coffee Table Gets You Better Reception Than iPod Table? 2010/09/02 Nicole Martinelli
  • Walkman Outsells iPods in Japan, Can Wristwatch Nano Change That? 2010/09/02 Nicole Martinelli
  • Amazon: Buy – Don’t Rent – 99-Cent Fox, ABC TV Episodes 2010/09/02 Ed Sutherland
  • Analyst: New Apple TV Rival for Cable’s Video-on-Demand 2010/09/02 Ed Sutherland
  • iTunes Ping And Facebook: What’s Going On? 2010/09/02 Giles Turnbull

RSS Microsoft

  • Update on Security Advisory 2269637 2010/08/31 MSRCTEAM
  • Microsoft Security Advisory 2269637 Released 2010/08/22 MSRCTEAM
  • August 2010 Webcast and QA 2010/08/12 MSRCTEAM
  • Update on the publicly disclosed Win32k.sys EoP Vulnerability 2010/08/10 MSRCTEAM
  • August 2010 Security Bulletin Release 2010/08/10 MSRCTEAM
  • August 2010 Bulletin Release Advance Notification 2010/08/05 MSRCTEAM
  • August 2010 Out-of-Band Security Release Webcast Q&A 2010/08/03 MSRCTEAM

RSS Network

  • How to get started with a blade system 2010/09/02
  • Opsview Community Edition review 2010/09/02
  • Cacti review 2010/09/02
  • Brocade adds 100G Ethernet to switch and router line 2010/09/02
  • Is Cisco making a play for Skype? 2010/08/31
  • Skype launches Skype Connect enterprise voice calling 2010/08/31
  • Sonos ZonePlayer S5 review 2010/08/25

Daily Posts

September 2010
S M T W T F S
« Aug    
 1234
567891011
12131415161718
19202122232425
2627282930  
Creative Commons License
The Infosecurity.US Blog is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.

Find the best blogs at Blogs.com.

Creative Commons Attribution-Share Alike 3.0 U.S. License ©2010 Infosecurity.US

Subscribe