Oracle Linux 6154 Published by

The following updates has been released for Oracle Linux:

ELBA-2017-3628 Oracle Linux 7 docker-engine bug fix update
ELSA-2017-3629 Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2017-3629 Moderate: Oracle Linux 7 Unbreakable Enterprise kernel security update



ELBA-2017-3628 Oracle Linux 7 docker-engine bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3628

http://linux.oracle.com/errata/ELBA-2017-3628.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
docker-engine-17.06.2.ol-1.0.1.el7.x86_64.rpm
container-selinux-2.21-1.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/docker-engine-17.06.2.ol-1.0.1.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/container-selinux-2.21-1.el7.src.rpm



Description of changes:

docker-engine
[17.06.2.ol-1.0.1]
- add docker-storage-config utility
- build updated docker-engine package for Oracle Linux 7
- bump version to 17.06.2-ce

[17.06.0-ce]
- release docker-ce 17.06.0-ce

[17.06.0-ce-rc5]
- release docker-ce 17.06.0-ce-rc5

[17.06.0-ce-rc4]
- release docker-ce 17.06.0-ce-rc4

[17.06.0-ce-rc3]
- release docker-ce 17.06.0-ce-rc3

[17.06.0-ce-rc2]
- release docker-ce 17.06.0-ce-rc2

[17.06.0-ce-rc1]
- release docker-ce 17.06.0-ce-rc1

container-selinux
[2:2.21-1]
- Resolves: #1469661
- bump to v2.21
- built commit 333854a

[2:2.20-2]
- Resolves: #1463549
- built commit 532fa20

[2:2.20-1.1]
- rebase

[2:2.19-2.1]
- update release tag to isolate from 7.3

[2:2.19-1]
- Fix mcs transition problem on stdin/stdout/stderr
- Add labels for CRI-O
- Allow containers to use tunnel sockets

[2:2.15-1.1]
- Resolves: #1451289
- rebase to v2.15
- built @origin/RHEL-1.12 commit 583ca40

[2:2.10-2.1]
- Make sure we have a late enough version of policycoreutils

[2:2.10-1]
- Update to the latest container-selinux patch from upstream
- Label files under /usr/libexec/lxc as container_runtime_exec_t
- Give container_t access to XFRM sockets
- Allow spc_t to dbus chat with init system
- Allow containers to read cgroup configuration mounted into a container

[2:2.9-4]
- Resolves: #1425574
- built commit 79a6d70

[2:2.9-3]
- Resolves: #1420591
- built @origin/RHEL-1.12 commit 8f876c4

[2:2.9-2]
- built @origin/RHEL-1.12 commit 33cb78b

[2:2.8-2]
-

[2:2.7-1]
- built origin/RHEL-1.12 commit 21dd37b

[2:2.4-2]
- correct version-release in changelog entries

[2:2.4-1]
- Add typebounds statement for container_t from container_runtime_t
- We should only label runc not runc*

[2:2.3-1]
- Fix labeling on /usr/bin/runc.*
- Add sandbox_net_domain access to container.te
- Remove containers ability to look at /etc content

[2:2.2-4]
- use upstream's RHEL-1.12 branch, commit 56c32da for CentOS 7

[2:2.2-3]
- properly disable docker module in %post

[2:2.2-2]
- depend on selinux-policy-targeted
- relabel docker-latest* files as well

[2:2.2-1]
- bump to v2.2
- additional labeling for ocid

[2:2.0-2]
- install policy at level 200
- From: Dan Walsh

[2:2.0-1]
- Resolves: #1406517 - bump to v2.0 (first upload to Fedora as a
standalone package)
- include projectatomic/RHEL-1.12 branch commit for building on centos/rhel

[2:1.12.4-29]
- new package (separated from docker)

ELSA-2017-3629 Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2017-3629

http://linux.oracle.com/errata/ELSA-2017-3629.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-103.7.3.el6uek.x86_64.rpm
kernel-uek-doc-4.1.12-103.7.3.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-103.7.3.el6uek.noarch.rpm
kernel-uek-devel-4.1.12-103.7.3.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-103.7.3.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-103.7.3.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-103.7.3.el6uek.src.rpm



Description of changes:

[4.1.12-103.7.3.el6uek]
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
(Tim Tianyang Chen) [Orabug: 26943541] {CVE-2017-7541}

[4.1.12-103.7.2.el6uek]
- rebuild bumping release


ELSA-2017-3629 Moderate: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2017-3629

http://linux.oracle.com/errata/ELSA-2017-3629.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-103.7.3.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-103.7.3.el7uek.noarch.rpm
kernel-uek-4.1.12-103.7.3.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-103.7.3.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-103.7.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-103.7.3.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-103.7.3.el7uek.src.rpm



Description of changes:

[4.1.12-103.7.3.el7uek]
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
(Tim Tianyang Chen) [Orabug: 26943541] {CVE-2017-7541}

[4.1.12-103.7.2.el7uek]
- rebuild bumping release