Oracle Linux 6154 Published by

The following updates has been released for Oracle Linux:

ELBA-2018-2770 Oracle Linux 7 pcs bugfix update
ELBA-2018-4232 Oracle Linux 7 selinux-policy bug fix update
ELBA-2018-4232 Oracle Linux 7 selinux-policy bug fix update (aarch64)
ELSA-2018-2835 Moderate: Oracle Linux 7 firefox security update (aarch64)
ELSA-2018-4230 Important: Oracle Linux 6 Unbreakable Enterprise kernel bug fix update
ELSA-2018-4230 Important: Oracle Linux 7 Unbreakable Enterprise kernel bug fix update
ELSA-2018-4233 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2018-4233 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2018-4234 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
ELSA-2018-4234 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update



ELBA-2018-2770 Oracle Linux 7 pcs bugfix update

Oracle Linux Bug Fix Advisory ELBA-2018-2770

http://linux.oracle.com/errata/ELBA-2018-2770.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
pcs-0.9.162-5.0.7.el7_5.2.x86_64.rpm
pcs-snmp-0.9.162-5.0.7.el7_5.2.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/pcs-0.9.162-5.0.7.el7_5.2.src.rpm



Description of changes:

[0.9.162-5.0.7.el7_5.2]
- replace logo pcsd/public/favicon.ico in tarball
- remove Source1 HAM-logo.png

[0.9.162-5.el7_5.2]
- Fix instance attributes setting for fence agents `fence_compute` and
`fence_evacuate`
- Resolves: rhbz#1628070


ELBA-2018-4232 Oracle Linux 7 selinux-policy bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4232

http://linux.oracle.com/errata/ELBA-2018-4232.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
selinux-policy-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-devel-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-minimum-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-mls-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-targeted-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-doc-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-sandbox-3.13.1-192.0.6.el7_5.6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/selinux-policy-3.13.1-192.0.6.el7_5.6.src.rpm



Description of changes:

[3.13.1-192.0.6]
- Allow map permission for systemd-journald [OraBug 28523895]
- contrib: allow map permission where needed [OraBug 28523895]
- allow map permission where needed [OraBug 28523895]
- Remove map permissions from merging commit with refpolicy [OraBug
28523895]
- Allow sssd_t domain to map sssd_var_lib_t files [OraBug 28523895]
- Allow just map permission insead of using mmap_file_pattern because
mmap_files_pattern allows also executing objects. [OraBug 28523895]
- Allow abrt_t domain to mmap files with label syslogd_var_run_t
BZ(1514975) [OraBug 28523895]
- Allow mandb_t domain to mmap files with label mandb_cache_t
BZ(1514093) [OraBug 28523895]
- Update gnome_manage_home_config() to allow also map permission
BZ(1544270) [OraBug 28523895]
- Allow rpm domain to mmap rpm_var_lib_t files [OraBug 28523895]
- logging: Various audit tools (auditctl, ausearch, etc) map their
config and logs [OraBug 28523895]



ELBA-2018-4232 Oracle Linux 7 selinux-policy bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2018-4232

http://linux.oracle.com/errata/ELBA-2018-4232.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
selinux-policy-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-devel-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-minimum-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-mls-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-targeted-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-doc-3.13.1-192.0.6.el7_5.6.noarch.rpm
selinux-policy-sandbox-3.13.1-192.0.6.el7_5.6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/selinux-policy-3.13.1-192.0.6.el7_5.6.src.rpm



Description of changes:

[3.13.1-192.0.6]
- Allow map permission for systemd-journald [OraBug 28523895]
- contrib: allow map permission where needed [OraBug 28523895]
- allow map permission where needed [OraBug 28523895]
- Remove map permissions from merging commit with refpolicy [OraBug
28523895]
- Allow sssd_t domain to map sssd_var_lib_t files [OraBug 28523895]
- Allow just map permission insead of using mmap_file_pattern because
mmap_files_pattern allows also executing objects. [OraBug 28523895]
- Allow abrt_t domain to mmap files with label syslogd_var_run_t
BZ(1514975) [OraBug 28523895]
- Allow mandb_t domain to mmap files with label mandb_cache_t
BZ(1514093) [OraBug 28523895]
- Update gnome_manage_home_config() to allow also map permission
BZ(1544270) [OraBug 28523895]
- Allow rpm domain to mmap rpm_var_lib_t files [OraBug 28523895]
- logging: Various audit tools (auditctl, ausearch, etc) map their
config and logs [OraBug 28523895]


ELSA-2018-2835 Moderate: Oracle Linux 7 firefox security update (aarch64)

Oracle Linux Security Advisory ELSA-2018-2835

http://linux.oracle.com/errata/ELSA-2018-2835.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
firefox-60.2.1-1.0.1.el7_5.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/firefox-60.2.1-1.0.1.el7_5.src.rpm



Description of changes:

[60.2.1-1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red
Hat file

[60.2.1-1]
- Update to 60.2.1 ESR


ELSA-2018-4230 Important: Oracle Linux 6 Unbreakable Enterprise kernel bug fix update

Oracle Linux Security Advisory ELSA-2018-4230

http://linux.oracle.com/errata/ELSA-2018-4230.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-124.19.6.el6uek.x86_64.rpm
kernel-uek-doc-4.1.12-124.19.6.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.19.6.el6uek.noarch.rpm
kernel-uek-devel-4.1.12-124.19.6.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.19.6.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.19.6.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.19.6.el6uek.src.rpm



Description of changes:

[4.1.12-124.19.6.el6uek]
- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug:
28709994] {CVE-2018-14634}

ELSA-2018-4230 Important: Oracle Linux 7 Unbreakable Enterprise kernel bug fix update

Oracle Linux Security Advisory ELSA-2018-4230

http://linux.oracle.com/errata/ELSA-2018-4230.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.19.6.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.19.6.el7uek.noarch.rpm
kernel-uek-4.1.12-124.19.6.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.19.6.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.19.6.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.19.6.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.19.6.el7uek.src.rpm



Description of changes:

[4.1.12-124.19.6.el7uek]
- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug:
28709994] {CVE-2018-14634}

ELSA-2018-4233 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2018-4233

http://linux.oracle.com/errata/ELSA-2018-4233.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.24.3.el6uek.noarch.rpm
kernel-uek-doc-3.8.13-118.24.3.el6uek.noarch.rpm
kernel-uek-3.8.13-118.24.3.el6uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.24.3.el6uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.24.3.el6uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.24.3.el6uek.x86_64.rpm
dtrace-modules-3.8.13-118.24.3.el6uek-0.4.5-3.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-3.8.13-118.24.3.el6uek.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/dtrace-modules-3.8.13-118.24.3.el6uek-0.4.5-3.el6.src.rpm



Description of changes:

kernel-uek
[3.8.13-118.24.3.el6uek]
- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug:
28710010] {CVE-2018-14634}


ELSA-2018-4233 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2018-4233

http://linux.oracle.com/errata/ELSA-2018-4233.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.24.3.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-118.24.3.el7uek.noarch.rpm
kernel-uek-3.8.13-118.24.3.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.24.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.24.3.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.24.3.el7uek.x86_64.rpm
dtrace-modules-3.8.13-118.24.3.el7uek-0.4.5-3.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.24.3.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.24.3.el7uek-0.4.5-3.el7.src.rpm



Description of changes:

kernel-uek
[3.8.13-118.24.3.el7uek]
- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug:
28710010] {CVE-2018-14634}

ELSA-2018-4234 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2018-4234

http://linux.oracle.com/errata/ELSA-2018-4234.html

The following updated rpms for Oracle Linux 5 Extended Lifecycle Support
(ELS) have been uploaded to the Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.301.2.el5uek.i686.rpm
kernel-uek-debug-2.6.39-400.301.2.el5uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.301.2.el5uek.i686.rpm
kernel-uek-devel-2.6.39-400.301.2.el5uek.i686.rpm
kernel-uek-doc-2.6.39-400.301.2.el5uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.301.2.el5uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.301.2.el5uek.noarch.rpm
kernel-uek-doc-2.6.39-400.301.2.el5uek.noarch.rpm
kernel-uek-2.6.39-400.301.2.el5uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.301.2.el5uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.301.2.el5uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.301.2.el5uek.x86_64.rpm




Description of changes:

[2.6.39-400.301.2.el5uek]
- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug:
28710024] {CVE-2018-14634}


ELSA-2018-4234 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2018-4234

http://linux.oracle.com/errata/ELSA-2018-4234.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.301.2.el6uek.i686.rpm
kernel-uek-debug-2.6.39-400.301.2.el6uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.301.2.el6uek.i686.rpm
kernel-uek-devel-2.6.39-400.301.2.el6uek.i686.rpm
kernel-uek-doc-2.6.39-400.301.2.el6uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.301.2.el6uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.301.2.el6uek.noarch.rpm
kernel-uek-doc-2.6.39-400.301.2.el6uek.noarch.rpm
kernel-uek-2.6.39-400.301.2.el6uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.301.2.el6uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.301.2.el6uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.301.2.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.39-400.301.2.el6uek.src.rpm



Description of changes:

[2.6.39-400.301.2.el6uek]
- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug:
28710024] {CVE-2018-14634}