Oracle Linux 6154 Published by

The following updates has been released for Oracle Linux:

ELBA-2019-4696 Oracle Linux 7 microcode_ctl bug fix update
ELBA-2019-4697 Oracle Linux 6 microcode_ctl bug fix update
ELBA-2019-4698 Oracle Linux 6 Unbreakable Enterprise kernel bug fix update
ELBA-2019-4698 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update
ELSA-2019-1587 Important: Oracle Linux 7 python security update
ELSA-2019-4692 Important: Oracle Linux 7 libssh2 security update
ELSA-2019-4693 Important: Oracle Linux 6 libssh2 security update



ELBA-2019-4696 Oracle Linux 7 microcode_ctl bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-4696

http://linux.oracle.com/errata/ELBA-2019-4696.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
microcode_ctl-2.1-47.4.0.2.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/microcode_ctl-2.1-47.4.0.2.el7_6.src.rpm



Description of changes:

[2:2.1-47.4.0.2]
- for update safety, disable automatic late load on RPM install
- Add UEK versions with Broadwell safeguard code to safe version list.
- update 06-2d-07 to 0x718
- update 06-3f-04 to 0x15
- update 06-4f-01 to 0xb000037

[2:2.1-47.4]
- Remove disclaimer, as it is not as important now to justify kmsg/log
pollution; its contents are partially adopted in README.caveats.

[2:2.1-47.3]
- Intel CPU microcode update to 20190514a.
- Resolves: #1714958.


ELBA-2019-4697 Oracle Linux 6 microcode_ctl bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-4697

http://linux.oracle.com/errata/ELBA-2019-4697.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
microcode_ctl-1.17-1004.el6.i686.rpm

x86_64:
microcode_ctl-1.17-1004.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/microcode_ctl-1.17-1004.el6.src.rpm



Description of changes:

[1:1.17-1004]
- update Intel changelog to 20190514a correction (no functional change)
- update 06-2d-07 to 0x718
- update 06-3f-04 to 0x15
- update 06-4f-01 to 0xb000037

ELBA-2019-4698 Oracle Linux 6 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-4698

http://linux.oracle.com/errata/ELBA-2019-4698.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.28.5.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.28.5.el6uek.noarch.rpm
kernel-uek-4.1.12-124.28.5.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.28.5.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.28.5.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.28.5.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.28.5.el6uek.src.rpm



Description of changes:

[4.1.12-124.28.5.el6uek]
- vxlan: fix use-after-free on deletion (part 2) (Venkat Venkatsubra) [Orabug: 29927196]
- vxlan: use a more suitable function when assigning NULL (Mark Bloch) [Orabug: 29927196]
- vxlan: avoid using stale vxlan socket. (pravin shelar) [Orabug: 29927196]

[4.1.12-124.28.4.el6uek]
- x86/microcode: add SPEC_CTRL_SSBD to x86_spec_ctrl_mask on late loading. (Mihai Carabas) [Orabug: 29642139]
- block: do not use interruptible wait anywhere (Alan Jenkins) [Orabug: 29674055]
- vxlan: fix use-after-free on deletion (Mark Bloch) [Orabug: 29755932]
- vxlan: reduce usage of synchronize_net in ndo_stop (Hannes Frederic Sowa) [Orabug: 29755932]
- vxlan: synchronously and race-free destruction of vxlan sockets (Hannes Frederic Sowa) [Orabug: 29755932]
- vxlan: support both IPv4 and IPv6 sockets in a single vxlan device (Jiri Benc) [Orabug: 29755932]
- vxlan: make vxlan_sock_add and vxlan_sock_release complementary (Jiri Benc) [Orabug: 29755932]
- openvswitch: Re-add CONFIG_OPENVSWITCH_VXLAN (Venkat Venkatsubra) [Orabug: 29755932]
- openvswitch: Use regular VXLAN net_device device (Venkat Venkatsubra) [Orabug: 29755932]
- openvswitch: Abstract vport name through ovs_vport_name() (Thomas Graf) [Orabug: 29755932]
- openvswitch: Move dev pointer into vport itself (Thomas Graf) [Orabug: 29755932]
- ip_tunnel: Make ovs_tunnel_info and ovs_key_ipv4_tunnel generic (Thomas Graf) [Orabug: 29755932]
- vxlan: Factor out device configuration (Thomas Graf) [Orabug: 29755932]
- kexec: generate VMCOREINFO for module symbols (Isaac Chen) [Orabug: 29770217]
- kexec: generate VMCOREINFO for tasks and pid (Isaac Chen) [Orabug: 29770217]
- kexec: generate VMCOREINFO for trace dump (Isaac Chen) [Orabug: 29770217]


ELBA-2019-4698 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-4698

http://linux.oracle.com/errata/ELBA-2019-4698.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.28.5.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.28.5.el7uek.noarch.rpm
kernel-uek-4.1.12-124.28.5.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.28.5.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.28.5.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.28.5.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.28.5.el7uek.src.rpm



Description of changes:

[4.1.12-124.28.5.el7uek]
- vxlan: fix use-after-free on deletion (part 2) (Venkat Venkatsubra) [Orabug: 29927196]
- vxlan: use a more suitable function when assigning NULL (Mark Bloch) [Orabug: 29927196]
- vxlan: avoid using stale vxlan socket. (pravin shelar) [Orabug: 29927196]

[4.1.12-124.28.4.el7uek]
- x86/microcode: add SPEC_CTRL_SSBD to x86_spec_ctrl_mask on late loading. (Mihai Carabas) [Orabug: 29642139]
- block: do not use interruptible wait anywhere (Alan Jenkins) [Orabug: 29674055]
- vxlan: fix use-after-free on deletion (Mark Bloch) [Orabug: 29755932]
- vxlan: reduce usage of synchronize_net in ndo_stop (Hannes Frederic Sowa) [Orabug: 29755932]
- vxlan: synchronously and race-free destruction of vxlan sockets (Hannes Frederic Sowa) [Orabug: 29755932]
- vxlan: support both IPv4 and IPv6 sockets in a single vxlan device (Jiri Benc) [Orabug: 29755932]
- vxlan: make vxlan_sock_add and vxlan_sock_release complementary (Jiri Benc) [Orabug: 29755932]
- openvswitch: Re-add CONFIG_OPENVSWITCH_VXLAN (Venkat Venkatsubra) [Orabug: 29755932]
- openvswitch: Use regular VXLAN net_device device (Venkat Venkatsubra) [Orabug: 29755932]
- openvswitch: Abstract vport name through ovs_vport_name() (Thomas Graf) [Orabug: 29755932]
- openvswitch: Move dev pointer into vport itself (Thomas Graf) [Orabug: 29755932]
- ip_tunnel: Make ovs_tunnel_info and ovs_key_ipv4_tunnel generic (Thomas Graf) [Orabug: 29755932]
- vxlan: Factor out device configuration (Thomas Graf) [Orabug: 29755932]
- kexec: generate VMCOREINFO for module symbols (Isaac Chen) [Orabug: 29770217]
- kexec: generate VMCOREINFO for tasks and pid (Isaac Chen) [Orabug: 29770217]
- kexec: generate VMCOREINFO for trace dump (Isaac Chen) [Orabug: 29770217]

ELSA-2019-1587 Important: Oracle Linux 7 python security update

Oracle Linux Security Advisory ELSA-2019-1587

http://linux.oracle.com/errata/ELSA-2019-1587.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
python-2.7.5-80.0.1.el7_6.x86_64.rpm
python-debug-2.7.5-80.0.1.el7_6.x86_64.rpm
python-devel-2.7.5-80.0.1.el7_6.x86_64.rpm
python-libs-2.7.5-80.0.1.el7_6.i686.rpm
python-libs-2.7.5-80.0.1.el7_6.x86_64.rpm
python-test-2.7.5-80.0.1.el7_6.x86_64.rpm
python-tools-2.7.5-80.0.1.el7_6.x86_64.rpm
tkinter-2.7.5-80.0.1.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-2.7.5-80.0.1.el7_6.src.rpm



Description of changes:

[2.7.5-80.0.1]
- Add Oracle Linux distribution in platform.py [orabug 20812544]

[2.7.5-80]
- Security fix for CVE-2019-10160
Resolves: rhbz#1718401

ELSA-2019-4692 Important: Oracle Linux 7 libssh2 security update

Oracle Linux Security Advisory ELSA-2019-4692

http://linux.oracle.com/errata/ELSA-2019-4692.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libssh2-1.4.3-12.0.1.el7_6.2.i686.rpm
libssh2-1.4.3-12.0.1.el7_6.2.x86_64.rpm
libssh2-devel-1.4.3-12.0.1.el7_6.2.i686.rpm
libssh2-devel-1.4.3-12.0.1.el7_6.2.x86_64.rpm
libssh2-docs-1.4.3-12.0.1.el7_6.2.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libssh2-1.4.3-12.0.1.el7_6.2.src.rpm



Description of changes:

[1.4.3-12.0.1.el7_6.2]
- [Orabug: 29909723] Added patch CVE-2019-3862
added length checks to prevent out-of-bounds reads and writes in
_libssh2_packet_add()(CVE-2019-3862)

ELSA-2019-4693 Important: Oracle Linux 6 libssh2 security update

Oracle Linux Security Advisory ELSA-2019-4693

http://linux.oracle.com/errata/ELSA-2019-4693.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
libssh2-1.4.2-2.0.1.el6_7.1.i686.rpm
libssh2-devel-1.4.2-2.0.1.el6_7.1.i686.rpm
libssh2-docs-1.4.2-2.0.1.el6_7.1.i686.rpm

x86_64:
libssh2-1.4.2-2.0.1.el6_7.1.i686.rpm
libssh2-1.4.2-2.0.1.el6_7.1.x86_64.rpm
libssh2-devel-1.4.2-2.0.1.el6_7.1.i686.rpm
libssh2-devel-1.4.2-2.0.1.el6_7.1.x86_64.rpm
libssh2-docs-1.4.2-2.0.1.el6_7.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/libssh2-1.4.2-2.0.1.el6_7.1.src.rpm



Description of changes:

[1.4.2-2.0.1.el6_7.1]
- [Orabug: 29909723] Added patch CVE-2019-3862.
Added Additional length checks to prevent out-of-bounds (CVE-2019-3862)