The following updates has been released for Oracle Linux:
ELEA-2018-1670 Oracle Linux 7 kmod-redhat-megaraid_sas
ELSA-2018-1629 Important: Oracle Linux 7 kernel security update
ELSA-2018-1632 Important: Oracle Linux 7 libvirt security update
ELSA-2018-1633 Important: Oracle Linux 7 qemu-kvm security update
ELSA-2018-1647 Important: Oracle Linux 6 java-1.7.0-openjdk security update
ELSA-2018-1648 Important: Oracle Linux 7 java-1.7.0-openjdk security update
ELSA-2018-1649 Important: Oracle Linux 7 java-1.8.0-openjdk security update
ELSA-2018-1651 Important: Oracle Linux 6 kernel security and bug fix update
ELSA-2018-1660 Important: Oracle Linux 6 qemu-kvm security update
ELSA-2018-1669 Important: Oracle Linux 6 libvirt security update
ELEA-2018-1670 Oracle Linux 7 kmod-redhat-megaraid_sas
ELSA-2018-1629 Important: Oracle Linux 7 kernel security update
ELSA-2018-1632 Important: Oracle Linux 7 libvirt security update
ELSA-2018-1633 Important: Oracle Linux 7 qemu-kvm security update
ELSA-2018-1647 Important: Oracle Linux 6 java-1.7.0-openjdk security update
ELSA-2018-1648 Important: Oracle Linux 7 java-1.7.0-openjdk security update
ELSA-2018-1649 Important: Oracle Linux 7 java-1.8.0-openjdk security update
ELSA-2018-1651 Important: Oracle Linux 6 kernel security and bug fix update
ELSA-2018-1660 Important: Oracle Linux 6 qemu-kvm security update
ELSA-2018-1669 Important: Oracle Linux 6 libvirt security update
ELEA-2018-1670 Oracle Linux 7 kmod-redhat-megaraid_sas
Oracle Linux Enhancement Advisory ELEA-2018-1670
http://linux.oracle.com/errata/ELEA-2018-1670.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kmod-redhat-megaraid_sas-07.702.06.00_rh2_dup7.5-1.0.1.el7_5.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kmod-redhat-megaraid_sas-07.702.06.00_rh2_dup7.5-1.0.1.el7_5.src.rpm
Description of changes:
[07.702.06.00_rh2_dup7.5-1.0.1]
- add RHCK signature
[07.702.06.00_rh2_dup7.5-1]
- 1514ac33c3e6a00c504e6e5eb0289f3c23bb8aa4
- Resolves: #bz1578455
- megaraid_sas module for Driver Update Program
ELSA-2018-1629 Important: Oracle Linux 7 kernel security update
Oracle Linux Security Advisory ELSA-2018-1629
http://linux.oracle.com/errata/ELSA-2018-1629.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-3.10.0-862.3.2.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-862.3.2.el7.noarch.rpm
kernel-debug-3.10.0-862.3.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.3.2.el7.x86_64.rpm
kernel-devel-3.10.0-862.3.2.el7.x86_64.rpm
kernel-doc-3.10.0-862.3.2.el7.noarch.rpm
kernel-headers-3.10.0-862.3.2.el7.x86_64.rpm
kernel-tools-3.10.0-862.3.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.3.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.3.2.el7.x86_64.rpm
perf-3.10.0-862.3.2.el7.x86_64.rpm
python-perf-3.10.0-862.3.2.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-862.3.2.el7.src.rpm
Description of changes:
[3.10.0-862.3.2.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel
(olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]
[3.10.0-862.3.2.el7]
- [x86] spec_ctrl: Fix late microcode problem with AMD (Waiman Long)
[1566904 1566905] {CVE-2018-3639}
- [x86] entry: Add missing "$" in IBRS macros (Waiman Long) [1566904
1566905] {CVE-2018-3639}
- [x86] spec_ctrl: Clean up entry code & remove unused APIs (Waiman
Long) [1566904 1566905] {CVE-2018-3639}
- [x86] spec_ctrl: Mask off SPEC_CTRL MSR bits that are managed by
kernel (Waiman Long) [1566904 1566905] {CVE-2018-3639}
- [x86] spec_ctrl: add support for SSBD to RHEL IBRS entry/exit macros
(Waiman Long) [1566904 1566905] {CVE-2018-3639}
- [fs] proc: Use CamelCase for SSBD (Waiman Long) [1566904 1566905]
{CVE-2018-3639}
- [x86] bugs: Rename _RDS to _SSBD (Waiman Long) [1566904 1566905]
{CVE-2018-3639}
- [kernel] seccomp: Enable speculation flaw mitigations (Waiman Long)
[1566904 1566905] {CVE-2018-3639}
- [fs] proc: Provide details on speculation flaw mitigations (Waiman
Long) [1566904 1566905] {CVE-2018-3639}
- [x86] nospec: Allow getting/setting on non-current task (Waiman Long)
[1566904 1566905] {CVE-2018-3639}
- [x86] speculation: Add prctl for Speculative Store Bypass mitigation
(Waiman Long) [1566904 1566905] {CVE-2018-3639}
- [x86] process: Allow runtime control of Speculative Store Bypass
(Waiman Long) [1566904 1566905] {CVE-2018-3639}
- [uapi] prctl: Add speculation control prctls (Waiman Long) [1566904
1566905] {CVE-2018-3639}
- [x86] kvm/vmx: Expose SPEC_CTRL Bit(2) to the guest (Waiman Long)
[1566904 1566905] {CVE-2018-3639}
- [x86] bugs/amd: Add support to disable RDS on Fam[15, 16, 17]h if
requested (Waiman Long) [1566904 1566905] {CVE-2018-3639}
- [x86] spec_ctrl: Sync up RDS setting with IBRS code (Waiman Long)
[1566904 1566905] {CVE-2018-3639}
- [x86] bugs: Provide boot parameters for the spec_store_bypass_disable
mitigation (Waiman Long) [1566904 1566905] {CVE-2018-3639}
- [x86] bugs: Expose /sys/../spec_store_bypass (Waiman Long) [1566904
1566905] {CVE-2018-3639}
- [x86] bugs: Read SPEC_CTRL MSR during boot and re-use (Waiman Long)
[1566904 1566905] {CVE-2018-3639}
- [x86] spec_ctrl: Use separate PCP variables for IBRS entry and exit
(Waiman Long) [1566904 1566905] {CVE-2018-3639}
- [x86] cpufeatures: Make CPU bugs sticky (Waiman Long) [1566904
1566905] {CVE-2018-3639}
[3.10.0-862.3.1.el7]
- [x86] kpti/kexec: fix wrong page address in clear_page (Dave Young)
[1573173 1571162]
- [x86] kvm: fix icebp instruction handling (Paolo Bonzini) [1566849
1566845] {CVE-2018-1087}
- [x86] entry/64: Don't use IST entry for #BP stack (Paolo Bonzini)
[1567084 1567083] {CVE-2018-8897}
- [kernel] perf/hwbp: Simplify the perf-hwbp code, fix documentation
(Eugene Syromiatnikov) [1569878 1569874] {CVE-2018-1000199}
ELSA-2018-1632 Important: Oracle Linux 7 libvirt security update
Oracle Linux Security Advisory ELSA-2018-1632
http://linux.oracle.com/errata/ELSA-2018-1632.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libvirt-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-admin-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-client-3.9.0-14.el7_5.5.i686.rpm
libvirt-client-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-devel-3.9.0-14.el7_5.5.i686.rpm
libvirt-devel-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-docs-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-libs-3.9.0-14.el7_5.5.i686.rpm
libvirt-libs-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-login-shell-3.9.0-14.el7_5.5.x86_64.rpm
libvirt-nss-3.9.0-14.el7_5.5.i686.rpm
libvirt-nss-3.9.0-14.el7_5.5.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-3.9.0-14.el7_5.5.src.rpm
Description of changes:
[3.9.0-14.el7_5.5]
- cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
ELSA-2018-1633 Important: Oracle Linux 7 qemu-kvm security update
Oracle Linux Security Advisory ELSA-2018-1633
http://linux.oracle.com/errata/ELSA-2018-1633.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
qemu-img-1.5.3-156.el7_5.2.x86_64.rpm
qemu-kvm-1.5.3-156.el7_5.2.x86_64.rpm
qemu-kvm-common-1.5.3-156.el7_5.2.x86_64.rpm
qemu-kvm-tools-1.5.3-156.el7_5.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-156.el7_5.2.src.rpm
Description of changes:
[1.5.3-156.el7_5.2]
- kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch
[bz#1574075]
- Resolves: bz#1574075
(EMBARGOED CVE-2018-3639 qemu-kvm: Kernel: omega-4 [rhel-7.5.z])
ELSA-2018-1647 Important: Oracle Linux 6 java-1.7.0-openjdk security update
Oracle Linux Security Advisory ELSA-2018-1647
http://linux.oracle.com/errata/ELSA-2018-1647.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
java-1.7.0-openjdk-1.7.0.181-2.6.14.8.0.1.el6_9.i686.rpm
java-1.7.0-openjdk-demo-1.7.0.181-2.6.14.8.0.1.el6_9.i686.rpm
java-1.7.0-openjdk-devel-1.7.0.181-2.6.14.8.0.1.el6_9.i686.rpm
java-1.7.0-openjdk-javadoc-1.7.0.181-2.6.14.8.0.1.el6_9.noarch.rpm
java-1.7.0-openjdk-src-1.7.0.181-2.6.14.8.0.1.el6_9.i686.rpm
x86_64:
java-1.7.0-openjdk-1.7.0.181-2.6.14.8.0.1.el6_9.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.181-2.6.14.8.0.1.el6_9.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.181-2.6.14.8.0.1.el6_9.x86_64.rpm
java-1.7.0-openjdk-javadoc-1.7.0.181-2.6.14.8.0.1.el6_9.noarch.rpm
java-1.7.0-openjdk-src-1.7.0.181-2.6.14.8.0.1.el6_9.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/java-1.7.0-openjdk-1.7.0.181-2.6.14.8.0.1.el6_9.src.rpm
Description of changes:
[1:1.7.0.181-2.6.14.8.0.1]
- Update DISTRO_NAME in specfile
[1:1.7.0.181-2.6.14.8]
- added and applied 1566890_embargoed20180521.patch
- Resolves: rhbz#1578550
ELSA-2018-1648 Important: Oracle Linux 7 java-1.7.0-openjdk security update
Oracle Linux Security Advisory ELSA-2018-1648
http://linux.oracle.com/errata/ELSA-2018-1648.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
java-1.7.0-openjdk-1.7.0.181-2.6.14.8.0.1.el7_5.x86_64.rpm
java-1.7.0-openjdk-accessibility-1.7.0.181-2.6.14.8.0.1.el7_5.x86_64.rpm
java-1.7.0-openjdk-demo-1.7.0.181-2.6.14.8.0.1.el7_5.x86_64.rpm
java-1.7.0-openjdk-devel-1.7.0.181-2.6.14.8.0.1.el7_5.x86_64.rpm
java-1.7.0-openjdk-headless-1.7.0.181-2.6.14.8.0.1.el7_5.x86_64.rpm
java-1.7.0-openjdk-javadoc-1.7.0.181-2.6.14.8.0.1.el7_5.noarch.rpm
java-1.7.0-openjdk-src-1.7.0.181-2.6.14.8.0.1.el7_5.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/java-1.7.0-openjdk-1.7.0.181-2.6.14.8.0.1.el7_5.src.rpm
Description of changes:
[1:1.7.0.181-2.6.14.8.0.1]
- Update DISTRO_NAME in specfile
[1:1.7.0.181-2.6.14.8]
- added and applied 1566890_embargoed20180521.patch
- Resolves: rhbz#1578560
ELSA-2018-1649 Important: Oracle Linux 7 java-1.8.0-openjdk security update
Oracle Linux Security Advisory ELSA-2018-1649
http://linux.oracle.com/errata/ELSA-2018-1649.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-accessibility-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-accessibility-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-debug-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-demo-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-demo-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-devel-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-devel-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-headless-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-headless-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-javadoc-1.8.0.171-8.b10.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-debug-1.8.0.171-8.b10.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-1.8.0.171-8.b10.el7_5.noarch.rpm
java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.171-8.b10.el7_5.noarch.rpm
java-1.8.0-openjdk-src-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-src-1.8.0.171-8.b10.el7_5.x86_64.rpm
java-1.8.0-openjdk-src-debug-1.8.0.171-8.b10.el7_5.i686.rpm
java-1.8.0-openjdk-src-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm
Description of changes:
[1:1.8.0.171-8.b10]
- added and applied 1566890_embargoed20180521.patch
- Resolves: rhbz#1578555
ELSA-2018-1651 Important: Oracle Linux 6 kernel security and bug fix update
Oracle Linux Security Advisory ELSA-2018-1651
http://linux.oracle.com/errata/ELSA-2018-1651.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
kernel-2.6.32-696.30.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-696.30.1.el6.noarch.rpm
kernel-debug-2.6.32-696.30.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.30.1.el6.i686.rpm
kernel-devel-2.6.32-696.30.1.el6.i686.rpm
kernel-doc-2.6.32-696.30.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.30.1.el6.noarch.rpm
kernel-headers-2.6.32-696.30.1.el6.i686.rpm
perf-2.6.32-696.30.1.el6.i686.rpm
python-perf-2.6.32-696.30.1.el6.i686.rpm
x86_64:
kernel-2.6.32-696.30.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-696.30.1.el6.noarch.rpm
kernel-debug-2.6.32-696.30.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-696.30.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.30.1.el6.x86_64.rpm
kernel-devel-2.6.32-696.30.1.el6.x86_64.rpm
kernel-doc-2.6.32-696.30.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.30.1.el6.noarch.rpm
kernel-headers-2.6.32-696.30.1.el6.x86_64.rpm
perf-2.6.32-696.30.1.el6.x86_64.rpm
python-perf-2.6.32-696.30.1.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-696.30.1.el6.src.rpm
Description of changes:
[2.6.32-696.30.1.el6.OL6]
- Update genkey [bug 25599697]
[2.6.32-696.30.1.el6]
- [x86] x86/kvm: fix CPUID_7_EDX (word 18) mask (Jan Stancek) [1566893
1566899] {CVE-2018-3639}
[2.6.32-696.29.1.el6]
- [x86] x86/spec_ctrl: Fix late microcode problem with AMD (Waiman Long)
[1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: Clean up entry code & remove unused APIs (Waiman
Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: Mask off SPEC_CTRL MSR bits that are managed by
kernel (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: add support for SSBD to RHEL IBRS entry/exit
macros (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/bugs: Rename _RDS to _SSBD (Waiman Long) [1566893 1566899]
{CVE-2018-3639}
- [x86] x86/speculation: Add prctl for Speculative Store Bypass
mitigation (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/process: Allow runtime control of Speculative Store Bypass
(Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [kernel] prctl: Add speculation control prctls (Waiman Long) [1566893
1566899] {CVE-2018-3639}
- [x86] x86/kvm: Expose the RDS bit to the guest (Waiman Long) [1566893
1566899] {CVE-2018-3639}
- [x86] x86/bugs/AMD: Add support to disable RDS on Fam[15, 16, 17]h if
requested (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: Sync up RDS setting with IBRS code (Waiman Long)
[1566893 1566899] {CVE-2018-3639}
- [x86] x86/bugs: Provide boot parameters for the
spec_store_bypass_disable mitigation (Waiman Long) [1566893 1566899]
{CVE-2018-3639}
- [x86] x86/bugs: Expose the /sys/../spec_store_bypass and
X86_BUG_SPEC_STORE_BYPASS (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved
bits (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: Use separate PCP variables for IBRS entry and
exit (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] cpu/intel: Knight Mill and Moorefield update to intel-family.h
(Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/speculation: Update Speculation Control microcode blacklist
(Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on
Intel (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpufeatures: Clean up Spectre v2 related CPUID flags (Waiman
Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpufeatures: Add AMD feature bits for Speculation Control
(Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpufeatures: Add Intel feature bits for Speculation (Waiman
Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (Waiman Long)
[1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpu: Fill in feature word 13, CPUID_8000_0008_EBX (Waiman
Long) [1566893 1566899] {CVE-2018-3639}
- [x86] Extend RH cpuinfo to 10 extra words (Waiman Long) [1566893
1566899] {CVE-2018-3639}
- [x86] kpti/kexec: fix wrong page address in clear_page (Dave Young)
[1573176 1572487]
ELSA-2018-1660 Important: Oracle Linux 6 qemu-kvm security update
Oracle Linux Security Advisory ELSA-2018-1660
http://linux.oracle.com/errata/ELSA-2018-1660.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
qemu-guest-agent-0.12.1.2-2.503.el6_9.6.i686.rpm
x86_64:
qemu-guest-agent-0.12.1.2-2.503.el6_9.6.x86_64.rpm
qemu-img-0.12.1.2-2.503.el6_9.6.x86_64.rpm
qemu-kvm-0.12.1.2-2.503.el6_9.6.x86_64.rpm
qemu-kvm-tools-0.12.1.2-2.503.el6_9.6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/qemu-kvm-0.12.1.2-2.503.el6_9.6.src.rpm
Description of changes:
[0.12.1.2-2.503.el6_9.6]
- qemu-kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch
[bz#1574067]
- Resolves: bz#1574067
(EMBARGOED CVE-2018-3639 qemu-kvm: Kernel: omega-4 [rhel-6.9.z])
ELSA-2018-1669 Important: Oracle Linux 6 libvirt security update
Oracle Linux Security Advisory ELSA-2018-1669
http://linux.oracle.com/errata/ELSA-2018-1669.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
libvirt-0.10.2-62.0.1.el6_9.2.i686.rpm
libvirt-client-0.10.2-62.0.1.el6_9.2.i686.rpm
libvirt-devel-0.10.2-62.0.1.el6_9.2.i686.rpm
libvirt-python-0.10.2-62.0.1.el6_9.2.i686.rpm
x86_64:
libvirt-0.10.2-62.0.1.el6_9.2.x86_64.rpm
libvirt-client-0.10.2-62.0.1.el6_9.2.i686.rpm
libvirt-client-0.10.2-62.0.1.el6_9.2.x86_64.rpm
libvirt-devel-0.10.2-62.0.1.el6_9.2.i686.rpm
libvirt-devel-0.10.2-62.0.1.el6_9.2.x86_64.rpm
libvirt-lock-sanlock-0.10.2-62.0.1.el6_9.2.x86_64.rpm
libvirt-python-0.10.2-62.0.1.el6_9.2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/libvirt-0.10.2-62.0.1.el6_9.2.src.rpm
Description of changes:
[0.10.2-62.0.1.el6_9.2]
- Replace docs/et.png in tarball with blank image
[0.10.2-62.el6_9.2]
- cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
