Oracle Linux 6255 Published by

The following updates has been released for Oracle Linux 7:

ELBA-2017-3296 Oracle Linux 7 glibc bug fix update
ELBA-2017-3300 Oracle Linux 7 jss bug fix and enhancement update
ELBA-2017-3301 Oracle Linux 7 pki-core bug fix and enhancement update
ELBA-2017-3302 Oracle Linux 7 gcc bug fix update
ELBA-2017-3305 Oracle Linux 7 selinux-policy bug fix update
ELBA-2017-3306 Oracle Linux 7 dleyna-server bug fix update
ELBA-2017-3307 Oracle Linux 7 tigervnc bug fix update
ELBA-2017-3308 Oracle Linux 7 mod_fcgid bug fix update
ELBA-2017-3311 Oracle Linux 7 systemtap bug fix update
ELBA-2017-3312 Oracle Linux 7 bind bug fix update
ELBA-2017-3313 Oracle Linux 7 libreswan bug fix update
ELBA-2017-3316 Oracle Linux 7 libpciaccess bug fix update
ELBA-2017-3317 Oracle Linux 7 389-ds-base bug fix update
ELBA-2017-3318 Oracle Linux 7 accountsservice bug fix and enhancement update
ELBA-2017-3319 Oracle Linux 7 ipa bug fix update
ELBA-2017-3320 Oracle Linux 7 util-linux bug fix update
ELBA-2017-3323 Oracle Linux 7 rhnsd bug fix update
ELBA-2017-3324 Oracle Linux 7 libvirt bug fix update
ELBA-2017-3325 Oracle Linux 7 libstoragemgmt bug fix update
ELBA-2017-3330 Oracle Linux 7 cryptsetup bug fix update
ELBA-2017-3331 Oracle Linux 7 mutter bug fix update
ELBA-2017-3332 Oracle Linux 7 autofs bug fix update
ELEA-2017-3329 Oracle Linux 7 copy-jdk-configs bug fix update
ELSA-2017-3315 Important: Oracle Linux 7 kernel security and bug fix update
ELSA-2017-3315-1 Important: Oracle Linux 7 kernel security and bug fix update
ELSA-2017-3368 Moderate: Oracle Linux 7 qemu-kvm security update



ELBA-2017-3296 Oracle Linux 7 glibc bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3296

http://linux.oracle.com/errata/ELBA-2017-3296.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
glibc-2.17-196.el7_4.2.i686.rpm
glibc-2.17-196.el7_4.2.x86_64.rpm
glibc-common-2.17-196.el7_4.2.x86_64.rpm
glibc-devel-2.17-196.el7_4.2.i686.rpm
glibc-devel-2.17-196.el7_4.2.x86_64.rpm
glibc-headers-2.17-196.el7_4.2.x86_64.rpm
glibc-static-2.17-196.el7_4.2.i686.rpm
glibc-static-2.17-196.el7_4.2.x86_64.rpm
glibc-utils-2.17-196.el7_4.2.x86_64.rpm
nscd-2.17-196.el7_4.2.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/glibc-2.17-196.el7_4.2.src.rpm



Description of changes:

[2.17-196.2]
- Update HWCAP bits for IBM POWER9 DD2.1 (#1515114)
- Improve memcpy performance for POWER9 DD2.1 (#1516402)

[2.17-196.1]
- x86-64: Use XSAVE/XSAVEC in the ld.so trampoline (#1513070)


ELBA-2017-3300 Oracle Linux 7 jss bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2017-3300

http://linux.oracle.com/errata/ELBA-2017-3300.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
jss-4.4.0-9.el7_4.x86_64.rpm
jss-javadoc-4.4.0-9.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/jss-4.4.0-9.el7_4.src.rpm



Description of changes:

[4.4.0-9]
- Bugzilla #1505690 - new JSS failures: HMAC Unwrap and KeyWrapping
FIPSMODE [rhel-7.4.z] (jmagne)

[4.4.0-8]
- Bugzilla #1488846 - Fix HmacTest code for AES encrypt/unwrap [rhel-7.4.z]
(jmagne)
- Bugzilla #1490494 - PKCS12: (JSS) upgrade to at least AES and SHA2 (FIPS)
[RHEL-7.4.z] (ftweedal)
- Bugzilla #1490740 - PK11Store.getEncryptedPrivateKeyInfo() segfault if
export fails [rhel-7.4.z] (ftweedal)

ELBA-2017-3301 Oracle Linux 7 pki-core bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2017-3301

http://linux.oracle.com/errata/ELBA-2017-3301.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
pki-base-10.4.1-17.el7_4.noarch.rpm
pki-base-java-10.4.1-17.el7_4.noarch.rpm
pki-ca-10.4.1-17.el7_4.noarch.rpm
pki-javadoc-10.4.1-17.el7_4.noarch.rpm
pki-kra-10.4.1-17.el7_4.noarch.rpm
pki-server-10.4.1-17.el7_4.noarch.rpm
pki-symkey-10.4.1-17.el7_4.x86_64.rpm
pki-tools-10.4.1-17.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/pki-core-10.4.1-17.el7_4.src.rpm



Description of changes:

[10.4.1-17]
-
###########################################################################
- ## RHCS 9.2
-
###########################################################################
- #Bugzilla Bug #1507160 - TPS new configuration to allow the protocol of

[10.4.1-16]
-
###########################################################################
- ## RHCS 9.2
-
###########################################################################
- #Bugzilla Bug #1439228 - externalRegRecover does not support multiple
- #Bugzilla Bug #1507160 - TPS new configuration to allow the protocol of
- #Bugzilla Bug #1471996 - Certificate Revocation Reasons not being
updated
-
###########################################################################
- ## RHEL 7.4
-
###########################################################################
- Bugzilla Bug #1500499 - Certificate Revocation Reasons not being updated
in some cases [rhel-7.4.z] (cfu)
- Bugzilla Bug #1502527 - CA cert without Subject Key Identifier causes
issuance failure [rhel-7.4.z] (ftweedal)
- Bugzilla Bug #1492560 - ipa-replica-install --setup-kra broken on DL0
[rhel-7.4.z] (ftweedal)
NOTE: Check-ins for #1492560 all reference the dogtagpki Pagure Issue
associated with Bugzilla Bug #1402280 - CA Cloning: Failed to
update number range in few cases (which is not yet fully resolved)

[10.4.1-15]
- Bugzilla Bug #1492560 - ipa-replica-install --setup-kra broken on DL0
[rhel-7.4.z] (ftweedal)

[10.4.1-14]
- Require "jss >= 4.4.0-8" as a build and runtime requirement
- ##########################################################################
- RHEL 7.4:
- ##########################################################################
- Resolves: rhbz #1486870,1485833,1487509,1490241,1491332
- Bugzilla Bug #1486870 - Lightweight CA key replication fails (regressions)
[RHEL 7.4.z] (ftweedal)
- Bugzilla Bug #1485833 - Missing CN in user signing cert would cause error
in cmc user-signed [rhel-7.4.z] (cfu)
- Bugzilla Bug #1487509 - pki-server-upgrade fails when upgrading from
RHEL 7.1 [rhel-7.4.z] (ftweedal)
- Bugzilla Bug #1490241 - PKCS12: upgrade to at least AES and SHA2 (FIPS)
[rhel-7.4.z] (ftweedal)
- Bugzilla Bug #1491332 - TPS UI: need to display tokenType and tokenOrigin
for token certificates on TPS UI Server [rhel-7.4.z] (edewata)
- dogtagpki Pagure Issue #2764 - py3: pki.key.archive_encrypted_data:
TypeError: ... is not JSON serializable (ftweedal)
- ##########################################################################
- RHCS 9.2:
- ##########################################################################
- Resolves: rhbz #1486870,1485833,1487509,1490241,1491332,1482729,1462271
- Bugzilla Bug #1462271 - TPS incorrectly assigns "tokenOrigin" and
"tokenType" certificate attribute for recovered certificates. (cfu)
- Bugzilla Bug #1482729 - TPS UI: need to display tokenType and tokenOrigin
for token certificates on TPS UI (edewata)

ELBA-2017-3302 Oracle Linux 7 gcc bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3302

http://linux.oracle.com/errata/ELBA-2017-3302.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
cpp-4.8.5-16.el7_4.1.x86_64.rpm
gcc-4.8.5-16.el7_4.1.x86_64.rpm
gcc-c++-4.8.5-16.el7_4.1.x86_64.rpm
gcc-gfortran-4.8.5-16.el7_4.1.x86_64.rpm
gcc-gnat-4.8.5-16.el7_4.1.x86_64.rpm
gcc-go-4.8.5-16.el7_4.1.x86_64.rpm
gcc-objc++-4.8.5-16.el7_4.1.x86_64.rpm
gcc-objc-4.8.5-16.el7_4.1.x86_64.rpm
gcc-plugin-devel-4.8.5-16.el7_4.1.x86_64.rpm
libasan-4.8.5-16.el7_4.1.i686.rpm
libasan-4.8.5-16.el7_4.1.x86_64.rpm
libasan-static-4.8.5-16.el7_4.1.i686.rpm
libasan-static-4.8.5-16.el7_4.1.x86_64.rpm
libatomic-4.8.5-16.el7_4.1.i686.rpm
libatomic-4.8.5-16.el7_4.1.x86_64.rpm
libatomic-static-4.8.5-16.el7_4.1.i686.rpm
libatomic-static-4.8.5-16.el7_4.1.x86_64.rpm
libgcc-4.8.5-16.el7_4.1.i686.rpm
libgcc-4.8.5-16.el7_4.1.x86_64.rpm
libgfortran-4.8.5-16.el7_4.1.i686.rpm
libgfortran-4.8.5-16.el7_4.1.x86_64.rpm
libgfortran-static-4.8.5-16.el7_4.1.i686.rpm
libgfortran-static-4.8.5-16.el7_4.1.x86_64.rpm
libgnat-4.8.5-16.el7_4.1.i686.rpm
libgnat-4.8.5-16.el7_4.1.x86_64.rpm
libgnat-devel-4.8.5-16.el7_4.1.i686.rpm
libgnat-devel-4.8.5-16.el7_4.1.x86_64.rpm
libgnat-static-4.8.5-16.el7_4.1.i686.rpm
libgnat-static-4.8.5-16.el7_4.1.x86_64.rpm
libgo-4.8.5-16.el7_4.1.i686.rpm
libgo-4.8.5-16.el7_4.1.x86_64.rpm
libgo-devel-4.8.5-16.el7_4.1.i686.rpm
libgo-devel-4.8.5-16.el7_4.1.x86_64.rpm
libgo-static-4.8.5-16.el7_4.1.i686.rpm
libgo-static-4.8.5-16.el7_4.1.x86_64.rpm
libgomp-4.8.5-16.el7_4.1.i686.rpm
libgomp-4.8.5-16.el7_4.1.x86_64.rpm
libitm-4.8.5-16.el7_4.1.i686.rpm
libitm-4.8.5-16.el7_4.1.x86_64.rpm
libitm-devel-4.8.5-16.el7_4.1.i686.rpm
libitm-devel-4.8.5-16.el7_4.1.x86_64.rpm
libitm-static-4.8.5-16.el7_4.1.i686.rpm
libitm-static-4.8.5-16.el7_4.1.x86_64.rpm
libmudflap-4.8.5-16.el7_4.1.i686.rpm
libmudflap-4.8.5-16.el7_4.1.x86_64.rpm
libmudflap-devel-4.8.5-16.el7_4.1.i686.rpm
libmudflap-devel-4.8.5-16.el7_4.1.x86_64.rpm
libmudflap-static-4.8.5-16.el7_4.1.i686.rpm
libmudflap-static-4.8.5-16.el7_4.1.x86_64.rpm
libobjc-4.8.5-16.el7_4.1.i686.rpm
libobjc-4.8.5-16.el7_4.1.x86_64.rpm
libquadmath-4.8.5-16.el7_4.1.i686.rpm
libquadmath-4.8.5-16.el7_4.1.x86_64.rpm
libquadmath-devel-4.8.5-16.el7_4.1.i686.rpm
libquadmath-devel-4.8.5-16.el7_4.1.x86_64.rpm
libquadmath-static-4.8.5-16.el7_4.1.i686.rpm
libquadmath-static-4.8.5-16.el7_4.1.x86_64.rpm
libstdc++-4.8.5-16.el7_4.1.i686.rpm
libstdc++-4.8.5-16.el7_4.1.x86_64.rpm
libstdc++-devel-4.8.5-16.el7_4.1.i686.rpm
libstdc++-devel-4.8.5-16.el7_4.1.x86_64.rpm
libstdc++-docs-4.8.5-16.el7_4.1.x86_64.rpm
libstdc++-static-4.8.5-16.el7_4.1.i686.rpm
libstdc++-static-4.8.5-16.el7_4.1.x86_64.rpm
libtsan-4.8.5-16.el7_4.1.x86_64.rpm
libtsan-static-4.8.5-16.el7_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gcc-4.8.5-16.el7_4.1.src.rpm



Description of changes:

[4.8.5-16.1]
- fix .toc alignment (#1487434)

ELBA-2017-3305 Oracle Linux 7 selinux-policy bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3305

http://linux.oracle.com/errata/ELBA-2017-3305.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
selinux-policy-3.13.1-166.0.3.el7_4.7.noarch.rpm
selinux-policy-devel-3.13.1-166.0.3.el7_4.7.noarch.rpm
selinux-policy-doc-3.13.1-166.0.3.el7_4.7.noarch.rpm
selinux-policy-minimum-3.13.1-166.0.3.el7_4.7.noarch.rpm
selinux-policy-mls-3.13.1-166.0.3.el7_4.7.noarch.rpm
selinux-policy-sandbox-3.13.1-166.0.3.el7_4.7.noarch.rpm
selinux-policy-targeted-3.13.1-166.0.3.el7_4.7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/selinux-policy-3.13.1-166.0.3.el7_4.7.src.rpm



Description of changes:

[3.13.1-166.0.3.7]
- Obsolete docker-engine-selinux [OraBug 26439663]
- Fix container selinux policy [OraBug 26427364]
- Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type.

[3.13.1-166.7]
- Allow cluster_t domain creating bundles directory with label var_log_t
instead of cluster_var_log_t
Resolves: rhbz:#1513075

[3.13.1-166.6]
- Allow tomcat domain to connect to mssql port
Resolves: rhbz#1500697
- Add keepalived domain setpgid capability
Resolves: rhbz#1500813

ELBA-2017-3306 Oracle Linux 7 dleyna-server bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3306

http://linux.oracle.com/errata/ELBA-2017-3306.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
dleyna-server-0.5.0-2.el7_4.i686.rpm
dleyna-server-0.5.0-2.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/dleyna-server-0.5.0-2.el7_4.src.rpm



Description of changes:

[0.5.0-2]
- Use arch-specific Requires on dleyna-connector-dbus
Resolves: #1479486

ELBA-2017-3307 Oracle Linux 7 tigervnc bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3307

http://linux.oracle.com/errata/ELBA-2017-3307.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
tigervnc-1.8.0-2.el7_4.x86_64.rpm
tigervnc-icons-1.8.0-2.el7_4.noarch.rpm
tigervnc-license-1.8.0-2.el7_4.noarch.rpm
tigervnc-server-1.8.0-2.el7_4.x86_64.rpm
tigervnc-server-applet-1.8.0-2.el7_4.noarch.rpm
tigervnc-server-minimal-1.8.0-2.el7_4.x86_64.rpm
tigervnc-server-module-1.8.0-2.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tigervnc-1.8.0-2.el7_4.src.rpm



Description of changes:

[1.8.0-2]
- Make TLS work on FIPS systems
Resolves: bz#1501165

ELBA-2017-3308 Oracle Linux 7 mod_fcgid bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3308

http://linux.oracle.com/errata/ELBA-2017-3308.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
mod_fcgid-2.3.9-4.el7_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/mod_fcgid-2.3.9-4.el7_4.1.src.rpm



Description of changes:

[2.3.9-4.1]
- Resolves: #1501307 - mod_fcgid cause Segmentation fault error while doing
large file uploads over HTTPS

ELBA-2017-3311 Oracle Linux 7 systemtap bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3311

http://linux.oracle.com/errata/ELBA-2017-3311.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
systemtap-3.1-4.el7_4.x86_64.rpm
systemtap-client-3.1-4.el7_4.x86_64.rpm
systemtap-devel-3.1-4.el7_4.x86_64.rpm
systemtap-initscript-3.1-4.el7_4.x86_64.rpm
systemtap-runtime-3.1-4.el7_4.x86_64.rpm
systemtap-runtime-java-3.1-4.el7_4.x86_64.rpm
systemtap-runtime-python2-3.1-4.el7_4.x86_64.rpm
systemtap-runtime-virtguest-3.1-4.el7_4.x86_64.rpm
systemtap-runtime-virthost-3.1-4.el7_4.x86_64.rpm
systemtap-sdt-devel-3.1-4.el7_4.i686.rpm
systemtap-sdt-devel-3.1-4.el7_4.x86_64.rpm
systemtap-server-3.1-4.el7_4.x86_64.rpm
systemtap-testsuite-3.1-4.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/systemtap-3.1-4.el7_4.src.rpm



Description of changes:

[3.1-4]
- rhbz1503979 @min/@max miscalculation

ELBA-2017-3312 Oracle Linux 7 bind bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3312

http://linux.oracle.com/errata/ELBA-2017-3312.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
bind-9.9.4-51.el7_4.1.x86_64.rpm
bind-chroot-9.9.4-51.el7_4.1.x86_64.rpm
bind-devel-9.9.4-51.el7_4.1.i686.rpm
bind-devel-9.9.4-51.el7_4.1.x86_64.rpm
bind-libs-9.9.4-51.el7_4.1.i686.rpm
bind-libs-9.9.4-51.el7_4.1.x86_64.rpm
bind-libs-lite-9.9.4-51.el7_4.1.i686.rpm
bind-libs-lite-9.9.4-51.el7_4.1.x86_64.rpm
bind-license-9.9.4-51.el7_4.1.noarch.rpm
bind-lite-devel-9.9.4-51.el7_4.1.i686.rpm
bind-lite-devel-9.9.4-51.el7_4.1.x86_64.rpm
bind-pkcs11-9.9.4-51.el7_4.1.x86_64.rpm
bind-pkcs11-devel-9.9.4-51.el7_4.1.i686.rpm
bind-pkcs11-devel-9.9.4-51.el7_4.1.x86_64.rpm
bind-pkcs11-libs-9.9.4-51.el7_4.1.i686.rpm
bind-pkcs11-libs-9.9.4-51.el7_4.1.x86_64.rpm
bind-pkcs11-utils-9.9.4-51.el7_4.1.x86_64.rpm
bind-sdb-9.9.4-51.el7_4.1.x86_64.rpm
bind-sdb-chroot-9.9.4-51.el7_4.1.x86_64.rpm
bind-utils-9.9.4-51.el7_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/bind-9.9.4-51.el7_4.1.src.rpm



Description of changes:

[32:9.9.4-51.1]
- Fix named-chroot restart leak (#1504700)

ELBA-2017-3313 Oracle Linux 7 libreswan bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3313

http://linux.oracle.com/errata/ELBA-2017-3313.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libreswan-3.20-5.0.1.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreswan-3.20-5.0.1.el7_4.src.rpm



Description of changes:

[3.20-5.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro

[3.20-5]
- Resolves: rhbz#1503949 [updated - USE_DNSSEC setting was updated]

[3.20-4]
- Resolves: rhbz#1501809 libreswan does not establish IKE with xauth
enabled but modecfg disabled
- Resolves: rhbz#1503949 xauth password length limited to 64 bytes while
XAUTH_MAX_PASS_LENGTH (128)

ELBA-2017-3316 Oracle Linux 7 libpciaccess bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3316

http://linux.oracle.com/errata/ELBA-2017-3316.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libpciaccess-0.13.4-3.1.el7_4.i686.rpm
libpciaccess-0.13.4-3.1.el7_4.x86_64.rpm
libpciaccess-devel-0.13.4-3.1.el7_4.i686.rpm
libpciaccess-devel-0.13.4-3.1.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libpciaccess-0.13.4-3.1.el7_4.src.rpm



Description of changes:

[0.13.4-3.1]
- Add support for 32-bit domains

ELBA-2017-3317 Oracle Linux 7 389-ds-base bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3317

http://linux.oracle.com/errata/ELBA-2017-3317.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
389-ds-base-1.3.6.1-24.el7_4.x86_64.rpm
389-ds-base-devel-1.3.6.1-24.el7_4.x86_64.rpm
389-ds-base-libs-1.3.6.1-24.el7_4.x86_64.rpm
389-ds-base-snmp-1.3.6.1-24.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/389-ds-base-1.3.6.1-24.el7_4.src.rpm



Description of changes:

[1.3.6.1-24]
- Bump version to 1.3.6.1-24
- Resolves: Bug 1508978 - replicated MODRDN fails breaking replication
- Resolves: Bug 1511940 - heap corruption during import
- Resolves: Bug 1510319 - [abrt] 389-ds-base: SLL_Next(): ns-slapd
killed by SIGSEGV
- Resolves: Bug 1509347 - cleanallruv task is not logging any information

[1.3.6.1-23]
- Bump version to 1.3.6.1-23
- Resolves: Bug 1504536 - [memberOf Plugin] bulk deleting users causes
deadlock when there are multiple backends
- Resolves: Bug 1503001 - Adding a database entry fails if the same
database was deleted after an import
- Resolves: Bug 1506912 - Improve valueset sort performance during
valueset purging

[1.3.6.1-22]
- Bump version to 1.3.6.1-22
- Resolves: Bug 1499668 - Errors log filled with attrlist_replace

ELBA-2017-3318 Oracle Linux 7 accountsservice bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2017-3318

http://linux.oracle.com/errata/ELBA-2017-3318.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
accountsservice-0.6.45-3.el7_4.1.x86_64.rpm
accountsservice-devel-0.6.45-3.el7_4.1.i686.rpm
accountsservice-devel-0.6.45-3.el7_4.1.x86_64.rpm
accountsservice-libs-0.6.45-3.el7_4.1.i686.rpm
accountsservice-libs-0.6.45-3.el7_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/accountsservice-0.6.45-3.el7_4.1.src.rpm



Description of changes:

[0.6.45-3.1]
- Fix crasher introduced in -3
Related: #1474579, 1509261

[0.6.45-3]
- Various fixes to increase scalability
Related: #1474579

ELBA-2017-3319 Oracle Linux 7 ipa bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3319

http://linux.oracle.com/errata/ELBA-2017-3319.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
ipa-client-4.5.0-22.0.1.el7_4.x86_64.rpm
ipa-client-common-4.5.0-22.0.1.el7_4.noarch.rpm
ipa-common-4.5.0-22.0.1.el7_4.noarch.rpm
ipa-python-compat-4.5.0-22.0.1.el7_4.noarch.rpm
ipa-server-4.5.0-22.0.1.el7_4.x86_64.rpm
ipa-server-common-4.5.0-22.0.1.el7_4.noarch.rpm
ipa-server-dns-4.5.0-22.0.1.el7_4.noarch.rpm
ipa-server-trust-ad-4.5.0-22.0.1.el7_4.x86_64.rpm
python2-ipaclient-4.5.0-22.0.1.el7_4.noarch.rpm
python2-ipalib-4.5.0-22.0.1.el7_4.noarch.rpm
python2-ipaserver-4.5.0-22.0.1.el7_4.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ipa-4.5.0-22.0.1.el7_4.src.rpm



Description of changes:

[4.5.0-22.0.1.el7_4]
- Rebuild
- Blank out header-logo.png product-name.png
Replace login-screen-logo.png [20362818]

[4.5.0-22.el7]
- Resolves: #1506528 In case full PKINIT configuration is failing during
server/replica install the error message should be more meaningful.
- Less confusing message for PKINIT configuration during install
- Resolves: #1506526 Use X509v3 Basic Constraints "CA:TRUE" instead of
"CA:FALSE" IPA CA CSR
- Include the CA basic constraint in CSRs when renewing a CA
- Resolves: #1506913 ipa-replica-install might fail because of an already
existing entry cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,$SUFFIX
- Checks if replica-s4u2proxy.ldif should be applied
- Resolves: #1506525 server-del doesn't remove dns-server configuration
from ldap
- server.py: Removes dns-server configuration from ldap

ELBA-2017-3320 Oracle Linux 7 util-linux bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3320

http://linux.oracle.com/errata/ELBA-2017-3320.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libblkid-2.23.2-43.el7_4.2.i686.rpm
libblkid-2.23.2-43.el7_4.2.x86_64.rpm
libblkid-devel-2.23.2-43.el7_4.2.i686.rpm
libblkid-devel-2.23.2-43.el7_4.2.x86_64.rpm
libmount-2.23.2-43.el7_4.2.i686.rpm
libmount-2.23.2-43.el7_4.2.x86_64.rpm
libmount-devel-2.23.2-43.el7_4.2.i686.rpm
libmount-devel-2.23.2-43.el7_4.2.x86_64.rpm
libuuid-2.23.2-43.el7_4.2.i686.rpm
libuuid-2.23.2-43.el7_4.2.x86_64.rpm
libuuid-devel-2.23.2-43.el7_4.2.i686.rpm
libuuid-devel-2.23.2-43.el7_4.2.x86_64.rpm
util-linux-2.23.2-43.el7_4.2.i686.rpm
util-linux-2.23.2-43.el7_4.2.x86_64.rpm
uuidd-2.23.2-43.el7_4.2.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/util-linux-2.23.2-43.el7_4.2.src.rpm



Description of changes:

[2.23.2-43.el7_4.2]
- improve libmount eaccess test (bug #1499760)

[2.23.2-43.el7_4.1]
- fix #1499760 - gvfs-udisks2-volume-monitor generates huge amount of
audit log with access denied messages

ELBA-2017-3323 Oracle Linux 7 rhnsd bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3323

http://linux.oracle.com/errata/ELBA-2017-3323.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
rhnsd-5.0.13-7.3.0.1.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/rhnsd-5.0.13-7.3.0.1.el7_4.src.rpm



Description of changes:

[5.0.13-7.3.0.1]
- Add patch rhnsd-oracle-network.patch
Change RHN references to Unbreakable Linux Network

[5.0.13-7.3]
- Resolves: #1506910 - umask(0) does not reset to default umask
(tkasparek@redhat.com)

[5.0.13-7.2]
- Resolves: #1506911 - close and reopen syslog when redirecting child output
(martin.matuska@axelspringer.de)

ELBA-2017-3324 Oracle Linux 7 libvirt bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3324

http://linux.oracle.com/errata/ELBA-2017-3324.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libvirt-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-admin-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-client-3.2.0-14.el7_4.4.i686.rpm
libvirt-client-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-config-network-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-interface-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-lxc-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-network-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-qemu-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-secret-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-kvm-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-daemon-lxc-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-devel-3.2.0-14.el7_4.4.i686.rpm
libvirt-devel-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-docs-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-libs-3.2.0-14.el7_4.4.i686.rpm
libvirt-libs-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-lock-sanlock-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-login-shell-3.2.0-14.el7_4.4.x86_64.rpm
libvirt-nss-3.2.0-14.el7_4.4.i686.rpm
libvirt-nss-3.2.0-14.el7_4.4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-3.2.0-14.el7_4.4.src.rpm



Description of changes:

[3.2.0-14.el7_4.4]
- qemu: Pass virArch * to virQEMUCapsCPUFilterFeatures (rhbz#1508549)
- qemu: Publish virQEMUCapsCPUFilterFeatures (rhbz#1508549)
- qemu: Separate CPU updating code from qemuProcessReconnect (rhbz#1508549)
- conf: Introduce virCPUDefFindFeature (rhbz#1508549)
- qemu: Filter CPU features when using host CPU (rhbz#1508549)
- qemu: Fix CPU model broken by older libvirt (rhbz#1508549)

ELBA-2017-3325 Oracle Linux 7 libstoragemgmt bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3325

http://linux.oracle.com/errata/ELBA-2017-3325.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libstoragemgmt-1.4.0-5.el7_4.i686.rpm
libstoragemgmt-1.4.0-5.el7_4.x86_64.rpm
libstoragemgmt-devel-1.4.0-5.el7_4.i686.rpm
libstoragemgmt-devel-1.4.0-5.el7_4.x86_64.rpm
libstoragemgmt-hpsa-plugin-1.4.0-5.el7_4.noarch.rpm
libstoragemgmt-megaraid-plugin-1.4.0-5.el7_4.noarch.rpm
libstoragemgmt-netapp-plugin-1.4.0-5.el7_4.noarch.rpm
libstoragemgmt-nstor-plugin-1.4.0-5.el7_4.noarch.rpm
libstoragemgmt-python-1.4.0-5.el7_4.noarch.rpm
libstoragemgmt-python-clibs-1.4.0-5.el7_4.x86_64.rpm
libstoragemgmt-smis-plugin-1.4.0-5.el7_4.noarch.rpm
libstoragemgmt-targetd-plugin-1.4.0-5.el7_4.noarch.rpm
libstoragemgmt-udev-1.4.0-5.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libstoragemgmt-1.4.0-5.el7_4.src.rpm



Description of changes:

[1.4.0-5]
- Add missing runtime requirement -- python-six

[1.4.0-4]
- Fix incorrect VPD query for mptsas # RHBZ 1511467

ELBA-2017-3330 Oracle Linux 7 cryptsetup bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3330

http://linux.oracle.com/errata/ELBA-2017-3330.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
cryptsetup-1.7.4-3.el7_4.1.x86_64.rpm
cryptsetup-devel-1.7.4-3.el7_4.1.i686.rpm
cryptsetup-devel-1.7.4-3.el7_4.1.x86_64.rpm
cryptsetup-libs-1.7.4-3.el7_4.1.i686.rpm
cryptsetup-libs-1.7.4-3.el7_4.1.x86_64.rpm
cryptsetup-python-1.7.4-3.el7_4.1.x86_64.rpm
cryptsetup-reencrypt-1.7.4-3.el7_4.1.x86_64.rpm
veritysetup-1.7.4-3.el7_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/cryptsetup-1.7.4-3.el7_4.1.src.rpm



Description of changes:

[1.7.4-3.el7_4.1]
- patch: fix regression in blockwise functions (archs with 64 KiB
page_size)
- Resolves: #1510841

ELBA-2017-3331 Oracle Linux 7 mutter bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3331

http://linux.oracle.com/errata/ELBA-2017-3331.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
mutter-3.22.3-12.el7_4.i686.rpm
mutter-3.22.3-12.el7_4.x86_64.rpm
mutter-devel-3.22.3-12.el7_4.i686.rpm
mutter-devel-3.22.3-12.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/mutter-3.22.3-12.el7_4.src.rpm



Description of changes:

[3.22.3-12]
- Add support for plain old X device configuration
- Resolves: #1515138

ELBA-2017-3332 Oracle Linux 7 autofs bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3332

http://linux.oracle.com/errata/ELBA-2017-3332.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
autofs-5.0.7-70.0.1.el7_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/autofs-5.0.7-70.0.1.el7_4.1.src.rpm



Description of changes:

[5.0.7-70.0.1.el7_4.1]
- add autofs-5.0.5-lookup-mounts.patch [Orabug:12658280] (Bert Barbe)

[5.0.7-70.el7_4.1]
- bz1515311 - Automount cannot access host shares after a reboot
[rhel-7.4.z]
- reset master map list on startup retry.
- Resolves: rhbz#1515311

[5.0.7-70.el7_4]
- bz1503945 - autofs option parsing for maps with fstype=autofs no longer
works [rhel-7.4.z]
- revert fix argc off by one in mount_autofs.c.
- bz1503946 - autofs map entry options field does not accept dot character
[rhel-7.4.z]
- allow dot in OPTIONSTR value lexer pattern.
- handle additional nfs versions in mount_nfs.c.
- Resolves: rhbz#1503945 rhbz#1503946

ELEA-2017-3329 Oracle Linux 7 copy-jdk-configs bug fix update

Oracle Linux Enhancement Advisory ELEA-2017-3329

http://linux.oracle.com/errata/ELEA-2017-3329.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
copy-jdk-configs-2.2-5.el7_4.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/copy-jdk-configs-2.2-5.el7_4.src.rpm



Description of changes:

[2.2-5]
- adapted (added policy subdir) patch1: newPolices.patch
- Resolves: rhbz#1513697

[2.2-4]
- added an daplied in install patch1: newPolices.patch
- Resolves: rhbz#1513697

ELSA-2017-3315 Important: Oracle Linux 7 kernel security and bug fix update

Oracle Linux Security Advisory ELSA-2017-3315

http://linux.oracle.com/errata/ELSA-2017-3315.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-3.10.0-693.11.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-693.11.1.el7.noarch.rpm
kernel-debug-3.10.0-693.11.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.11.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.11.1.el7.x86_64.rpm
kernel-doc-3.10.0-693.11.1.el7.noarch.rpm
kernel-headers-3.10.0-693.11.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.11.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.11.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.11.1.el7.x86_64.rpm
perf-3.10.0-693.11.1.el7.x86_64.rpm
python-perf-3.10.0-693.11.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-693.11.1.el7.src.rpm



Description of changes:

- [3.10.0-693.11.1.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel
(olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]

[3.10.0-693.11.1.el7]
- [powerpc] perf: Fix book3s kernel to userspace backtraces (Gustavo
Duarte) [1506143 1492669]

[3.10.0-693.10.1.el7]
- [mm] mm, hugetlb: use pte_present() instead of pmd_present() in
follow_huge_pmd() (Rafael Aquini) [1505164 1472460]
- [mm] fix invalid node in alloc_migrate_target() (Rafael Aquini)
[1505164 1472460]
- [mm] add !pte_present() check on existing hugetlb_entry callbacks
(Rafael Aquini) [1505164 1472460]
- [fs] ceph: avoid accessing freeing inode in ceph_check_delayed_caps()
(Ilya Dryomov) [1505163 1489426]
- [fs] nfsd: Fix general protection fault in release_lock_stateid() (J.
Bruce Fields) [1505160 1500815]
- [fs] cifs: Reconnect expired SMB sessions (Leif Sahlberg) [1501526
1477052]
- [fs] cifs: Separate SMB2 header structure (Leif Sahlberg) [1501526
1429710]

[3.10.0-693.9.1.el7]
- [fs] ext4: fix off-by-one on max nr_pages in
ext4_find_unwritten_pgoff() (Bill O'Donnell) [1504115 1458728]
- [fs] ext4: fix off-by-in loop termination in
ext4_find_unwritten_pgoff() (Bill O'Donnell) [1501387 1469363]
- [fs] ext4: fix SEEK_HOLE (Bill O'Donnell) [1501387 1469363]
- [fs] xfs: Move handling of missing page into one place in
xfs_find_get_desired_pgoff() (Bill O'Donnell) [1498736 1460446]
- [fs] xfs: Fix off-by-in in loop termination in
xfs_find_get_desired_pgoff() (Bill O'Donnell) [1498736 1460446]
- [fs] xfs: Fix missed holes in SEEK_HOLE implementation (Bill
O'Donnell) [1498736 1460446]
- [fs] xfs: fix off-by-one on max nr_pages in
xfs_find_get_desired_pgoff() (Eryu Guan) [1502731 1458997]
- [nvme] Test unit Ready broken for nvme drvices (David Milburn)
[1502733 1478457]
- [hv] vmbus: Increase the time between retries in vmbus_post_msg()
(Mohammed Gamal) [1495763 1491843]
- [hv] vmbus: Fix error code returned by vmbus_post_msg() (Mohammed
Gamal) [1495763 1467258]
- [netdrv] netvsc: propagate MAC address change to VF slave (Vitaly
Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: delay setup of VF device (Vitaly Kuznetsov) [1500321
1477784]
- [netdrv] netvsc: make sure and unregister datapath (Vitaly Kuznetsov)
[1500321 1477784]
- [netdrv] netvsc: fix rtnl deadlock on unregister of vf (Vitaly
Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: transparent VF management (Vitaly Kuznetsov) [1500321
1477784]
- [netdrv] hv_netvsc: Fix the carrier state error when data path is off
(Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] hv_netvsc: Fix the queue index computation in forwarding case
(Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: handle select_queue when device is being removed
(Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: report per-channel stats in ethtool statistics
(Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: account for packets/bytes transmitted after
completion (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: group all per-channel state together (Vitaly
Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: enhance transmit select_queue (Vitaly Kuznetsov)
[1500321 1477784]

[3.10.0-693.8.1.el7]
- [x86] kvm: x86: Fix potential preemption when get the current kvmclock
timestamp (Marcelo Tosatti) [1503459 1496522]
- [x86] kvm: x86: remove irq disablement around
KVM_SET_CLOCK/KVM_GET_CLOCK (Marcelo Tosatti) [1503459 1496522]

[3.10.0-693.7.1.el7]
- [mm] page_cgroup: Fix Kernel bug during boot with memory cgroups
enabled (Larry Woodman) [1491970 1483747]
- Revert: [mm] Fix Kernel bug during boot with memory cgroups enabled
(Larry Woodman) [1491970 1483747]

[3.10.0-693.6.1.el7]
- [netdrv] mlx5: Avoid using pending command interface slots (Don
Dutile) [1497604 1463367]
- [x86] amd: Limit cpu_core_id fixup to families older than F17h
(Suravee Suthikulpanit) [1497603 1477397]
- [x86] cpu/amd: Fix Zen SMT topology (Suravee Suthikulpanit) [1497603
1477397]
- [x86] cpu/amd: Bring back Compute Unit ID (Suravee Suthikulpanit)
[1497603 1477397]
- [x86] cpu/amd: Fix Bulldozer topology (Suravee Suthikulpanit) [1497603
1477397]
- [x86] cpu/amd: Clean up cpu_llc_id assignment per topology feature
(Suravee Suthikulpanit) [1497603 1477397]
- [x86] cpu: Get rid of compute_unit_id (Suravee Suthikulpanit) [1497603
1477397]
- [x86] amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask (Suravee
Suthikulpanit) [1497238 1477399]
- [net] ipv6: only call ip6_route_dev_notify() once for
NETDEV_UNREGISTER (Matteo Croce) [1497121 1468935]
- [fs] gfs2: Fix debugfs glocks dump (Andreas Grunbacher) [1497078 1493067]
- [fs] gfs2: Replace rhashtable_walk_init with rhashtable_walk_enter
(Andreas Grunbacher) [1497078 1493067]
- [fs] gfs2: Deduplicate gfs2_{glocks,glstats}_open (Andreas Grunbacher)
[1497078 1493067]
- [cpufreq] intel_pstate: Fix unsafe HWP MSR access (Steve Best)
[1497058 1457552]
- [s390] af_iucv: correctly copy SKB data (add missing hunk from 04d0ec)
(Hendrik Brueckner) [1494354 1459782]
- [sound] alsa: timer: Use common error handling code in
alsa_timer_init() (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Adjust a condition check in
snd_timer_resolution() (Jaroslav Kysela) [1465998 1465999]
{CVE-2017-1000380}
- [sound] alsa: timer: Follow standard EXPORT_SYMBOL() declarations
(Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Wrap with spinlock for queue access (Jaroslav
Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Improve user queue reallocation (Jaroslav Kysela)
[1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Fix missing queue indices reset at
SNDRV_TIMER_IOCTL_SELECT (Jaroslav Kysela) [1465998 1465999]
{CVE-2017-1000380}
- [sound] alsa: timer: Fix race between read and ioctl (Jaroslav Kysela)
[1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Info leak in snd_timer_user_tinterrupt()
(Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: remove some dead code (Jaroslav Kysela) [1465998
1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Reject user params with too small ticks (Jaroslav
Kysela) [1465998 1465999] {CVE-2017-1000380}

ELSA-2017-3315-1 Important: Oracle Linux 7 kernel security and bug fix update

Oracle Linux Security Advisory ELSA-2017-3315-1

http://linux.oracle.com/errata/ELSA-2017-3315-1.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-3.10.0-693.11.1.0.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-693.11.1.0.1.el7.noarch.rpm
kernel-debug-3.10.0-693.11.1.0.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-693.11.1.0.1.el7.x86_64.rpm
kernel-devel-3.10.0-693.11.1.0.1.el7.x86_64.rpm
kernel-doc-3.10.0-693.11.1.0.1.el7.noarch.rpm
kernel-headers-3.10.0-693.11.1.0.1.el7.x86_64.rpm
kernel-tools-3.10.0-693.11.1.0.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-693.11.1.0.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-693.11.1.0.1.el7.x86_64.rpm
perf-3.10.0-693.11.1.0.1.el7.x86_64.rpm
python-perf-3.10.0-693.11.1.0.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-693.11.1.0.1.el7.src.rpm



Description of changes:

- [3.10.0-693.11.1.0.1.el7.OL7]
- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug
22552377]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel
(olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]

ELSA-2017-3368 Moderate: Oracle Linux 7 qemu-kvm security update

Oracle Linux Security Advisory ELSA-2017-3368

http://linux.oracle.com/errata/ELSA-2017-3368.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
qemu-img-1.5.3-141.el7_4.4.x86_64.rpm
qemu-kvm-1.5.3-141.el7_4.4.x86_64.rpm
qemu-kvm-common-1.5.3-141.el7_4.4.x86_64.rpm
qemu-kvm-tools-1.5.3-141.el7_4.4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-141.el7_4.4.src.rpm



Description of changes:

[1.5.3-141.el7_4.4]
- kvm-multiboot-validate-multiboot-header-address-values.patch [bz#1501120]
- Resolves: bz#1501120
(CVE-2017-14167 qemu-kvm: Qemu: i386: multiboot OOB access while
loading kernel image [rhel-7.4.z])

[1.5.3-141.el7_4.3]
- kvm-bswap.h-Remove-cpu_to_32wu.patch [bz#1501294]
- kvm-hw-use-ld_p-st_p-instead-of-ld_raw-st_raw.patch [bz#1501294]
- kvm-vga-Start-cutting-out-non-32bpp-conversion-support.patch [bz#1501294]
- kvm-vga-Remove-remainder-of-old-conversion-cruft.patch [bz#1501294]
- kvm-vga-Separate-LE-and-BE-conversion-functions.patch [bz#1501294]
- kvm-vga-Rename-vga_template.h-to-vga-helpers.h.patch [bz#1501294]
- kvm-vga-stop-passing-pointers-to-vga_draw_line-functions.patch
[bz#1501294]
- kvm-vga-drop-line_offset-variable.patch [bz#1501294]
- kvm-vga-Add-mechanism-to-force-the-use-of-a-shadow-surfa.patch
[bz#1501294]
- kvm-vga-handle-cirrus-vbe-mode-wraparounds.patch [bz#1501294]
- kvm-cirrus-fix-oob-access-in-mode4and5-write-functions.patch [bz#1501294]
- Resolves: bz#1501294
(CVE-2017-15289 qemu-kvm: Qemu: cirrus: OOB access issue in
mode4and5 write functions [rhel-7.4.z])