Dracut/Microcode/QEMU-KVM/Libvirt Updates for Oracle Linux
Posted on: 01/05/2018 10:17 PM

The following updates has been released for Oracle Linux:

ELBA-2018-0042 Oracle Linux 7 dracut bug fix update
ELBA-2018-4002 Oracle Linux 6 dracut bug fix update
ELBA-2018-4003 Oracle Linux 6 microcode_ctl bug fix update
ELSA-2018-0023 Important: Oracle Linux 7 qemu-kvm security update
ELSA-2018-0024 Important: Oracle Linux 6 qemu-kvm security update
ELSA-2018-0029 Important: Oracle Linux 7 libvirt security update
ELSA-2018-0030 Important: Oracle Linux 6 libvirt security update

ELBA-2018-0042 Oracle Linux 7 dracut bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-0042

http://linux.oracle.com/errata/ELBA-2018-0042.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
dracut-033-502.0.1.el7_4.1.x86_64.rpm
dracut-caps-033-502.0.1.el7_4.1.x86_64.rpm
dracut-config-generic-033-502.0.1.el7_4.1.x86_64.rpm
dracut-config-rescue-033-502.0.1.el7_4.1.x86_64.rpm
dracut-fips-033-502.0.1.el7_4.1.x86_64.rpm
dracut-fips-aesni-033-502.0.1.el7_4.1.x86_64.rpm
dracut-network-033-502.0.1.el7_4.1.x86_64.rpm
dracut-tools-033-502.0.1.el7_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/dracut-033-502.0.1.el7_4.1.src.rpm



Description of changes:

[033-502.0.1.1]
- Enhancement of module alias handling for kernel upgrade and downgrade
compatibility [Orabug 24408414]
- Increase timeout when waiting for carrier detection on a network
interface [bug 24657828] (kevin.x.lyons@oracle.com)
- Update 0001-Dracut-Handle-module-alias-of-the-running-kernel.patch to
redirect to &1 instead of /dev/null [Orabug 24346754] [Orabug 24658791]
(Manjunath Govind)
- add Handle module alias of the running kernel [Orabug 24346754]
(Manjunath Govind)
- add Correctly handle module aliases [Orabug 22600855] (Fabian Vogt)
- add hyperv-keyboard for Hyper-V Gen2 VM [Orabug 19191303] (Vaughan Cao)

[033-502.1]
- Support Microcode Updates for AMD CPU Family 0x17
Resolves: #1476039


ELBA-2018-4002 Oracle Linux 6 dracut bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-4002

http://linux.oracle.com/errata/ELBA-2018-4002.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
dracut-004-409.0.7.el6_8.2.noarch.rpm
dracut-caps-004-409.0.7.el6_8.2.noarch.rpm
dracut-fips-004-409.0.7.el6_8.2.noarch.rpm
dracut-fips-aesni-004-409.0.7.el6_8.2.noarch.rpm
dracut-generic-004-409.0.7.el6_8.2.noarch.rpm
dracut-kernel-004-409.0.7.el6_8.2.noarch.rpm
dracut-network-004-409.0.7.el6_8.2.noarch.rpm
dracut-tools-004-409.0.7.el6_8.2.noarch.rpm

x86_64:
dracut-004-409.0.7.el6_8.2.noarch.rpm
dracut-caps-004-409.0.7.el6_8.2.noarch.rpm
dracut-fips-004-409.0.7.el6_8.2.noarch.rpm
dracut-fips-aesni-004-409.0.7.el6_8.2.noarch.rpm
dracut-generic-004-409.0.7.el6_8.2.noarch.rpm
dracut-kernel-004-409.0.7.el6_8.2.noarch.rpm
dracut-network-004-409.0.7.el6_8.2.noarch.rpm
dracut-tools-004-409.0.7.el6_8.2.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/dracut-004-409.0.7.el6_8.2.src.rpm



Description of changes:

[004-409.0.7.el6_8.2]
- Backport early microcode support [orabug 27298518]


ELBA-2018-4003 Oracle Linux 6 microcode_ctl bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-4003

http://linux.oracle.com/errata/ELBA-2018-4003.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
microcode_ctl-1.17-25.2.0.1.el6_9.i686.rpm

x86_64:
microcode_ctl-1.17-25.2.0.1.el6_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/microcode_ctl-1.17-25.2.0.1.el6_9.src.rpm



Description of changes:

[1:1.17-25.2.0.1]
- Enable early microcode load to allow updating Broadwell model 79
- Make sure "modprobe microcode" is not executed on Broadwell model 79
- Run dracut upon microcode update


ELSA-2018-0023 Important: Oracle Linux 7 qemu-kvm security update
Oracle Linux Security Advisory ELSA-2018-0023

http://linux.oracle.com/errata/ELSA-2018-0023.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
qemu-img-1.5.3-141.el7_4.6.x86_64.rpm
qemu-kvm-1.5.3-141.el7_4.6.x86_64.rpm
qemu-kvm-common-1.5.3-141.el7_4.6.x86_64.rpm
qemu-kvm-tools-1.5.3-141.el7_4.6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-141.el7_4.6.src.rpm



Description of changes:

[1.5.3-141.el7_4.6]
- Fix CVE-2017-5715

[1.5.3-141.el7_4.5]
- kvm-vfio-pci-Only-mmap-TARGET_PAGE_SIZE-regions.patch [bz#1515110]
- Resolves: bz#1515110
(Regression in QEMU handling for sub-page MMIO BARs for vfio-pci
devices [rhel-7.4.z])


ELSA-2018-0024 Important: Oracle Linux 6 qemu-kvm security update
Oracle Linux Security Advisory ELSA-2018-0024

http://linux.oracle.com/errata/ELSA-2018-0024.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
qemu-guest-agent-0.12.1.2-2.503.el6_9.4.i686.rpm

x86_64:
qemu-guest-agent-0.12.1.2-2.503.el6_9.4.x86_64.rpm
qemu-img-0.12.1.2-2.503.el6_9.4.x86_64.rpm
qemu-kvm-0.12.1.2-2.503.el6_9.4.x86_64.rpm
qemu-kvm-tools-0.12.1.2-2.503.el6_9.4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/qemu-kvm-0.12.1.2-2.503.el6_9.4.src.rpm



Description of changes:

[0.12.1.2-2.503.el6_9.4]
- Fix CVE-2017-5715


ELSA-2018-0029 Important: Oracle Linux 7 libvirt security update
Oracle Linux Security Advisory ELSA-2018-0029

http://linux.oracle.com/errata/ELSA-2018-0029.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libvirt-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-admin-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-client-3.2.0-14.0.1.el7_4.7.i686.rpm
libvirt-client-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-config-network-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-config-nwfilter-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-interface-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-lxc-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-network-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-nodedev-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-qemu-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-secret-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-core-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-kvm-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-daemon-lxc-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-devel-3.2.0-14.0.1.el7_4.7.i686.rpm
libvirt-devel-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-docs-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-libs-3.2.0-14.0.1.el7_4.7.i686.rpm
libvirt-libs-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-lock-sanlock-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-login-shell-3.2.0-14.0.1.el7_4.7.x86_64.rpm
libvirt-nss-3.2.0-14.0.1.el7_4.7.i686.rpm
libvirt-nss-3.2.0-14.0.1.el7_4.7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-3.2.0-14.0.1.el7_4.7.src.rpm



Description of changes:

[3.2.0-14.0.1.el7_4.7]
- bump release and rebuild

[3.2.0-14.el7_4.7]
- qemu: Properly store microcode version in QEMU caps cache (CVE-2017-5715)

[3.2.0-14.el7_4.6]
- util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD
(CVE-2017-5715)
- util: introduce virHostCPUGetMicrocodeVersion (CVE-2017-5715)
- cpu_x86: Rename virCPUx86MapInitialize (CVE-2017-5715)
- conf: include x86 microcode version in virsh capabiltiies (CVE-2017-5715)
- qemu: capabilities: force update if the microcode version does not
match (CVE-2017-5715)
- cpu: add CPU features and model for indirect branch prediction
protection (CVE-2017-5715)


ELSA-2018-0030 Important: Oracle Linux 6 libvirt security update
Oracle Linux Security Advisory ELSA-2018-0030

http://linux.oracle.com/errata/ELSA-2018-0030.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
libvirt-0.10.2-62.0.1.el6_9.1.i686.rpm
libvirt-client-0.10.2-62.0.1.el6_9.1.i686.rpm
libvirt-devel-0.10.2-62.0.1.el6_9.1.i686.rpm
libvirt-python-0.10.2-62.0.1.el6_9.1.i686.rpm

x86_64:
libvirt-0.10.2-62.0.1.el6_9.1.x86_64.rpm
libvirt-client-0.10.2-62.0.1.el6_9.1.i686.rpm
libvirt-client-0.10.2-62.0.1.el6_9.1.x86_64.rpm
libvirt-devel-0.10.2-62.0.1.el6_9.1.i686.rpm
libvirt-devel-0.10.2-62.0.1.el6_9.1.x86_64.rpm
libvirt-lock-sanlock-0.10.2-62.0.1.el6_9.1.x86_64.rpm
libvirt-python-0.10.2-62.0.1.el6_9.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/libvirt-0.10.2-62.0.1.el6_9.1.src.rpm



Description of changes:

[0.10.2-62.0.1.el6_9.1]
- Replace docs/et.png in tarball with blank image

[0.10.2-62.el6_9.1]
- util: Implement virFileReadHeaderFD (CVE-2017-5715)
- util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD
(CVE-2017-5715)
- util: introduce virHostCPUGetMicrocodeVersion (CVE-2017-5715)
- conf: include x86 microcode version in virsh capabiltiies (CVE-2017-5715)
- cpu: add CPU features and model for indirect branch prediction
protection (CVE-2017-5715)





Printed from Linux Compatible (https://www.linuxcompatible.org/news/story/dracutmicrocodeqemu_kvmlibvirt_updates_for_oracle_linux.html)