Oracle Linux 6262 Published by

Oracle has released 16 updates for Oracle Linux 8:

ELBA-2019-2702 Oracle Linux 8 selinux-policy bug fix update
ELBA-2019-2704 Oracle Linux 8 nfs-utils bug fix update
ELBA-2019-2705 Oracle Linux 8 kmod-kvdo bug fix update
ELBA-2019-2706 Oracle Linux 8 net-snmp bug fix update
ELBA-2019-2709 Oracle Linux 8 rpm bug fix update
ELBA-2019-2711 Oracle Linux 8 nfs-utils bug fix update
ELBA-2019-2712 Oracle Linux 8 grub2 bug fix update
ELBA-2019-2714 Oracle Linux 8 anaconda bug fix update
ELBA-2019-2718 Oracle Linux 8 sbd bug fix update
ELBA-2019-2719 Oracle Linux 8 pacemaker bug fix update
ELBA-2019-2721 Oracle Linux 8 python-blivet bug fix and enhancement update
ELBA-2019-4765 Oracle Linux 7 oVirt 4.2 vdsm bug fix update
ELSA-2019-2703 Important: Oracle Linux 8 kernel security and bug fix update
ELSA-2019-2713 Moderate: Oracle Linux 8 poppler security update
ELSA-2019-2722 Low: Oracle Linux 8 libwmf security update
ELSA-2019-2731 Moderate: Oracle Linux 8 .NET Core on Red Hat Enterprise Linux security and bug fix update



ELBA-2019-2702 Oracle Linux 8 selinux-policy bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2702

http://linux.oracle.com/errata/ELBA-2019-2702.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
selinux-policy-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-devel-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-doc-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-minimum-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-mls-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-sandbox-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-targeted-3.14.1-61.0.2.el8_0.2.noarch.rpm

aarch64:
selinux-policy-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-devel-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-doc-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-minimum-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-mls-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-sandbox-3.14.1-61.0.2.el8_0.2.noarch.rpm
selinux-policy-targeted-3.14.1-61.0.2.el8_0.2.noarch.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/selinux-policy-3.14.1-61.0.2.el8_0.2.src.rpm

Description of changes:

[3.14.1-61.2.0.2]
- Allow init_t to relabel all lock files [Orabug: 29846265] (Naoki Tanaka)
- Allow cloud_init_t to dbus chat with systemd_logind_t [Orabug: 29399653]
- Allow udev_t to load modules [Orabug: 28260775]
- Allow chronyd_t to execute shell scripts [Orabug: 28260775]
- Add vhost-scsi to be vhost_device_t type [Orabug: 27774921]
- Obsolete docker-engine-selinux [Orabug: 26439663]
- Fix container selinux policy [Orabug: 26427364]
- Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type.

[3.14.1-61.2]
- Allow sbd_t domain to use nsswitch
Resolves: rhbz#1733905

[3.14.1-61.1]
- Allow unconfined users to use smc unlabeled sockets
Resolves: rhbz#1708098

ELBA-2019-2704 Oracle Linux 8 nfs-utils bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2704

http://linux.oracle.com/errata/ELBA-2019-2704.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libnfsidmap-2.3.3-14.el8_0.2.i686.rpm
libnfsidmap-2.3.3-14.el8_0.2.x86_64.rpm
nfs-utils-2.3.3-14.el8_0.2.x86_64.rpm
libnfsidmap-devel-2.3.3-14.el8_0.2.i686.rpm
libnfsidmap-devel-2.3.3-14.el8_0.2.x86_64.rpm

aarch64:
libnfsidmap-2.3.3-14.el8_0.2.aarch64.rpm
nfs-utils-2.3.3-14.el8_0.2.aarch64.rpm
libnfsidmap-devel-2.3.3-14.el8_0.2.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/nfs-utils-2.3.3-14.el8_0.2.src.rpm



Description of changes:

[2.3.3-14_0.2]
- Add a conversion for new sm-notify force option to sm-notify (bz 1716592)

[2.3.3-14_0.1]
- Add a conversion for new sm-notify force option in nfs.conf (bz 1716592)

ELBA-2019-2705 Oracle Linux 8 kmod-kvdo bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2705

http://linux.oracle.com/errata/ELBA-2019-2705.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kmod-kvdo-6.2.0.293-53.0.1.el8_0.x86_64.rpm

aarch64:
kmod-kvdo-6.2.0.293-53.0.1.el8_0.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kmod-kvdo-6.2.0.293-53.0.1.el8_0.src.rpm



Description of changes:

[6.2.0.293-53.0.1]
- add OL signature

[6.2.0.293-53]
- Bumped NVR for new 4.18 kernel
- Resolves: rhbz#1739186

ELBA-2019-2706 Oracle Linux 8 net-snmp bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2706

http://linux.oracle.com/errata/ELBA-2019-2706.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
net-snmp-5.8-7.el8_0.2.x86_64.rpm
net-snmp-agent-libs-5.8-7.el8_0.2.i686.rpm
net-snmp-agent-libs-5.8-7.el8_0.2.x86_64.rpm
net-snmp-devel-5.8-7.el8_0.2.i686.rpm
net-snmp-devel-5.8-7.el8_0.2.x86_64.rpm
net-snmp-libs-5.8-7.el8_0.2.i686.rpm
net-snmp-libs-5.8-7.el8_0.2.x86_64.rpm
net-snmp-utils-5.8-7.el8_0.2.x86_64.rpm

aarch64:
net-snmp-5.8-7.el8_0.2.aarch64.rpm
net-snmp-agent-libs-5.8-7.el8_0.2.aarch64.rpm
net-snmp-devel-5.8-7.el8_0.2.aarch64.rpm
net-snmp-libs-5.8-7.el8_0.2.aarch64.rpm
net-snmp-utils-5.8-7.el8_0.2.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/net-snmp-5.8-7.el8_0.2.src.rpm



Description of changes:

[1:5.8-7.2]
- fix issue with trapsink configuration (#1738302)

ELBA-2019-2709 Oracle Linux 8 rpm bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2709

http://linux.oracle.com/errata/ELBA-2019-2709.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
python3-rpm-4.14.2-11.el8_0.x86_64.rpm
rpm-4.14.2-11.el8_0.x86_64.rpm
rpm-apidocs-4.14.2-11.el8_0.noarch.rpm
rpm-build-4.14.2-11.el8_0.x86_64.rpm
rpm-build-libs-4.14.2-11.el8_0.i686.rpm
rpm-build-libs-4.14.2-11.el8_0.x86_64.rpm
rpm-cron-4.14.2-11.el8_0.noarch.rpm
rpm-devel-4.14.2-11.el8_0.i686.rpm
rpm-devel-4.14.2-11.el8_0.x86_64.rpm
rpm-libs-4.14.2-11.el8_0.i686.rpm
rpm-libs-4.14.2-11.el8_0.x86_64.rpm
rpm-plugin-ima-4.14.2-11.el8_0.x86_64.rpm
rpm-plugin-prioreset-4.14.2-11.el8_0.x86_64.rpm
rpm-plugin-selinux-4.14.2-11.el8_0.x86_64.rpm
rpm-plugin-syslog-4.14.2-11.el8_0.x86_64.rpm
rpm-plugin-systemd-inhibit-4.14.2-11.el8_0.x86_64.rpm
rpm-sign-4.14.2-11.el8_0.x86_64.rpm

aarch64:
python3-rpm-4.14.2-11.el8_0.aarch64.rpm
rpm-4.14.2-11.el8_0.aarch64.rpm
rpm-apidocs-4.14.2-11.el8_0.noarch.rpm
rpm-build-4.14.2-11.el8_0.aarch64.rpm
rpm-build-libs-4.14.2-11.el8_0.aarch64.rpm
rpm-cron-4.14.2-11.el8_0.noarch.rpm
rpm-devel-4.14.2-11.el8_0.aarch64.rpm
rpm-libs-4.14.2-11.el8_0.aarch64.rpm
rpm-plugin-ima-4.14.2-11.el8_0.aarch64.rpm
rpm-plugin-prioreset-4.14.2-11.el8_0.aarch64.rpm
rpm-plugin-selinux-4.14.2-11.el8_0.aarch64.rpm
rpm-plugin-syslog-4.14.2-11.el8_0.aarch64.rpm
rpm-plugin-systemd-inhibit-4.14.2-11.el8_0.aarch64.rpm
rpm-sign-4.14.2-11.el8_0.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/rpm-4.14.2-11.el8_0.src.rpm



Description of changes:

[4.14.2-11]
- Fix off-by-one in hdrblobGet() breaking large package verification
(#1736821)

ELBA-2019-2711 Oracle Linux 8 nfs-utils bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2711

http://linux.oracle.com/errata/ELBA-2019-2711.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libnfsidmap-2.3.3-14.el8_0.3.i686.rpm
libnfsidmap-2.3.3-14.el8_0.3.x86_64.rpm
nfs-utils-2.3.3-14.el8_0.3.x86_64.rpm
libnfsidmap-devel-2.3.3-14.el8_0.3.i686.rpm
libnfsidmap-devel-2.3.3-14.el8_0.3.x86_64.rpm

aarch64:
libnfsidmap-2.3.3-14.el8_0.3.aarch64.rpm
nfs-utils-2.3.3-14.el8_0.3.aarch64.rpm
libnfsidmap-devel-2.3.3-14.el8_0.3.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/nfs-utils-2.3.3-14.el8_0.3.src.rpm



Description of changes:

[2.3.3-14_0.3]
- nfs.conf: Fixed manage-gids option typo (bz 1716591)

ELBA-2019-2712 Oracle Linux 8 grub2 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2712

http://linux.oracle.com/errata/ELBA-2019-2712.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
grub2-common-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-efi-aa64-modules-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-efi-ia32-2.02-66.0.4.el8_0.1.x86_64.rpm
grub2-efi-ia32-cdboot-2.02-66.0.4.el8_0.1.x86_64.rpm
grub2-efi-ia32-modules-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-efi-x64-2.02-66.0.4.el8_0.1.x86_64.rpm
grub2-efi-x64-cdboot-2.02-66.0.4.el8_0.1.x86_64.rpm
grub2-efi-x64-modules-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-pc-2.02-66.0.4.el8_0.1.x86_64.rpm
grub2-pc-modules-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-tools-2.02-66.0.4.el8_0.1.x86_64.rpm
grub2-tools-efi-2.02-66.0.4.el8_0.1.x86_64.rpm
grub2-tools-extra-2.02-66.0.4.el8_0.1.x86_64.rpm
grub2-tools-minimal-2.02-66.0.4.el8_0.1.x86_64.rpm

aarch64:
grub2-common-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-efi-aa64-2.02-66.0.4.el8_0.1.aarch64.rpm
grub2-efi-aa64-cdboot-2.02-66.0.4.el8_0.1.aarch64.rpm
grub2-efi-aa64-modules-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-efi-ia32-modules-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-efi-x64-modules-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-pc-modules-2.02-66.0.4.el8_0.1.noarch.rpm
grub2-tools-2.02-66.0.4.el8_0.1.aarch64.rpm
grub2-tools-extra-2.02-66.0.4.el8_0.1.aarch64.rpm
grub2-tools-minimal-2.02-66.0.4.el8_0.1.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/grub2-2.02-66.0.4.el8_0.1.src.rpm



Description of changes:

[2.02-66.0.4.el8_0.1]
- set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597]
(Alex Burmashev)
- Update upstream references [Orabug: 26388226]
- Copy symvers.gz to /boot during kernel install [Orabug: 29773086]
(Alex Burmashev)
- Insert Unbreakable Enterprise Kernel text into BLS config file
[Orabug: 29417955]
- fix symlink removal scriptlet, to be executed only on removal [Orabug:
19231481]
- Fix comparison in patch for 18504756
- Remove symlink to grub environment file during uninstall on EFI
platforms [Orabug: 19231481]
- update Oracle Linux certificates (Alexey Petrenko)
- Put "with" in menuentry instead of "using" [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]

[2.02-66.el8_0.1]
- Include regexp module in EFI builds
Resolves: rhbz#1743549

ELBA-2019-2714 Oracle Linux 8 anaconda bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2714

http://linux.oracle.com/errata/ELBA-2019-2714.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
anaconda-29.19.0.43-1.0.1.el8_0.x86_64.rpm
anaconda-core-29.19.0.43-1.0.1.el8_0.x86_64.rpm
anaconda-dracut-29.19.0.43-1.0.1.el8_0.x86_64.rpm
anaconda-gui-29.19.0.43-1.0.1.el8_0.x86_64.rpm
anaconda-install-env-deps-29.19.0.43-1.0.1.el8_0.x86_64.rpm
anaconda-tui-29.19.0.43-1.0.1.el8_0.x86_64.rpm
anaconda-widgets-29.19.0.43-1.0.1.el8_0.i686.rpm
anaconda-widgets-29.19.0.43-1.0.1.el8_0.x86_64.rpm

aarch64:
anaconda-29.19.0.43-1.0.1.el8_0.aarch64.rpm
anaconda-core-29.19.0.43-1.0.1.el8_0.aarch64.rpm
anaconda-dracut-29.19.0.43-1.0.1.el8_0.aarch64.rpm
anaconda-gui-29.19.0.43-1.0.1.el8_0.aarch64.rpm
anaconda-install-env-deps-29.19.0.43-1.0.1.el8_0.aarch64.rpm
anaconda-tui-29.19.0.43-1.0.1.el8_0.aarch64.rpm
anaconda-widgets-29.19.0.43-1.0.1.el8_0.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/anaconda-29.19.0.43-1.0.1.el8_0.src.rpm



Description of changes:

[29.19.0.43-1.0.1]
- Increase the buffer added to the download space required when determining
the dnf download cache location to avoid hangs on Virtual Box
[Orabug: 29889830]
- iscsid service should not be running when transition to
anaconda.target [Orabug: 29446153]
(fred.herard@oracle.com)
- Use OL8 for the kickstart version [Orabug: 29373077]
- Remove python3-syspurpose requirement. [Orabug 29443881]
- Prevent rescue bootloader entry from becoming the default [Orabug:
29439753]
- Use /etc/os-release first when finding the product name [Orabug: 29373100]
- Remove UI components related to system purpose and RHN subscription.
[Orabug: 29373275]
- Add patch to use bls config file to setup default kernel instead of
index [Orabug: 21957916]
- liveinst was not built since IS_LIVEINST_ARCH in configure.ac wasn't
tweaked
it should now build for armv5,6,7* and aarch64 (philip.copeland@oracle.com)
- Provide the liveinst binary [bug 27116016]

[29.19.0.43-1]
- Set the flag lvm_metadata_backup (#1673901) (vponcova)
Related: rhbz#1715344

[29.19.0.42-2]
- Gating adjustments
Related: rhbz#1715344

[29.19.0.42-1]
- Require blivet with flags.protect_cdrom support (rvykydal)
Resolves: rhbz#1715344
- Do not try to mount cdrom source also if it has been mounted in dracut.
(rvykydal)
Resolves: rhbz#1715344
- Be more strict when checking for mounted dvd source. (rvykydal)
Resolves: rhbz#1715344
- Protect cdroms during tree population for image installs. (rvykydal)
Resolves: rhbz#1715344
- Use rhel-8.0 zanata version. (rvykydal)
Related: rhbz#1715344
- Rename zanata rhel-devel version (rvykydal)
Related: rhbz#1715344

ELBA-2019-2718 Oracle Linux 8 sbd bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2718

http://linux.oracle.com/errata/ELBA-2019-2718.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
sbd-1.3.1-18.el8_0.3.x86_64.rpm

aarch64:
sbd-1.3.1-18.el8_0.3.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/sbd-1.3.1-18.el8_0.3.src.rpm



Description of changes:

[1.3.1-18.3]
- added missing patch

Resolves: rhbz#1734061

[1.3.1-18.2]
- check for shutdown attribute on every cib-diff

Resolves: rhbz#1734061

[1.3.1-18.1]
- assume graceful pacemaker exit if leftovers are unmanaged
- make handling of cib-connection loss more robust

Resolves: rhbz#1734061

ELBA-2019-2719 Oracle Linux 8 pacemaker bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2719

http://linux.oracle.com/errata/ELBA-2019-2719.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
pacemaker-cluster-libs-2.0.1-4.el8_0.4.i686.rpm
pacemaker-cluster-libs-2.0.1-4.el8_0.4.x86_64.rpm
pacemaker-libs-2.0.1-4.el8_0.4.i686.rpm
pacemaker-libs-2.0.1-4.el8_0.4.x86_64.rpm
pacemaker-schemas-2.0.1-4.el8_0.4.noarch.rpm

aarch64:
pacemaker-cluster-libs-2.0.1-4.el8_0.4.aarch64.rpm
pacemaker-libs-2.0.1-4.el8_0.4.aarch64.rpm
pacemaker-schemas-2.0.1-4.el8_0.4.noarch.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/pacemaker-2.0.1-4.el8_0.4.src.rpm



Description of changes:

[2.0.1-4.4]
- Handle losing remote node while it is shutting down
- Resolves: rhbz#1734066

ELBA-2019-2721 Oracle Linux 8 python-blivet bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2019-2721

http://linux.oracle.com/errata/ELBA-2019-2721.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
blivet-data-3.1.0-12.0.1.el8_0.noarch.rpm
python3-blivet-3.1.0-12.0.1.el8_0.noarch.rpm

aarch64:
blivet-data-3.1.0-12.0.1.el8_0.noarch.rpm
python3-blivet-3.1.0-12.0.1.el8_0.noarch.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/python-blivet-3.1.0-12.0.1.el8_0.src.rpm



Description of changes:

[3.1.0-12.0.1]
- Add bug29870386-fix-redhat-reference.patch [Orabug: 29870386]

[3.1.0-12]
- Rebuild with fixed gating
Related: rhbz#1734318

[3.1.0-11]
- Add flag for protecting cdrom devices during populate
Resolves: rhbz#1734318

ELBA-2019-4765 Oracle Linux 7 oVirt 4.2 vdsm bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-4765

http://linux.oracle.com/errata/ELBA-2019-4765.html

The following updated rpms for Oracle Linux 7 oVirt 4.2 have been
uploaded to the Unbreakable Linux Network:


x86_64:
vdsm-4.20.46-1.0.8.el7.x86_64.rpm
vdsm-api-4.20.46-1.0.8.el7.noarch.rpm
vdsm-client-4.20.46-1.0.8.el7.noarch.rpm
vdsm-common-4.20.46-1.0.8.el7.noarch.rpm
vdsm-gluster-4.20.46-1.0.8.el7.x86_64.rpm
vdsm-hook-allocate_net-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-boot_hostdev-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-checkimages-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-checkips-4.20.46-1.0.8.el7.x86_64.rpm
vdsm-hook-cpuflags-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-diskunmap-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-ethtool-options-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-extnet-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-extra-ipv4-addrs-4.20.46-1.0.8.el7.x86_64.rpm
vdsm-hook-fakevmstats-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-faqemu-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-fcoe-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-fileinject-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-floppy-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-httpsisoboot-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-ipv6-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-isolatedprivatevlan-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-localdisk-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-macbind-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-macspoof-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-nestedvt-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-noipspoof-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-numa-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-openstacknet-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-pincpu-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-promisc-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-qemucmdline-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-qos-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-scratchpad-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-smbios-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-spiceoptions-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-vhostmd-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-vmdisk-4.20.46-1.0.8.el7.noarch.rpm
vdsm-hook-vmfex-dev-4.20.46-1.0.8.el7.noarch.rpm
vdsm-http-4.20.46-1.0.8.el7.noarch.rpm
vdsm-jsonrpc-4.20.46-1.0.8.el7.noarch.rpm
vdsm-network-4.20.46-1.0.8.el7.x86_64.rpm
vdsm-python-4.20.46-1.0.8.el7.noarch.rpm
vdsm-tests-4.20.46-1.0.8.el7.noarch.rpm
vdsm-yajsonrpc-4.20.46-1.0.8.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/vdsm-4.20.46-1.0.8.el7.src.rpm



Description of changes:

[4.20.46-1.0.8]
- Fix sos conflict

ELSA-2019-2703 Important: Oracle Linux 8 kernel security and bug fix update

Oracle Linux Security Advisory ELSA-2019-2703

http://linux.oracle.com/errata/ELSA-2019-2703.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-abi-whitelists-4.18.0-80.11.1.el8_0.noarch.rpm
kernel-core-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-cross-headers-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-debug-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-debug-core-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-debug-devel-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-debug-modules-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-debug-modules-extra-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-devel-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-doc-4.18.0-80.11.1.el8_0.noarch.rpm
kernel-headers-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-modules-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-modules-extra-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-tools-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-tools-libs-4.18.0-80.11.1.el8_0.x86_64.rpm
perf-4.18.0-80.11.1.el8_0.x86_64.rpm
python3-perf-4.18.0-80.11.1.el8_0.x86_64.rpm
kernel-tools-libs-devel-4.18.0-80.11.1.el8_0.x86_64.rpm

aarch64:
bpftool-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-abi-whitelists-4.18.0-80.11.1.el8_0.noarch.rpm
kernel-core-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-cross-headers-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-debug-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-debug-core-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-debug-devel-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-debug-modules-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-debug-modules-extra-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-devel-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-doc-4.18.0-80.11.1.el8_0.noarch.rpm
kernel-headers-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-modules-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-modules-extra-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-tools-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-tools-libs-4.18.0-80.11.1.el8_0.aarch64.rpm
perf-4.18.0-80.11.1.el8_0.aarch64.rpm
python3-perf-4.18.0-80.11.1.el8_0.aarch64.rpm
kernel-tools-libs-devel-4.18.0-80.11.1.el8_0.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-80.11.1.el8_0.src.rpm



Description of changes:

- [4.18.0-80.11.1.el8_0.OL8]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted
keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]

[4.18.0-80.11.1.el8_0]
- [wireless] mwifiex: Don't abort on small, spec-compliant vendor IEs
(Jarod Wilson) [1714475 1728992]
- [wireless] mwifiex: fix 802.11n/WPA detection (Jarod Wilson) [1714475
1714476] {CVE-2019-3846}

[4.18.0-80.10.1.el8_0]
- [x86] x86/entry/64: Use JMP instead of JMPQ (Josh Poimboeuf) [1724500
1724501] {CVE-2019-1125}
- [x86] x86/speculation: Enable Spectre v1 swapgs mitigations (Josh
Poimboeuf) [1724500 1724501] {CVE-2019-1125}
- [x86] x86/speculation: Prepare entry code for Spectre v1 swapgs
mitigations (Josh Poimboeuf) [1724500 1724501] {CVE-2019-1125}
- [x86] x86/cpufeatures: Combine word 11 and 12 into a new scattered
features word (Josh Poimboeuf) [1724500 1724501] {CVE-2019-1125}
- [x86] x86/cpufeatures: Carve out CQM features retrival (Josh
Poimboeuf) [1724500 1724501] {CVE-2019-1125}

[4.18.0-80.9.1.el8_0]
- [netdrv] thunderx: eliminate extra calls to put_page() for pages held
for recycling (Dean Nelson) [1726354 1644011]
- [netdrv] thunderx: enable page recycling for non-XDP case (Dean
Nelson) [1726354 1644011]
- [arm64] arm64: kaslr: ensure randomized quantities are clean also when
kaslr is off (Mark Salter) [1726357 1673068]
- [arm64] arm64: kaslr: ensure randomized quantities are clean to the
PoC (Mark Salter) [1726357 1673068]
- [mm] powerpc/mm/64s/hash: Reallocate context ids on fork (Gustavo
Duarte) [1734689 1723808] {CVE-2019-12817}
- [powerpc] powerpc/pseries/mobility: rebuild cacheinfo hierarchy
post-migration (Steve Best) [1733282 1720929]
- [powerpc] powerpc/pseries/mobility: prevent cpu hotplug during DT
update (Steve Best) [1733282 1720929]
- [powerpc] powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
(Steve Best) [1733282 1720929]
- [powerpc] powerpc/watchpoint: Restore NV GPRs while returning from
exception (Steve Best) [1733281 1728557]
- [hid] HID: i2c-hid: Don't reset device upon system resume (Perry Yuan)
[1727098 1715385]
- [netdrv] net/mlx5e: RX, Verify MPWQE stride size is in range (Alaa
Hleihel) [1726372 1683589]
- [sound] ALSA: usb-audio: Fix UAF decrement if card has no live
interfaces in card.c (Jaroslav Kysela) [1726371 1658924] {CVE-2018-19824}
- [sound] ALSA: hda - Enable runtime PM only for discrete GPU (Jaroslav
Kysela) [1726361 1714817]
- [cpufreq] cpufreq: intel_pstate: Ignore turbo active ratio in HWP
(David Arcari) [1726360 1711970]
- [infiniband] usnic_verbs: fix deadlock (Govindarajulu Varadarajan)
[1726358 1688505]
- [infiniband] IB/usnic: Fix locking when unregistering (Govindarajulu
Varadarajan) [1726358 1688505]
- [infiniband] IB/usnic: Fix potential deadlock (Govindarajulu
Varadarajan) [1726358 1688505]
- [netdrv] igb: shorten maximum PHC timecounter update interval (Corinna
Vinschen) [1726352 1637098]
- [netdrv] igb: shorten maximum PHC timecounter update interval (Corinna
Vinschen) [1726352 1637098]
- [x86] x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls
(Frank Ramsay) [1724534 1677695]
- [security] selinux: overhaul sidtab to fix bug and improve performance
(Ondrej Mosnacek) [1717780 1656787]
- [security] selinux: use separate table for initial SID lookup (Ondrej
Mosnacek) [1717780 1656787]
- [security] selinux: refactor sidtab conversion (Ondrej Mosnacek)
[1717780 1656787]
- [security] selinux: Cleanup printk logging in sidtab (Ondrej Mosnacek)
[1717780 1656787]
- [security] selinux: Cleanup printk logging in services (Ondrej
Mosnacek) [1717780 1656787]
- [security] selinux: Cleanup printk logging in policydb (Ondrej
Mosnacek) [1717780 1656787]
- [crypto] crypto: authenc - fix parsing key with misaligned rta_len
(Herbert Xu) [1715335 1707546]
- [mm] mm, page_alloc: fix has_unmovable_pages for HugePages (David
Gibson) [1714758 1688114]
- [wireless] mwifiex: Abort at too short BSS descriptor element (Jarod
Wilson) [1714475 1714476] {CVE-2019-3846}
- [wireless] mwifiex: Fix possible buffer overflows at parsing bss
descriptor (Jarod Wilson) [1714475 1714476] {CVE-2019-3846}
- [nvme] nvme-pci: add missing unlock for reset error (Gopal Tiwari)
[1712261 1703201]
- [nvme] nvme-pci: fix rapid add remove sequence (Gopal Tiwari) [1712261
1703201]
- [wireless] brcmfmac: add subtype check for event handling in data path
(Stanislaw Gruszka) [1733895 1704684] {CVE-2019-9503}
- [wireless] brcmfmac: assure SSID length from firmware is limited
(Stanislaw Gruszka) [1705385 1705386] {CVE-2019-9500}
- [include] fs: fix kABI for struct pipe_buf_operations (Miklos Szeredi)
[1705006 1705007] {CVE-2019-11487}
- [fs] fs: prevent page refcount overflow in pipe_buf_get (Miklos
Szeredi) [1705006 1705007] {CVE-2019-11487}
- [mm] mm: prevent get_user_pages() from overflowing page refcount
(Miklos Szeredi) [1705006 1705007] {CVE-2019-11487}
- [include] mm: add 'try_get_page()' helper function (Miklos Szeredi)
[1705006 1705007] {CVE-2019-11487}
- [include] mm: make page ref count overflow check tighter and more
explicit (Miklos Szeredi) [1705006 1705007] {CVE-2019-11487}
- [fs] fuse: call pipe_buf_release() under pipe lock (Miklos Szeredi)
[1705006 1705007] {CVE-2019-11487}
- [kvm] KVM: x86: nVMX: fix x2APIC VTPR read intercept (Vitaly
Kuznetsov) [1697198 1697199]
- [kvm] KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887)
(Vitaly Kuznetsov) [1697198 1697199]

[4.18.0-80.8.1.el8_0]
- [documentation] Documentation: Add ARM64 to kernel-parameters.rst
(Jeremy Linton) [1726353 1640855]
- [arm64] arm64/speculation: Support 'mitigations=' cmdline option
(Jeremy Linton) [1726353 1640855]
- [arm64] arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB
(Jeremy Linton) [1726353 1640855]
- [arm64] arm64: enable generic CPU vulnerabilites support (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: add sysfs vulnerability show for speculative store
bypass (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: Always enable ssb vulnerability detection (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: add sysfs vulnerability show for spectre-v2 (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: Always enable spectre-v2 vulnerability detection
(Jeremy Linton) [1726353 1640855]
- [arm64] arm64: Use firmware to detect CPUs that are not affected by
Spectre-v2 (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: Advertise mitigation of Spectre-v2, or lack thereof
(Jeremy Linton) [1726353 1640855]
- [arm64] arm64: add sysfs vulnerability show for meltdown (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: Add sysfs vulnerability show for spectre-v1 (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: Provide a command line to disable spectre_v2 mitigation
(Jeremy Linton) [1726353 1640855]
- [documentation] powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for
nospectre_v2 boot arg (Jeremy Linton) [1726353 1640855]
- [documentation] Documentation: Document arm64 kpti control (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: kpti: Whitelist HiSilicon Taishan v110 CPUs (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: Add MIDR encoding for HiSilicon Taishan CPUs (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: kpti: Whitelist Cortex-A CPUs that don't implement the
CSV3 field (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: kpti: Update arm64_kernel_use_ng_mappings() when forced
on (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: kpti: Avoid rewriting early page tables when KASLR is
enabled (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: capabilities: Merge duplicate Cavium erratum entries
(Jeremy Linton) [1726353 1640855]
- [arm64] arm64: capabilities: Merge entries for
ARM64_WORKAROUND_CLEAN_CACHE (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: Use a raw spinlock in __install_bp_hardening_cb()
(Jeremy Linton) [1726353 1640855]
- [arm64] arm64: KVM: Guests can skip __install_bp_hardening_cb()s HYP
work (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: fix SSBS sanitization (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: don't zero DIT on signal return (Jeremy Linton)
[1726353 1640855]
- [kvm] KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled
and !vhe (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: ssbd: Add support for PSTATE.SSBS rather than trapping
to EL3 (Jeremy Linton) [1726353 1640855]
- [arm64] arm64: ssbd: Drop #ifdefs for PR_SPEC_STORE_BYPASS (Jeremy
Linton) [1726353 1640855]
- [arm64] arm64: cpufeature: Detect SSBS and advertise to userspace
(Jeremy Linton) [1726353 1640855]
(Jeremy Linton) [1726353 1640855]
- Revert: [arm64] arm64/speculation: Support 'mitigations=' cmdline
option (Josh Poimboeuf) [1726353 1640855] {CVE-2018-12130 CVE-2018-12127
CVE-2018-12126 CVE-2019-11091}
- [kernel] ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME
(Aristeu Rozanski) [1730958 1730959] {CVE-2019-13272}

ELSA-2019-2713 Moderate: Oracle Linux 8 poppler security update

Oracle Linux Security Advisory ELSA-2019-2713

http://linux.oracle.com/errata/ELSA-2019-2713.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
poppler-0.66.0-11.el8_0.12.i686.rpm
poppler-0.66.0-11.el8_0.12.x86_64.rpm
poppler-glib-0.66.0-11.el8_0.12.i686.rpm
poppler-glib-0.66.0-11.el8_0.12.x86_64.rpm
poppler-utils-0.66.0-11.el8_0.12.x86_64.rpm
poppler-cpp-0.66.0-11.el8_0.12.i686.rpm
poppler-cpp-0.66.0-11.el8_0.12.x86_64.rpm
poppler-cpp-devel-0.66.0-11.el8_0.12.i686.rpm
poppler-cpp-devel-0.66.0-11.el8_0.12.x86_64.rpm
poppler-devel-0.66.0-11.el8_0.12.i686.rpm
poppler-devel-0.66.0-11.el8_0.12.x86_64.rpm
poppler-glib-devel-0.66.0-11.el8_0.12.i686.rpm
poppler-glib-devel-0.66.0-11.el8_0.12.x86_64.rpm
poppler-qt5-0.66.0-11.el8_0.12.i686.rpm
poppler-qt5-0.66.0-11.el8_0.12.x86_64.rpm
poppler-qt5-devel-0.66.0-11.el8_0.12.i686.rpm
poppler-qt5-devel-0.66.0-11.el8_0.12.x86_64.rpm

aarch64:
poppler-0.66.0-11.el8_0.12.aarch64.rpm
poppler-glib-0.66.0-11.el8_0.12.aarch64.rpm
poppler-utils-0.66.0-11.el8_0.12.aarch64.rpm
poppler-cpp-0.66.0-11.el8_0.12.aarch64.rpm
poppler-cpp-devel-0.66.0-11.el8_0.12.aarch64.rpm
poppler-devel-0.66.0-11.el8_0.12.aarch64.rpm
poppler-glib-devel-0.66.0-11.el8_0.12.aarch64.rpm
poppler-qt5-0.66.0-11.el8_0.12.aarch64.rpm
poppler-qt5-devel-0.66.0-11.el8_0.12.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/poppler-0.66.0-11.el8_0.12.src.rpm



Description of changes:

[0.66.0-11.el8_0.12]
- Ignore dict Length if it is broken
- Resolves: #1741146

[0.66.0-11.el8_0.11]
- Check whether input is RGB in PSOutputDev::checkPageSlice()
- (also when using "-optimizecolorspace" flag)
- Resolves: #1741145

[0.66.0-11.el8_0.10]
- Fail gracefully if not all components of JPEG2000Stream
- have the same size
- Resolves: #1740612

[0.66.0-11.el8_0.9]
- Fix stack overflow on broken file
- Resolves: #1717867

[0.66.0-11.el8_0.8]
- Constrain number of cycles in rescale filter
- Compute correct coverage values for box filter
- Resolves: #1717866

[0.66.0-11.el8_0.7]
- Fix possible crash on broken files in ImageStream::getLine()
- Resolves: #1717803

[0.66.0-11.el8_0.6]
- Move the fileSpec.dictLookup call inside fileSpec.isDict if
- Resolves: #1717788

[0.66.0-11.el8_0.5]
- Defend against requests for negative XRef indices
- Resolves: #1717779

[0.66.0-11.el8_0.4]
- Do not try to parse into unallocated XRef entry
- Resolves: #1717790

[0.66.0-11.el8_0.3]
- Avoid global display profile state becoming an uncontrolled
- memory leak
- Resolves: #1717776

[0.66.0-11.el8_0.2]
- Check Catalog from XRef for being a Dict
- Resolves: #1690480

[0.66.0-11.el8_0.1]
- Do not try to construct invalid rich media annotation assets
- Resolves: #1690478

[0.66.0-11]
- Fix tiling patterns when pattern cell is too far
- Resolves: #1644094

ELSA-2019-2722 Low: Oracle Linux 8 libwmf security update

Oracle Linux Security Advisory ELSA-2019-2722

http://linux.oracle.com/errata/ELSA-2019-2722.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libwmf-0.2.9-8.el8_0.i686.rpm
libwmf-0.2.9-8.el8_0.x86_64.rpm
libwmf-lite-0.2.9-8.el8_0.i686.rpm
libwmf-lite-0.2.9-8.el8_0.x86_64.rpm
libwmf-devel-0.2.9-8.el8_0.i686.rpm
libwmf-devel-0.2.9-8.el8_0.x86_64.rpm

aarch64:
libwmf-0.2.9-8.el8_0.aarch64.rpm
libwmf-lite-0.2.9-8.el8_0.aarch64.rpm
libwmf-devel-0.2.9-8.el8_0.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/libwmf-0.2.9-8.el8_0.src.rpm



Description of changes:

[0.2.9-8]
- Related: rhbz1717799 fix clang warning

[0.2.9-7]
- Related: rhbz1717799 bump n-v-r

[0.2.9-6]
- Related: rhbz1679006 bump n-v-r

[0.2.9-5]
- Resolves: rhbz1679006 libgd CVE-2019-6978

ELSA-2019-2731 Moderate: Oracle Linux 8 .NET Core on Red Hat Enterprise Linux security and bug fix update

Oracle Linux Security Advisory ELSA-2019-2731

http://linux.oracle.com/errata/ELSA-2019-2731.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
dotnet-2.1.509-1.el8_0.x86_64.rpm
dotnet-host-2.1.13-1.el8_0.x86_64.rpm
dotnet-host-fxr-2.1-2.1.13-1.el8_0.x86_64.rpm
dotnet-runtime-2.1-2.1.13-1.el8_0.x86_64.rpm
dotnet-sdk-2.1-2.1.509-1.el8_0.x86_64.rpm
dotnet-sdk-2.1.5xx-2.1.509-1.el8_0.x86_64.rpm

aarch64:


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/dotnet-2.1.509-1.el8_0.src.rpm



Description of changes:

[2.1.509-1]
- Update to .NET Core Runtime 2.1.13 and SDK 2.1.509
- Resolves: RHBZ#1747874