Linux Compatible
  • News
    • Channels
    • Archive
    • Search
    • Submit
  • Articles
    • Categories
  • Knowledgebase
  • Compatibility
    • Search
  • Links
  • Forums
  • Twitter
Advertisement

Latest News
[ Windows | Linux | Apple ]

· Plugable USBC-NVME Tool-Less NVMe SSD Enclosure Capsule Review and more
· Windows 10 Insider Preview Build 18836 released
· Mozilla-Thunderbird (SSA:2019-045-01) Update for Slackware
· Ubuntu 18.04.2 LTS released
· Kmod-Redhat-Nfit Update for Oracle Linux 7
· Python-GnuPG, Unbound, Firefox-ESR updates for Debian
· Curl, Lua53, Spice, Mozilla, Python, RMT-Server Updates for openSUSE
· Metro Exodus PC Game Reviews and more
· Mozilla-Firefox (SSA:2019-044-01) Update for Slackware
· WebKitGTK+ and Django Updates for Ubuntu

Linux Compatibility
· Brother DCP-L2540DN
· Sound Blaster E5
· WD Elements 500GB external hard drive
· Canon D660U Flatbad scanner
· Umax Astra 4500 USB Scanner
· Logitech QuickCam Pro 4000
· Dell Latitude E6420
· Creative Sound Blaster Z
· Photosmart 5520
· TB-5300 Slimline Design Tablet

New Forum Topics
· Dale
by: Dale Blinco
on: 2018-02-05 00:26
1 replies, 3988 views

· modem driver needed
by: jongiffen777
on: 2017-12-13 11:11
1 replies, 5718 views

· Need a decent browser for XP Pro!
by: percy
on: 2017-12-05 11:02
2 replies, 7136 views

· Comodo Time Machine + Faronics Deep Freeze
by: Jabberwocky
on: 2017-11-15 23:17
1 replies, 5654 views

· Linux compatablity
by: ibme
on: 2017-10-04 18:05
1 replies, 7589 views

News Channels
· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android
· Oracle Linux
· Arch Linux

What's New
Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Linux Compatible » News » March 2018 » Microcode_CTL/Quagga/Ruby/UEKR2 Updates for Oracle Linux

Microcode_CTL/Quagga/Ruby/UEKR2 Updates for Oracle Linux

Posted by Philipp Esselbach on: 03/01/2018 10:05 AM [ Print | 0 comment(s) ]

The following updates has been released for Oracle Linux:

ELBA-2018-4046 Oracle Linux 7 microcode_ctl bug fix update
ELBA-2018-4047 Oracle Linux 6 microcode_ctl bug fix update
ELSA-2018-0377 Important: Oracle Linux 7 quagga security update
ELSA-2018-0378 Important: Oracle Linux 7 ruby security update
New Ksplice updates for UEKR2 2.6.39 on OL5 and OL6 (ELSA-2018-4041)




ELBA-2018-4046 Oracle Linux 7 microcode_ctl bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-4046

http://linux.oracle.com/errata/ELBA-2018-4046.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
microcode_ctl-2.1-22.5.0.5.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/microcode_ctl-2.1-22.5.0.5.el7_4.src.rpm



Description of changes:

[2.1-22.5.0.5]
- Update 306f2 (06-3f-02) to rev 0x3c.
- Update 406f1 (06-4f-01) to rev 0xb00002a.

[2.1-22.5.0.4]
- Update 50654 (06-55-04) to rev 0x2000043.

[2.1-22.5.0.3]
- Revert Intel 20180108 microcode for CPUIDs: {CVE-2017-5715}
306c3 (06-3c-03 rev 0x23, Haswell);
306d4 (06-3d-04 rev 0x28, Broadwell);
306f2 (06-3f-02 rev 0x3b, Haswell);
306f4 (06-3f-04 rev 0x10, Haswell);
306e4 (06-3e-04 rev 0x42a, Ivy Bridge);
40651 (06-45-01 rev 0x21, Haswell);
40661 (06-46-01 rev 0x18, Haswell);
40671 (06-47-01 rev 0x1b, Broadwell);
406e3 (06-4e-03 rev 0xc2, Skylake);
406f1 (06-4f-01 rev 0xb000025, Broadwell);
50654 (06-55-04 rev 0x200003c, Skylake);
50662 (06-56-02 rev 0x14, Broadwell);
50663 (06-56-03 rev 0x7000011, Broadwell);
506e3 (06-5e-03 rev 0xc2, Skylake);
706a1 (06-7a-01 rev 0x22);
806e9 (06-8e-09 rev 0x80, Kaby Lake);
806ea (06-8e-0a rev 0x80);
906e9 (06-9e-09 rev 0x80, Kaby Lake)
906ea (06-9e-0a rev 0x80);
906eb (06-9e-0b rev 0x80)

[2.1-22.5.0.2]
- Add updated Intel 20180108 microcode for CPUIDs: {CVE-2017-5715}
306c3 (06-3c-03 rev 0x23, Haswell);
306d4 (06-3d-04 rev 0x28, Broadwell);
306f2 (06-3f-02 rev 0x3b, Haswell);
306f4 (06-3f-04 rev 0x10, Haswell);
306e4 (06-3e-04 rev 0x42a, Ivy Bridge);
40651 (06-45-01 rev 0x21, Haswell);
40661 (06-46-01 rev 0x18, Haswell);
40671 (06-47-01 rev 0x1b, Broadwell);
406e3 (06-4e-03 rev 0xc2, Skylake);
406f1 (06-4f-01 rev 0xb000025, Broadwell);
50654 (06-55-04 rev 0x200003c, Skylake);
50662 (06-56-02 rev 0x14, Broadwell);
50663 (06-56-03 rev 0x7000011, Broadwell);
506e3 (06-5e-03 rev 0xc2, Skylake);
706a1 (06-7a-01 rev 0x22);
806e9 (06-8e-09 rev 0x80, Kaby Lake);
806ea (06-8e-0a rev 0x80);
906e9 (06-9e-09 rev 0x80, Kaby Lake)
906ea (06-9e-0a rev 0x80);
906eb (06-9e-0b rev 0x80)


ELBA-2018-4047 Oracle Linux 6 microcode_ctl bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-4047

http://linux.oracle.com/errata/ELBA-2018-4047.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
microcode_ctl-1.17-25.4.0.4.el6_9.i686.rpm

x86_64:
microcode_ctl-1.17-25.4.0.4.el6_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/microcode_ctl-1.17-25.4.0.4.el6_9.src.rpm



Description of changes:

[1:1.17-25.4.0.4]
- Enable early microcode load to allow updating Broadwell model 79
- Make sure "modprobe microcode" is not executed on Broadwell model 79
- Run dracut upon microcode update
- Update 306f2 (06-3f-02) to rev 0x3c.
- Update 406f1 (06-4f-01) to rev 0xb00002a.

[1:1.17-25.4.0.3]
- Update 50654 (06-55-04) to rev 0x2000043.

[1:1.17-25.4.0.2]
- Revert: early microcode load to allow updating Broadwell model 79
- Revert: Make sure "modprobe microcode" is not executed on Broadwell
model 79
- Revert: Run dracut upon microcode update
- Revert updated Intel 20180108 microcode for CPUIDs: {CVE-2017-5715}
306c3 (06-3c-03 rev 0x23, Haswell);
306d4 (06-3d-04 rev 0x28, Broadwell);
306f2 (06-3f-02 rev 0x3b, Haswell);
306f4 (06-3f-04 rev 0x10, Haswell);
306e4 (06-3e-04 rev 0x42a, Ivy Bridge);
40651 (06-45-01 rev 0x21, Haswell);
40661 (06-46-01 rev 0x18, Haswell);
40671 (06-47-01 rev 0x1b, Broadwell);
406e3 (06-4e-03 rev 0xc2, Skylake);
406f1 (06-4f-01 rev 0xb000025, Broadwell);
50654 (06-55-04 rev 0x200003c, Skylake);
50662 (06-56-02 rev 0x14, Broadwell);
50663 (06-56-03 rev 0x7000011, Broadwell);
506e3 (06-5e-03 rev 0xc2, Skylake);
706a1 (06-7a-01 rev 0x22);
806e9 (06-8e-09 rev 0x80, Kaby Lake);
806ea (06-8e-0a rev 0x80);
906e9 (06-9e-09 rev 0x80, Kaby Lake)
906ea (06-9e-0a rev 0x80);
906eb (06-9e-0b rev 0x80)

[1:1.17-25.4.0.1]
- Enable early microcode load to allow updating Broadwell model 79
- Make sure "modprobe microcode" is not executed on Broadwell model 79
- Run dracut upon microcode update
- Add updated Intel 20180108 microcode for CPUIDs: {CVE-2017-5715}
306c3 (06-3c-03 rev 0x23, Haswell);
306d4 (06-3d-04 rev 0x28, Broadwell);
306f2 (06-3f-02 rev 0x3b, Haswell);
306f4 (06-3f-04 rev 0x10, Haswell);
306e4 (06-3e-04 rev 0x42a, Ivy Bridge);
40651 (06-45-01 rev 0x21, Haswell);
40661 (06-46-01 rev 0x18, Haswell);
40671 (06-47-01 rev 0x1b, Broadwell);
406e3 (06-4e-03 rev 0xc2, Skylake);
406f1 (06-4f-01 rev 0xb000025, Broadwell);
50654 (06-55-04 rev 0x200003c, Skylake);
50662 (06-56-02 rev 0x14, Broadwell);
50663 (06-56-03 rev 0x7000011, Broadwell);
506e3 (06-5e-03 rev 0xc2, Skylake);
706a1 (06-7a-01 rev 0x22);
806e9 (06-8e-09 rev 0x80, Kaby Lake);
806ea (06-8e-0a rev 0x80);
906e9 (06-9e-09 rev 0x80, Kaby Lake)
906ea (06-9e-0a rev 0x80);
906eb (06-9e-0b rev 0x80)


ELSA-2018-0377 Important: Oracle Linux 7 quagga security update
Oracle Linux Security Advisory ELSA-2018-0377

http://linux.oracle.com/errata/ELSA-2018-0377.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
quagga-0.99.22.4-5.el7_4.i686.rpm
quagga-0.99.22.4-5.el7_4.x86_64.rpm
quagga-contrib-0.99.22.4-5.el7_4.x86_64.rpm
quagga-devel-0.99.22.4-5.el7_4.i686.rpm
quagga-devel-0.99.22.4-5.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/quagga-0.99.22.4-5.el7_4.src.rpm



Description of changes:

[0.99.22.4-5]
- Fixed CVE-2018-5379 - Double free vulnerability in bgpd when processing
certain forms of UPDATE message allowing to crash or potentially execute
arbitrary code
- Resolves: rhbz#1546015


ELSA-2018-0378 Important: Oracle Linux 7 ruby security update
Oracle Linux Security Advisory ELSA-2018-0378

http://linux.oracle.com/errata/ELSA-2018-0378.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
ruby-2.0.0.648-33.el7_4.x86_64.rpm
ruby-devel-2.0.0.648-33.el7_4.x86_64.rpm
ruby-doc-2.0.0.648-33.el7_4.noarch.rpm
ruby-irb-2.0.0.648-33.el7_4.noarch.rpm
ruby-libs-2.0.0.648-33.el7_4.i686.rpm
ruby-libs-2.0.0.648-33.el7_4.x86_64.rpm
ruby-tcltk-2.0.0.648-33.el7_4.x86_64.rpm
rubygem-bigdecimal-1.2.0-33.el7_4.x86_64.rpm
rubygem-io-console-0.4.2-33.el7_4.x86_64.rpm
rubygem-json-1.7.7-33.el7_4.x86_64.rpm
rubygem-minitest-4.3.2-33.el7_4.noarch.rpm
rubygem-psych-2.0.0-33.el7_4.x86_64.rpm
rubygem-rake-0.9.6-33.el7_4.noarch.rpm
rubygem-rdoc-4.0.0-33.el7_4.noarch.rpm
rubygems-2.0.14.1-33.el7_4.noarch.rpm
rubygems-devel-2.0.14.1-33.el7_4.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ruby-2.0.0.648-33.el7_4.src.rpm



Description of changes:

[2.0.0.648-33]
- Fix always passing WEBrick test.

[2.0.0.648-32]
- Add Psych.safe_load
* ruby-2.1.0-there-should-be-only-one-exception.patch
* ruby-2.1.0-Adding-Psych.safe_load.patch
Related: CVE-2017-0903
- Disable Tokyo TZ tests broken by recen tzdata update.
* ruby-2.5.0-Disable-Tokyo-TZ-tests.patch
Related: CVE-2017-0903

[2.0.0.648-31]
- Fix unsafe object deserialization in RubyGems (CVE-2017-0903).
* ruby-2.4.3-CVE-2017-0903-Fix-unsafe-object-deserialization
-vulnerability.patch
Resolves: CVE-2017-0903
- Fix an ANSI escape sequence vulnerability (CVE-2017-0899).
Resolves: CVE-2017-0899
- Fix a DOS vulernerability in the query command (CVE-2017-0900).
Resolves: CVE-2017-0900
- Fix a vulnerability in the gem installer that allowed a malicious gem
to overwrite arbitrary files (CVE-2017-0901).
Resolves: CVE-2017-0901
- Fix a DNS request hijacking vulnerability (CVE-2017-0902).
* ruby-2.2.8-lib-rubygems-fix-several-vulnerabilities-in-RubyGems.patch
Resolves: CVE-2017-0902
- Fix buffer underrun vulnerability in Kernel.sprintf (CVE-2017-0898).
* ruby-2.2.8-Buffer-underrun-vulnerability-in-Kernel.sprintf.patch
Resolves: CVE-2017-0898
- Escape sequence injection vulnerability in the Basic
authentication of WEBrick (CVE-2017-10784).
* ruby-2.2.8-sanitize-any-type-of-logs.patch
Resolves: CVE-2017-10784
- Arbitrary heap exposure during a JSON.generate call (CVE-2017-14064).
*
ruby-2.2.8-Fix-arbitrary-heap-exposure-during-a-JSON.generate-call.patch
Resolves: CVE-2017-14064
- Command injection vulnerability in Net::FTP (CVE-2017-17405).
* ruby-2.2.9-Fix-a-command-injection-vulnerability-in-Net-FTP.patch
Resolves: CVE-2017-17405
- Buffer underrun in OpenSSL ASN1 decode (CVE-2017-14033).
*
ruby-2.2.8-asn1-fix-out-of-bounds-read-in-decoding-constructed-objects.patch
Resolves: CVE-2017-14033
- Command injection in lib/resolv.rb:lazy_initialize() allows arbitrary code
execution(CVE-2017-17790).
* ruby-2.5.0-Fixed-command-Injection.patch
Resolves: CVE-2017-17790


New Ksplice updates for UEKR2 2.6.39 on OL5 and OL6 (ELSA-2018-4041)
Synopsis: ELSA-2018-4041 can now be patched using Ksplice
CVEs: CVE-2017-14106 CVE-2017-16529 CVE-2017-16531 CVE-2017-2647 CVE-2017-7482 CVE-2017-8824

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2018-4041.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR2 2.6.39 on
OL5 and OL6 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2017-8824: Privileges escalation when calling connect() system call on a DCCP socket.

A missing free when calling connect() system call on a DCCP socket while it is
in DCCP_LISTEN state could lead to a use-after-free. A local attacker
could use this flaw to escalate privileges.


* CVE-2017-16531: Out-of-bounds access in USB configuration parsing.

A failure to correctly validate a USB interface association description
can result in an out-of-bounds memory access.


* CVE-2017-16529: Out-of-bounds due to corrupted buffer parsing in USB audio.

A failure to validate buffer descriptors from a USB audio device can
result in an out-of-bounds memory access.


* Use-after-free in USB serial console setup failure.

A failure to handle an error case during USB serial console setup can lead to
a use-after-free.


* NULL pointer dereference when listing connected NFS clients.

When listing connected NFS clients, the RPC client object pointer is
dereferenced without checking the status of the client. If the client is
uninitialized, the pointer may be NULL, causing a NULL pointer
dereference and denial-of-service.


* Data corruption when trimming OCFS2 filesystem.

A bug in the implementation of FITRIM ioctl in OCFS2 could result in
data corruption when trimming the filesystem. The resulting corruption
cannot be fixed using fsck.


* CVE-2017-7482: Memory corruption when decoding Keberos 5 ticket.

A boundary condition error when decoding Keberos 5 tickets using the
RXRPC keys leads to local buffer overflow. This could lead to memory
corruption and possible privilege escalation.


* CVE-2017-14106: Divide-by-zero on TCP disconnect.

A missing initialization of the TCP Maximum Segment Size (MSS) to the
minimum authorized MSS value could lead to a division by zero on TCP
disconnect. A local user could use this flaw to cause a denial-of-service.


* Updated fix for CVE-2017-2647: Denial-of-service when invoking request_key() syscall.

A missing check in request_key() syscall could lead to a NULL pointer
dereference. A local unprivileged user could use this flaw to cause a
denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.



« Gcab Security Update for CentOS 7 · Drupal7/Xmltooling Updates for Debian 7 LTS »

Linux Compatible » News » March 2018 » Microcode_CTL/Quagga/Ruby/UEKR2 Updates for Oracle Linux
All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2018 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition