Oracle Linux 6154 Published by

The following updates has been released for Oracle Linux:

ELBA-2018-4263 Oracle Linux 6 oracle-database-server-12cR2-preinstall bug fix update
ELBA-2018-4263 Oracle Linux 7 oracle-database-server-12cR2-preinstall bug fix update
ELSA-2018-3006 Critical: Oracle Linux 6 firefox security update
New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2018-4261)



ELBA-2018-4263 Oracle Linux 6 oracle-database-server-12cR2-preinstall bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4263

http://linux.oracle.com/errata/ELBA-2018-4263.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:

x86_64:
oracle-database-server-12cR2-preinstall-1.0-4.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/oracle-database-server-12cR2-preinstall-1.0-4.el6.src.rpm



Description of changes:

[1.0-4.el6]
- Remove comments from previous preinstall rpm [Orabug 28058876]
- Ensure yum erase restores the values of recently installed
preinstall rpm [Orabug 28058890]

ELBA-2018-4263 Oracle Linux 7 oracle-database-server-12cR2-preinstall bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4263

http://linux.oracle.com/errata/ELBA-2018-4263.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
oracle-database-server-12cR2-preinstall-1.0-4.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/oracle-database-server-12cR2-preinstall-1.0-4.el7.src.rpm



Description of changes:

[1.0-4.el7]
- Remove comments from previous preinstall rpm [Orabug 28058876]
- Ensure yum erase restores the values of recently installed
preinstall rpm [Orabug 28058890]

ELSA-2018-3006 Critical: Oracle Linux 6 firefox security update

Oracle Linux Security Advisory ELSA-2018-3006

http://linux.oracle.com/errata/ELSA-2018-3006.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
firefox-60.3.0-1.0.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/firefox-60.3.0-1.0.1.el6.src.rpm



Description of changes:

[60.3.0-1.0.1]
- fix LD_LIBRARY_PATH
- Add firefox-oracle-default-prefs.js and remove the corresponding Red
Hat one

[60.3.0-1]
- Update to 60.3.0 ESR

[60.2.2-2]
- Added patch for rhbz#1633932

[60.2.2-1]
- Update to 60.2.2 ESR

[60.2.1-1]
- Update to 60.2.1 ESR

[60.2.0-1]
- Update to 60.2.0 ESR

[60.1.0-9]
- Do not set user agent (rhbz#1608065)
- GTK dialogs are localized now (rhbz#1619373)
- JNLP association works again (rhbz#1607457)

[60.1.0-8]
- Fixed homepage and bookmarks (rhbz#1606778)
- Fixed missing file associations in RHEL6 (rhbz#1613565)

[60.1.0-7]
- Run at-spi-bus if not running already (for the bundled gtk3)

[60.1.0-6]
- Fix for missing schemes for bundled gtk3

[60.1.0-5]
- Added mesa-libEGL dependency to gtk3/rhel6

[60.1.0-4]
- Disabled jemalloc on all second arches

[60.1.0-3]
- Updated to 60.1.0 ESR build2

[60.1.0-2]
- Disabled jemalloc on second arches

[60.1.0-1]
- Updated to 60.1.0 ESR

[60.0-12]
- Fixing bundled libffi issues
- Readded some requirements

[60.0-10]
- Added fix for mozilla BZ#1436242 - IPC crashes.

[60.0-9]
- Bundling libffi for the sec-arches
- Added openssl-devel for the Python
- Fixing bundled gtk3

[60.0-8]
- Added fix for mozilla BZ#1458492

[60.0-7]
- Added patch from rhbz#1498561 to fix ppc64(le) crashes.

[60.0-6]
- Disabled jemalloc on second arches

[60.0-4]
- Update to 60.0 ESR


New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2018-4261)

Synopsis: ELSA-2018-4261 can now be patched using Ksplice
CVEs: CVE-2017-5715 CVE-2018-14734 CVE-2018-15572

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2018-4261.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Support runtime retpoline control for CVE-2017-5715 (Spectre v2).

On some families of Intel processors IBRS is required for full
mitigation of Spectre v2 but has a significant performance overhead
compared to retpoline. Add support for switching from IBRS to retpoline
where extra performance is required and risk analysis shows that
retpoline offers sufficient protection for the deployment.


* CVE-2018-14734: Use-after-free in Infiniband leave_multicast function.

A race condition in the infiniband code could allow the leave_multicast
function to use a structure that was allocated but subsequently freed in
the process_join function, leading to memory corruption and possible system
crash.

Orabug: 28774517


* CVE-2018-15572: Information leak in context switches (SpectreRSB).

Missing RSB fills on some CPU families during context switch could allow
leaking of information between processes with a Spectre v2 attack.

Orabug: 28631590


* Data corruption in software RAID recovery.

RAID recovery during modifications to the disks before the recovery was
started could cause incorrect data to be recovered or errors reported.

Orabug: 28702623


* Performance degradation in NUMA balancing with shared copy-on-write pages.

A large number of processes using the same shared copy-on-write pages
could interact poorly with NUMA balancing resulting in degraded
performance.

Orabug: 28814880


* Reserved page accounting imbalance with hugetlbfs mappings.

Incorrect handling of dirty hugetlbfs pages could result in a reserved
page count underflow when dropping filesystem caches under specific
conditions.

Orabug: 28813968

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.