The following updates has been released for Oracle Linux:
ELBA-2018-0138 Oracle Linux 7 sos bug fix and enhancement update
ELBA-2018-0139 Oracle Linux 7 tuned bug fix update
ELBA-2018-0143 Oracle Linux 7 device-mapper-persistent-data bug fix update
ELBA-2018-0144 Oracle Linux 7 python-dmidecode bug fix update
ELBA-2018-0145 Oracle Linux 7 binutils bug fix update
ELBA-2018-0146 Oracle Linux 7 motif bug fix update
ELBA-2018-0147 Oracle Linux 7 nfs-utils bug fix update
ELBA-2018-0149 Oracle Linux 7 SystemTap bug fix update
ELBA-2018-0150 Oracle Linux 7 gdm bug fix update
ELBA-2018-0155 Oracle Linux 7 systemd bug fix update
ELBA-2018-0156 Oracle Linux 7 gdb bug fix update
ELBA-2018-0157 Oracle Linux 7 xorg-x11-server bug fix update
ELBA-2018-0159 Oracle Linux 7 kmod bug fix update
ELBA-2018-0160 Oracle Linux 7 net-snmp bug fix update
ELBA-2018-0161 Oracle Linux 7 gtk3 bug fix update
ELBA-2018-0162 Oracle Linux 7 libdb bug fix update
ELBA-2018-0164 Oracle Linux 7 at bug fix update
ELBA-2018-0166 Oracle Linux 7 cloud-init bug fix update
ELBA-2018-0167 Oracle Linux 7 spice-gtk bug fix update
ELBA-2018-0168 Oracle Linux 7 rear bug fix update
ELBA-2018-0170 Oracle Linux 6 samba bug fix update
ELBA-2018-0171 Oracle Linux 6 sysstat bug fix update
ELBA-2018-0172 Oracle Linux 6 xorg-x11-server bug fix update
ELBA-2018-0173 Oracle Linux 6 copy-jdk-configs bug fix update
ELBA-2018-0174 Oracle Linux 6 python-setuptools bugfix update.
ELBA-2018-0175 Oracle Linux 6 util-linux-ng bug fix update
ELBA-2018-0176 Oracle Linux 6 selinux-policy bug fix update
ELBA-2018-0177 Oracle Linux 6 ntp bug fix update
ELEA-2018-0141 Oracle Linux 7 initscripts enhahcement update
ELEA-2018-0142 Oracle Linux 7 device-mapper-multipath bug fix and enhancement update
ELSA-2018-0151 Important: Oracle Linux 7 kernel security and bug fix update
ELSA-2018-0158 Moderate: Oracle Linux 7 dhcp security update
ELSA-2018-0163 Important: Oracle Linux 7 389-ds-base security and bug fix update
ELSA-2018-0169 Important: Oracle Linux 6 kernel security and bug fix update
ELSA-2018-0223 Moderate: Oracle Linux 7 nautilus security update
ELSA-2018-4020: Important information regarding Spectre/Meltdown
ELBA-2018-0138 Oracle Linux 7 sos bug fix and enhancement update
ELBA-2018-0139 Oracle Linux 7 tuned bug fix update
ELBA-2018-0143 Oracle Linux 7 device-mapper-persistent-data bug fix update
ELBA-2018-0144 Oracle Linux 7 python-dmidecode bug fix update
ELBA-2018-0145 Oracle Linux 7 binutils bug fix update
ELBA-2018-0146 Oracle Linux 7 motif bug fix update
ELBA-2018-0147 Oracle Linux 7 nfs-utils bug fix update
ELBA-2018-0149 Oracle Linux 7 SystemTap bug fix update
ELBA-2018-0150 Oracle Linux 7 gdm bug fix update
ELBA-2018-0155 Oracle Linux 7 systemd bug fix update
ELBA-2018-0156 Oracle Linux 7 gdb bug fix update
ELBA-2018-0157 Oracle Linux 7 xorg-x11-server bug fix update
ELBA-2018-0159 Oracle Linux 7 kmod bug fix update
ELBA-2018-0160 Oracle Linux 7 net-snmp bug fix update
ELBA-2018-0161 Oracle Linux 7 gtk3 bug fix update
ELBA-2018-0162 Oracle Linux 7 libdb bug fix update
ELBA-2018-0164 Oracle Linux 7 at bug fix update
ELBA-2018-0166 Oracle Linux 7 cloud-init bug fix update
ELBA-2018-0167 Oracle Linux 7 spice-gtk bug fix update
ELBA-2018-0168 Oracle Linux 7 rear bug fix update
ELBA-2018-0170 Oracle Linux 6 samba bug fix update
ELBA-2018-0171 Oracle Linux 6 sysstat bug fix update
ELBA-2018-0172 Oracle Linux 6 xorg-x11-server bug fix update
ELBA-2018-0173 Oracle Linux 6 copy-jdk-configs bug fix update
ELBA-2018-0174 Oracle Linux 6 python-setuptools bugfix update.
ELBA-2018-0175 Oracle Linux 6 util-linux-ng bug fix update
ELBA-2018-0176 Oracle Linux 6 selinux-policy bug fix update
ELBA-2018-0177 Oracle Linux 6 ntp bug fix update
ELEA-2018-0141 Oracle Linux 7 initscripts enhahcement update
ELEA-2018-0142 Oracle Linux 7 device-mapper-multipath bug fix and enhancement update
ELSA-2018-0151 Important: Oracle Linux 7 kernel security and bug fix update
ELSA-2018-0158 Moderate: Oracle Linux 7 dhcp security update
ELSA-2018-0163 Important: Oracle Linux 7 389-ds-base security and bug fix update
ELSA-2018-0169 Important: Oracle Linux 6 kernel security and bug fix update
ELSA-2018-0223 Moderate: Oracle Linux 7 nautilus security update
ELSA-2018-4020: Important information regarding Spectre/Meltdown
ELBA-2018-0138 Oracle Linux 7 sos bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2018-0138
http://linux.oracle.com/errata/ELBA-2018-0138.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
sos-3.4-13.0.1.el7_4.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/sos-3.4-13.0.1.el7_4.src.rpm
Description of changes:
[= 3.4-13.0.1]
- Added sos-oraclelinux-vendor-vendorurl.patch
[= 3.4-13]
- [plugins] allow add_cmd_output to collect binary output
Resolves: bz1515113
[= 3.4-12]
- [openstack_cinder] check for api service running
Resolves: bz1511087
- [plugins] allow add_cmd_output to collect binary output
Resolves: bz1515113
[= 3.4-11]
- [postgresql] Call SCL pg_dump with proper path
Resolves: bz1515113
[= 3.4-10]
- [postgresql] Collect data for postgreSQL from RHSCL
Resolves: bz1515113
[= 3.4-9]
- [openstack_*] further updates to OSP plugins in containers
Resolves: bz1511087
[= 3.4-8]
- [gnocchi] Tripleo specific containerized services logs
Resolves: bz1463635
[= 3.4-7]
- [openstack plugins] Tripleo specific containerized services
Resolves: bz1463635
- [jars] Scan only /usr/{share,lib}/java by default
Resolves: bz1482574
- [gluster_block] Added new plugin gluster_block
Resolves: bz1491964
ELBA-2018-0139 Oracle Linux 7 tuned bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0139
http://linux.oracle.com/errata/ELBA-2018-0139.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
tuned-2.8.0-5.el7_4.2.noarch.rpm
tuned-gtk-2.8.0-5.el7_4.2.noarch.rpm
tuned-profiles-atomic-2.8.0-5.el7_4.2.noarch.rpm
tuned-profiles-compat-2.8.0-5.el7_4.2.noarch.rpm
tuned-profiles-cpu-partitioning-2.8.0-5.el7_4.2.noarch.rpm
tuned-profiles-oracle-2.8.0-5.el7_4.2.noarch.rpm
tuned-utils-2.8.0-5.el7_4.2.noarch.rpm
tuned-utils-systemtap-2.8.0-5.el7_4.2.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tuned-2.8.0-5.el7_4.2.src.rpm
Description of changes:
[2.8.0-5.2]
- fixed profile application from cloud-init
resolves: rhbz#1507564
[2.8.0-5.1]
- sap-hana: change force_latency to 70
resolves: rhbz#1505166
ELBA-2018-0143 Oracle Linux 7 device-mapper-persistent-data bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0143
http://linux.oracle.com/errata/ELBA-2018-0143.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
device-mapper-persistent-data-0.7.0-0.1.rc6.el7_4.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/device-mapper-persistent-data-0.7.0-0.1.rc6.el7_4.1.src.rpm
Description of changes:
[0.7.0-0.1-rc6.el7_4.1]
- Fix v2 metadata corruption in cache_restore.
ELBA-2018-0144 Oracle Linux 7 python-dmidecode bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0144
http://linux.oracle.com/errata/ELBA-2018-0144.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
python-dmidecode-3.12.2-1.1.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-dmidecode-3.12.2-1.1.el7.src.rpm
Description of changes:
[3.12.2-1.1]
- Revert interface changes
- Resolves: #1514017
ELBA-2018-0145 Oracle Linux 7 binutils bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0145
http://linux.oracle.com/errata/ELBA-2018-0145.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
binutils-2.25.1-32.base.el7_4.2.x86_64.rpm
binutils-devel-2.25.1-32.base.el7_4.2.i686.rpm
binutils-devel-2.25.1-32.base.el7_4.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/binutils-2.25.1-32.base.el7_4.2.src.rpm
Description of changes:
[2.25.1-32.base.2]
- Fix a seg-fault in the PowerPC linker when discarding .plt sections
when -pie is used and undefined weak symbols are present. (#1515347)
- Add SCV, RFSCV amd LNIA instructions to Power9 port of gas.
(#1449585)
ELBA-2018-0146 Oracle Linux 7 motif bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0146
http://linux.oracle.com/errata/ELBA-2018-0146.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
motif-2.3.4-12.el7_4.i686.rpm
motif-2.3.4-12.el7_4.x86_64.rpm
motif-devel-2.3.4-12.el7_4.i686.rpm
motif-devel-2.3.4-12.el7_4.x86_64.rpm
motif-static-2.3.4-12.el7_4.i686.rpm
motif-static-2.3.4-12.el7_4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/motif-2.3.4-12.el7_4.src.rpm
Description of changes:
[2.3.4-12]
- Fix label size computed wrong within form. Fixes MotifZone#1612.
Resolves: rhbz#1519244
[2.3.4-11]
- Fix cursor color leaks. Fixes MotifZone#1660.
Resolves: rhbz#1508769
ELBA-2018-0147 Oracle Linux 7 nfs-utils bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0147
http://linux.oracle.com/errata/ELBA-2018-0147.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
nfs-utils-1.3.0-0.48.0.5.el7_4.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nfs-utils-1.3.0-0.48.0.5.el7_4.1.src.rpm
Description of changes:
[1.3.0-0.48.0.5.el7_4.1]
- Prevent multiple instances of rpc.statd processes (orabug 22998602)
[1.3.0-0.48_4.1]
- mount: handle EACCES during version negotiation (bz 1518718)
[1.3.0-0.48_4]
- rpc.nfsd: Do not fail when all address families are not support (bz
1450528)
ELBA-2018-0149 Oracle Linux 7 SystemTap bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0149
http://linux.oracle.com/errata/ELBA-2018-0149.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
systemtap-3.1-5.el7_4.x86_64.rpm
systemtap-client-3.1-5.el7_4.x86_64.rpm
systemtap-devel-3.1-5.el7_4.x86_64.rpm
systemtap-initscript-3.1-5.el7_4.x86_64.rpm
systemtap-runtime-3.1-5.el7_4.x86_64.rpm
systemtap-runtime-java-3.1-5.el7_4.x86_64.rpm
systemtap-runtime-python2-3.1-5.el7_4.x86_64.rpm
systemtap-runtime-virtguest-3.1-5.el7_4.x86_64.rpm
systemtap-runtime-virthost-3.1-5.el7_4.x86_64.rpm
systemtap-sdt-devel-3.1-5.el7_4.i686.rpm
systemtap-sdt-devel-3.1-5.el7_4.x86_64.rpm
systemtap-server-3.1-5.el7_4.x86_64.rpm
systemtap-testsuite-3.1-5.el7_4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/systemtap-3.1-5.el7_4.src.rpm
Description of changes:
[3.1-5]
- rhbz1519860 netdev probe
ELBA-2018-0150 Oracle Linux 7 gdm bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0150
http://linux.oracle.com/errata/ELBA-2018-0150.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
gdm-3.22.3-13.el7_4.i686.rpm
gdm-3.22.3-13.el7_4.x86_64.rpm
gdm-devel-3.22.3-13.el7_4.i686.rpm
gdm-devel-3.22.3-13.el7_4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gdm-3.22.3-13.el7_4.src.rpm
Description of changes:
[3.22.3-13]
- fix reauth crash
Resolves: #1519250
ELBA-2018-0155 Oracle Linux 7 systemd bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0155
http://linux.oracle.com/errata/ELBA-2018-0155.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libgudev1-219-42.0.2.el7_4.6.i686.rpm
libgudev1-219-42.0.2.el7_4.6.x86_64.rpm
libgudev1-devel-219-42.0.2.el7_4.6.i686.rpm
libgudev1-devel-219-42.0.2.el7_4.6.x86_64.rpm
systemd-219-42.0.2.el7_4.6.x86_64.rpm
systemd-devel-219-42.0.2.el7_4.6.i686.rpm
systemd-devel-219-42.0.2.el7_4.6.x86_64.rpm
systemd-journal-gateway-219-42.0.2.el7_4.6.x86_64.rpm
systemd-libs-219-42.0.2.el7_4.6.i686.rpm
systemd-libs-219-42.0.2.el7_4.6.x86_64.rpm
systemd-networkd-219-42.0.2.el7_4.6.x86_64.rpm
systemd-python-219-42.0.2.el7_4.6.x86_64.rpm
systemd-resolved-219-42.0.2.el7_4.6.i686.rpm
systemd-resolved-219-42.0.2.el7_4.6.x86_64.rpm
systemd-sysv-219-42.0.2.el7_4.6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/systemd-219-42.0.2.el7_4.6.src.rpm
Description of changes:
[219-42.0.2.6]
- fix _netdev is missing for iscsi entry in /etc/fstab [Orabug:
25897792] (tony.l.lam@oracle.com)
- set "RemoveIPC=no" in logind.conf as default for OL7.2 [22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug:
18467469]
- add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]
[219-42.6]
- manager: fix connecting to bus when dbus is actually around (#7205)
(#1465737)
[219-42.5]
- unmount: Pass in mount options when remounting read-only (#1312002)
- shutdown: don't remount,ro network filesystems. (#6588) (#1312002)
- shutdown: fix incorrect fscanf() result check (#6806) (#1312002)
ELBA-2018-0156 Oracle Linux 7 gdb bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0156
http://linux.oracle.com/errata/ELBA-2018-0156.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
gdb-7.6.1-100.el7_4.1.x86_64.rpm
gdb-doc-7.6.1-100.el7_4.1.noarch.rpm
gdb-gdbserver-7.6.1-100.el7_4.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gdb-7.6.1-100.el7_4.1.src.rpm
Description of changes:
[7.6.1-100.el7_4.1]
- Fix gcore for memory regions with VM_DONTDUMP (RH BZ 1524312, Sergio
Lopez).
ELBA-2018-0157 Oracle Linux 7 xorg-x11-server bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0157
http://linux.oracle.com/errata/ELBA-2018-0157.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
xorg-x11-server-Xdmx-1.19.3-11.el7_4.1.x86_64.rpm
xorg-x11-server-Xephyr-1.19.3-11.el7_4.1.x86_64.rpm
xorg-x11-server-Xnest-1.19.3-11.el7_4.1.x86_64.rpm
xorg-x11-server-Xorg-1.19.3-11.el7_4.1.x86_64.rpm
xorg-x11-server-Xvfb-1.19.3-11.el7_4.1.x86_64.rpm
xorg-x11-server-common-1.19.3-11.el7_4.1.x86_64.rpm
xorg-x11-server-devel-1.19.3-11.el7_4.1.i686.rpm
xorg-x11-server-devel-1.19.3-11.el7_4.1.x86_64.rpm
xorg-x11-server-source-1.19.3-11.el7_4.1.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/xorg-x11-server-1.19.3-11.el7_4.1.src.rpm
Description of changes:
[1.19.3-11.1]
- Fix a crash in RANDR gamma/colormap setup
ELBA-2018-0159 Oracle Linux 7 kmod bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0159
http://linux.oracle.com/errata/ELBA-2018-0159.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kmod-20-15.0.1.el7_4.7.x86_64.rpm
kmod-devel-20-15.0.1.el7_4.7.x86_64.rpm
kmod-libs-20-15.0.1.el7_4.7.i686.rpm
kmod-libs-20-15.0.1.el7_4.7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kmod-20-15.0.1.el7_4.7.src.rpm
Description of changes:
[20-15.0.1.el7_4.7]
- weak-modules: add patch for [Orabug: 26672773]
[20-15.el7_4.7]
- depmod: module_is_higher_priority: fix modname length calculation.
Resolves: rhbz#1525364.
ELBA-2018-0160 Oracle Linux 7 net-snmp bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0160
http://linux.oracle.com/errata/ELBA-2018-0160.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
net-snmp-5.7.2-28.0.1.el7_4.1.x86_64.rpm
net-snmp-agent-libs-5.7.2-28.0.1.el7_4.1.i686.rpm
net-snmp-agent-libs-5.7.2-28.0.1.el7_4.1.x86_64.rpm
net-snmp-devel-5.7.2-28.0.1.el7_4.1.i686.rpm
net-snmp-devel-5.7.2-28.0.1.el7_4.1.x86_64.rpm
net-snmp-gui-5.7.2-28.0.1.el7_4.1.x86_64.rpm
net-snmp-libs-5.7.2-28.0.1.el7_4.1.i686.rpm
net-snmp-libs-5.7.2-28.0.1.el7_4.1.x86_64.rpm
net-snmp-perl-5.7.2-28.0.1.el7_4.1.x86_64.rpm
net-snmp-python-5.7.2-28.0.1.el7_4.1.x86_64.rpm
net-snmp-sysvinit-5.7.2-28.0.1.el7_4.1.x86_64.rpm
net-snmp-utils-5.7.2-28.0.1.el7_4.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/net-snmp-5.7.2-28.0.1.el7_4.1.src.rpm
Description of changes:
[5.7.2-28.0.1.el7_4.1]
- Add Oracle ACFS to hrStorage (John Haxby) [orabug 26270539]
[1:5.7.2-28.1]
- Resolves: #1525421 - fix strstr() crash
ELBA-2018-0161 Oracle Linux 7 gtk3 bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0161
http://linux.oracle.com/errata/ELBA-2018-0161.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
gtk-update-icon-cache-3.22.10-5.el7_4.x86_64.rpm
gtk3-3.22.10-5.el7_4.i686.rpm
gtk3-3.22.10-5.el7_4.x86_64.rpm
gtk3-devel-3.22.10-5.el7_4.i686.rpm
gtk3-devel-3.22.10-5.el7_4.x86_64.rpm
gtk3-devel-docs-3.22.10-5.el7_4.x86_64.rpm
gtk3-immodule-xim-3.22.10-5.el7_4.x86_64.rpm
gtk3-immodules-3.22.10-5.el7_4.x86_64.rpm
gtk3-tests-3.22.10-5.el7_4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gtk3-3.22.10-5.el7_4.src.rpm
Description of changes:
[3.22.10-5]
- Fix touch emulated pointer motion event delivery with spice-gtk
Resolves: #1524317
ELBA-2018-0162 Oracle Linux 7 libdb bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0162
http://linux.oracle.com/errata/ELBA-2018-0162.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libdb-5.3.21-21.el7_4.i686.rpm
libdb-5.3.21-21.el7_4.x86_64.rpm
libdb-cxx-5.3.21-21.el7_4.i686.rpm
libdb-cxx-5.3.21-21.el7_4.x86_64.rpm
libdb-cxx-devel-5.3.21-21.el7_4.i686.rpm
libdb-cxx-devel-5.3.21-21.el7_4.x86_64.rpm
libdb-devel-5.3.21-21.el7_4.i686.rpm
libdb-devel-5.3.21-21.el7_4.x86_64.rpm
libdb-devel-doc-5.3.21-21.el7_4.noarch.rpm
libdb-devel-static-5.3.21-21.el7_4.i686.rpm
libdb-devel-static-5.3.21-21.el7_4.x86_64.rpm
libdb-java-5.3.21-21.el7_4.i686.rpm
libdb-java-5.3.21-21.el7_4.x86_64.rpm
libdb-java-devel-5.3.21-21.el7_4.i686.rpm
libdb-java-devel-5.3.21-21.el7_4.x86_64.rpm
libdb-sql-5.3.21-21.el7_4.i686.rpm
libdb-sql-5.3.21-21.el7_4.x86_64.rpm
libdb-sql-devel-5.3.21-21.el7_4.i686.rpm
libdb-sql-devel-5.3.21-21.el7_4.x86_64.rpm
libdb-tcl-5.3.21-21.el7_4.i686.rpm
libdb-tcl-5.3.21-21.el7_4.x86_64.rpm
libdb-tcl-devel-5.3.21-21.el7_4.i686.rpm
libdb-tcl-devel-5.3.21-21.el7_4.x86_64.rpm
libdb-utils-5.3.21-21.el7_4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libdb-5.3.21-21.el7_4.src.rpm
Description of changes:
[5.3.21-21]
- Fix deadlocks when reading/writing off-page duplicate tree (#1526929)
ELBA-2018-0164 Oracle Linux 7 at bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0164
http://linux.oracle.com/errata/ELBA-2018-0164.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
at-3.1.13-22.el7_4.2.x86_64.rpm
at-sysvinit-3.1.13-22.el7_4.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/at-3.1.13-22.el7_4.2.src.rpm
Description of changes:
[3.1.13-22.2]
- fix handling of the aborted jobs (due to possibly
temporary conditions) and avoid flooding the syslog
ELBA-2018-0166 Oracle Linux 7 cloud-init bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0166
http://linux.oracle.com/errata/ELBA-2018-0166.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
cloud-init-0.7.9-9.el7_4.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/cloud-init-0.7.9-9.el7_4.2.src.rpm
Description of changes:
[0.7.9-9.2]
- Prevent Azure NM and dhclient hooks from running when cloud-init is
disabled (rhbz#1530127)
ELBA-2018-0167 Oracle Linux 7 spice-gtk bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0167
http://linux.oracle.com/errata/ELBA-2018-0167.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
spice-glib-0.33-6.el7_4.1.i686.rpm
spice-glib-0.33-6.el7_4.1.x86_64.rpm
spice-glib-devel-0.33-6.el7_4.1.i686.rpm
spice-glib-devel-0.33-6.el7_4.1.x86_64.rpm
spice-gtk-tools-0.33-6.el7_4.1.x86_64.rpm
spice-gtk3-0.33-6.el7_4.1.i686.rpm
spice-gtk3-0.33-6.el7_4.1.x86_64.rpm
spice-gtk3-devel-0.33-6.el7_4.1.i686.rpm
spice-gtk3-devel-0.33-6.el7_4.1.x86_64.rpm
spice-gtk3-vala-0.33-6.el7_4.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/spice-gtk-0.33-6.el7_4.1.src.rpm
Description of changes:
[0.33-6.1]
- Fix stride misalignment
Resolves: rhbz#1532212
ELBA-2018-0168 Oracle Linux 7 rear bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0168
http://linux.oracle.com/errata/ELBA-2018-0168.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
rear-2.00-4.0.1.el7_4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/rear-2.00-4.0.1.el7_4.src.rpm
Description of changes:
[2.00-4.0.1]
- Change OS_VENDOR to OracleServer
[2.00-4]
- cd to the correct directory before md5sum to fix BACKUP_INTEGRITY_CHECK.
Upstream PR#1685, bz1532676
ELBA-2018-0170 Oracle Linux 6 samba bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0170
http://linux.oracle.com/errata/ELBA-2018-0170.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
libsmbclient-3.6.23-46.0.1.el6_9.i686.rpm
libsmbclient-devel-3.6.23-46.0.1.el6_9.i686.rpm
samba-3.6.23-46.0.1.el6_9.i686.rpm
samba-client-3.6.23-46.0.1.el6_9.i686.rpm
samba-common-3.6.23-46.0.1.el6_9.i686.rpm
samba-doc-3.6.23-46.0.1.el6_9.i686.rpm
samba-domainjoin-gui-3.6.23-46.0.1.el6_9.i686.rpm
samba-swat-3.6.23-46.0.1.el6_9.i686.rpm
samba-winbind-3.6.23-46.0.1.el6_9.i686.rpm
samba-winbind-clients-3.6.23-46.0.1.el6_9.i686.rpm
samba-winbind-devel-3.6.23-46.0.1.el6_9.i686.rpm
samba-winbind-krb5-locator-3.6.23-46.0.1.el6_9.i686.rpm
x86_64:
libsmbclient-3.6.23-46.0.1.el6_9.i686.rpm
libsmbclient-3.6.23-46.0.1.el6_9.x86_64.rpm
libsmbclient-devel-3.6.23-46.0.1.el6_9.i686.rpm
libsmbclient-devel-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-client-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-common-3.6.23-46.0.1.el6_9.i686.rpm
samba-common-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-doc-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-domainjoin-gui-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-glusterfs-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-swat-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-winbind-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-winbind-clients-3.6.23-46.0.1.el6_9.i686.rpm
samba-winbind-clients-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-winbind-devel-3.6.23-46.0.1.el6_9.i686.rpm
samba-winbind-devel-3.6.23-46.0.1.el6_9.x86_64.rpm
samba-winbind-krb5-locator-3.6.23-46.0.1.el6_9.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/samba-3.6.23-46.0.1.el6_9.src.rpm
Description of changes:
[3.6.23-46.0.1]
- Remove use-after-free talloc_tos() inlined function problem (John
Haxby) [orabug 18253258]
[3.6.24-46]
- resolves: #1511879 - Fix regression of CVE-2017-2619
ELBA-2018-0171 Oracle Linux 6 sysstat bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0171
http://linux.oracle.com/errata/ELBA-2018-0171.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
sysstat-9.0.4-33.el6_9.1.i686.rpm
x86_64:
sysstat-9.0.4-33.el6_9.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/sysstat-9.0.4-33.el6_9.1.src.rpm
Description of changes:
[9.0.4-33.1]
- fix mapping of device mapper ids greater than 256 (#1512573)
ELBA-2018-0172 Oracle Linux 6 xorg-x11-server bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0172
http://linux.oracle.com/errata/ELBA-2018-0172.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
xorg-x11-server-Xdmx-1.17.4-16.0.1.el6_9.1.i686.rpm
xorg-x11-server-Xephyr-1.17.4-16.0.1.el6_9.1.i686.rpm
xorg-x11-server-Xnest-1.17.4-16.0.1.el6_9.1.i686.rpm
xorg-x11-server-Xorg-1.17.4-16.0.1.el6_9.1.i686.rpm
xorg-x11-server-Xvfb-1.17.4-16.0.1.el6_9.1.i686.rpm
xorg-x11-server-common-1.17.4-16.0.1.el6_9.1.i686.rpm
xorg-x11-server-devel-1.17.4-16.0.1.el6_9.1.i686.rpm
xorg-x11-server-source-1.17.4-16.0.1.el6_9.1.noarch.rpm
x86_64:
xorg-x11-server-Xdmx-1.17.4-16.0.1.el6_9.1.x86_64.rpm
xorg-x11-server-Xephyr-1.17.4-16.0.1.el6_9.1.x86_64.rpm
xorg-x11-server-Xnest-1.17.4-16.0.1.el6_9.1.x86_64.rpm
xorg-x11-server-Xorg-1.17.4-16.0.1.el6_9.1.x86_64.rpm
xorg-x11-server-Xvfb-1.17.4-16.0.1.el6_9.1.x86_64.rpm
xorg-x11-server-common-1.17.4-16.0.1.el6_9.1.x86_64.rpm
xorg-x11-server-devel-1.17.4-16.0.1.el6_9.1.i686.rpm
xorg-x11-server-devel-1.17.4-16.0.1.el6_9.1.x86_64.rpm
xorg-x11-server-source-1.17.4-16.0.1.el6_9.1.noarch.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/xorg-x11-server-1.17.4-16.0.1.el6_9.1.src.rpm
Description of changes:
[1.17.4-16.0.1.1]
- Fix X server failure in FIPS mode (orabug 22866111)
[1.17.4-16.1]
- Fix ABI bug in Always backing store patch
ELBA-2018-0173 Oracle Linux 6 copy-jdk-configs bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0173
http://linux.oracle.com/errata/ELBA-2018-0173.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
copy-jdk-configs-1.3-3.el6_9.noarch.rpm
x86_64:
copy-jdk-configs-1.3-3.el6_9.noarch.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/copy-jdk-configs-1.3-3.el6_9.src.rpm
Description of changes:
[1.3-3]
- adapted (added policy subdir) patch1: newPolices.patch
- Resolves: rhbz#1513696
[1.3-2]
- added an daplied in install patch1: newPolices.patch
- Resolves: rhbz#1513696
ELBA-2018-0174 Oracle Linux 6 python-setuptools bugfix update.
Oracle Linux Bug Fix Advisory ELBA-2018-0174
http://linux.oracle.com/errata/ELBA-2018-0174.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
python-setuptools-0.6.10-4.el6_9.noarch.rpm
x86_64:
python-setuptools-0.6.10-4.el6_9.noarch.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/python-setuptools-0.6.10-4.el6_9.src.rpm
Description of changes:
[0.6.10-4]
- Enable https access to pypi.
Resolves: rhbz#1519849
ELBA-2018-0175 Oracle Linux 6 util-linux-ng bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0175
http://linux.oracle.com/errata/ELBA-2018-0175.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
libblkid-2.17.2-12.28.el6_9.2.i686.rpm
libblkid-devel-2.17.2-12.28.el6_9.2.i686.rpm
libuuid-2.17.2-12.28.el6_9.2.i686.rpm
libuuid-devel-2.17.2-12.28.el6_9.2.i686.rpm
util-linux-ng-2.17.2-12.28.el6_9.2.i686.rpm
uuidd-2.17.2-12.28.el6_9.2.i686.rpm
x86_64:
libblkid-2.17.2-12.28.el6_9.2.i686.rpm
libblkid-2.17.2-12.28.el6_9.2.x86_64.rpm
libblkid-devel-2.17.2-12.28.el6_9.2.i686.rpm
libblkid-devel-2.17.2-12.28.el6_9.2.x86_64.rpm
libuuid-2.17.2-12.28.el6_9.2.i686.rpm
libuuid-2.17.2-12.28.el6_9.2.x86_64.rpm
libuuid-devel-2.17.2-12.28.el6_9.2.i686.rpm
libuuid-devel-2.17.2-12.28.el6_9.2.x86_64.rpm
util-linux-ng-2.17.2-12.28.el6_9.2.i686.rpm
util-linux-ng-2.17.2-12.28.el6_9.2.x86_64.rpm
uuidd-2.17.2-12.28.el6_9.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/util-linux-ng-2.17.2-12.28.el6_9.2.src.rpm
Description of changes:
[2.17.2-12.28.el6_9.2]
- fix #1448225 - make hostname in login(1) prompt optional
ELBA-2018-0176 Oracle Linux 6 selinux-policy bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0176
http://linux.oracle.com/errata/ELBA-2018-0176.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
selinux-policy-3.7.19-307.0.1.el6_9.3.noarch.rpm
selinux-policy-doc-3.7.19-307.0.1.el6_9.3.noarch.rpm
selinux-policy-minimum-3.7.19-307.0.1.el6_9.3.noarch.rpm
selinux-policy-mls-3.7.19-307.0.1.el6_9.3.noarch.rpm
selinux-policy-targeted-3.7.19-307.0.1.el6_9.3.noarch.rpm
x86_64:
selinux-policy-3.7.19-307.0.1.el6_9.3.noarch.rpm
selinux-policy-doc-3.7.19-307.0.1.el6_9.3.noarch.rpm
selinux-policy-minimum-3.7.19-307.0.1.el6_9.3.noarch.rpm
selinux-policy-mls-3.7.19-307.0.1.el6_9.3.noarch.rpm
selinux-policy-targeted-3.7.19-307.0.1.el6_9.3.noarch.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/selinux-policy-3.7.19-307.0.1.el6_9.3.src.rpm
Description of changes:
[3.7.19-307.0.1.3]
- Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type.
- Allow ocfs2 to be mounted with file_t type.
[3.7.19-307.3]
- Allow sysadm_t to run puppet_exec_t binaries as puppet_t
Resolves: rhbz#1522765
ELBA-2018-0177 Oracle Linux 6 ntp bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0177
http://linux.oracle.com/errata/ELBA-2018-0177.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
ntp-4.2.6p5-12.0.1.el6_9.2.i686.rpm
ntp-doc-4.2.6p5-12.0.1.el6_9.2.noarch.rpm
ntp-perl-4.2.6p5-12.0.1.el6_9.2.i686.rpm
ntpdate-4.2.6p5-12.0.1.el6_9.2.i686.rpm
x86_64:
ntp-4.2.6p5-12.0.1.el6_9.2.x86_64.rpm
ntp-doc-4.2.6p5-12.0.1.el6_9.2.noarch.rpm
ntp-perl-4.2.6p5-12.0.1.el6_9.2.x86_64.rpm
ntpdate-4.2.6p5-12.0.1.el6_9.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/ntp-4.2.6p5-12.0.1.el6_9.2.src.rpm
Description of changes:
[4.2.6p5-12.0.1.el6_9.2]
- add disable monitor to default ntp.conf [CVE-2013-5211]
[4.2.6p5-12.el6_9.2]
- fix CVE-2016-7429 patch to work correctly on multicast client (#1525996)
ELEA-2018-0141 Oracle Linux 7 initscripts enhahcement update
Oracle Linux Enhancement Advisory ELEA-2018-0141
http://linux.oracle.com/errata/ELEA-2018-0141.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
debugmode-9.49.39-1.0.1.el7_4.1.x86_64.rpm
initscripts-9.49.39-1.0.1.el7_4.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/initscripts-9.49.39-1.0.1.el7_4.1.src.rpm
Description of changes:
[9.49.39-1.0.1.el7_4.1]
- modify SUBSCRIPTION_MSG
[9.49.39-1.el7_4.1]
- ARUPDATE option introduced
ELEA-2018-0142 Oracle Linux 7 device-mapper-multipath bug fix and enhancement update
Oracle Linux Enhancement Advisory ELEA-2018-0142
http://linux.oracle.com/errata/ELEA-2018-0142.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
device-mapper-multipath-0.4.9-111.el7_4.2.x86_64.rpm
device-mapper-multipath-devel-0.4.9-111.el7_4.2.i686.rpm
device-mapper-multipath-devel-0.4.9-111.el7_4.2.x86_64.rpm
device-mapper-multipath-libs-0.4.9-111.el7_4.2.i686.rpm
device-mapper-multipath-libs-0.4.9-111.el7_4.2.x86_64.rpm
device-mapper-multipath-sysvinit-0.4.9-111.el7_4.2.x86_64.rpm
kpartx-0.4.9-111.el7_4.2.x86_64.rpm
libdmmp-0.4.9-111.el7_4.2.i686.rpm
libdmmp-0.4.9-111.el7_4.2.x86_64.rpm
libdmmp-devel-0.4.9-111.el7_4.2.i686.rpm
libdmmp-devel-0.4.9-111.el7_4.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/device-mapper-multipath-0.4.9-111.el7_4.2.src.rpm
Description of changes:
[0.4.9-111.2]
- Modify Add 0220-RHBZ-1510834-prkey.patch
* Improve error checking for mpathpersist
- Resolves: bz #1510834
[0.4.9-111.1]
- Add 0218-RHBZ-1510837-add-feature-fix.patch
* handle null feature string
- Add 0219-RHBZ-1510834-unpriv-sgio.patch
* add unpriv_sgio configuration option to set unpriv_sgio on
multipath device
and paths
- Add 0220-RHBZ-1510834-prkey.patch
* allow setting reservation_key to "file" to set and read keys from
prkey_file. Also add new multipathd commands to modify the prkey file.
- Add 0221-RHBZ-1510839-nimble-config.patch
- Resolves: bz #1510834, #1510837, #1510839
ELSA-2018-0151 Important: Oracle Linux 7 kernel security and bug fix update
Oracle Linux Security Advisory ELSA-2018-0151
http://linux.oracle.com/errata/ELSA-2018-0151.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-3.10.0-693.17.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm
kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm
kernel-doc-3.10.0-693.17.1.el7.noarch.rpm
kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm
perf-3.10.0-693.17.1.el7.x86_64.rpm
python-perf-3.10.0-693.17.1.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-693.17.1.el7.src.rpm
Description of changes:
- [3.10.0-693.17.1.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel
(olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]
[3.10.0-693.17.1.el7]
- [s390] locking/barriers: remove old gmb() macro definition (Denys
Vlasenko) [1519788 1519786]
[3.10.0-693.16.1.el7]
- [x86] smpboot: Do not use smp_num_siblings in __max_logical_packages
calculation (Prarit Bhargava) [1533022 1519503]
- [x86] topology: Add topology_max_smt_threads() (Prarit Bhargava)
[1533022 1519503]
- [powerpc] spinlock: add gmb memory barrier (Jon Masters) [1519788
1519786] {CVE-2017-5753}
- [powerpc] Prevent Meltdown attack with L1-D$ flush (Jon Masters)
[1519800 1519801] {CVE-2017-5754}
- [s390] add ppa to system call and program check path (Jon Masters)
[1519795 1519798] {CVE-2017-5715}
- [s390] spinlock: add gmb memory barrier (Jon Masters) [1519788
1519786] {CVE-2017-5753}
- [s390] introduce CPU alternatives (Jon Masters) [1519795 1519798]
{CVE-2017-5715}
- [x86] spec_ctrl: move vmexit rmb in the last branch before IBRS
(Andrea Arcangeli) [1533373 1533250]
- [x86] spec_ctrl: satisfy the barrier like semantics of IBRS (Andrea
Arcangeli) [1533373 1533250]
- [fs] userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK
fails (Andrea Arcangeli) [1533372 1531287]
- [x86] kaiser/efi: unbreak tboot (Andrea Arcangeli) [1519795 1532989
1519798 1531559] {CVE-2017-5715}
- [x86] spec_ctrl: don't call ptrace_has_cap in the IBPB ctx switch
optimization (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] kaiser/efi: unbreak EFI old_memmap (Andrea Arcangeli) [1519795
1519798] {CVE-2017-5715}
- [x86] cpuidle_idle_call: fix double local_irq_enable() (Andrea
Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] entry: Invoke TRACE_IRQS_IRETQ in paranoid_userspace_restore_all
(Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] cpu: fix get_scattered_cpu_leaf sorting part #2 (Andrea
Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] spec_ctrl: show added cpuid flags in /proc/cpuinfo after late
microcode update (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] cpu: fix get_scattered_cpu_leaf for IBPB feature (Paolo Bonzini)
[1519795 1519798]
ELSA-2018-0158 Moderate: Oracle Linux 7 dhcp security update
Oracle Linux Security Advisory ELSA-2018-0158
http://linux.oracle.com/errata/ELSA-2018-0158.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
dhclient-4.2.5-58.0.1.el7_4.1.x86_64.rpm
dhcp-4.2.5-58.0.1.el7_4.1.x86_64.rpm
dhcp-common-4.2.5-58.0.1.el7_4.1.x86_64.rpm
dhcp-devel-4.2.5-58.0.1.el7_4.1.i686.rpm
dhcp-devel-4.2.5-58.0.1.el7_4.1.x86_64.rpm
dhcp-libs-4.2.5-58.0.1.el7_4.1.i686.rpm
dhcp-libs-4.2.5-58.0.1.el7_4.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/dhcp-4.2.5-58.0.1.el7_4.1.src.rpm
Description of changes:
[12:4.2.5-58.0.1.1]
- Added oracle-errwarn-message.patch
[12:4.2.5-58.1]
- Resolves: #1523475 - Fix omapi socket descriptors leak
ELSA-2018-0163 Important: Oracle Linux 7 389-ds-base security and bug fix update
Oracle Linux Security Advisory ELSA-2018-0163
http://linux.oracle.com/errata/ELSA-2018-0163.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
389-ds-base-1.3.6.1-26.el7_4.x86_64.rpm
389-ds-base-devel-1.3.6.1-26.el7_4.x86_64.rpm
389-ds-base-libs-1.3.6.1-26.el7_4.x86_64.rpm
389-ds-base-snmp-1.3.6.1-26.el7_4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/389-ds-base-1.3.6.1-26.el7_4.src.rpm
Description of changes:
[1.3.6.1-26]
- Bump version to 1.3.6.1-25
- Resolves: Bug 1534430 - crash in slapi_filter_sprintf
[1.3.6.1-25]
- Bump version to 1.3.6.1-25
- Resolves: Bug 1526928 - search with CoS attribute is getting slower
after modifying/adding CosTemplate
- Resolves: Bug 1523505 - opened connection are hanging, no longer poll
- Resolves: Bug 1523507 - IPA server replication broken, after DS
stop-start, due to changelog reset
ELSA-2018-0169 Important: Oracle Linux 6 kernel security and bug fix update
Oracle Linux Security Advisory ELSA-2018-0169
http://linux.oracle.com/errata/ELSA-2018-0169.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
kernel-2.6.32-696.20.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-696.20.1.el6.noarch.rpm
kernel-debug-2.6.32-696.20.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.20.1.el6.i686.rpm
kernel-devel-2.6.32-696.20.1.el6.i686.rpm
kernel-doc-2.6.32-696.20.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.20.1.el6.noarch.rpm
kernel-headers-2.6.32-696.20.1.el6.i686.rpm
perf-2.6.32-696.20.1.el6.i686.rpm
python-perf-2.6.32-696.20.1.el6.i686.rpm
x86_64:
kernel-2.6.32-696.20.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-696.20.1.el6.noarch.rpm
kernel-debug-2.6.32-696.20.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-696.20.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.20.1.el6.x86_64.rpm
kernel-devel-2.6.32-696.20.1.el6.x86_64.rpm
kernel-doc-2.6.32-696.20.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.20.1.el6.noarch.rpm
kernel-headers-2.6.32-696.20.1.el6.x86_64.rpm
perf-2.6.32-696.20.1.el6.x86_64.rpm
python-perf-2.6.32-696.20.1.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-696.20.1.el6.src.rpm
Description of changes:
[2.6.32-696.20.1.el6.OL6]
- Update genkey [bug 25599697]
[2.6.32-696.20.1.el6]
- [x86] kaiser/efi: unbreak tboot (Waiman Long) [1519799 1519802]
{CVE-2017-5754}
- [x86] pti/mm: Fix trampoline stack problem with XEN PV (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] pti/mm: Fix XEN PV boot failure (Waiman Long) [1519799 1519802]
{CVE-2017-5754}
- [x86] entry: Invoke TRACE_IRQS_IRETQ in paranoid_userspace_restore_all
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] spec_ctrl: show added cpuid flags in /proc/cpuinfo after late
microcode update (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: svm: spec_ctrl at vmexit needs per-cpu areas
functional (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: Eliminate redundnat FEATURE Not Present messages
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: enable IBRS and stuff_RSB before calling NMI C code
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: skip CAP_SYS_PTRACE check to skip audit (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: disable ibrs while in intel_idle() (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: skip IBRS/CR3 restore when paranoid exception returns
to userland (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- Revert "x86/entry: Use retpoline for syscall's indirect calls" (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/dump_pagetables: Allow dumping current pagetables (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/dump_pagetables: Add a pgd argument to walk_pgd_level()
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/dump_pagetables: Add page table directory (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] entry: Remove unneeded nmi_userspace code (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] entry: Fix nmi exit code with CONFIG_TRACE_IRQFLAGS (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: init_tss is supposed to go in the PAGE_ALIGNED
per-cpu section (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: Clear kdump pgd page to prevent incorrect behavior
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: consider the init_mm.pgd a kaiser pgd (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: convert userland visible "kpti" name to "pti" (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] spec_ctrl: set IBRS during resume from RAM if ibrs_enabled is 2
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/kaiser: __load_cr3 in resume from RAM after kernel %gs has
been restored (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/kaiser: Revert the __GFP_COMP flag change (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] entry: Fix paranoid_exit() trampoline clobber (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] spec_ctrl: allow use_ibp_disable only if both SPEC_CTRL and
IBPB_SUPPORT are missing (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: Documentation spec_ctrl.txt (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] spec_ctrl: remove irqs_disabled() check from intel_idle()
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: use enum when setting ibrs/ibpb_enabled (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: undo speculation barrier for ibrs_enabled and
noibrs_cmdline (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: introduce ibpb_enabled = 2 for IBPB instead of IBRS
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: introduce SPEC_CTRL_PCP_ONLY_IBPB (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: cleanup s/flush/sync/ naming when sending IPIs
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: set IBRS during CPU init if in ibrs_enabled == 2
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: use IBRS_ENABLED instead of 1 (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] spec_ctrl: allow the IBP disable feature to be toggled at
runtime (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: always initialize save_reg in
ENABLE_IBRS_SAVE_AND_CLOBBER (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: ibrs_enabled() is expected to return > 1 (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: CLEAR_EXTRA_REGS and extra regs save/restore (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] syscall: Clear unused extra registers on syscall (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] entry: Add back STUFF_RSB to interrupt and error paths (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/kaiser: make is_kaiser_pgd reliable (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: disable global pages by default with KAISER (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] revert: mm/kaiser: Disable global pages by default with KAISER
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] kaiser/mm: fix pgd freeing in error path (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] entry: Fix 32-bit program crash with 64-bit kernel on AMD boxes
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: reload spec_ctrl cpuid in all microcode load paths
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: Prevent unwanted speculation without IBRS (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: add noibrs noibpb boot options (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] entry: Use retpoline for syscall's indirect calls (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] syscall: Clear unused extra registers on 32-bit compatible
syscall entrance (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: rescan cpuid after a late microcode update (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: add debugfs ibrs_enabled ibpb_enabled (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: consolidate the spec control boot detection (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] Remove __cpuinitdata from some data & function (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] KVM/spec_ctrl: allow IBRS to stay enabled in host userland
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: move stuff_RSB in spec_ctrl.h (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] entry: Remove STUFF_RSB in error and interrupt code (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] entry: Stuff RSB for entry to kernel for non-SMEP platform
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm: Only set IBPB when the new thread cannot ptrace (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm: Set IBPB upon context switch (Waiman Long) [1519797 1519796]
{CVE-2017-5715}
- [x86] idle: Disable IBRS when offlining cpu and re-enable (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] idle: Disable IBRS entering idle and enable it on wakeup (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: implement spec ctrl C methods (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] spec_ctrl: save IBRS MSR value in save_paranoid for NMI (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] enter: Use IBRS on syscall and interrupts (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] spec_ctrl: swap rdx with rsi for nmi nesting detection (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: spec_ctrl_pcp and kaiser_enabled_pcp in same cachline
(Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: use per-cpu knob instead of ALTERNATIVES for ibpb and
ibrs (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] enter: MACROS to set/clear IBRS and set IBPB (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [kvm] x86: add SPEC_CTRL to MSR and CPUID lists (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [kvm] svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] svm: Set IBPB when running a different VCPU (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [kvm] vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [kvm] vmx: Set IBPB when running a different VCPU (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [kvm] x86: clear registers on VM exit (Waiman Long) [1519797 1519796]
{CVE-2017-5715}
- [x86] [kvm] Pad RSB on VM transition (Waiman Long) [1519797 1519796]
{CVE-2017-5715}
- [security] Add SPEC_CTRL Kconfig option (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] cpu/AMD: Control indirect branch predictor when SPEC_CTRL not
available (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] feature: Report presence of IBPB and IBRS control (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] feature: Enable the x86 feature to control Speculation (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] cpuid: Provide get_scattered_cpuid_leaf() (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] cpuid: Cleanup cpuid_regs definitions (Waiman Long) [1519797
1519796] {CVE-2017-5715}
- [x86] microcode: Share native MSR accessing variants (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] nop: Make the ASM_NOP* macros work from assembly (Waiman Long)
[1519797 1519796] {CVE-2017-5715}
- [x86] cpu: Clean up and unify the NOP selection infrastructure (Waiman
Long) [1519797 1519796] {CVE-2017-5715}
- [x86] entry: Further simplify the paranoid_exit code (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] entry: Remove trampoline check from paranoid entry path (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Don't switch to trampoline stack in paranoid_exit (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Simplify trampoline stack restore code (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [misc] locking/barriers: prevent speculative execution based on
Coverity scan results (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [fs] udf: prevent speculative execution (Waiman Long) [1519787
1519789] {CVE-2017-5753}
- [fs] prevent speculative execution (Waiman Long) [1519787 1519789]
{CVE-2017-5753}
- [scsi] qla2xxx: prevent speculative execution (Waiman Long) [1519787
1519789] {CVE-2017-5753}
- [netdrv] p54: prevent speculative execution (Waiman Long) [1519787
1519789] {CVE-2017-5753}
- [netdrv] carl9170: prevent speculative execution (Waiman Long)
[1519787 1519789] {CVE-2017-5753}
- [media] uvcvideo: prevent speculative execution (Waiman Long) [1519787
1519789] {CVE-2017-5753}
- [x86] cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
(Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [x86] cpu/AMD: Make the LFENCE instruction serialized (Waiman Long)
[1519787 1519789] {CVE-2017-5753}
- [kernel] locking/barriers: introduce new memory barrier gmb() (Waiman
Long) [1519787 1519789] {CVE-2017-5753}
- [x86] Fix typo preventing msr_set/clear_bit from having an effect
(Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [x86] Add another set of MSR accessor functions (Waiman Long) [1519787
1519789] {CVE-2017-5753}
- [x86] mm/kaiser: Replace kaiser with kpti to sync with upstream
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map the trace idt tables in userland shadow pgd
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add "kaiser" and "nokaiser" boot options (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] kaiser/mm: fix RESTORE_CR3 crash in kaiser_stop_machine (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: use stop_machine for enable/disable knob (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] kaiser/mm: use atomic ops to poison/unpoison user pagetables
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: use invpcid to flush the two kaiser PCID AISD (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: use two PCID ASIDs optimize the TLB during enter/exit
kernel (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: stop patching flush_tlb_single (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm: If INVPCID is available, use it to flush global mappings
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: use PCID feature to make user and kernel switches
faster (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/64: Initialize CR4.PCIDE early (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm: Add a 'noinvpcid' boot option to turn off INVPCID (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm: Add the 'nopcid' boot option to turn off PCID (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: validate trampoline stack (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] entry: Move SYSENTER_stack to the beginning of struct tss_struct
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: isolate the user mapped per cpu areas (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: selective boot time defaults (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser/xen: Dynamically disable KAISER when running under Xen
PV (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add Kconfig (Waiman Long) [1519799 1519802]
{CVE-2017-5754}
- [x86] mm/kaiser: avoid false positives during non-kaiser pgd updates
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: Respect disabled CPU features (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] kaiser/mm: trampoline stack comments (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: stack trampoline (Waiman Long) [1519799 1519802]
{CVE-2017-5754}
- [x86] mm/kaiser: re-enable vsyscalls (Waiman Long) [1519799 1519802]
{CVE-2017-5754}
- [x86] mm/kaiser: allow to build KAISER with KASRL (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: allow KAISER to be enabled/disabled at runtime
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: un-poison PGDs at runtime (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add a function to check for KAISER being enabled
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add debugfs file to turn KAISER on/off at runtime
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: disable native VSYSCALL (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map virtually-addressed performance monitoring
buffers (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add kprobes text section (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map trace interrupt entry (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map entry stack per-cpu areas (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map dynamically-allocated LDTs (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: make sure static PGDs are 8k in size (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: allow NX poison to be set in p4d/pgd (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: unmap kernel from userspace page tables (core patch)
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: mark per-cpu data structures required for entry/exit
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: introduce user-mapped per-cpu areas (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add cr3 switches to entry code (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: remove scratch registers (Waiman Long) [1519799
1519802] {CVE-2017-5754}
- [x86] mm/kaiser: prepare assembly for entry/exit CR3 switching (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: Disable global pages by default with KAISER (Waiman
Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm: Document X86_CR4_PGE toggling behavior (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm/tlb: Make CR4-based TLB flushes more robust (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm: Do not set _PAGE_USER for init_mm page tables (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] increase robusteness of bad_iret fixup handler (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [x86] mm: Check if PUD is large when validating a kernel address
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] Separate out entry text section (Waiman Long) [1519799 1519802]
{CVE-2017-5754}
- [include] linux/const.h: Add _BITUL() and _BITULL() (Waiman Long)
[1519799 1519802] {CVE-2017-5754}
- [include] linux/mmdebug.h: add VM_WARN_ON() and VM_WARN_ON_ONCE()
(Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [include] stddef.h: Move offsetofend() from vfio.h to a generic kernel
header (Waiman Long) [1519799 1519802] {CVE-2017-5754}
[2.6.32-696.19.1.el6]
- [scsi] bnx2fc: Fix hung task messages when a cleanup response is not
received during abort (Chad Dupuis) [1523783 1504260]
ELSA-2018-0223 Moderate: Oracle Linux 7 nautilus security update
Oracle Linux Security Advisory ELSA-2018-0223
http://linux.oracle.com/errata/ELSA-2018-0223.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
nautilus-3.22.3-4.el7_4.i686.rpm
nautilus-3.22.3-4.el7_4.x86_64.rpm
nautilus-devel-3.22.3-4.el7_4.i686.rpm
nautilus-devel-3.22.3-4.el7_4.x86_64.rpm
nautilus-extensions-3.22.3-4.el7_4.i686.rpm
nautilus-extensions-3.22.3-4.el7_4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nautilus-3.22.3-4.el7_4.src.rpm
Description of changes:
[3.22.3-4]
- Fix desktop files security issue (upstream bugzilla.gnome.org/777991)
Resolves: #1490949
ELSA-2018-4020: Important information regarding Spectre/Meltdown
The Oracle Ksplice development team has determined that mitigations for
the Intel processor design flaws leading to vulnerabilities
CVE-2017-5753, CVE-2017-5754, and CVE-2017-5715 cannot be applied using
zero-downtime (Ksplice) patching. Oracle therefore recommends that
customers install the required updates from their systems and hardware
vendors as they become available and reboot these machines upon applying
these patches.
SUPPORT
Ksplice support is available at ksplice-support_ww@oracle.com.
