Oracle Linux 6278 Published by

The following updates has been released for Oracle Linux:

ELBA-2018-4118 Oracle Linux 7 lvm2 bug fix update
ELEA-2018-1774 Oracle Linux 6 microcode_ctl enhancement update
ELSA-2018-1777 Important: Oracle Linux 6 procps security update
ELSA-2018-1779 Important: Oracle Linux 6 xmlrpc3 security update



ELBA-2018-4118 Oracle Linux 7 lvm2 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4118

http://linux.oracle.com/errata/ELBA-2018-4118.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
cmirror-2.02.177-4.0.2.el7.x86_64.rpm
device-mapper-1.02.146-4.0.2.el7.x86_64.rpm
device-mapper-event-1.02.146-4.0.2.el7.x86_64.rpm
device-mapper-event-libs-1.02.146-4.0.2.el7.i686.rpm
device-mapper-event-libs-1.02.146-4.0.2.el7.x86_64.rpm
device-mapper-libs-1.02.146-4.0.2.el7.i686.rpm
device-mapper-libs-1.02.146-4.0.2.el7.x86_64.rpm
lvm2-2.02.177-4.0.2.el7.x86_64.rpm
lvm2-cluster-2.02.177-4.0.2.el7.x86_64.rpm
lvm2-libs-2.02.177-4.0.2.el7.i686.rpm
lvm2-libs-2.02.177-4.0.2.el7.x86_64.rpm
lvm2-python-libs-2.02.177-4.0.2.el7.x86_64.rpm
device-mapper-devel-1.02.146-4.0.2.el7.i686.rpm
device-mapper-devel-1.02.146-4.0.2.el7.x86_64.rpm
device-mapper-event-devel-1.02.146-4.0.2.el7.i686.rpm
device-mapper-event-devel-1.02.146-4.0.2.el7.x86_64.rpm
lvm2-devel-2.02.177-4.0.2.el7.i686.rpm
lvm2-devel-2.02.177-4.0.2.el7.x86_64.rpm
lvm2-lockd-2.02.177-4.0.2.el7.x86_64.rpm
lvm2-sysvinit-2.02.177-4.0.2.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/lvm2-2.02.177-4.0.2.el7.src.rpm



Description of changes:

[7:2.02.177-4.0.2]
- LVM2: Do not deactivate all volume groups on ExecStop [Orabug: 27924858]

ELEA-2018-1774 Oracle Linux 6 microcode_ctl enhancement update

Oracle Linux Enhancement Advisory ELEA-2018-1774

http://linux.oracle.com/errata/ELEA-2018-1774.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
microcode_ctl-1.17-25.7.0.2.el6_9.i686.rpm

x86_64:
microcode_ctl-1.17-25.7.0.2.el6_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/microcode_ctl-1.17-25.7.0.2.el6_9.src.rpm



Description of changes:

[1:1.17-25.7.0.2]
- Remove upstream disclaimer file.
- Enable early microcode load to allow updating Broadwell model 79
- Make sure "modprobe microcode" is not executed on Broadwell model 79
- Run dracut upon microcode update

[1:1.17-25.7]
- Update AMD microcode to 2018-05-24
- Resolves: #1576314

ELSA-2018-1777 Important: Oracle Linux 6 procps security update

Oracle Linux Security Advisory ELSA-2018-1777

http://linux.oracle.com/errata/ELSA-2018-1777.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
procps-3.2.8-45.0.1.el6_9.3.i686.rpm
procps-devel-3.2.8-45.0.1.el6_9.3.i686.rpm

x86_64:
procps-3.2.8-45.0.1.el6_9.3.i686.rpm
procps-3.2.8-45.0.1.el6_9.3.x86_64.rpm
procps-devel-3.2.8-45.0.1.el6_9.3.i686.rpm
procps-devel-3.2.8-45.0.1.el6_9.3.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/procps-3.2.8-45.0.1.el6_9.3.src.rpm



Description of changes:

[3.2.8-45.0.1.el6_9.3 ]
- vmstat: fix invalid CPU utilization stats after vCPU hot-plug/unplug
(Konrad Rzeszutek Wilk) [bug 18011019]

[3.2.8-45.el6_9.3]
- drop leftover assignment in fix for CVE-2018-1124 causing a severe
regression
- Resolves: CVE-2018-1124

[3.2.8-45.el6_9.2]
- fix integer overflows leading to heap overflow in file2strvec()
- Resolves: CVE-2018-1124 CVE-2018-1126


ELSA-2018-1779 Important: Oracle Linux 6 xmlrpc3 security update

Oracle Linux Security Advisory ELSA-2018-1779

http://linux.oracle.com/errata/ELSA-2018-1779.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
xmlrpc3-client-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-client-devel-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-common-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-common-devel-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-javadoc-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-server-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-server-devel-3.0-4.17.el6_9.noarch.rpm

x86_64:
xmlrpc3-client-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-client-devel-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-common-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-common-devel-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-javadoc-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-server-3.0-4.17.el6_9.noarch.rpm
xmlrpc3-server-devel-3.0-4.17.el6_9.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/xmlrpc3-3.0-4.17.el6_9.src.rpm



Description of changes:

[3.0-4.17]
- Rebase patch to avoid orig files in source JAR
- Related: CVE-2016-5003

[3.0-4.16]
- Disallow deserialization of tags by default
- Resolves: CVE-2016-5003