Oracle Linux 6266 Published by

The following updates has been released for Oracle Linux:

ELBA-2019-0496 Oracle Linux 7 tuned bug fix update
ELBA-2019-0497 Oracle Linux 7 gnome-tweak-tool bug fix update
ELBA-2019-0498 Oracle Linux 7 rear bug fix update
ELBA-2019-0499 Oracle Linux 7 resource-agents bug fix update
ELBA-2019-0500 Oracle Linux 7 nss-pem bug fix update
ELBA-2019-0501 Oracle Linux 7 gcc bug fix update
ELBA-2019-0504 Oracle Linux 7 util-linux bug fix update
ELBA-2019-0505 Oracle Linux 7 jss bug fix update
ELBA-2019-0506 Oracle Linux 7 pki-core bug fix update
ELBA-2019-0508 Oracle Linux 7 ipa bug fix update
ELBA-2019-0509 Oracle Linux 7 dbus bug fix update
ELBA-2019-0511 Oracle Linux 7 389-ds-base bug fix update
ELBA-2019-0515 Oracle Linux 7 fcoe-utils bug fix update
ELBA-2019-0516 Oracle Linux 7 xfsprogs bug fix update
ELBA-2019-0517 Oracle Linux 7 xorg-x11-server bug fix update
ELBA-2019-0519 Oracle Linux 7 NetworkManager bug fix update
ELBA-2019-0523 Oracle Linux 7 mutter bug fix update
ELEA-2019-0522 Oracle Linux 7 gdm enhancement update
ELSA-2019-0483 Moderate: Oracle Linux 7 openssl security and bug fix update
New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2019-4575)



ELBA-2019-0496 Oracle Linux 7 tuned bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0496

http://linux.oracle.com/errata/ELBA-2019-0496.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
tuned-2.10.0-6.el7_6.3.noarch.rpm
tuned-gtk-2.10.0-6.el7_6.3.noarch.rpm
tuned-profiles-atomic-2.10.0-6.el7_6.3.noarch.rpm
tuned-profiles-compat-2.10.0-6.el7_6.3.noarch.rpm
tuned-profiles-cpu-partitioning-2.10.0-6.el7_6.3.noarch.rpm
tuned-profiles-mssql-2.10.0-6.el7_6.3.noarch.rpm
tuned-profiles-oracle-2.10.0-6.el7_6.3.noarch.rpm
tuned-utils-2.10.0-6.el7_6.3.noarch.rpm
tuned-utils-systemtap-2.10.0-6.el7_6.3.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tuned-2.10.0-6.el7_6.3.src.rpm



Description of changes:

[2.10.0-6.3]
- Reworked setup_kvm_mod_low_latency to count with kernel changes
Resolves: rhbz#1653767

[2.10.0-6.2]
- Updated disable-ksm-once patch
Related: rhbz#1652822

[2.10.0-6.1]
- Disable ksm once, re-enable it on full rollback
Resolves: rhbz#1652822


ELBA-2019-0497 Oracle Linux 7 gnome-tweak-tool bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0497

http://linux.oracle.com/errata/ELBA-2019-0497.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
gnome-tweak-tool-3.28.1-2.el7.2.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gnome-tweak-tool-3.28.1-2.el7.2.src.rpm



Description of changes:

[3.28.1-2]
- Fix release numbers for z-stream
- Resolves: #1667991 #1664791

[3.28.1-4]
- Fix keyboard panel crashes
- Resolves: #1667991

[3.28.1-3]
- Fixes to port to python2
- Resolves: #1664791

ELBA-2019-0498 Oracle Linux 7 rear bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0498

http://linux.oracle.com/errata/ELBA-2019-0498.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
rear-2.4-4.0.1.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/rear-2.4-4.0.1.el7_6.src.rpm



Description of changes:

[2.4-4.0.1]
- Change OS_VENDOR to OracleServer

[2.4-4]
- Apply upstream PR2034 (multipath optimizations for lots of devices)

[2.4-3]
- Backport fixes for upstream bugs 1974 and 1975
- Apply upstream PR1954 (record permanent MAC address for bond members)
- Apply upstream PR2004 (support for custom network interface naming)
- Backport fix for upstream bug 1926 (support for LACP bonding and teaming)

ELBA-2019-0499 Oracle Linux 7 resource-agents bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0499

http://linux.oracle.com/errata/ELBA-2019-0499.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
resource-agents-4.1.1-12.el7_6.8.x86_64.rpm
resource-agents-aliyun-4.1.1-12.el7_6.8.x86_64.rpm
resource-agents-gcp-4.1.1-12.el7_6.8.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/resource-agents-4.1.1-12.el7_6.8.src.rpm



Description of changes:

[4.1.1-12.8]
- rabbitmq-cluster: retry start when cluster join fails
Resolves: rhbz#1656733

ELBA-2019-0500 Oracle Linux 7 nss-pem bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0500

http://linux.oracle.com/errata/ELBA-2019-0500.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
nss-pem-1.0.3-5.el7_6.1.i686.rpm
nss-pem-1.0.3-5.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nss-pem-1.0.3-5.el7_6.1.src.rpm



Description of changes:

[1.0.3-5.el7_6.1]
- fix performance regression in libcurl (#1659108)

ELBA-2019-0501 Oracle Linux 7 gcc bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0501

http://linux.oracle.com/errata/ELBA-2019-0501.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
cpp-4.8.5-36.0.1.el7_6.1.x86_64.rpm
gcc-4.8.5-36.0.1.el7_6.1.x86_64.rpm
gcc-c++-4.8.5-36.0.1.el7_6.1.x86_64.rpm
gcc-gfortran-4.8.5-36.0.1.el7_6.1.x86_64.rpm
gcc-gnat-4.8.5-36.0.1.el7_6.1.x86_64.rpm
gcc-go-4.8.5-36.0.1.el7_6.1.x86_64.rpm
gcc-objc++-4.8.5-36.0.1.el7_6.1.x86_64.rpm
gcc-objc-4.8.5-36.0.1.el7_6.1.x86_64.rpm
gcc-plugin-devel-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libasan-4.8.5-36.0.1.el7_6.1.i686.rpm
libasan-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libasan-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libasan-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libatomic-4.8.5-36.0.1.el7_6.1.i686.rpm
libatomic-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libatomic-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libatomic-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgcc-4.8.5-36.0.1.el7_6.1.i686.rpm
libgcc-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgfortran-4.8.5-36.0.1.el7_6.1.i686.rpm
libgfortran-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgfortran-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libgfortran-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgnat-4.8.5-36.0.1.el7_6.1.i686.rpm
libgnat-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgnat-devel-4.8.5-36.0.1.el7_6.1.i686.rpm
libgnat-devel-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgnat-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libgnat-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgo-4.8.5-36.0.1.el7_6.1.i686.rpm
libgo-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgo-devel-4.8.5-36.0.1.el7_6.1.i686.rpm
libgo-devel-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgo-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libgo-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libgomp-4.8.5-36.0.1.el7_6.1.i686.rpm
libgomp-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libitm-4.8.5-36.0.1.el7_6.1.i686.rpm
libitm-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libitm-devel-4.8.5-36.0.1.el7_6.1.i686.rpm
libitm-devel-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libitm-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libitm-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libmudflap-4.8.5-36.0.1.el7_6.1.i686.rpm
libmudflap-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libmudflap-devel-4.8.5-36.0.1.el7_6.1.i686.rpm
libmudflap-devel-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libmudflap-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libmudflap-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libobjc-4.8.5-36.0.1.el7_6.1.i686.rpm
libobjc-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libquadmath-4.8.5-36.0.1.el7_6.1.i686.rpm
libquadmath-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libquadmath-devel-4.8.5-36.0.1.el7_6.1.i686.rpm
libquadmath-devel-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libquadmath-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libquadmath-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libstdc++-4.8.5-36.0.1.el7_6.1.i686.rpm
libstdc++-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libstdc++-devel-4.8.5-36.0.1.el7_6.1.i686.rpm
libstdc++-devel-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libstdc++-docs-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libstdc++-static-4.8.5-36.0.1.el7_6.1.i686.rpm
libstdc++-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libtsan-4.8.5-36.0.1.el7_6.1.x86_64.rpm
libtsan-static-4.8.5-36.0.1.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gcc-4.8.5-36.0.1.el7_6.1.src.rpm



Description of changes:

[4.8.5-36.0.1]
- Oracle patches forward-ported from 7.5 to 7.6.

[4.8.5-36.1]
- Avoid code generation bug due to incorrect CFG in the presence
of setjmp/longjmp (#1655148).

ELBA-2019-0504 Oracle Linux 7 util-linux bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0504

http://linux.oracle.com/errata/ELBA-2019-0504.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libblkid-2.23.2-59.el7_6.1.i686.rpm
libblkid-2.23.2-59.el7_6.1.x86_64.rpm
libblkid-devel-2.23.2-59.el7_6.1.i686.rpm
libblkid-devel-2.23.2-59.el7_6.1.x86_64.rpm
libmount-2.23.2-59.el7_6.1.i686.rpm
libmount-2.23.2-59.el7_6.1.x86_64.rpm
libmount-devel-2.23.2-59.el7_6.1.i686.rpm
libmount-devel-2.23.2-59.el7_6.1.x86_64.rpm
libsmartcols-2.23.2-59.el7_6.1.i686.rpm
libsmartcols-2.23.2-59.el7_6.1.x86_64.rpm
libsmartcols-devel-2.23.2-59.el7_6.1.i686.rpm
libsmartcols-devel-2.23.2-59.el7_6.1.x86_64.rpm
libuuid-2.23.2-59.el7_6.1.i686.rpm
libuuid-2.23.2-59.el7_6.1.x86_64.rpm
libuuid-devel-2.23.2-59.el7_6.1.i686.rpm
libuuid-devel-2.23.2-59.el7_6.1.x86_64.rpm
util-linux-2.23.2-59.el7_6.1.i686.rpm
util-linux-2.23.2-59.el7_6.1.x86_64.rpm
uuidd-2.23.2-59.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/util-linux-2.23.2-59.el7_6.1.src.rpm



Description of changes:

[2.23.2-59.el7_6.1]
- fix #1664752 - Bull (Atos) server lands up in invalid stty settings on
the serial console after boot preventing login

ELBA-2019-0505 Oracle Linux 7 jss bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0505

http://linux.oracle.com/errata/ELBA-2019-0505.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
jss-4.4.4-5.el7_6.x86_64.rpm
jss-javadoc-4.4.4-5.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/jss-4.4.4-5.el7_6.src.rpm



Description of changes:

[4.4.4-5]
- Bugzilla #1671247 - CC: Enable AIA OCSP cert checking for entire cert
chain [rhel-7.6.z] (jmagne)

[4.4.4-4]
- Bugzilla #1671244 - x25519 allowed in FIPS mode [rhel-7.6.z] (ascheel)
- Bugzilla #1671247 - CC: Enable AIA OCSP cert checking for entire cert
chain [rhel-7.6.z] (jmagne)

ELBA-2019-0506 Oracle Linux 7 pki-core bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0506

http://linux.oracle.com/errata/ELBA-2019-0506.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
pki-base-10.5.9-13.el7_6.noarch.rpm
pki-base-java-10.5.9-13.el7_6.noarch.rpm
pki-ca-10.5.9-13.el7_6.noarch.rpm
pki-javadoc-10.5.9-13.el7_6.noarch.rpm
pki-kra-10.5.9-13.el7_6.noarch.rpm
pki-server-10.5.9-13.el7_6.noarch.rpm
pki-symkey-10.5.9-13.el7_6.x86_64.rpm
pki-tools-10.5.9-13.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/pki-core-10.5.9-13.el7_6.src.rpm



Description of changes:

[10.5.9-13]
- Updated jss dependencies
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1671245 - CC: unable to verify cert before import
[rhel-7.6.z] [manpage] (ascheel)
- Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL)
[rhel-7.6.z] (edewata)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS)

[10.5.9-12]
- Updated jss dependencies
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1671245 - CC: unable to verify cert before import
[rhel-7.6.z] (ascheel)
- Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL)
[rhel-7.6.z] (edewata)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS)

[10.5.9-11]
- Updated jss dependencies
- ##########################################################################
- # RHEL 7.6:
- ##########################################################################
- Bugzilla Bug #1671245 - CC: unable to verify cert before import
[rhel-7.6.z] (ascheel)
- Bugzilla Bug #1671303 - CC: Upgrade scripts for audit event names (RHEL)
[rhel-7.6.z] (edewata)
- ##########################################################################
- # RHCS 9.4:
- ##########################################################################
- # Bugzilla Bug #1671586 - CC: Upgrade scripts for audit event names (RHCS)

ELBA-2019-0508 Oracle Linux 7 ipa bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0508

http://linux.oracle.com/errata/ELBA-2019-0508.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
ipa-client-4.6.4-10.0.1.el7_6.3.x86_64.rpm
ipa-client-common-4.6.4-10.0.1.el7_6.3.noarch.rpm
ipa-common-4.6.4-10.0.1.el7_6.3.noarch.rpm
ipa-python-compat-4.6.4-10.0.1.el7_6.3.noarch.rpm
ipa-server-4.6.4-10.0.1.el7_6.3.x86_64.rpm
ipa-server-common-4.6.4-10.0.1.el7_6.3.noarch.rpm
ipa-server-dns-4.6.4-10.0.1.el7_6.3.noarch.rpm
ipa-server-trust-ad-4.6.4-10.0.1.el7_6.3.x86_64.rpm
python2-ipaclient-4.6.4-10.0.1.el7_6.3.noarch.rpm
python2-ipalib-4.6.4-10.0.1.el7_6.3.noarch.rpm
python2-ipaserver-4.6.4-10.0.1.el7_6.3.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ipa-4.6.4-10.0.1.el7_6.3.src.rpm



Description of changes:

[4.6.4-10.0.1]
- Blank out header-logo.png product-name.png
- Replace login-screen-logo.png [20362818]

[4.6.4-10.el7_6.3]
- Resolves: 1672343 pki spawn fails for IPA replica install from RHEL6
IPA master
- Update mod_nss cipher list so there is overlap with a 4.x master
- Resolves: 1672342 Fix compile issue with new 389-ds
- ipa-sidgen: make internal fetch_attr helper really internal
- Resolves: 1672176 host_del and host_disable fails, ra.find() search
for every certificates instead of the host's certificate by subject
- Add workaround for slow host/service del
- Optimize cert remove case
- Resolves: 1672238 The ipa-replica-install command failed, exception:
ValidationError: invalid 'dnszoneidnsname': only master zones can
contain record
- replica installation: add master record only if in managed zone
- ipatests: add test for replica in forward zone

ELBA-2019-0509 Oracle Linux 7 dbus bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0509

http://linux.oracle.com/errata/ELBA-2019-0509.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
dbus-1.10.24-13.0.1.el7_6.x86_64.rpm
dbus-devel-1.10.24-13.0.1.el7_6.i686.rpm
dbus-devel-1.10.24-13.0.1.el7_6.x86_64.rpm
dbus-doc-1.10.24-13.0.1.el7_6.noarch.rpm
dbus-libs-1.10.24-13.0.1.el7_6.i686.rpm
dbus-libs-1.10.24-13.0.1.el7_6.x86_64.rpm
dbus-tests-1.10.24-13.0.1.el7_6.x86_64.rpm
dbus-x11-1.10.24-13.0.1.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/dbus-1.10.24-13.0.1.el7_6.src.rpm



Description of changes:

[1:1.10.24-13.0.1]
- fix netlink poll: error 4 (Zhenzhong Duan)

[1:1.10.24-13]
- Add a symlink for dbus-daemon-launch-helper (#1568856)

ELBA-2019-0511 Oracle Linux 7 389-ds-base bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0511

http://linux.oracle.com/errata/ELBA-2019-0511.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
389-ds-base-1.3.8.4-23.el7_6.x86_64.rpm
389-ds-base-devel-1.3.8.4-23.el7_6.x86_64.rpm
389-ds-base-libs-1.3.8.4-23.el7_6.x86_64.rpm
389-ds-base-snmp-1.3.8.4-23.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/389-ds-base-1.3.8.4-23.el7_6.src.rpm



Description of changes:

[1.3.8.4-23]
- Bump version to 1.3.8.4-23
- Resolves: Bug 1672173 - import task should not be deleted after import
finishes to be able to query the status
- Resolves: Bug 1672177 - after certain failed import operation,
impossible to replay an import operation.
- Resolves: Bug 1672179 - cannot add cenotaph in read only consumer

ELBA-2019-0515 Oracle Linux 7 fcoe-utils bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0515

http://linux.oracle.com/errata/ELBA-2019-0515.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
fcoe-utils-1.0.32-2.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/fcoe-utils-1.0.32-2.el7_6.src.rpm



Description of changes:

[1.0.32-2]
- 1656720 fcoemon fix ignored devices from recv buffer resize bug

ELBA-2019-0516 Oracle Linux 7 xfsprogs bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0516

http://linux.oracle.com/errata/ELBA-2019-0516.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
xfsprogs-4.5.0-19.0.1.el7_6.i686.rpm
xfsprogs-4.5.0-19.0.1.el7_6.x86_64.rpm
xfsprogs-devel-4.5.0-19.0.1.el7_6.i686.rpm
xfsprogs-devel-4.5.0-19.0.1.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/xfsprogs-4.5.0-19.0.1.el7_6.src.rpm



Description of changes:

[4.5.0-19.0.1]
- Disable crc, finobt by default for compatibility with UEK3 [orabug
22711906]
- Add proper checking for size arguments (Guangyu Sun) [orabug 17613612]
- Removed patch xfsprogs-default-disable-dirftype.patch [orabug 26176688]

[4.5.0-19]
- xfs_copy: accept CRC version of ABTB_MAGIC in ASSERT (#1641023)

ELBA-2019-0517 Oracle Linux 7 xorg-x11-server bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0517

http://linux.oracle.com/errata/ELBA-2019-0517.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
xorg-x11-server-Xdmx-1.20.1-5.3.el7_6.x86_64.rpm
xorg-x11-server-Xephyr-1.20.1-5.3.el7_6.x86_64.rpm
xorg-x11-server-Xnest-1.20.1-5.3.el7_6.x86_64.rpm
xorg-x11-server-Xorg-1.20.1-5.3.el7_6.x86_64.rpm
xorg-x11-server-Xvfb-1.20.1-5.3.el7_6.x86_64.rpm
xorg-x11-server-Xwayland-1.20.1-5.3.el7_6.x86_64.rpm
xorg-x11-server-common-1.20.1-5.3.el7_6.x86_64.rpm
xorg-x11-server-devel-1.20.1-5.3.el7_6.i686.rpm
xorg-x11-server-devel-1.20.1-5.3.el7_6.x86_64.rpm
xorg-x11-server-source-1.20.1-5.3.el7_6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/xorg-x11-server-1.20.1-5.3.el7_6.src.rpm



Description of changes:

[1.20.1-5.3]
- Sync platform probe patch with upstream

ELBA-2019-0519 Oracle Linux 7 NetworkManager bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0519

http://linux.oracle.com/errata/ELBA-2019-0519.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
NetworkManager-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-adsl-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-bluetooth-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-config-server-1.12.0-10.el7_6.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.12.0-10.el7_6.noarch.rpm
NetworkManager-glib-1.12.0-10.el7_6.i686.rpm
NetworkManager-glib-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-glib-devel-1.12.0-10.el7_6.i686.rpm
NetworkManager-glib-devel-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-libnm-1.12.0-10.el7_6.i686.rpm
NetworkManager-libnm-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-libnm-devel-1.12.0-10.el7_6.i686.rpm
NetworkManager-libnm-devel-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-ovs-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-ppp-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-team-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-tui-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-wifi-1.12.0-10.el7_6.x86_64.rpm
NetworkManager-wwan-1.12.0-10.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/NetworkManager-1.12.0-10.el7_6.src.rpm



Description of changes:

[1:1.12.0-10]
- manager: ignore ovs-system master when assuming connections (rh #1676551)
- device: do ARP announcements only after masters have a slave (rh #1678796)

[1:1.12.0-9]
- device: restore routes after a link down event (rh #1676551)

ELBA-2019-0523 Oracle Linux 7 mutter bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0523

http://linux.oracle.com/errata/ELBA-2019-0523.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
mutter-3.28.3-6.el7_6.i686.rpm
mutter-3.28.3-6.el7_6.x86_64.rpm
mutter-devel-3.28.3-6.el7_6.i686.rpm
mutter-devel-3.28.3-6.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/mutter-3.28.3-6.el7_6.src.rpm



Description of changes:

[3.26.2-18]
- Prevent titlebars going off-screen (rhbz#1679913)

ELEA-2019-0522 Oracle Linux 7 gdm enhancement update

Oracle Linux Enhancement Advisory ELEA-2019-0522

http://linux.oracle.com/errata/ELEA-2019-0522.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
gdm-3.28.2-12.el7_6.i686.rpm
gdm-3.28.2-12.el7_6.x86_64.rpm
gdm-devel-3.28.2-12.el7_6.i686.rpm
gdm-devel-3.28.2-12.el7_6.x86_64.rpm
gdm-pam-extensions-devel-3.28.2-12.el7_6.i686.rpm
gdm-pam-extensions-devel-3.28.2-12.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gdm-3.28.2-12.el7_6.src.rpm



Description of changes:

[3.28.2-12]
- Allow multiple simultaneous XDMCP logins for a user if
xdmcp/AllowMultipleSessionsPerUser=true
Resolves: #1679914

ELSA-2019-0483 Moderate: Oracle Linux 7 openssl security and bug fix update

Oracle Linux Security Advisory ELSA-2019-0483

http://linux.oracle.com/errata/ELSA-2019-0483.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
openssl-1.0.2k-16.0.1.el7_6.1.x86_64.rpm
openssl-devel-1.0.2k-16.0.1.el7_6.1.i686.rpm
openssl-devel-1.0.2k-16.0.1.el7_6.1.x86_64.rpm
openssl-libs-1.0.2k-16.0.1.el7_6.1.i686.rpm
openssl-libs-1.0.2k-16.0.1.el7_6.1.x86_64.rpm
openssl-perl-1.0.2k-16.0.1.el7_6.1.x86_64.rpm
openssl-static-1.0.2k-16.0.1.el7_6.1.i686.rpm
openssl-static-1.0.2k-16.0.1.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/openssl-1.0.2k-16.0.1.el7_6.1.src.rpm



Description of changes:

[1.0.2k-16.0.1.el7_6.1]
- Bump release for rebuild.

[1.0.2k-16.1]
- use SHA-256 in FIPS RSA pairwise key check
- fix CVE-2018-5407 - EC signature local timing side-channel key extraction

New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2019-4575)

Synopsis: ELSA-2019-4575 can now be patched using Ksplice
CVEs: CVE-2017-17807 CVE-2018-10876 CVE-2018-10877 CVE-2018-10878 CVE-2018-16862 CVE-2018-18559 CVE-2018-9568

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4575.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-10877: Out-of-bounds access when using corrupted ext4 filesystem with abnormal extent tree.

A missing check when using corrupted ext4 filesystem with abnormal
extent tree could lead to an out-of-bounds access. A local attacker
could use this flaw with a crafted ext4 image to cause a
denial-of-service.

Orabug: 29396712


* CVE-2018-18559: Denial-of-service when binding a packet on a socket while a notification is raised.

A race condition when binding a packet on a socket while a notification
is raised on this socket could lead to a kernel assert. A local attacker
could use this flaw to cause a denial-of-service.

Orabug: 29385593


* CVE-2018-16862: Potential memory corruption in inode truncation path.

A logic error in the memory manager's inode truncation path can lead to
an inode not being properly cleaned up. If another file is created with
the same inode, it is possible to read old leftover data, instead of
the expected data, when attempting to read the new file. This could
cause a system to exhibit unexpected behavior.

Orabug: 29364670


* CVE-2017-17807: Permissions bypass when requesting key on default keyring.

When calling request_key() with no keyring specified, the requested key
is generated and added to the keyring even if the user does not have
write permissions.

Orabug: 29304551


* CVE-2018-10878: Out-of-bounds access when initializing ext4 block bitmap.

A logic error when initializing ext4 block bitmap could lead to an
out-of-bounds access. A local attacker could use this flaw with a
crafted ext4 image to cause a denial-of-service.

Orabug: 29428607


* CVE-2018-10876: Use-after-free when removing space in ext4 filesystem.

A logic error when removing space in ext4 filesystem could lead to a
use-after-free. A local attacker could use this flaw with a crafted ext4
image to cause a denial-of-service.

Orabug: 29316684


* CVE-2018-9568: Privilege escalation in IPv6 to IPv4 socket cloning.

A logic error when transforming an IPv6 socket to an IPv4 socket can
result in releasing memory into the wrong cache. This flaw can result in
privilege escalation.

Orabug: 29422739


* NULL pointer dereference when freeing irq in Broadcom NetXtreme-C/E driver.

A logic error when freeing irq in Broadcom NetXtreme-C/E driver fails
could lead to a NULL pointer dereference. A local attacker could use
this flaw to cause a denial-of-service.

Orabug: 29357977


* Packet loss on ingress on an unmanaged L2TP over IP tunnel interface.

A missing check when receiving packets on an unmanaged L2TP over IP
tunnel interface could lead to packet loss.

Orabug: 29368048

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.