ELSA-2024-3139

ULN >
Oracle Linux Errata repository >
ELSA-2024-3139

ELSA-2024-3139 - squashfs-tools security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-05-23

Description

[4.3-21]
- CVE-2021-41072 squashfs-tools: additional write outside destination directory exploit fix
CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination
Resolves: rhbz#2007303 rhbz#2000637

Related CVEs

CVE-2021-40153

CVE-2021-41072

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	squashfs-tools-4.3-21.el8.src.rpm	f7d9eaa03ab7df29e1ceb8eab656f5dbb6a048ab13cf49e1b4b5b019d6df5160	-	ol8_aarch64_baseos_latest
	squashfs-tools-4.3-21.el8.src.rpm	f7d9eaa03ab7df29e1ceb8eab656f5dbb6a048ab13cf49e1b4b5b019d6df5160	-	ol8_aarch64_u10_baseos_base
	squashfs-tools-4.3-21.el8.aarch64.rpm	8d009d4a17ff41570665e1b193f04ce70894da4dbde59498315f7c056e74c8c0	-	ol8_aarch64_baseos_latest
	squashfs-tools-4.3-21.el8.aarch64.rpm	8d009d4a17ff41570665e1b193f04ce70894da4dbde59498315f7c056e74c8c0	-	ol8_aarch64_u10_baseos_base

Oracle Linux 8 (x86_64)	squashfs-tools-4.3-21.el8.src.rpm	f7d9eaa03ab7df29e1ceb8eab656f5dbb6a048ab13cf49e1b4b5b019d6df5160	-	ol8_x86_64_baseos_latest
	squashfs-tools-4.3-21.el8.src.rpm	f7d9eaa03ab7df29e1ceb8eab656f5dbb6a048ab13cf49e1b4b5b019d6df5160	-	ol8_x86_64_u10_baseos_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.15.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.16.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.17.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.18.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.19.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.20.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.21.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.22.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.23.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_23.1.24.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.1.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.10.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.2.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.3.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.4.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.5.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.6.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.7.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.8.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_24.1.9.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_25.1.0.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_25.1.1.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_25.1.2.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	exadata_dbserver_25.1.3.0.0_x86_64_base
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	ol8_x86_64_baseos_latest
	squashfs-tools-4.3-21.el8.x86_64.rpm	fa3cd82658e6512fe5d171f0ed4d971dd6f215ec35ad9a9ff4333439f3f5e557	-	ol8_x86_64_u10_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691