Oracle has released the following updates:
ELBA-2019-1331 Oracle Linux 7 GNOME bug fix and enhancement update
ELBA-2019-1331 Oracle Linux 7 GNOME bug fix and enhancement update (aarch64)
ELBA-2019-1332 Oracle Linux 7 libreswan bug fix update
ELBA-2019-1332 Oracle Linux 7 libreswan bug fix update (aarch64)
ELBA-2019-1333 Oracle Linux 7 libteam bug fix update
ELBA-2019-1333 Oracle Linux 7 libteam bug fix update (aarch64)
ELBA-2019-1334 Oracle Linux 7 qt bug fix and enhancement update
ELBA-2019-1334 Oracle Linux 7 qt bug fix and enhancement update (aarch64)
ELBA-2019-1336 Oracle Linux 7 systemd bug fix update
ELBA-2019-1337 Oracle Linux 7 kernel bug fix update
ELBA-2019-1340 Oracle Linux 7 lvm2 bug fix update
ELBA-2019-1345 Oracle Linux 7 fence-agents bug fix and enhancement update
ELBA-2019-1345 Oracle Linux 7 fence-agents bug fix and enhancement update (aarch64)
ELBA-2019-1347 Oracle Linux 7 python-docs bug fix and enhancement update
ELBA-2019-1347 Oracle Linux 7 python-docs bug fix and enhancement update (aarch64)
ELBA-2019-1348 Oracle Linux 7 python bug fix and enhancement update
ELBA-2019-1348 Oracle Linux 7 python bug fix and enhancement update (aarch64)
ELSA-2019-4670 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2019-4670 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELBA-2019-1331 Oracle Linux 7 GNOME bug fix and enhancement update
ELBA-2019-1331 Oracle Linux 7 GNOME bug fix and enhancement update (aarch64)
ELBA-2019-1332 Oracle Linux 7 libreswan bug fix update
ELBA-2019-1332 Oracle Linux 7 libreswan bug fix update (aarch64)
ELBA-2019-1333 Oracle Linux 7 libteam bug fix update
ELBA-2019-1333 Oracle Linux 7 libteam bug fix update (aarch64)
ELBA-2019-1334 Oracle Linux 7 qt bug fix and enhancement update
ELBA-2019-1334 Oracle Linux 7 qt bug fix and enhancement update (aarch64)
ELBA-2019-1336 Oracle Linux 7 systemd bug fix update
ELBA-2019-1337 Oracle Linux 7 kernel bug fix update
ELBA-2019-1340 Oracle Linux 7 lvm2 bug fix update
ELBA-2019-1345 Oracle Linux 7 fence-agents bug fix and enhancement update
ELBA-2019-1345 Oracle Linux 7 fence-agents bug fix and enhancement update (aarch64)
ELBA-2019-1347 Oracle Linux 7 python-docs bug fix and enhancement update
ELBA-2019-1347 Oracle Linux 7 python-docs bug fix and enhancement update (aarch64)
ELBA-2019-1348 Oracle Linux 7 python bug fix and enhancement update
ELBA-2019-1348 Oracle Linux 7 python bug fix and enhancement update (aarch64)
ELSA-2019-4670 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2019-4670 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELBA-2019-1331 Oracle Linux 7 GNOME bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2019-1331
http://linux.oracle.com/errata/ELBA-2019-1331.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
accountsservice-0.6.50-4.el7.1.x86_64.rpm
accountsservice-devel-0.6.50-4.el7.1.i686.rpm
accountsservice-devel-0.6.50-4.el7.1.x86_64.rpm
accountsservice-libs-0.6.50-4.el7.1.i686.rpm
accountsservice-libs-0.6.50-4.el7.1.x86_64.rpm
gjs-1.52.5-1.el7_6.i686.rpm
gjs-1.52.5-1.el7_6.x86_64.rpm
gjs-devel-1.52.5-1.el7_6.i686.rpm
gjs-devel-1.52.5-1.el7_6.x86_64.rpm
gjs-tests-1.52.5-1.el7_6.x86_64.rpm
glib2-2.56.1-4.el7_6.i686.rpm
glib2-2.56.1-4.el7_6.x86_64.rpm
glib2-devel-2.56.1-4.el7_6.i686.rpm
glib2-devel-2.56.1-4.el7_6.x86_64.rpm
glib2-doc-2.56.1-4.el7_6.noarch.rpm
glib2-fam-2.56.1-4.el7_6.x86_64.rpm
glib2-static-2.56.1-4.el7_6.i686.rpm
glib2-static-2.56.1-4.el7_6.x86_64.rpm
glib2-tests-2.56.1-4.el7_6.x86_64.rpm
gnome-shell-3.28.3-8.el7_6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/accountsservice-0.6.50-4.el7.1.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/gjs-1.52.5-1.el7_6.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/glib2-2.56.1-4.el7_6.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/gnome-shell-3.28.3-8.el7_6.src.rpm
Description of changes:
accountsservice
[0.6.50-4.1]
- Don't send change updates for login-history
Resolves: #1709190
gjs
[1.52.5-1]
- Update to 1.52.5
- Fixes delayed garbage collection problem
Related: #1667994
glib2
[2.56.1-4]
- Backport glib2 change needed for accountsservice dbus
codegen fix
Related: #1709190
gnome-shell
[3.28.3-8]
- Fix python2 backport of extension-tool
Resolves: #1694577
[3.28.3-7]
- Backport dnd freeze fix (#1705366)
ELBA-2019-1331 Oracle Linux 7 GNOME bug fix and enhancement update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2019-1331
http://linux.oracle.com/errata/ELBA-2019-1331.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
accountsservice-0.6.50-4.el7.1.aarch64.rpm
accountsservice-libs-0.6.50-4.el7.1.aarch64.rpm
accountsservice-devel-0.6.50-4.el7.1.aarch64.rpm
gjs-1.52.5-1.el7_6.aarch64.rpm
gjs-devel-1.52.5-1.el7_6.aarch64.rpm
gjs-tests-1.52.5-1.el7_6.aarch64.rpm
glib2-2.56.1-4.el7_6.aarch64.rpm
glib2-devel-2.56.1-4.el7_6.aarch64.rpm
glib2-doc-2.56.1-4.el7_6.noarch.rpm
glib2-fam-2.56.1-4.el7_6.aarch64.rpm
glib2-static-2.56.1-4.el7_6.aarch64.rpm
glib2-tests-2.56.1-4.el7_6.aarch64.rpm
gnome-shell-3.28.3-8.el7_6.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/accountsservice-0.6.50-4.el7.1.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/gjs-1.52.5-1.el7_6.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/glib2-2.56.1-4.el7_6.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/gnome-shell-3.28.3-8.el7_6.src.rpm
Description of changes:
accountsservice
[0.6.50-4.1]
- Don't send change updates for login-history
Resolves: #1709190
gjs
[1.52.5-1]
- Update to 1.52.5
- Fixes delayed garbage collection problem
Related: #1667994
glib2
[2.56.1-4]
- Backport glib2 change needed for accountsservice dbus
codegen fix
Related: #1709190
gnome-shell
[3.28.3-8]
- Fix python2 backport of extension-tool
Resolves: #1694577
[3.28.3-7]
- Backport dnd freeze fix (#1705366)
ELBA-2019-1332 Oracle Linux 7 libreswan bug fix update
Oracle Linux Bug Fix Advisory ELBA-2019-1332
http://linux.oracle.com/errata/ELBA-2019-1332.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libreswan-3.25-4.8.0.1.el7_6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreswan-3.25-4.8.0.1.el7_6.src.rpm
Description of changes:
[3.25-4.8.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro
[3.25-4.8]
- Resolves: rhbz#1708060 IKEv1 traffic interruption when responder
deletes SAs 60 seconds before EVENT_SA_REPLACE [rhel-7.6.z]
[3.25-4.7]
- Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or
auto=start [updated for eclipsed handling]
[3.25-4.6]
- Resolves: rhbz#1680483 libreswan using NSS IPsec profiles regresses
when critical flags are set causing validation failure [rhel-7.6.z]
[updated]
[3.25-4.5]
- Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or
auto=start that receive delete won't restart [rhel-7.6.z] [updated]
[3.25-4.4]
- Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or
auto=start that receive delete won't restart [rhel-7.6.z]
[3.25-4.3]
- Resolves: rhbz#1680483 libreswan using NSS IPsec profiles regresses
when critical flags are set causing validation failure [rhel-7.6.z]
[3.25-4.2]
- Resolves: rhbz#1672921 - Libreswan crash upon receiving ISAKMP_NEXT_D
with appended ISAKMP_NEXT_N [updated bugfix]
ELBA-2019-1332 Oracle Linux 7 libreswan bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2019-1332
http://linux.oracle.com/errata/ELBA-2019-1332.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
libreswan-3.25-4.8.0.1.el7_6.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreswan-3.25-4.8.0.1.el7_6.src.rpm
Description of changes:
[3.25-4.8.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro
[3.25-4.8]
- Resolves: rhbz#1708060 IKEv1 traffic interruption when responder
deletes SAs 60 seconds before EVENT_SA_REPLACE [rhel-7.6.z]
[3.25-4.7]
- Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or
auto=start [updated for eclipsed handling]
[3.25-4.6]
- Resolves: rhbz#1680483 libreswan using NSS IPsec profiles regresses
when critical flags are set causing validation failure [rhel-7.6.z]
[updated]
[3.25-4.5]
- Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or
auto=start that receive delete won't restart [rhel-7.6.z] [updated]
[3.25-4.4]
- Resolves: rhbz#1683577 Opportunistic IPsec instances of /32 groups or
auto=start that receive delete won't restart [rhel-7.6.z]
[3.25-4.3]
- Resolves: rhbz#1680483 libreswan using NSS IPsec profiles regresses
when critical flags are set causing validation failure [rhel-7.6.z]
[3.25-4.2]
- Resolves: rhbz#1672921 - Libreswan crash upon receiving ISAKMP_NEXT_D
with appended ISAKMP_NEXT_N [updated bugfix]
ELBA-2019-1333 Oracle Linux 7 libteam bug fix update
Oracle Linux Bug Fix Advisory ELBA-2019-1333
http://linux.oracle.com/errata/ELBA-2019-1333.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libteam-1.27-6.el7_6.1.i686.rpm
libteam-1.27-6.el7_6.1.x86_64.rpm
libteam-devel-1.27-6.el7_6.1.i686.rpm
libteam-devel-1.27-6.el7_6.1.x86_64.rpm
libteam-doc-1.27-6.el7_6.1.x86_64.rpm
python-libteam-1.27-6.el7_6.1.x86_64.rpm
teamd-1.27-6.el7_6.1.i686.rpm
teamd-1.27-6.el7_6.1.x86_64.rpm
teamd-devel-1.27-6.el7_6.1.i686.rpm
teamd-devel-1.27-6.el7_6.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libteam-1.27-6.el7_6.1.src.rpm
Description of changes:
[1.27-6.el7_6.1]
- Added patch to update port state according to partner's sync bit [1689254]
[1.27-6]
- Added patch to fix the issue that no active port is set [1593241]
ELBA-2019-1333 Oracle Linux 7 libteam bug fix update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2019-1333
http://linux.oracle.com/errata/ELBA-2019-1333.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
libteam-1.27-6.el7_6.1.aarch64.rpm
teamd-1.27-6.el7_6.1.aarch64.rpm
libteam-devel-1.27-6.el7_6.1.aarch64.rpm
libteam-doc-1.27-6.el7_6.1.aarch64.rpm
python-libteam-1.27-6.el7_6.1.aarch64.rpm
teamd-devel-1.27-6.el7_6.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libteam-1.27-6.el7_6.1.src.rpm
Description of changes:
[1.27-6.el7_6.1]
- Added patch to update port state according to partner's sync bit [1689254]
[1.27-6]
- Added patch to fix the issue that no active port is set [1593241]
ELBA-2019-1334 Oracle Linux 7 qt bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2019-1334
http://linux.oracle.com/errata/ELBA-2019-1334.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
qt-4.8.7-3.el7_6.i686.rpm
qt-4.8.7-3.el7_6.x86_64.rpm
qt-assistant-4.8.7-3.el7_6.x86_64.rpm
qt-config-4.8.7-3.el7_6.x86_64.rpm
qt-demos-4.8.7-3.el7_6.x86_64.rpm
qt-devel-4.8.7-3.el7_6.i686.rpm
qt-devel-4.8.7-3.el7_6.x86_64.rpm
qt-devel-private-4.8.7-3.el7_6.noarch.rpm
qt-doc-4.8.7-3.el7_6.noarch.rpm
qt-examples-4.8.7-3.el7_6.x86_64.rpm
qt-mysql-4.8.7-3.el7_6.i686.rpm
qt-mysql-4.8.7-3.el7_6.x86_64.rpm
qt-odbc-4.8.7-3.el7_6.i686.rpm
qt-odbc-4.8.7-3.el7_6.x86_64.rpm
qt-postgresql-4.8.7-3.el7_6.i686.rpm
qt-postgresql-4.8.7-3.el7_6.x86_64.rpm
qt-qdbusviewer-4.8.7-3.el7_6.x86_64.rpm
qt-qvfb-4.8.7-3.el7_6.x86_64.rpm
qt-x11-4.8.7-3.el7_6.i686.rpm
qt-x11-4.8.7-3.el7_6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qt-4.8.7-3.el7_6.src.rpm
Description of changes:
[1:4.8.7-3]
- Revert fix for font cache check in QFontEngineFT::recalcAdvances()
Resolves: bz#1701744
ELBA-2019-1334 Oracle Linux 7 qt bug fix and enhancement update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2019-1334
http://linux.oracle.com/errata/ELBA-2019-1334.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
qt-4.8.7-3.el7_6.aarch64.rpm
qt-devel-4.8.7-3.el7_6.aarch64.rpm
qt-mysql-4.8.7-3.el7_6.aarch64.rpm
qt-odbc-4.8.7-3.el7_6.aarch64.rpm
qt-postgresql-4.8.7-3.el7_6.aarch64.rpm
qt-x11-4.8.7-3.el7_6.aarch64.rpm
qt-assistant-4.8.7-3.el7_6.aarch64.rpm
qt-config-4.8.7-3.el7_6.aarch64.rpm
qt-demos-4.8.7-3.el7_6.aarch64.rpm
qt-devel-private-4.8.7-3.el7_6.noarch.rpm
qt-doc-4.8.7-3.el7_6.noarch.rpm
qt-examples-4.8.7-3.el7_6.aarch64.rpm
qt-qdbusviewer-4.8.7-3.el7_6.aarch64.rpm
qt-qvfb-4.8.7-3.el7_6.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qt-4.8.7-3.el7_6.src.rpm
Description of changes:
[1:4.8.7-3]
- Revert fix for font cache check in QFontEngineFT::recalcAdvances()
Resolves: bz#1701744
ELBA-2019-1336 Oracle Linux 7 systemd bug fix update
Oracle Linux Bug Fix Advisory ELBA-2019-1336
http://linux.oracle.com/errata/ELBA-2019-1336.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libgudev1-219-62.0.4.el7_6.7.i686.rpm
libgudev1-219-62.0.4.el7_6.7.x86_64.rpm
libgudev1-devel-219-62.0.4.el7_6.7.i686.rpm
libgudev1-devel-219-62.0.4.el7_6.7.x86_64.rpm
systemd-219-62.0.4.el7_6.7.x86_64.rpm
systemd-devel-219-62.0.4.el7_6.7.i686.rpm
systemd-devel-219-62.0.4.el7_6.7.x86_64.rpm
systemd-journal-gateway-219-62.0.4.el7_6.7.x86_64.rpm
systemd-libs-219-62.0.4.el7_6.7.i686.rpm
systemd-libs-219-62.0.4.el7_6.7.x86_64.rpm
systemd-networkd-219-62.0.4.el7_6.7.x86_64.rpm
systemd-python-219-62.0.4.el7_6.7.x86_64.rpm
systemd-resolved-219-62.0.4.el7_6.7.i686.rpm
systemd-resolved-219-62.0.4.el7_6.7.x86_64.rpm
systemd-sysv-219-62.0.4.el7_6.7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/systemd-219-62.0.4.el7_6.7.src.rpm
Description of changes:
[219-62.0.4]
- do not create utmp update symlinks for reboot and poweroff [Orabug:
27854896]
- OL7 udev rule for virtio net standby interface [Orabug: 28826743]
- fix _netdev is missing for iscsi entry in /etc/fstab [Orabug:
25897792] (tony.l.lam@oracle.com)
- set "RemoveIPC=no" in logind.conf as default for OL7.2 [22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug:
18467469]
- add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]
[219-62.7]
- rules: fix memory hotplug rule so systemd-detect-virt does not run too
often (#1701230)
ELBA-2019-1337 Oracle Linux 7 kernel bug fix update
Oracle Linux Bug Fix Advisory ELBA-2019-1337
http://linux.oracle.com/errata/ELBA-2019-1337.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
bpftool-3.10.0-957.21.2.el7.x86_64.rpm
kernel-3.10.0-957.21.2.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-957.21.2.el7.noarch.rpm
kernel-debug-3.10.0-957.21.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.21.2.el7.x86_64.rpm
kernel-devel-3.10.0-957.21.2.el7.x86_64.rpm
kernel-doc-3.10.0-957.21.2.el7.noarch.rpm
kernel-headers-3.10.0-957.21.2.el7.x86_64.rpm
kernel-tools-3.10.0-957.21.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.21.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.21.2.el7.x86_64.rpm
perf-3.10.0-957.21.2.el7.x86_64.rpm
python-perf-3.10.0-957.21.2.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-957.21.2.el7.src.rpm
Description of changes:
[3.10.0-957.21.2.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel
(olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]
[3.10.0-957.21.2.el7]
- [security] xattr: use RH_KABI_CONST to avoid
security_inode_init_security checksum change (Cestmir Kalina) [1702286
1710633]
[3.10.0-957.21.1.el7]
- [x86] spec_ctrl: Update MDS mitigation status after late microcode
load (Waiman Long) [1712998 1712993 1710501 1710498] {CVE-2018-12126
CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] speculation/mds: Properly set/clear mds_idle_clear static key
(Waiman Long) [1713004 1707292] {CVE-2018-12126 CVE-2018-12130
CVE-2018-12127 CVE-2019-11091}
[3.10.0-957.20.1.el7]
- [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with
mitigations off (Waiman Long) [1692597 1692598 1692599 1705815 1690335
1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
CVE-2019-11091}
- [x86] x86/speculation/mds: Fix comment (Waiman Long) [1692597 1692598
1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126
CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation: Move arch_smt_update() call to after mitigation
decisions (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348
1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
CVE-2019-11091}
- [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option
(Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358
1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [kernel] x86/speculation: Remove redundant arch_smt_update()
invocation (Waiman Long) [1692597 1692598 1692599 1705815 1690335
1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
CVE-2019-11091}
- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode
load (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348
1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
CVE-2019-11091}
- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on
(Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358
1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] Documentation: Add MDS vulnerability documentation
(Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358
1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] Documentation: Move L1TF to separate directory (Waiman
Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman
Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle
entry (Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348
1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
CVE-2019-11091}
- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active
(Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358
1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman
Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597
1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126
CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS
(Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358
1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597
1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126
CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598
1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126
CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
(Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358
1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597
1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126
CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [kernel] sched/smt: Make sched_smt_present track topology (Waiman
Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use
(Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358
1709296] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] x86/speculation: Move STIPB/IBPB string conditionals out of
cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1705815 1690335
1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
CVE-2019-11091}
- [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP
mitigation (Waiman Long) [1692597 1692598 1692599 1705815 1690335
1690348 1690358 1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
CVE-2019-11091}
- [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available
(Waiman Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358
1709296] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597
1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126
CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman
Long) [1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597
1692598 1692599 1705815 1690335 1690348 1690358 1709296] {CVE-2018-12126
CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
- [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long)
[1692597 1692598 1692599 1705815 1690335 1690348 1690358 1709296]
{CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091}
[3.10.0-957.19.1.el7]
- [security] selinux: always allow mounting submounts (Ondrej Mosnacek)
[1702923 1077929]
- [block] Make blk_queue_enter() reexamine the DYING flag (Ming Lei)
[1702921 1701348]
- [block] wakeup tasks blocked on q->mq_freeze_wq (Ming Lei) [1702921
1701348]
- [fs] revert "[fs] xfs: use rhashtable to track buffer cache" (Brian
Foster) [1702922 1658749]
- [fs] xfs: hold xfs_buf locked between shortform->leaf conversion and
the addition of an attribute (Brian Foster) [1701293 1613405]
- [fs] xfs: add the ability to join a held buffer to a defer_ops (Brian
Foster) [1701293 1613405]
- [fs] xfs: refactor buffer logging into buffer dirtying helper (Brian
Foster) [1701293 1613405]
- [char] ipmi: ipmi_si_hardcode.c: init si_type array to fix a crash
(Tony Camuso) [1701991 1692236]
- [char] ipmi_si: Fix crash when using hard-coded device (Tony Camuso)
[1701991 1692236]
- [char] ipmi: Remove platform driver overrides and use the id_table
(Tony Camuso) [1701991 1692236]
- [security] xattr: Constify ->name member of "struct xattr" (Aaron
Tomlin) [1702286 1607307]
- [net] ipv6 Use get_hash_from_flowi6 for rt6 hash (Sabrina Dubroca)
[1702282 1625454]
- [s390] zcrypt: fix specification exception on z196 during ap probe
(Hendrik Brueckner) [1700706 1669535]
- [md] dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic
checksum errors (Mike Snitzer) [1699722 1693466]
- [fs] blockdev: Fix livelocks on loop device (Lukas Czerner) [1698110
1686149]
- [fs] ext4: fix crash during online resizing (Lukas Czerner) [1698110
1686149]
- [fs] ext4: fix overflow caused by missing cast in ext4_resize_fs()
(Lukas Czerner) [1698110 1671293]
- [powerpc] livepatch: return -ERRNO values in
save_stack_trace_tsk_reliable() (Joe Lawrence) [1697867 1658435]
- [powerpc] livepatch: small cleanups in save_stack_trace_tsk_reliable()
(Joe Lawrence) [1697867 1658435]
- [powerpc] livepatch: relax reliable stack tracer checks for
first-frame (Joe Lawrence) [1697867 1658435]
- [powerpc] 64s: Make reliable stacktrace dependency clearer (Joe
Lawrence) [1697867 1658435]
- [powerpc] 64s: Clear on-stack exception marker upon exception return
(Joe Lawrence) [1697867 1658435]
- [powerpc] livepatch: Fix build error with kprobes disabled (Joe
Lawrence) [1697867 1658435]
- [fs] xfs: don't screw up direct writes when freesp is fragmented
(Brian Foster) [1693796 1667523]
- [nvme] ensure forward progress during Admin passthru (David Milburn)
[1690519 1672428]
[3.10.0-957.18.1.el7]
- [s390] cputime: fix incorrect system time (Hendrik Brueckner) [1701743
1698825]
[3.10.0-957.17.1.el7]
- [message] scsi: mptsas: Fixup device hotplug for VMWare ESXi (Tomas
Henzl) [1699723 1661906]
[3.10.0-957.16.1.el7]
- [netdrv] net/mlx5e: Properly set steering match levels for offloaded
TC decap rules (Alaa Hleihel) [1686292 1618427]
- [netdrv] net/mlx5e: Always use the match level enum when parsing TC
rule match (Alaa Hleihel) [1686292 1618427]
- [netdrv] net/mlx5e: Support offloaded TC flows with no matches on
headers (Alaa Hleihel) [1686292 1618427]
- [netdrv] net/mlx5e: Get the required HW match level while parsing TC
flow matches (Alaa Hleihel) [1686292 1618427]
- [netdrv] net/mlx5e: Properly order min inline mode setup while parsing
TC matches (Alaa Hleihel) [1686292 1618427]
- [netdrv] net/mlx5e: Avoid redundant zeroing of offloaded TC flow
attributes (Alaa Hleihel) [1686292 1618427]
- [netdrv] net/mlx5e: Err if asked to offload TC match on frag being
first (Alaa Hleihel) [1686292 1618427]
- [x86] hyperv: Stop suppressing X86_FEATURE_PCID (Vitaly Kuznetsov)
[1697940 1691421]
- [net] geneve: correctly handle ipv6.disable module parameter (Jiri
Benc) [1694981 1677049]
- [fs] ceph: Fix append mode for sync/direct write (Zheng Yan) [1696595
1691227]
- [fs] ovl: fix return value from ovl_posix_acl_create() (Miklos
Szeredi) [1696292 1677705]
- [x86] mm: Unbreak modules that use the DMA API (Gary Hook) [1695511
1697241 1676613 1662887]
- [sound] alsa/hda: add more quirks for HP Z2 G4 and HP Z240 (Jaroslav
Kysela) [1693562 1680180]
- [sound] alsa: hda/conexant - Add fixup for HP Z2 G4 workstation
(Jaroslav Kysela) [1693562 1657855]
- [block] mtip32xx: fix memory corruption by initializing internal
command header (Ming Lei) [1689929 1660292]
- [fs] nfsd: deal with revoked delegations appropriately (Dave
Wysochanski) [1689811 1552203]
[3.10.0-957.15.1.el7]
- [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas
Czerner) [1693561 1684780]
- [net] sched: act_csum: Fix csum calc for tagged packets (Ivan Vecera)
[1693110 1676462]
[3.10.0-957.14.1.el7]
- [fs] move the call of __d_drop(anon) into
__d_materialise_unique(dentry, anon) (Zheng Yan) [1692266 1627001]
- [fs] dcache: d_splice_alias should ignore DCACHE_DISCONNECTED (Zheng
Yan) [1692266 1627001]
- [fs] dcache: d_splice_alias should detect loops (Zheng Yan) [1692266
1627001]
- [fs] dcache: d_splice_alias mustn't create directory aliases (Zheng
Yan) [1692266 1627001]
- [fs] dcache: close d_move race in d_splice_alias (Zheng Yan) [1692266
1627001]
- [fs] dcache: move d_splice_alias (Zheng Yan) [1692266 1627001]
- [fs] dcache: don't clear DCACHE_DISCONNECTED too early (Zheng Yan)
[1692266 1627001]
- [fs] dcache: Don't set DISCONNECTED on "pseudo filesystem" dentries
(Zheng Yan) [1692266 1627001]
- [fs] dcache: use IS_ROOT to decide where dentry is hashed (Zheng Yan)
[1692266 1627001]
[3.10.0-957.13.1.el7]
- [drm] drm/nouveau/kms/nv50-: also flush fb writes when rewinding push
buffer (Ben Skeggs) [1690761 1669098]
ELBA-2019-1340 Oracle Linux 7 lvm2 bug fix update
Oracle Linux Bug Fix Advisory ELBA-2019-1340
http://linux.oracle.com/errata/ELBA-2019-1340.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
device-mapper-1.02.149-10.0.3.el7_6.8.x86_64.rpm
device-mapper-devel-1.02.149-10.0.3.el7_6.8.i686.rpm
device-mapper-devel-1.02.149-10.0.3.el7_6.8.x86_64.rpm
device-mapper-event-1.02.149-10.0.3.el7_6.8.x86_64.rpm
device-mapper-event-devel-1.02.149-10.0.3.el7_6.8.i686.rpm
device-mapper-event-devel-1.02.149-10.0.3.el7_6.8.x86_64.rpm
device-mapper-event-libs-1.02.149-10.0.3.el7_6.8.i686.rpm
device-mapper-event-libs-1.02.149-10.0.3.el7_6.8.x86_64.rpm
device-mapper-libs-1.02.149-10.0.3.el7_6.8.i686.rpm
device-mapper-libs-1.02.149-10.0.3.el7_6.8.x86_64.rpm
lvm2-2.02.180-10.0.3.el7_6.8.x86_64.rpm
lvm2-devel-2.02.180-10.0.3.el7_6.8.i686.rpm
lvm2-devel-2.02.180-10.0.3.el7_6.8.x86_64.rpm
lvm2-libs-2.02.180-10.0.3.el7_6.8.i686.rpm
lvm2-libs-2.02.180-10.0.3.el7_6.8.x86_64.rpm
lvm2-lockd-2.02.180-10.0.3.el7_6.8.x86_64.rpm
lvm2-python-boom-0.9-14.0.3.el7_6.8.noarch.rpm
lvm2-python-libs-2.02.180-10.0.3.el7_6.8.x86_64.rpm
lvm2-sysvinit-2.02.180-10.0.3.el7_6.8.x86_64.rpm
cmirror-2.02.180-10.0.3.el7_6.8.x86_64.rpm
lvm2-cluster-2.02.180-10.0.3.el7_6.8.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/lvm2-2.02.180-10.0.3.el7_6.8.src.rpm
Description of changes:
[7:2.02.180-10.0.3.el7_6.8]
- Reduce delay in case of lvmetad update (ritika.srivastava@oracle.com)
[7:2.02.180-10.el7_6.8]
- Set updating before scanning in lvmetad to avoid overwriting list of
already
seen devices.
ELBA-2019-1345 Oracle Linux 7 fence-agents bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2019-1345
http://linux.oracle.com/errata/ELBA-2019-1345.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
fence-agents-all-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-amt-ws-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-apc-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-apc-snmp-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-bladecenter-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-brocade-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-cisco-mds-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-cisco-ucs-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-common-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-compute-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-drac5-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-eaton-snmp-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-emerson-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-eps-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-heuristics-ping-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-hpblade-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-ibmblade-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-ifmib-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-ilo-moonshot-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-ilo-mp-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-ilo-ssh-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-ilo2-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-intelmodular-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-ipdu-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-ipmilan-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-kdump-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-mpath-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-redfish-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-rhevm-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-rsa-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-rsb-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-sbd-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-scsi-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-virsh-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-vmware-rest-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-vmware-soap-4.2.1-11.el7_6.8.x86_64.rpm
fence-agents-wti-4.2.1-11.el7_6.8.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/fence-agents-4.2.1-11.el7_6.8.src.rpm
Description of changes:
[4.2.1-11.8]
- fence_rhevm: add RHEV v4 API support and auto-detection
Resolves: rhbz#1708547
- fence_azure_arm: use skip_shutdown feature
Resolves: rhbz#1709110
ELBA-2019-1345 Oracle Linux 7 fence-agents bug fix and enhancement update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2019-1345
http://linux.oracle.com/errata/ELBA-2019-1345.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
fence-agents-all-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-amt-ws-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-apc-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-apc-snmp-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-bladecenter-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-brocade-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-cisco-mds-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-cisco-ucs-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-common-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-compute-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-drac5-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-eaton-snmp-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-emerson-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-eps-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-heuristics-ping-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-hpblade-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-ibmblade-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-ifmib-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-ilo2-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-ilo-moonshot-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-ilo-mp-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-ilo-ssh-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-intelmodular-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-ipdu-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-ipmilan-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-kdump-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-mpath-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-rhevm-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-rsa-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-rsb-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-redfish-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-sbd-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-scsi-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-vmware-rest-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-vmware-soap-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-wti-4.2.1-11.el7_6.8.aarch64.rpm
fence-agents-virsh-4.2.1-11.el7_6.8.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/fence-agents-4.2.1-11.el7_6.8.src.rpm
Description of changes:
[4.2.1-11.8]
- fence_rhevm: add RHEV v4 API support and auto-detection
Resolves: rhbz#1708547
- fence_azure_arm: use skip_shutdown feature
Resolves: rhbz#1709110
[4.2.1-11.7]
- fence_redfish: new fence agent
Resolves: rhbz#1666848
[4.2.1-11.5]
- fence_scsi: add watchdog retry support
Resolves: rhbz#1654172
[4.2.1-11.4]
- fence_hpblade: fix log_expect syntax
Resolves: rhbz#1652115
[4.2.1-11.1]
- fence_scsi: fix incorrect SCSI-key when node ID is 10 or higher
Resolves: rhbz#1647522
ELBA-2019-1347 Oracle Linux 7 python-docs bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2019-1347
http://linux.oracle.com/errata/ELBA-2019-1347.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
python-docs-2.7.5-3.el7_6.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-docs-2.7.5-3.el7_6.src.rpm
Description of changes:
[2.7.5-3]
- Remove unversioned obsoletes
Resolves: rhbz#1708673
ELBA-2019-1347 Oracle Linux 7 python-docs bug fix and enhancement update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2019-1347
http://linux.oracle.com/errata/ELBA-2019-1347.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
python-docs-2.7.5-3.el7_6.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-docs-2.7.5-3.el7_6.src.rpm
Description of changes:
[2.7.5-3]
- Remove unversioned obsoletes
Resolves: rhbz#1708673
ELBA-2019-1348 Oracle Linux 7 python bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2019-1348
http://linux.oracle.com/errata/ELBA-2019-1348.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
python-2.7.5-79.0.1.el7_6.x86_64.rpm
python-debug-2.7.5-79.0.1.el7_6.x86_64.rpm
python-devel-2.7.5-79.0.1.el7_6.x86_64.rpm
python-libs-2.7.5-79.0.1.el7_6.i686.rpm
python-libs-2.7.5-79.0.1.el7_6.x86_64.rpm
python-test-2.7.5-79.0.1.el7_6.x86_64.rpm
python-tools-2.7.5-79.0.1.el7_6.x86_64.rpm
tkinter-2.7.5-79.0.1.el7_6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-2.7.5-79.0.1.el7_6.src.rpm
Description of changes:
[2.7.5-79.0.1]
- Add Oracle Linux distribution in platform.py [orabug 20812544]
[2.7.5-79]
- Updated fix for CVE-2019-9636
Resolves: rhbz#1711166
[2.7.5-78]
- Remove unversioned obsoletes
Resolves: rhbz#1708674
ELBA-2019-1348 Oracle Linux 7 python bug fix and enhancement update (aarch64)
Oracle Linux Bug Fix Advisory ELBA-2019-1348
http://linux.oracle.com/errata/ELBA-2019-1348.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
python-2.7.5-79.0.1.el7_6.aarch64.rpm
python-devel-2.7.5-79.0.1.el7_6.aarch64.rpm
python-libs-2.7.5-79.0.1.el7_6.aarch64.rpm
python-debug-2.7.5-79.0.1.el7_6.aarch64.rpm
python-test-2.7.5-79.0.1.el7_6.aarch64.rpm
python-tools-2.7.5-79.0.1.el7_6.aarch64.rpm
tkinter-2.7.5-79.0.1.el7_6.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-2.7.5-79.0.1.el7_6.src.rpm
Description of changes:
[2.7.5-79.0.1]
- Add Oracle Linux distribution in platform.py [orabug 20812544]
[2.7.5-79]
- Updated fix for CVE-2019-9636
Resolves: rhbz#1711166
[2.7.5-78]
- Remove unversioned obsoletes
Resolves: rhbz#1708674
ELSA-2019-4670 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2019-4670
http://linux.oracle.com/errata/ELSA-2019-4670.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.28.1.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.28.1.el6uek.noarch.rpm
kernel-uek-4.1.12-124.28.1.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.28.1.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.28.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.28.1.el6uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.28.1.el6uek.src.rpm
Description of changes:
[4.1.12-124.28.1.el6uek]
- hugetlbfs: don't retry when pool page allocations start to fail (Mike Kravetz) [Orabug: 29324267]
- x86/speculation: RSB stuffing with retpoline on Skylake+ cpus (William Roche) [Orabug: 29660924]
- x86/speculation: reformatting RSB overwrite macro (William Roche) [Orabug: 29660924]
- x86/speculation: Dynamic enable and disable of RSB stuffing with IBRS&!SMEP (William Roche) [Orabug: 29660924]
- x86/speculation: STUFF_RSB dynamic enable (William Roche) [Orabug: 29660924]
- int3 handler better address space detection on interrupts (William Roche) [Orabug: 29660924]
- repairing out-of-tree build functionality (Mark Nicholson) [Orabug: 29755100]
- ext4: fix false negatives*and* false positives in ext4_check_descriptors() (Shuning Zhang) [Orabug: 29797007]
[4.1.12-124.27.3.el6uek]
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (Shuning Zhang) [Orabug: 29233739]
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer (Marcel Holtmann) [Orabug: 29526426] {CVE-2019-3459}
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (Marcel Holtmann) [Orabug: 29526426] {CVE-2019-3459}
- HID: debug: fix the ring buffer implementation (Vladis Dronov) [Orabug: 29629481] {CVE-2019-3819} {CVE-2019-3819}
- scsi: target: iscsi: Use hex2bin instead of a re-implementation (Vincent Pelletier) [Orabug: 29778875] {CVE-2018-14633} {CVE-2018-14633}
- scsi: libsas: fix a race condition when smp task timeout (Jason Yan) [Orabug: 29783225] {CVE-2018-20836}
- scsi: megaraid_sas: return error when create DMA pool failed (Jason Yan) [Orabug: 29783254] {CVE-2019-11810}
- Bluetooth: hidp: fix buffer overflow (Young Xiao) [Orabug: 29786786] {CVE-2011-1079} {CVE-2019-11884}
- x86/speculation/mds: Add 'mitigations=' support for MDS (Kanth Ghatraju) [Orabug: 29791046]
- net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). (Mao Wenan) [Orabug: 29802785] {CVE-2019-11815}
ELSA-2019-4670 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2019-4670
http://linux.oracle.com/errata/ELSA-2019-4670.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.28.1.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.28.1.el7uek.noarch.rpm
kernel-uek-4.1.12-124.28.1.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.28.1.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.28.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.28.1.el7uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.28.1.el7uek.src.rpm
Description of changes:
[4.1.12-124.28.1.el7uek]
- hugetlbfs: don't retry when pool page allocations start to fail (Mike Kravetz) [Orabug: 29324267]
- x86/speculation: RSB stuffing with retpoline on Skylake+ cpus (William Roche) [Orabug: 29660924]
- x86/speculation: reformatting RSB overwrite macro (William Roche) [Orabug: 29660924]
- x86/speculation: Dynamic enable and disable of RSB stuffing with IBRS&!SMEP (William Roche) [Orabug: 29660924]
- x86/speculation: STUFF_RSB dynamic enable (William Roche) [Orabug: 29660924]
- int3 handler better address space detection on interrupts (William Roche) [Orabug: 29660924]
- repairing out-of-tree build functionality (Mark Nicholson) [Orabug: 29755100]
- ext4: fix false negatives*and* false positives in ext4_check_descriptors() (Shuning Zhang) [Orabug: 29797007]
[4.1.12-124.27.3.el7uek]
- ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (Shuning Zhang) [Orabug: 29233739]
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer (Marcel Holtmann) [Orabug: 29526426] {CVE-2019-3459}
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (Marcel Holtmann) [Orabug: 29526426] {CVE-2019-3459}
- HID: debug: fix the ring buffer implementation (Vladis Dronov) [Orabug: 29629481] {CVE-2019-3819} {CVE-2019-3819}
- scsi: target: iscsi: Use hex2bin instead of a re-implementation (Vincent Pelletier) [Orabug: 29778875] {CVE-2018-14633} {CVE-2018-14633}
- scsi: libsas: fix a race condition when smp task timeout (Jason Yan) [Orabug: 29783225] {CVE-2018-20836}
- scsi: megaraid_sas: return error when create DMA pool failed (Jason Yan) [Orabug: 29783254] {CVE-2019-11810}
- Bluetooth: hidp: fix buffer overflow (Young Xiao) [Orabug: 29786786] {CVE-2011-1079} {CVE-2019-11884}
- x86/speculation/mds: Add 'mitigations=' support for MDS (Kanth Ghatraju) [Orabug: 29791046]
- net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). (Mao Wenan) [Orabug: 29802785] {CVE-2019-11815}