The following updates has been released for Oracle Linux:
ELBA-2018-2752 Oracle Linux 7 scap-security-guide bug fix update
ELBA-2018-2752 Oracle Linux 7 scap-security-guide bug fix update (aarch64)
ELBA-2018-2753 Oracle Linux 7 systemd bug fix update (aarch64)
ELBA-2018-2755 Oracle Linux 7 tomcat bug fix update (aarch64)
ELBA-2018-2756 Oracle Linux 7 sssd bug fix update (aarch64)
ELBA-2018-2758 Oracle Linux 7 firewalld bug fix update (aarch64)
ELBA-2018-2759 Oracle Linux 7 pki-core bug fix update (aarch64)
ELBA-2018-2760 Oracle Linux 7 ipa bug fix update (aarch64)
ELBA-2018-2761 Oracle Linux 7 kexec-tools bug fix update (aarch64)
ELBA-2018-2764 Oracle Linux 7 initscripts bug fix update (aarch64)
ELBA-2018-2765 Oracle Linux 7 mutter bug fix update (aarch64)
ELBA-2018-2767 Oracle Linux 7 mod_wsgi bug fix update (aarch64)
ELBA-2018-2771 Oracle Linux 7 dconf bug fix update (aarch64)
ELBA-2018-4222 Oracle Linux 7 qemu bug fix update (aarch64)
ELBA-2018-4223 Oracle Linux 7 libvirt bug fix update (aarch64)
ELSA-2018-2757 Moderate: Oracle Linux 7 389-ds-base security and bug fix update (aarch64)
ELSA-2018-2766 Moderate: Oracle Linux 7 flatpak security update (aarch64)
ELSA-2018-2768 Moderate: Oracle Linux 7 nss security update (aarch64)
ELSA-2018-4227 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2018-4227 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2018-4228 Important: Oracle Linux 6 openssl security update
OVMSA-2018-0258 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update
ELBA-2018-2752 Oracle Linux 7 scap-security-guide bug fix update
ELBA-2018-2752 Oracle Linux 7 scap-security-guide bug fix update (aarch64)
ELBA-2018-2753 Oracle Linux 7 systemd bug fix update (aarch64)
ELBA-2018-2755 Oracle Linux 7 tomcat bug fix update (aarch64)
ELBA-2018-2756 Oracle Linux 7 sssd bug fix update (aarch64)
ELBA-2018-2758 Oracle Linux 7 firewalld bug fix update (aarch64)
ELBA-2018-2759 Oracle Linux 7 pki-core bug fix update (aarch64)
ELBA-2018-2760 Oracle Linux 7 ipa bug fix update (aarch64)
ELBA-2018-2761 Oracle Linux 7 kexec-tools bug fix update (aarch64)
ELBA-2018-2764 Oracle Linux 7 initscripts bug fix update (aarch64)
ELBA-2018-2765 Oracle Linux 7 mutter bug fix update (aarch64)
ELBA-2018-2767 Oracle Linux 7 mod_wsgi bug fix update (aarch64)
ELBA-2018-2771 Oracle Linux 7 dconf bug fix update (aarch64)
ELBA-2018-4222 Oracle Linux 7 qemu bug fix update (aarch64)
ELBA-2018-4223 Oracle Linux 7 libvirt bug fix update (aarch64)
ELSA-2018-2757 Moderate: Oracle Linux 7 389-ds-base security and bug fix update (aarch64)
ELSA-2018-2766 Moderate: Oracle Linux 7 flatpak security update (aarch64)
ELSA-2018-2768 Moderate: Oracle Linux 7 nss security update (aarch64)
ELSA-2018-4227 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2018-4227 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2018-4228 Important: Oracle Linux 6 openssl security update
OVMSA-2018-0258 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update
ELBA-2018-2752 Oracle Linux 7 scap-security-guide bug fix update
Oracle Linux Bug Fix Advisory ELBA-2018-2752
http://linux.oracle.com/errata/ELBA-2018-2752.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
scap-security-guide-0.1.36-10.0.1.el7_5.noarch.rpm
scap-security-guide-doc-0.1.36-10.0.1.el7_5.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/scap-security-guide-0.1.36-10.0.1.el7_5.src.rpm
Description of changes:
[0.1.36-10.0.1]
- Fix grub2_enable_fips_mode rule fix [Orabug 27862093]
- Fix extra rhel7 C2S change (ilya.okomin@oracle.com) [bz35224]
- Added OL6 and OL7 CPE names approved by NIST (ilya.okomin@oracle.com)
- Updated profiles and rules descriptions (ilya.okomin@oracle.com)
- Added Oracle gpg key validation rule (ilya.okomin@oracle.com) [Orabug
24801936]
- Replace logos with blank images
[0.1.36-10]
- Fix local/d typos in Ansible remediation (RHBZ#1592887)
- Fix Ansible remediation of SELinux policies (RHBZ#1592970)
- Fix Ansible remediation of login.defs umask (RHBZ#1592957)
ELBA-2018-2752 Oracle Linux 7 scap-security-guide bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2752
http://linux.oracle.com/errata/ELBA-2018-2752.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
scap-security-guide-0.1.36-10.0.1.el7_5.noarch.rpm
scap-security-guide-doc-0.1.36-10.0.1.el7_5.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/scap-security-guide-0.1.36-10.0.1.el7_5.src.rpm
Description of changes:
[0.1.36-10.0.1]
- Fix grub2_enable_fips_mode rule fix [Orabug 27862093]
- Fix extra rhel7 C2S change (ilya.okomin@oracle.com) [bz35224]
- Added OL6 and OL7 CPE names approved by NIST (ilya.okomin@oracle.com)
- Updated profiles and rules descriptions (ilya.okomin@oracle.com)
- Added Oracle gpg key validation rule (ilya.okomin@oracle.com) [Orabug
24801936]
- Replace logos with blank images
[0.1.36-10]
- Fix local/d typos in Ansible remediation (RHBZ#1592887)
- Fix Ansible remediation of SELinux policies (RHBZ#1592970)
- Fix Ansible remediation of login.defs umask (RHBZ#1592957)
ELBA-2018-2753 Oracle Linux 7 systemd bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2753
http://linux.oracle.com/errata/ELBA-2018-2753.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
libgudev1-219-57.0.1.el7_5.3.aarch64.rpm
libgudev1-devel-219-57.0.1.el7_5.3.aarch64.rpm
systemd-219-57.0.1.el7_5.3.aarch64.rpm
systemd-devel-219-57.0.1.el7_5.3.aarch64.rpm
systemd-libs-219-57.0.1.el7_5.3.aarch64.rpm
systemd-python-219-57.0.1.el7_5.3.aarch64.rpm
systemd-sysv-219-57.0.1.el7_5.3.aarch64.rpm
systemd-journal-gateway-219-57.0.1.el7_5.3.aarch64.rpm
systemd-networkd-219-57.0.1.el7_5.3.aarch64.rpm
systemd-resolved-219-57.0.1.el7_5.3.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/systemd-219-57.0.1.el7_5.3.src.rpm
Description of changes:
[219-57.0.1]
- fix _netdev is missing for iscsi entry in /etc/fstab [Orabug:
25897792] (tony.l.lam@oracle.com)
- set "RemoveIPC=no" in logind.conf as default for OL7.2 [22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug:
18467469]
- add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]
[219-57.3]
- restart automounts unit on update (#1596241)
[219-57.2]
- automount: handle state changes of the corresponding mount unit
correctly (#1596241)
[219-57.1]
- umount: always use MNT_FORCE in umount_all() (#7213) (#1571098)
- core: Implement timeout based umount/remount limit (#1571098)
- core: Implement sync_with_progress() (#1571098)
ELBA-2018-2755 Oracle Linux 7 tomcat bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2755
http://linux.oracle.com/errata/ELBA-2018-2755.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
tomcat-7.0.76-7.el7_5.noarch.rpm
tomcat-admin-webapps-7.0.76-7.el7_5.noarch.rpm
tomcat-el-2.2-api-7.0.76-7.el7_5.noarch.rpm
tomcat-jsp-2.2-api-7.0.76-7.el7_5.noarch.rpm
tomcat-lib-7.0.76-7.el7_5.noarch.rpm
tomcat-servlet-3.0-api-7.0.76-7.el7_5.noarch.rpm
tomcat-webapps-7.0.76-7.el7_5.noarch.rpm
tomcat-docs-webapp-7.0.76-7.el7_5.noarch.rpm
tomcat-javadoc-7.0.76-7.el7_5.noarch.rpm
tomcat-jsvc-7.0.76-7.el7_5.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tomcat-7.0.76-7.el7_5.src.rpm
Description of changes:
[0:7.0.76-7]
- Resolves: rhbz#1607893 Deadlock occurs while sending to a closing session.
ELBA-2018-2756 Oracle Linux 7 sssd bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2756
http://linux.oracle.com/errata/ELBA-2018-2756.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
libipa_hbac-1.16.0-19.el7_5.8.aarch64.rpm
libsss_autofs-1.16.0-19.el7_5.8.aarch64.rpm
libsss_certmap-1.16.0-19.el7_5.8.aarch64.rpm
libsss_idmap-1.16.0-19.el7_5.8.aarch64.rpm
libsss_nss_idmap-1.16.0-19.el7_5.8.aarch64.rpm
libsss_simpleifp-1.16.0-19.el7_5.8.aarch64.rpm
libsss_sudo-1.16.0-19.el7_5.8.aarch64.rpm
python-libipa_hbac-1.16.0-19.el7_5.8.aarch64.rpm
python-libsss_nss_idmap-1.16.0-19.el7_5.8.aarch64.rpm
python-sss-1.16.0-19.el7_5.8.aarch64.rpm
python-sssdconfig-1.16.0-19.el7_5.8.noarch.rpm
python-sss-murmur-1.16.0-19.el7_5.8.aarch64.rpm
sssd-1.16.0-19.el7_5.8.aarch64.rpm
sssd-ad-1.16.0-19.el7_5.8.aarch64.rpm
sssd-client-1.16.0-19.el7_5.8.aarch64.rpm
sssd-common-1.16.0-19.el7_5.8.aarch64.rpm
sssd-common-pac-1.16.0-19.el7_5.8.aarch64.rpm
sssd-dbus-1.16.0-19.el7_5.8.aarch64.rpm
sssd-ipa-1.16.0-19.el7_5.8.aarch64.rpm
sssd-kcm-1.16.0-19.el7_5.8.aarch64.rpm
sssd-krb5-1.16.0-19.el7_5.8.aarch64.rpm
sssd-krb5-common-1.16.0-19.el7_5.8.aarch64.rpm
sssd-ldap-1.16.0-19.el7_5.8.aarch64.rpm
sssd-libwbclient-1.16.0-19.el7_5.8.aarch64.rpm
sssd-polkit-rules-1.16.0-19.el7_5.8.aarch64.rpm
sssd-proxy-1.16.0-19.el7_5.8.aarch64.rpm
sssd-tools-1.16.0-19.el7_5.8.aarch64.rpm
sssd-winbind-idmap-1.16.0-19.el7_5.8.aarch64.rpm
libipa_hbac-devel-1.16.0-19.el7_5.8.aarch64.rpm
libsss_certmap-devel-1.16.0-19.el7_5.8.aarch64.rpm
libsss_idmap-devel-1.16.0-19.el7_5.8.aarch64.rpm
libsss_nss_idmap-devel-1.16.0-19.el7_5.8.aarch64.rpm
libsss_simpleifp-devel-1.16.0-19.el7_5.8.aarch64.rpm
sssd-libwbclient-devel-1.16.0-19.el7_5.8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/sssd-1.16.0-19.el7_5.8.src.rpm
Description of changes:
[1.16.0-19.8]
- Resolves: rhbz#1601360 - SSSD bails out saving desktop profiles in
case an invalid profile is found [rhel-7.5.z]
[1.16.0-19.7]
- Resolves: rhbz#1596292 - home dir disappear in sssd cache on the IPA
master for AD users [rhel-7.5.z]
[1.16.0-19.6]
- Resolves: rhbz#1594178 - Login with sshkeys stored in ipa not working
after update to RHEL-7.5 [rhel-7.5.z]
[1.16.0-19.5]
- Resolves: rhbz#1583746 - The SSSD IPA provider allocates information
about external groups on a long lived memory context, causing memory
growth of the sssd_be process [rhel-7.5.z]
[1.16.0-19.4]
- Resolves: rhbz#1580281 - Samba can not register sss idmap module
because it's using an outdated SMB_IDMAP_INTERFACE_VERSION [rhel-7.5.z]
[1.16.0-19.3]
- Resolves: rhbz#1579780 - After updating to RHEL 7.5 failing to clear
the sssd cache [rhel-7.5.z]
[1.16.0-19.2]
- Resolves: rhbz#1579703 - crash in nss_protocol_fill_netgrent.
sssd_nss[19234]: segfault at 80 ip 000055612688c2a0 sp 00007ffddf9b9cd0
error 4 in sssd_nss[55612687e000+39000] [rhel-7.5.z]
[1.16.0-19.1]
- Resolves: rhbz#1570527 - memory management issue in the sssd_nss_ex
interface can cause the ns-slapd process on IPA server to crash [rhel-7.5.z]
ELBA-2018-2758 Oracle Linux 7 firewalld bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2758
http://linux.oracle.com/errata/ELBA-2018-2758.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
firewall-config-0.4.4.4-15.el7_5.noarch.rpm
firewalld-0.4.4.4-15.el7_5.noarch.rpm
firewalld-filesystem-0.4.4.4-15.el7_5.noarch.rpm
python-firewall-0.4.4.4-15.el7_5.noarch.rpm
firewall-applet-0.4.4.4-15.el7_5.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/firewalld-0.4.4.4-15.el7_5.src.rpm
Description of changes:
[0.4.4.4-15]
- backport patches to avoid NM for generated connections
ELBA-2018-2759 Oracle Linux 7 pki-core bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2759
http://linux.oracle.com/errata/ELBA-2018-2759.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
pki-base-10.5.1-15.el7_5.noarch.rpm
pki-base-java-10.5.1-15.el7_5.noarch.rpm
pki-ca-10.5.1-15.el7_5.noarch.rpm
pki-kra-10.5.1-15.el7_5.noarch.rpm
pki-server-10.5.1-15.el7_5.noarch.rpm
pki-symkey-10.5.1-15.el7_5.aarch64.rpm
pki-tools-10.5.1-15.el7_5.aarch64.rpm
pki-javadoc-10.5.1-15.el7_5.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/pki-core-10.5.1-15.el7_5.src.rpm
Description of changes:
[10.5.1-15]
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1600905 - pki console configurations that involves ldap
passwords leave the plain text password in signed audit logs
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1611245 - Certificate generation happens with partial
attributes in CMCRequest file [rhel-7.5.z] (cfu)
- Bugzilla Bug #1611250 - Better understanding of
NSS_USE_DECODED_CKA_EC_POINT for ECC [rhel-7.5.z] (cfu)
- Bugzilla Bug #1612880 - CMC Revocations throws exception with
same reqIssuer & certissuer [rhel-7.5.z] (cfu)
- Bugzilla Bug #1614837 - ipa-replica-install --setup-kra broken on
DL0 with latest version [rhel-7.5.z] (abokovoy)
- Bugzilla Bug #1614839 - CC: Enable all config audit events
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1615266 - ECC keys not supported for signing audit
logs [rhel-7.5.z] (cfu)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1539933 - keyGen fails when only Identity
ELBA-2018-2760 Oracle Linux 7 ipa bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2760
http://linux.oracle.com/errata/ELBA-2018-2760.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
ipa-client-4.5.4-10.0.1.el7_5.4.4.aarch64.rpm
ipa-client-common-4.5.4-10.0.1.el7_5.4.4.noarch.rpm
ipa-common-4.5.4-10.0.1.el7_5.4.4.noarch.rpm
ipa-python-compat-4.5.4-10.0.1.el7_5.4.4.noarch.rpm
ipa-server-4.5.4-10.0.1.el7_5.4.4.aarch64.rpm
ipa-server-common-4.5.4-10.0.1.el7_5.4.4.noarch.rpm
ipa-server-dns-4.5.4-10.0.1.el7_5.4.4.noarch.rpm
ipa-server-trust-ad-4.5.4-10.0.1.el7_5.4.4.aarch64.rpm
python2-ipaclient-4.5.4-10.0.1.el7_5.4.4.noarch.rpm
python2-ipalib-4.5.4-10.0.1.el7_5.4.4.noarch.rpm
python2-ipaserver-4.5.4-10.0.1.el7_5.4.4.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ipa-4.5.4-10.0.1.el7_5.4.4.src.rpm
Description of changes:
[4.5.4-10.0.1]
- Blank out header-logo.png product-name.png
- Replace login-screen-logo.png [20362818]
[4.5.4-10.el7_5.4.4]
- Resolves: #1626379 PKINIT configuration did not succeed message is
received during Replica-install
- ipa-replica-install: fix pkinit setup
ELBA-2018-2761 Oracle Linux 7 kexec-tools bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2761
http://linux.oracle.com/errata/ELBA-2018-2761.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
kexec-tools-2.0.15-13.0.2.el7_5.2.aarch64.rpm
kexec-tools-anaconda-addon-2.0.15-13.0.2.el7_5.2.aarch64.rpm
kexec-tools-eppic-2.0.15-13.0.2.el7_5.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kexec-tools-2.0.15-13.0.2.el7_5.2.src.rpm
Description of changes:
[2.0.15-13.0.2]
- makedumpfile: arm64: Fix page table walk of 1GB section [Orabug 27995626]
- arm64: skip purgatory integrity checks to speed up reboot [Orabug
28043892]
- don't patch files in SOURCES directory. That breaks building from the
srpm.
- dracut-module-setup: avoid duplicate config for ibft [Orabug: 22780125]
- kdumpctl: exclude default_hugepagesz setting from kdump kernel cmdline
(Sriharsha Yadagudde) [Orabug: 19134999]
- kdumpctl: verify if kernel support securelevel interface
(Sriharsha Yadagudde) [Orabug: 18905671]
[2.0.15-13.2]
- kdumpctl: Remove 'netroot' and 'iscsi initiator' entries from kdump
cmdline
ELBA-2018-2764 Oracle Linux 7 initscripts bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2764
http://linux.oracle.com/errata/ELBA-2018-2764.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
initscripts-9.49.41-1.0.4.el7_5.2.aarch64.rpm
debugmode-9.49.41-1.0.4.el7_5.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/initscripts-9.49.41-1.0.4.el7_5.2.src.rpm
Description of changes:
[9.49.41-1.0.4]
- Set net.rdmaip.trigger_active_bonding on service start and stop
- set net.rdmaip.active_bonding.patch [Orabug 27741130]
- Require the 7u5 package oraclelinux-release instead of the file
/etc/system-release to ensure all upgrade scenarios are covered
[bug 27882831]
- Restore requirement for /etc/system-release to ensure that
oraclelinux-release is pulled in [bug 27882831]
- modify SUBSCRIPTION_MSG
[9.49.41-1.el7_5.2]
- ifup-post: fix incorrect condition for RESOLV_MODS (bug #1622533)
ELBA-2018-2765 Oracle Linux 7 mutter bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2765
http://linux.oracle.com/errata/ELBA-2018-2765.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
mutter-3.26.2-17.el7_5.aarch64.rpm
mutter-devel-3.26.2-17.el7_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/mutter-3.26.2-17.el7_5.src.rpm
Description of changes:
[3.26.2-17]
- Fix crash when transient dialog closes during drag operation
- Resolves: #1622036
[3.26.2-16]
- Fix support for external monitor configurations
- Resolves: #1622000
ELBA-2018-2767 Oracle Linux 7 mod_wsgi bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2767
http://linux.oracle.com/errata/ELBA-2018-2767.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
mod_wsgi-3.4-13.el7_5.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/mod_wsgi-3.4-13.el7_5.1.src.rpm
Description of changes:
[3.4-13.1]
- mod_wsgi forces HEAD to GET (#1623666)
[3.4-13]
- reduce chance of deadlock at process shutdown (#1493429)
ELBA-2018-2771 Oracle Linux 7 dconf bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-2771
http://linux.oracle.com/errata/ELBA-2018-2771.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
dconf-0.26.0-3.el7_5.1.aarch64.rpm
dconf-devel-0.26.0-3.el7_5.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/dconf-0.26.0-3.el7_5.1.src.rpm
Description of changes:
[0.26.0-3]
- Check mtimes of files in /etc/dconf/db/*.d/ directories
- when running "dconf update"
- Resolves: #1626372
ELBA-2018-4222 Oracle Linux 7 qemu bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-4222
http://linux.oracle.com/errata/ELBA-2018-4222.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
ivshmem-tools-2.12.1-1.el7.aarch64.rpm
qemu-2.12.1-1.el7.aarch64.rpm
qemu-block-gluster-2.12.1-1.el7.aarch64.rpm
qemu-block-iscsi-2.12.1-1.el7.aarch64.rpm
qemu-block-rbd-2.12.1-1.el7.aarch64.rpm
qemu-common-2.12.1-1.el7.aarch64.rpm
qemu-img-2.12.1-1.el7.aarch64.rpm
qemu-kvm-2.12.1-1.el7.aarch64.rpm
qemu-kvm-core-2.12.1-1.el7.aarch64.rpm
qemu-system-aarch64-2.12.1-1.el7.aarch64.rpm
qemu-system-aarch64-core-2.12.1-1.el7.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-2.12.1-1.el7.src.rpm
Description of changes:
[15:2.12.1-1.el7]
- virtio-pci: Set subsystem vendor ID to Oracle
ELBA-2018-4223 Oracle Linux 7 libvirt bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2018-4223
http://linux.oracle.com/errata/ELBA-2018-4223.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
libvirt-4.4.0-4.el7.aarch64.rpm
libvirt-bash-completion-4.4.0-4.el7.aarch64.rpm
libvirt-client-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-config-network-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-config-nwfilter-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-interface-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-lxc-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-network-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-nodedev-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-nwfilter-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-qemu-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-secret-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-core-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-disk-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-gluster-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-iscsi-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-logical-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-mpath-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-rbd-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-driver-storage-scsi-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-kvm-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-qemu-4.4.0-4.el7.aarch64.rpm
libvirt-devel-4.4.0-4.el7.aarch64.rpm
libvirt-docs-4.4.0-4.el7.aarch64.rpm
libvirt-libs-4.4.0-4.el7.aarch64.rpm
libvirt-admin-4.4.0-4.el7.aarch64.rpm
libvirt-daemon-lxc-4.4.0-4.el7.aarch64.rpm
libvirt-lock-sanlock-4.4.0-4.el7.aarch64.rpm
libvirt-login-shell-4.4.0-4.el7.aarch64.rpm
libvirt-nss-4.4.0-4.el7.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-4.4.0-4.el7.src.rpm
Description of changes:
[4.4.0-4.el7]
- BUILDINFO: commit=69c7503bb6f81210bbf056c9305da15b5bdfc59d
- qemuxml2argvdata: adjust tests that exercise autopartition vNUMA
topology (Wim ten Have) [Orabug: 28447977]
- domain: target auto partitioned guests by disjoint vNUMA cpu ranges
(Wim ten Have) [Orabug: 28447977]
[4.4.0-3.el7]
- BUILDINFO: commit=78eb927c310ee13bf4d7d5f80555b612a6da0293
- qemuxml2argvdata: add tests that exercise autopartition vNUMA topology
(Wim ten Have) - qemu: enable vNUMA autoconf support for KVM
architecture. (Wim ten Have) - libxl: enable vNUMA autoconf support for
Xen architecture. (Wim ten Have) - domain: auto target guests providing
the machine NUMA topology (Wim ten Have)
[4.4.0-2.el7]
- BUILDINFO: commit=d619b4e4e81d3bcffa43df2af2fe7c7b52b85345
- Update version to 4.4.0 (Menno Lageman)
[4.4.0-1]
- BUILDINFO: commit=7e20f2059966e8a70d91b96941b4212c614c4056
- sync spec file with upstream
ELSA-2018-2757 Moderate: Oracle Linux 7 389-ds-base security and bug fix update (aarch64)
Oracle Linux Security Advisory ELSA-2018-2757
http://linux.oracle.com/errata/ELSA-2018-2757.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
389-ds-base-1.3.7.5-28.el7_5.aarch64.rpm
389-ds-base-libs-1.3.7.5-28.el7_5.aarch64.rpm
389-ds-base-devel-1.3.7.5-28.el7_5.aarch64.rpm
389-ds-base-snmp-1.3.7.5-28.el7_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/389-ds-base-1.3.7.5-28.el7_5.src.rpm
Description of changes:
[1.3.7.5-28]
- Bump version to 1.3.7.5-28
- Resolves: Bug 1628676 - 389-ds-base: race condition on reference
counter leads to DoS using persistent search
- Resolves: Bug 1628677 - Crash in delete_passwdPolicy when persistent
search connections are terminated unexpectedly
[1.3.7.5-27]
- Bump version to 1.3.7.5-27
- Resolves: Bug 1623247 - Crash in vslapd_log_emergency_error
[1.3.7.5-26]
- Bump version to 1.3.7.5-26
- Resolves: Bug 1615924 - Fine grained password policy can impact search
performance
- Resolves: Bug 1614836 - Disable nunc-stans by default
- Resolves: Bug 1614861 - ldapsearch with server side sort crashes the
ldap server
ELSA-2018-2766 Moderate: Oracle Linux 7 flatpak security update (aarch64)
Oracle Linux Security Advisory ELSA-2018-2766
http://linux.oracle.com/errata/ELSA-2018-2766.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
flatpak-0.8.8-4.el7_5.aarch64.rpm
flatpak-libs-0.8.8-4.el7_5.aarch64.rpm
flatpak-builder-0.8.8-4.el7_5.aarch64.rpm
flatpak-devel-0.8.8-4.el7_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/flatpak-0.8.8-4.el7_5.src.rpm
Description of changes:
[0.8.8-4]
- Add patch for CVE-2018-6560 (#1547376)
ELSA-2018-2768 Moderate: Oracle Linux 7 nss security update (aarch64)
Oracle Linux Security Advisory ELSA-2018-2768
http://linux.oracle.com/errata/ELSA-2018-2768.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
nss-3.36.0-7.el7_5.aarch64.rpm
nss-devel-3.36.0-7.el7_5.aarch64.rpm
nss-sysinit-3.36.0-7.el7_5.aarch64.rpm
nss-tools-3.36.0-7.el7_5.aarch64.rpm
nss-pkcs11-devel-3.36.0-7.el7_5.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nss-3.36.0-7.el7_5.src.rpm
Description of changes:
[3.36.0-7]
- Backport upstream fix for CVE-2018-12384
- Remove nss-lockcert-api-change.patch, which turned out to be a
mistake (the symbol was not exported from libnss)
[3.36.0-6]
- Exercise SSL tests which only run under non-FIPS setting
ELSA-2018-4227 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2018-4227
http://linux.oracle.com/errata/ELSA-2018-4227.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.19.5.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.19.5.el6uek.noarch.rpm
kernel-uek-4.1.12-124.19.5.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.19.5.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.19.5.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.19.5.el6uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.19.5.el6uek.src.rpm
Description of changes:
[4.1.12-124.19.5.el6uek]
- nsfs: mark dentry with DCACHE_RCUACCESS (Cong Wang) [Orabug:
28576290] {CVE-2018-5873}
- dm crypt: add middle-endian variant of plain64 IV (Konrad Rzeszutek
Wilk) [Orabug: 28604628]
- IB/ipoib: Improve filtering log message (Yuval Shaia) [Orabug: 28655409]
- IB/ipoib: Fix wrong update of arp_blocked counter (Yuval Shaia)
[Orabug: 28655409]
- IB/ipoib: Update RX counters after ACL filtering (Yuval Shaia)
[Orabug: 28655409]
- IB/ipoib: Filter RX packets before adding pseudo header (Yuval Shaia)
[Orabug: 28655409]
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (Scott
Bauer) [Orabug: 28664501] {CVE-2018-16658}
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
(Seunghun Han) [Orabug: 28664577] {CVE-2017-13695}
- uek-rpm: Disable deprecated CONFIG_ACPI_PROCFS_POWER (Victor
Erminpour) [Orabug: 28680213]
ELSA-2018-4227 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2018-4227
http://linux.oracle.com/errata/ELSA-2018-4227.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.19.5.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.19.5.el7uek.noarch.rpm
kernel-uek-4.1.12-124.19.5.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.19.5.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.19.5.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.19.5.el7uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.19.5.el7uek.src.rpm
Description of changes:
[4.1.12-124.19.5.el7uek]
- nsfs: mark dentry with DCACHE_RCUACCESS (Cong Wang) [Orabug:
28576290] {CVE-2018-5873}
- dm crypt: add middle-endian variant of plain64 IV (Konrad Rzeszutek
Wilk) [Orabug: 28604628]
- IB/ipoib: Improve filtering log message (Yuval Shaia) [Orabug: 28655409]
- IB/ipoib: Fix wrong update of arp_blocked counter (Yuval Shaia)
[Orabug: 28655409]
- IB/ipoib: Update RX counters after ACL filtering (Yuval Shaia)
[Orabug: 28655409]
- IB/ipoib: Filter RX packets before adding pseudo header (Yuval Shaia)
[Orabug: 28655409]
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (Scott
Bauer) [Orabug: 28664501] {CVE-2018-16658}
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
(Seunghun Han) [Orabug: 28664577] {CVE-2017-13695}
- uek-rpm: Disable deprecated CONFIG_ACPI_PROCFS_POWER (Victor
Erminpour) [Orabug: 28680213]
ELSA-2018-4228 Important: Oracle Linux 6 openssl security update
Oracle Linux Security Advisory ELSA-2018-4228
http://linux.oracle.com/errata/ELSA-2018-4228.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
openssl-1.0.1e-57.0.5.el6.i686.rpm
openssl-devel-1.0.1e-57.0.5.el6.i686.rpm
openssl-perl-1.0.1e-57.0.5.el6.i686.rpm
openssl-static-1.0.1e-57.0.5.el6.i686.rpm
x86_64:
openssl-1.0.1e-57.0.5.el6.i686.rpm
openssl-1.0.1e-57.0.5.el6.x86_64.rpm
openssl-devel-1.0.1e-57.0.5.el6.i686.rpm
openssl-devel-1.0.1e-57.0.5.el6.x86_64.rpm
openssl-perl-1.0.1e-57.0.5.el6.x86_64.rpm
openssl-static-1.0.1e-57.0.5.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/openssl-1.0.1e-57.0.5.el6.src.rpm
Description of changes:
[1.0.1e-57.0.5]
- Merge upstream patch to fix CVE-2018-0739
OVMSA-2018-0258 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update
Oracle VM Security Advisory OVMSA-2018-0258
The following updated rpms for Oracle VM 3.4 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-firmware-4.1.12-124.19.5.el6uek.noarch.rpm
kernel-uek-4.1.12-124.19.5.el6uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/kernel-uek-4.1.12-124.19.5.el6uek.src.rpm
Description of changes:
[4.1.12-124.19.5.el6uek]
- nsfs: mark dentry with DCACHE_RCUACCESS (Cong Wang) [Orabug:
28576290] {CVE-2018-5873}
- dm crypt: add middle-endian variant of plain64 IV (Konrad Rzeszutek
Wilk) [Orabug: 28604628]
- IB/ipoib: Improve filtering log message (Yuval Shaia) [Orabug: 28655409]
- IB/ipoib: Fix wrong update of arp_blocked counter (Yuval Shaia)
[Orabug: 28655409]
- IB/ipoib: Update RX counters after ACL filtering (Yuval Shaia)
[Orabug: 28655409]
- IB/ipoib: Filter RX packets before adding pseudo header (Yuval Shaia)
[Orabug: 28655409]
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (Scott
Bauer) [Orabug: 28664501] {CVE-2018-16658}
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
(Seunghun Han) [Orabug: 28664577] {CVE-2017-13695}
- uek-rpm: Disable deprecated CONFIG_ACPI_PROCFS_POWER (Victor
Erminpour) [Orabug: 28680213]