Oracle Linux 6263 Published by

The following updates has been released for Oracle Linux 7:

ELBA-2019-0167 Oracle Linux 7 tomcatjss bug fix update
ELBA-2019-0169 Oracle Linux 7 sssd bug fix update
ELBA-2019-0171 Oracle Linux 7 grub2 bug fix update
ELBA-2019-0172 Oracle Linux 7 nss bug fix update
ELBA-2019-0173 Oracle Linux 7 augeas bug fix update
ELBA-2019-0174 Oracle Linux 7 libvirt-snmp bug fix update
ELBA-2019-0175 Oracle Linux 7 freetype bug fix update
ELBA-2019-0176 Oracle Linux 7 xorg-x11-drv-ati bug fix update
ELBA-2019-0177 Oracle Linux 7 fence-agents bug fix and enhancement update
ELBA-2019-0179 Oracle Linux 7 389-ds-base bug fix update
ELBA-2019-0181 Oracle Linux 7 squid bug fix update
ELBA-2019-0182 Oracle Linux 7 imagemagick bug fix update
ELBA-2019-0183 Oracle Linux 7 krb5 bug fix update
ELBA-2019-0184 Oracle Linux 7 sos bug fix update
ELBA-2019-0185 Oracle Linux 7 xorg-x11-server bug fix update
ELBA-2019-0186 Oracle Linux 7 gdm bug fix update
ELBA-2019-0187 Oracle Linux 7 lvm2 bug fix update
ELBA-2019-0189 Oracle Linux 7 mesa bug fix update
ELBA-2019-0191 Oracle Linux 7 openldap bug fix update
ELBA-2019-0192 Oracle Linux 7 selinux-policy bug fix update
ELBA-2019-0193 Oracle Linux 7 glibc bug fix update
ELBA-2019-0195 Oracle Linux 7 nvme-cli bug fix update
ELBA-2019-0197 Oracle Linux 7 libvirt bug fix update
ELBA-2019-0198 Oracle Linux 7 qemu-kvm bug fix update
ELBA-2019-0199 Oracle Linux 7 policycoreutils bug fix update
ELBA-2019-0200 Oracle Linux 7 adcli bugfix update
ELEA-2019-0178 Oracle Linux 7 libreswan bug fix and enhancement update
ELEA-2019-0180 Oracle Linux 7 osinfo-db enhancement update
ELSA-2019-0163 Important: Oracle Linux 7 kernel security, bug fix, and enhancement update
ELSA-2019-0194 Moderate: Oracle Linux 7 bind security update
ELSA-2019-0201 Low: Oracle Linux 7 systemd security update



ELBA-2019-0167 Oracle Linux 7 tomcatjss bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0167

http://linux.oracle.com/errata/ELBA-2019-0167.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
tomcatjss-7.2.1-8.el7_6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tomcatjss-7.2.1-8.el7_6.src.rpm



Description of changes:

[7.2.1-8]
- Bugzilla Bug #1632618 - CC: tomcatjss: unable to enable OCSP checking
from peer AIA extension [rhel-7.6.z] (jmagne)


ELBA-2019-0169 Oracle Linux 7 sssd bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0169

http://linux.oracle.com/errata/ELBA-2019-0169.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libipa_hbac-1.16.2-13.el7_6.5.i686.rpm
libipa_hbac-1.16.2-13.el7_6.5.x86_64.rpm
libipa_hbac-devel-1.16.2-13.el7_6.5.i686.rpm
libipa_hbac-devel-1.16.2-13.el7_6.5.x86_64.rpm
libsss_autofs-1.16.2-13.el7_6.5.x86_64.rpm
libsss_certmap-1.16.2-13.el7_6.5.i686.rpm
libsss_certmap-1.16.2-13.el7_6.5.x86_64.rpm
libsss_certmap-devel-1.16.2-13.el7_6.5.i686.rpm
libsss_certmap-devel-1.16.2-13.el7_6.5.x86_64.rpm
libsss_idmap-1.16.2-13.el7_6.5.i686.rpm
libsss_idmap-1.16.2-13.el7_6.5.x86_64.rpm
libsss_idmap-devel-1.16.2-13.el7_6.5.i686.rpm
libsss_idmap-devel-1.16.2-13.el7_6.5.x86_64.rpm
libsss_nss_idmap-1.16.2-13.el7_6.5.i686.rpm
libsss_nss_idmap-1.16.2-13.el7_6.5.x86_64.rpm
libsss_nss_idmap-devel-1.16.2-13.el7_6.5.i686.rpm
libsss_nss_idmap-devel-1.16.2-13.el7_6.5.x86_64.rpm
libsss_simpleifp-1.16.2-13.el7_6.5.i686.rpm
libsss_simpleifp-1.16.2-13.el7_6.5.x86_64.rpm
libsss_simpleifp-devel-1.16.2-13.el7_6.5.i686.rpm
libsss_simpleifp-devel-1.16.2-13.el7_6.5.x86_64.rpm
libsss_sudo-1.16.2-13.el7_6.5.x86_64.rpm
python-libipa_hbac-1.16.2-13.el7_6.5.x86_64.rpm
python-libsss_nss_idmap-1.16.2-13.el7_6.5.x86_64.rpm
python-sss-1.16.2-13.el7_6.5.x86_64.rpm
python-sss-murmur-1.16.2-13.el7_6.5.x86_64.rpm
python-sssdconfig-1.16.2-13.el7_6.5.noarch.rpm
sssd-1.16.2-13.el7_6.5.x86_64.rpm
sssd-ad-1.16.2-13.el7_6.5.x86_64.rpm
sssd-client-1.16.2-13.el7_6.5.i686.rpm
sssd-client-1.16.2-13.el7_6.5.x86_64.rpm
sssd-common-1.16.2-13.el7_6.5.x86_64.rpm
sssd-common-pac-1.16.2-13.el7_6.5.x86_64.rpm
sssd-dbus-1.16.2-13.el7_6.5.x86_64.rpm
sssd-ipa-1.16.2-13.el7_6.5.x86_64.rpm
sssd-kcm-1.16.2-13.el7_6.5.x86_64.rpm
sssd-krb5-1.16.2-13.el7_6.5.x86_64.rpm
sssd-krb5-common-1.16.2-13.el7_6.5.x86_64.rpm
sssd-ldap-1.16.2-13.el7_6.5.x86_64.rpm
sssd-libwbclient-1.16.2-13.el7_6.5.x86_64.rpm
sssd-libwbclient-devel-1.16.2-13.el7_6.5.i686.rpm
sssd-libwbclient-devel-1.16.2-13.el7_6.5.x86_64.rpm
sssd-polkit-rules-1.16.2-13.el7_6.5.x86_64.rpm
sssd-proxy-1.16.2-13.el7_6.5.x86_64.rpm
sssd-tools-1.16.2-13.el7_6.5.x86_64.rpm
sssd-winbind-idmap-1.16.2-13.el7_6.5.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/sssd-1.16.2-13.el7_6.5.src.rpm



Description of changes:

[1.16.3-5]
- Resolves: rhbz#1659507 - SSSD's LDAP authentication provider does not work
if ID provider is authenticated with GSSAPI [rhel-7.6.z]

[1.16.3-4]
- Resolves: rhbz#1659083 - SSSD must be cleared/restarted periodically in
order to retrieve AD users through IPA Trust [rhel-7.6.z]

[1.16.3-3]
- Resolves: rhbz#1656833 - sssd_nss memory leak [rhel-7.6.z]

[1.16.3-2]
- Resolves: Bug 1649784 - SSSD not fetching all sudo rules from
AD [rhel-7.6.z]

[1.16.3-1]
- Resolves: rhbz#1645047 - sssd only sets the SELinux login context if it
differs from the default [rhel-7.6.z]

ELBA-2019-0171 Oracle Linux 7 grub2 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0171

http://linux.oracle.com/errata/ELBA-2019-0171.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
grub2-2.02-0.76.0.3.el7.1.x86_64.rpm
grub2-common-2.02-0.76.0.3.el7.1.noarch.rpm
grub2-efi-ia32-2.02-0.76.0.3.el7.1.x86_64.rpm
grub2-efi-ia32-cdboot-2.02-0.76.0.3.el7.1.x86_64.rpm
grub2-efi-ia32-modules-2.02-0.76.0.3.el7.1.noarch.rpm
grub2-efi-x64-2.02-0.76.0.3.el7.1.x86_64.rpm
grub2-efi-x64-cdboot-2.02-0.76.0.3.el7.1.x86_64.rpm
grub2-efi-x64-modules-2.02-0.76.0.3.el7.1.noarch.rpm
grub2-pc-2.02-0.76.0.3.el7.1.x86_64.rpm
grub2-pc-modules-2.02-0.76.0.3.el7.1.noarch.rpm
grub2-tools-2.02-0.76.0.3.el7.1.x86_64.rpm
grub2-tools-extra-2.02-0.76.0.3.el7.1.x86_64.rpm
grub2-tools-minimal-2.02-0.76.0.3.el7.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/grub2-2.02-0.76.0.3.el7.1.src.rpm



Description of changes:

[2.02-0.76.0.3.1]
- build with the updated Oracle certificate
- Restore symlink to grub environment file, that was removed during
grub2-efi update
if grub2 package is also installed on UEFI machines [27345750]
- fix symlink removal scriptlet, to be executed only on removal [bug
19231481]
- Pack files in efidir with disabled rpm verification [27166026]
- Fix comparison in patch for 18504756
- Remove symlink to grub environment file during uninstall on EFI
platforms [bug 19231481]
- replace dynamic EFI boot folder path generation with predefined
'redhat' (Alex Burmashev)
- update Oracle Linux certificates (Alexey Petrenko)
- Put "with" in menuentry instead of "using" [bug 18504756]
- Use different titles for UEK and RHCK kernels [bug 18504756]
- changed efidir with 0700 access rights, redhat chose another approach
in rhbz#1496952, orabug [28622344]
- revert orabug [27166026] changes

[2.02-0.76.e7_6.1]
- Re-enable regexp module
Resolves: rhbz#1647527

ELBA-2019-0172 Oracle Linux 7 nss bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0172

http://linux.oracle.com/errata/ELBA-2019-0172.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
nss-3.36.0-7.1.el7_6.i686.rpm
nss-3.36.0-7.1.el7_6.x86_64.rpm
nss-devel-3.36.0-7.1.el7_6.i686.rpm
nss-devel-3.36.0-7.1.el7_6.x86_64.rpm
nss-pkcs11-devel-3.36.0-7.1.el7_6.i686.rpm
nss-pkcs11-devel-3.36.0-7.1.el7_6.x86_64.rpm
nss-sysinit-3.36.0-7.1.el7_6.x86_64.rpm
nss-tools-3.36.0-7.1.el7_6.x86_64.rpm
nss-util-3.36.0-1.1.el7_6.i686.rpm
nss-util-3.36.0-1.1.el7_6.x86_64.rpm
nss-util-devel-3.36.0-1.1.el7_6.i686.rpm
nss-util-devel-3.36.0-1.1.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nss-3.36.0-7.1.el7_6.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/nss-util-3.36.0-1.1.el7_6.src.rpm



Description of changes:

nss
[3.36.0-7.1]
- Update the cert verify code to allow a new ipsec usage and follow RFC 4945

nss-util
[3.36.0-1.1]
- Update the cert verify code to allow a new ipsec usage and follow RFC 4945

ELBA-2019-0173 Oracle Linux 7 augeas bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0173

http://linux.oracle.com/errata/ELBA-2019-0173.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
augeas-1.4.0-6.el7_6.1.x86_64.rpm
augeas-devel-1.4.0-6.el7_6.1.i686.rpm
augeas-devel-1.4.0-6.el7_6.1.x86_64.rpm
augeas-libs-1.4.0-6.el7_6.1.i686.rpm
augeas-libs-1.4.0-6.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/augeas-1.4.0-6.el7_6.1.src.rpm



Description of changes:

[1.4.0-6.el7_6.1]
- Sudoers: handle "always_query_group_plugin" option (RHBZ#1650174)

ELBA-2019-0174 Oracle Linux 7 libvirt-snmp bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0174

http://linux.oracle.com/errata/ELBA-2019-0174.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libvirt-snmp-0.0.3-5.el7_6.2.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-snmp-0.0.3-5.el7_6.2.src.rpm



Description of changes:

[0.0.3-5.el7_6.1]
- Send sysUptime in traps (BZ: 1653591)

[0.0.3-5.el7_6.1]
- Replace placeholder org OID with libvirt OID (BZ: 1603154)
- Fix object OIDs for SNMP traps (BZ: 1641995)
- Modernize spec file

ELBA-2019-0175 Oracle Linux 7 freetype bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0175

http://linux.oracle.com/errata/ELBA-2019-0175.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
freetype-2.8-12.el7_6.1.i686.rpm
freetype-2.8-12.el7_6.1.x86_64.rpm
freetype-demos-2.8-12.el7_6.1.x86_64.rpm
freetype-devel-2.8-12.el7_6.1.i686.rpm
freetype-devel-2.8-12.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/freetype-2.8-12.el7_6.1.src.rpm



Description of changes:

[2.8-12.el7_6.1]
- Fix definition of constant ft_encoding_gb2312 in freetype.h
- Resolves: #1652187

ELBA-2019-0176 Oracle Linux 7 xorg-x11-drv-ati bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0176

http://linux.oracle.com/errata/ELBA-2019-0176.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
xorg-x11-drv-ati-18.1.0-1.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/xorg-x11-drv-ati-18.1.0-1.el7_6.src.rpm



Description of changes:

[18.1.0-1]
- ati 18.1.0 fix some regressions with new X server (#1648116)

ELBA-2019-0177 Oracle Linux 7 fence-agents bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2019-0177

http://linux.oracle.com/errata/ELBA-2019-0177.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
fence-agents-all-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-amt-ws-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-apc-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-apc-snmp-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-bladecenter-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-brocade-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-cisco-mds-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-cisco-ucs-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-common-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-compute-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-drac5-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-eaton-snmp-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-emerson-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-eps-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-heuristics-ping-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-hpblade-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-ibmblade-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-ifmib-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-ilo-moonshot-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-ilo-mp-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-ilo-ssh-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-ilo2-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-intelmodular-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-ipdu-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-ipmilan-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-kdump-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-mpath-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-redfish-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-rhevm-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-rsa-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-rsb-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-sbd-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-scsi-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-virsh-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-vmware-rest-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-vmware-soap-4.2.1-11.el7_6.7.x86_64.rpm
fence-agents-wti-4.2.1-11.el7_6.7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/fence-agents-4.2.1-11.el7_6.7.src.rpm



Description of changes:

[4.2.1-11.7]
- fence_redfish: new fence agent
Resolves: rhbz#1666848

[4.2.1-11.5]
- fence_scsi: add watchdog retry support
Resolves: rhbz#1654172

[4.2.1-11.4]
- fence_hpblade: fix log_expect syntax
Resolves: rhbz#1652115

ELBA-2019-0179 Oracle Linux 7 389-ds-base bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0179

http://linux.oracle.com/errata/ELBA-2019-0179.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
389-ds-base-1.3.8.4-22.el7_6.x86_64.rpm
389-ds-base-devel-1.3.8.4-22.el7_6.x86_64.rpm
389-ds-base-libs-1.3.8.4-22.el7_6.x86_64.rpm
389-ds-base-snmp-1.3.8.4-22.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/389-ds-base-1.3.8.4-22.el7_6.src.rpm



Description of changes:

[1.3.8.4-22]
- Bump version to 1.3.8.4-22
- Resolves: Bug 1660120 - certmap fails when Issuer DN has comma in name

[1.3.8.4-21]
- Bump version to 1.3.8.4-21
- Resolves: Bug 1659510 - during MODRDN referential integrity can fail
erronously while updating large groups
- Resolves: Bug 1659936 - After RHEL 7.6 HTB update, unable to set
nsslapd-cachememsize (RHDS 10) to custom value

[1.3.8.4-20]
- Bump version to 1.3.8.4-20
- Resolves: Bug 1645197 - Fix compiler warnings

[1.3.8.4-19]
- Bump version to 1.3.8.4-19
- Resolves: Bug 1653820 - PassSync not setting pwdLastSet attribute in
Active Directory after Pw update from LDAP sync for normal user
- Resolves: Bug 1645197 - on-line re-initialization hangs

ELBA-2019-0181 Oracle Linux 7 squid bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0181

http://linux.oracle.com/errata/ELBA-2019-0181.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
squid-3.5.20-12.el7_6.1.x86_64.rpm
squid-migration-script-3.5.20-12.el7_6.1.x86_64.rpm
squid-sysvinit-3.5.20-12.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/squid-3.5.20-12.el7_6.1.src.rpm



Description of changes:

[7:3.5.20-12.1]
- Resolves: #1657638 - migration of upstream squid bug 4007

ELBA-2019-0182 Oracle Linux 7 imagemagick bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0182

http://linux.oracle.com/errata/ELBA-2019-0182.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
ImageMagick-6.7.8.9-16.el7_6.i686.rpm
ImageMagick-6.7.8.9-16.el7_6.x86_64.rpm
ImageMagick-c++-6.7.8.9-16.el7_6.i686.rpm
ImageMagick-c++-6.7.8.9-16.el7_6.x86_64.rpm
ImageMagick-c++-devel-6.7.8.9-16.el7_6.i686.rpm
ImageMagick-c++-devel-6.7.8.9-16.el7_6.x86_64.rpm
ImageMagick-devel-6.7.8.9-16.el7_6.i686.rpm
ImageMagick-devel-6.7.8.9-16.el7_6.x86_64.rpm
ImageMagick-doc-6.7.8.9-16.el7_6.x86_64.rpm
ImageMagick-perl-6.7.8.9-16.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ImageMagick-6.7.8.9-16.el7_6.src.rpm



Description of changes:

[6.7.8.9-16]
- Added fix for long convert under some circumstances (rhbz#1633602)

ELBA-2019-0183 Oracle Linux 7 krb5 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0183

http://linux.oracle.com/errata/ELBA-2019-0183.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
krb5-devel-1.15.1-37.el7_6.i686.rpm
krb5-devel-1.15.1-37.el7_6.x86_64.rpm
krb5-libs-1.15.1-37.el7_6.i686.rpm
krb5-libs-1.15.1-37.el7_6.x86_64.rpm
krb5-pkinit-1.15.1-37.el7_6.x86_64.rpm
krb5-server-1.15.1-37.el7_6.x86_64.rpm
krb5-server-ldap-1.15.1-37.el7_6.x86_64.rpm
krb5-workstation-1.15.1-37.el7_6.x86_64.rpm
libkadm5-1.15.1-37.el7_6.i686.rpm
libkadm5-1.15.1-37.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/krb5-1.15.1-37.el7_6.src.rpm



Description of changes:

[1.15.1-37]
- Bring back builtin crypto (openssl broke too many FIPS setups)
- Resolves: #1657890

[1.15.1-36]
- Clean up MEMORY ccache behavior to match upstream more closely
- Resolves: #1657890

[1.15.1-35]
- Fix bugs with concurrent use of MEMORY ccaches
- Resolves: #1657890

ELBA-2019-0184 Oracle Linux 7 sos bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0184

http://linux.oracle.com/errata/ELBA-2019-0184.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
sos-3.6-13.0.1.el7_6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/sos-3.6-13.0.1.el7_6.src.rpm



Description of changes:

[3.6-13.0.1]
- Added bug28674897.patch [Orabug 28674897]
- Added sos-oraclelinux-vendor-vendorurl.patch

[= 3.6-13]
- [ovirt_node] New plugin for oVirt Node
Resolves: bz1656732
- [podman] Add support for gathering information on podman
Resolves: bz1658570
- [postgresql] Do not limit dump size
Resolves: bz1658571

ELBA-2019-0185 Oracle Linux 7 xorg-x11-server bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0185

http://linux.oracle.com/errata/ELBA-2019-0185.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
xorg-x11-server-Xdmx-1.20.1-5.2.el7_6.x86_64.rpm
xorg-x11-server-Xephyr-1.20.1-5.2.el7_6.x86_64.rpm
xorg-x11-server-Xnest-1.20.1-5.2.el7_6.x86_64.rpm
xorg-x11-server-Xorg-1.20.1-5.2.el7_6.x86_64.rpm
xorg-x11-server-Xvfb-1.20.1-5.2.el7_6.x86_64.rpm
xorg-x11-server-Xwayland-1.20.1-5.2.el7_6.x86_64.rpm
xorg-x11-server-common-1.20.1-5.2.el7_6.x86_64.rpm
xorg-x11-server-devel-1.20.1-5.2.el7_6.i686.rpm
xorg-x11-server-devel-1.20.1-5.2.el7_6.x86_64.rpm
xorg-x11-server-source-1.20.1-5.2.el7_6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/xorg-x11-server-1.20.1-5.2.el7_6.src.rpm



Description of changes:

[1.20.1-5.2]
- Move LeaveVT after resetting randr pointers in xf86CrtcCloseScreen

[1.20.1-5.1]
- CVE-2018-14665: Disable -logfile and -modulepath when running with
elevated
privileges

ELBA-2019-0186 Oracle Linux 7 gdm bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0186

http://linux.oracle.com/errata/ELBA-2019-0186.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
gdm-3.28.2-11.el7.i686.rpm
gdm-3.28.2-11.el7.x86_64.rpm
gdm-devel-3.28.2-11.el7.i686.rpm
gdm-devel-3.28.2-11.el7.x86_64.rpm
gdm-pam-extensions-devel-3.28.2-11.el7.i686.rpm
gdm-pam-extensions-devel-3.28.2-11.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gdm-3.28.2-11.el7.src.rpm



Description of changes:

[3.28.2-11]
- Don't assume X server defaults to local only
Resolves: #1647621

ELBA-2019-0187 Oracle Linux 7 lvm2 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0187

http://linux.oracle.com/errata/ELBA-2019-0187.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
device-mapper-1.02.149-10.0.1.el7_6.3.x86_64.rpm
device-mapper-devel-1.02.149-10.0.1.el7_6.3.i686.rpm
device-mapper-devel-1.02.149-10.0.1.el7_6.3.x86_64.rpm
device-mapper-event-1.02.149-10.0.1.el7_6.3.x86_64.rpm
device-mapper-event-devel-1.02.149-10.0.1.el7_6.3.i686.rpm
device-mapper-event-devel-1.02.149-10.0.1.el7_6.3.x86_64.rpm
device-mapper-event-libs-1.02.149-10.0.1.el7_6.3.i686.rpm
device-mapper-event-libs-1.02.149-10.0.1.el7_6.3.x86_64.rpm
device-mapper-libs-1.02.149-10.0.1.el7_6.3.i686.rpm
device-mapper-libs-1.02.149-10.0.1.el7_6.3.x86_64.rpm
lvm2-2.02.180-10.0.1.el7_6.3.x86_64.rpm
lvm2-devel-2.02.180-10.0.1.el7_6.3.i686.rpm
lvm2-devel-2.02.180-10.0.1.el7_6.3.x86_64.rpm
lvm2-libs-2.02.180-10.0.1.el7_6.3.i686.rpm
lvm2-libs-2.02.180-10.0.1.el7_6.3.x86_64.rpm
lvm2-lockd-2.02.180-10.0.1.el7_6.3.x86_64.rpm
lvm2-python-boom-0.9-14.0.1.el7_6.2.noarch.rpm
lvm2-python-libs-2.02.180-10.0.1.el7_6.3.x86_64.rpm
lvm2-sysvinit-2.02.180-10.0.1.el7_6.3.x86_64.rpm
cmirror-2.02.180-10.0.1.el7_6.3.x86_64.rpm
lvm2-cluster-2.02.180-10.0.1.el7_6.3.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/lvm2-2.02.180-10.0.1.el7_6.3.src.rpm



Description of changes:

[7:2.02.180-10.0.1.el7_6.3]
- Reduce delay in case of lvmetad update (ritika.srivastava@oracle.com)

[7:2.02.180-10.el7_6.3]
- Fix component detection for MD RAID version 1.0 and 0.90.
- Use sync io if async io_setup fails, or when use_aio=0 is set in config.
- Fix dmstats report printing no output.

ELBA-2019-0189 Oracle Linux 7 mesa bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0189

http://linux.oracle.com/errata/ELBA-2019-0189.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
mesa-dri-drivers-18.0.5-4.el7_6.i686.rpm
mesa-dri-drivers-18.0.5-4.el7_6.x86_64.rpm
mesa-filesystem-18.0.5-4.el7_6.i686.rpm
mesa-filesystem-18.0.5-4.el7_6.x86_64.rpm
mesa-libEGL-18.0.5-4.el7_6.i686.rpm
mesa-libEGL-18.0.5-4.el7_6.x86_64.rpm
mesa-libEGL-devel-18.0.5-4.el7_6.i686.rpm
mesa-libEGL-devel-18.0.5-4.el7_6.x86_64.rpm
mesa-libGL-18.0.5-4.el7_6.i686.rpm
mesa-libGL-18.0.5-4.el7_6.x86_64.rpm
mesa-libGL-devel-18.0.5-4.el7_6.i686.rpm
mesa-libGL-devel-18.0.5-4.el7_6.x86_64.rpm
mesa-libGLES-18.0.5-4.el7_6.i686.rpm
mesa-libGLES-18.0.5-4.el7_6.x86_64.rpm
mesa-libGLES-devel-18.0.5-4.el7_6.i686.rpm
mesa-libGLES-devel-18.0.5-4.el7_6.x86_64.rpm
mesa-libOSMesa-18.0.5-4.el7_6.i686.rpm
mesa-libOSMesa-18.0.5-4.el7_6.x86_64.rpm
mesa-libOSMesa-devel-18.0.5-4.el7_6.i686.rpm
mesa-libOSMesa-devel-18.0.5-4.el7_6.x86_64.rpm
mesa-libgbm-18.0.5-4.el7_6.i686.rpm
mesa-libgbm-18.0.5-4.el7_6.x86_64.rpm
mesa-libgbm-devel-18.0.5-4.el7_6.i686.rpm
mesa-libgbm-devel-18.0.5-4.el7_6.x86_64.rpm
mesa-libglapi-18.0.5-4.el7_6.i686.rpm
mesa-libglapi-18.0.5-4.el7_6.x86_64.rpm
mesa-libwayland-egl-18.0.5-4.el7_6.i686.rpm
mesa-libwayland-egl-18.0.5-4.el7_6.x86_64.rpm
mesa-libwayland-egl-devel-18.0.5-4.el7_6.i686.rpm
mesa-libwayland-egl-devel-18.0.5-4.el7_6.x86_64.rpm
mesa-libxatracker-18.0.5-4.el7_6.i686.rpm
mesa-libxatracker-18.0.5-4.el7_6.x86_64.rpm
mesa-libxatracker-devel-18.0.5-4.el7_6.i686.rpm
mesa-libxatracker-devel-18.0.5-4.el7_6.x86_64.rpm
mesa-vdpau-drivers-18.0.5-4.el7_6.i686.rpm
mesa-vdpau-drivers-18.0.5-4.el7_6.x86_64.rpm
mesa-vulkan-drivers-18.0.5-4.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/mesa-18.0.5-4.el7_6.src.rpm



Description of changes:

[18.0.5-4]
- disable shm put/get for now it caused regressions

ELBA-2019-0191 Oracle Linux 7 openldap bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0191

http://linux.oracle.com/errata/ELBA-2019-0191.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
openldap-2.4.44-21.el7_6.i686.rpm
openldap-2.4.44-21.el7_6.x86_64.rpm
openldap-clients-2.4.44-21.el7_6.x86_64.rpm
openldap-devel-2.4.44-21.el7_6.i686.rpm
openldap-devel-2.4.44-21.el7_6.x86_64.rpm
openldap-servers-2.4.44-21.el7_6.x86_64.rpm
openldap-servers-sql-2.4.44-21.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/openldap-2.4.44-21.el7_6.src.rpm



Description of changes:

[2.4.44-21]
- MozNSS Compat. Layer: Protect /tmp/openldap-tlsmc-* files (#1590184)

ELBA-2019-0192 Oracle Linux 7 selinux-policy bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0192

http://linux.oracle.com/errata/ELBA-2019-0192.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
selinux-policy-3.13.1-229.0.1.el7_6.9.noarch.rpm
selinux-policy-devel-3.13.1-229.0.1.el7_6.9.noarch.rpm
selinux-policy-doc-3.13.1-229.0.1.el7_6.9.noarch.rpm
selinux-policy-minimum-3.13.1-229.0.1.el7_6.9.noarch.rpm
selinux-policy-mls-3.13.1-229.0.1.el7_6.9.noarch.rpm
selinux-policy-sandbox-3.13.1-229.0.1.el7_6.9.noarch.rpm
selinux-policy-targeted-3.13.1-229.0.1.el7_6.9.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/selinux-policy-3.13.1-229.0.1.el7_6.9.src.rpm



Description of changes:

[3.13.1-229.0.1]
- SELinux support for cgroup2 filesystem. [OraBug 28127822]
- refpolicy: Define getrlimit permission for class process [OraBug 28229492]
- Add vhost-scsi to be vhost_device_t type [OraBug 27774921]
- Obsolete docker-engine-selinux [OraBug 26439663]
- Fix container selinux policy [OraBug 26427364]
- Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type.

[3.13.1-229.9]
- Allow gssd_t domain to manage kernel keyrings of every domain.
Resolves: rhbz#1665815
- Add new interface domain_manage_all_domains_keyrings()
Resolves: rhbz#1665815

[3.13.1-229.8]
- Add interface domain_rw_all_domains_keyrings()
Resolves: rhbz#1665815
- Allow gssd_t domain to read/write kernel keyrings of every domain.
Resolves: rhbz#1665815

[3.13.1-229.7]
- Update snapperd policy to allow snapperd manage all non security dirs.
Resolves: rhbz#1661158

ELBA-2019-0193 Oracle Linux 7 glibc bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0193

http://linux.oracle.com/errata/ELBA-2019-0193.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
glibc-2.17-260.0.15.el7_6.3.i686.rpm
glibc-2.17-260.0.15.el7_6.3.x86_64.rpm
glibc-common-2.17-260.0.15.el7_6.3.x86_64.rpm
glibc-devel-2.17-260.0.15.el7_6.3.i686.rpm
glibc-devel-2.17-260.0.15.el7_6.3.x86_64.rpm
glibc-headers-2.17-260.0.15.el7_6.3.x86_64.rpm
glibc-static-2.17-260.0.15.el7_6.3.i686.rpm
glibc-static-2.17-260.0.15.el7_6.3.x86_64.rpm
glibc-utils-2.17-260.0.15.el7_6.3.x86_64.rpm
nscd-2.17-260.0.15.el7_6.3.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/glibc-2.17-260.0.15.el7_6.3.src.rpm



Description of changes:

[2.17-260.0.15]
- Modify glibc-ora28849085.patch so it works with RHCK kernels.
Orabug 28849085.
- Reviewed-by: Egeyar Bagcioglu
- Use NLM_F_SKIP_STATS in uek2 and RTEXT_FILTER_SKIP_STATS in uek4 in
getifaddrs.
- Orabug 28849085
- Reviewed-by: Patrick McGehearty
- Mention CVE numbers in the .spec file for CVE-2015-8983 and CVE-2015-8984.
- Orabug 25558067.
- Reviewed-by: Egeyar Bagcioglu
- Regenerate plural.c
- OraBug 28806294.
- Reviewed-by: Jose E. Marchesi
- intl: Port to Bison 3.0
- Backport of upstream gettext commit
19f23e290a5e4a82b9edf9f5a4f8ab6192871be9
- OraBug 28806294.
- Reviewed-by: Patrick McGehearty
- Fix dbl-64/wordsize-64 remquo (bug 17569).
- Backport of upstream d9afe48d55a412e76b0dcb28335fd4b390fe07ae
- OraBug 19570749.
- Reviewed-by: Jose E. Marchesi
- libio: Disable vtable validation in case of interposition.
- Backport of upstream c402355dfa7807b8e0adb27c009135a7e2b9f1b0.
- OraBug 28641867.
- Reviewed-by: Egeyar Bagcioglu
- Include-linux-falloc.h-in-bits-fcntl-linux.h
- Defines FALLOC_FL_PUNSH_HOLE, FALLOC_FL_KEEP_SIZE,
FALLOC_FL_COLLAPSE_RANGE, and FALLOC_FL_ZERO_RANGE
- OraBug 28483336
- Add MAP_SHARED_VALIDATE and MAP_SYNC flags to
- sysdeps/unix/sysv/linux/x86/bits/mman.h
- OraBug 28389572
- Update bits/siginfo.h with Linux hwpoison SIGBUS changes.
- Adds new SIGBUS error codes for hardware poison signals, syncing with
the current kernel headers (v3.9).
- It also adds si_trapno field for alpha.
- New values: BUS_MCEERR_AR, BUS_MCEERR_AO
- OraBug 28124569

[2.17-260.3]
- elf: Fix data race in _dl_profile_fixup (#1661242)

[2.17-260.1]
- aarch64: Disable lazy symbol binding of TLSDESC (#1661244)

ELBA-2019-0195 Oracle Linux 7 nvme-cli bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0195

http://linux.oracle.com/errata/ELBA-2019-0195.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
nvme-cli-1.6-4.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nvme-cli-1.6-4.el7_6.src.rpm



Description of changes:

[1.6-2]
- Pull in upstream fixes

ELBA-2019-0197 Oracle Linux 7 libvirt bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0197

http://linux.oracle.com/errata/ELBA-2019-0197.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libvirt-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-admin-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-bash-completion-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-client-4.5.0-10.0.1.el7_6.4.i686.rpm
libvirt-client-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-config-network-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-kvm-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-daemon-lxc-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-devel-4.5.0-10.0.1.el7_6.4.i686.rpm
libvirt-devel-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-docs-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-libs-4.5.0-10.0.1.el7_6.4.i686.rpm
libvirt-libs-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-lock-sanlock-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-login-shell-4.5.0-10.0.1.el7_6.4.x86_64.rpm
libvirt-nss-4.5.0-10.0.1.el7_6.4.i686.rpm
libvirt-nss-4.5.0-10.0.1.el7_6.4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-4.5.0-10.0.1.el7_6.4.src.rpm



Description of changes:

[4.5.0-10.0.1]
- added librbd1 as dependency (Keshav Sharma)

[4.5.0-10.el7_6.4]
- qemu: Fix post-copy migration on the source (rhbz#1654732)
- RHEL: cpu_map: Mark arch-facilities feature as non-migratable
(rhbz#1664793)

ELBA-2019-0198 Oracle Linux 7 qemu-kvm bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0198

http://linux.oracle.com/errata/ELBA-2019-0198.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
qemu-img-1.5.3-160.el7_6.1.x86_64.rpm
qemu-kvm-1.5.3-160.el7_6.1.x86_64.rpm
qemu-kvm-common-1.5.3-160.el7_6.1.x86_64.rpm
qemu-kvm-tools-1.5.3-160.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-160.el7_6.1.src.rpm



Description of changes:

[1.5.3-160.el7_6.1]
- kvm-i386-Deprecate-arch-facilities-and-make-it-block-liv.patch
[bz#1664792]
- Resolves: bz#1664792
(mode="host-model" VMs include broken "arch-facilities" flag name
[qemu-kvm] [rhel-7.6.z])

ELBA-2019-0199 Oracle Linux 7 policycoreutils bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-0199

http://linux.oracle.com/errata/ELBA-2019-0199.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
policycoreutils-2.5-29.0.1.el7_6.1.x86_64.rpm
policycoreutils-devel-2.5-29.0.1.el7_6.1.i686.rpm
policycoreutils-devel-2.5-29.0.1.el7_6.1.x86_64.rpm
policycoreutils-gui-2.5-29.0.1.el7_6.1.x86_64.rpm
policycoreutils-newrole-2.5-29.0.1.el7_6.1.x86_64.rpm
policycoreutils-python-2.5-29.0.1.el7_6.1.x86_64.rpm
policycoreutils-restorecond-2.5-29.0.1.el7_6.1.x86_64.rpm
policycoreutils-sandbox-2.5-29.0.1.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/policycoreutils-2.5-29.0.1.el7_6.1.src.rpm



Description of changes:

[2.5-29.0.1]
- Lazy unmount private, shared entry (Joe Jin) [orabug 12560705]

[2.5-29.1]
- scripts/fixfiles: Do not fail on file_contexts.local (#1665813)

ELBA-2019-0200 Oracle Linux 7 adcli bugfix update

Oracle Linux Bug Fix Advisory ELBA-2019-0200

http://linux.oracle.com/errata/ELBA-2019-0200.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
adcli-0.8.1-6.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/adcli-0.8.1-6.el7_6.1.src.rpm



Description of changes:

[0.8.1-6.1]
- join failed if hostname is not FQDN [#1666775]

ELEA-2019-0178 Oracle Linux 7 libreswan bug fix and enhancement update

Oracle Linux Enhancement Advisory ELEA-2019-0178

http://linux.oracle.com/errata/ELEA-2019-0178.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libreswan-3.25-4.1.0.1.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreswan-3.25-4.1.0.1.el7_6.src.rpm



Description of changes:

[3.25-4.1.0.1]
- add libreswan-oracle.patch to detect Oracle Linux distro

[3.25-4.1]
- Resolves: rhbz#1665369 libreswan 3.25 in FIPS mode is incorrectly
rejecting X.509 public keys that are >= 3072 bits [rhel-7.6.z]

[3.25-4]
- Resolves: rhbz#1660536 libreswan assertion failed when
OAKLEY_KEY_LENGTH is zero for IKE using AES_CBC
- Resolves: rhbz#1660544 config: recursive include check doesn't work
- Resolves: rhbz#1660542 Libreswan crash upon receiving ISAKMP_NEXT_D
with appended ISAKMP_NEXT_N
- Resolves: rhbz#1664244 [abrt] [faf] libreswan: strncpy():
/usr/libexec/ipsec/pluto killed by 11

[3.25-3]
- Resolves: rhbz#1655440 Unable to verify certificate with non-empty
Extended Key Usage which does not include serverAuth or clientAuth

ELEA-2019-0180 Oracle Linux 7 osinfo-db enhancement update

Oracle Linux Enhancement Advisory ELEA-2019-0180

http://linux.oracle.com/errata/ELEA-2019-0180.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
osinfo-db-20181214-1.0.1.el7_6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/osinfo-db-20181214-1.0.1.el7_6.src.rpm



Description of changes:

[20181214-1.0.1]
- add ol7.6 os info
- add ol5 ol6 ol7 os type [orabug 27932947]
- add win2016 support in 'osinfo-query os' [bug 27210429]
- osinfo-query command error with OL7U5 [bug 27700001]
- Update OL7U5 osinfo-db to add OL7U5 release support [bug 27700063]
- add ol7.4 os info [bug 27175558]
- Update Oracle Linux OS info [bug 26135475]
- Add Oracle Linux OS info [bug 18501468]
- Pack ol.xml into tarball [bug 20410527]
- Update libosinfo to add all Oracle linux OS release/updates
information [bug 26135475]

[20181214-1]
- Resolves: rhbz#1652088 - Rebase to the latest upstream release

[20181203-1]
- Resolves: rhbz#1652088 - Rebase to the latest upstream release

ELSA-2019-0163 Important: Oracle Linux 7 kernel security, bug fix, and enhancement update

Oracle Linux Security Advisory ELSA-2019-0163

http://linux.oracle.com/errata/ELSA-2019-0163.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-957.5.1.el7.x86_64.rpm
kernel-3.10.0-957.5.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-957.5.1.el7.noarch.rpm
kernel-debug-3.10.0-957.5.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.5.1.el7.x86_64.rpm
kernel-devel-3.10.0-957.5.1.el7.x86_64.rpm
kernel-doc-3.10.0-957.5.1.el7.noarch.rpm
kernel-headers-3.10.0-957.5.1.el7.x86_64.rpm
kernel-tools-3.10.0-957.5.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.5.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.5.1.el7.x86_64.rpm
perf-3.10.0-957.5.1.el7.x86_64.rpm
python-perf-3.10.0-957.5.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-957.5.1.el7.src.rpm



Description of changes:

- [3.10.0-957.5.1.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel
(olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]

[3.10.0-957.5.1.el7]
- [fs] revert "[fs] sunrpc: Ensure we always close the socket after a
connection shuts down" (Dave Wysochanski) [1660784 1657399]

[3.10.0-957.4.1.el7]
- [net] macsec: let the administrator set UP state even if lowerdev is
down (Sabrina Dubroca) [1658970 1626004]
- [net] macsec: update operstate when lower device changes (Sabrina
Dubroca) [1658970 1626004]
- [fs] nfsv4.x: fix lock recovery during delegation recall (Steve
Dickson) [1657840 1634086]
- [fs] cifs: Fix autonegotiate security settings mismatch (Leif
Sahlberg) [1657841 1650148]
- [md] raid1: panic because of using freed memory (Xiao Ni) [1656500
1632575]
- [pci] Match Root Port's MPS to endpoint's MPSS as necessary (Myron
Stowe) [1656395 1524000]
- [pci] Skip MPS logic for Virtual Functions (VFs) (Myron Stowe)
[1656395 1524000]
- [x86] kvm: vmx: re-add ple_gap module parameter (Gary Hook) [1656393
1652933]
- [iommu] vt-d: Fix iotlb psi missing for mappings (Peter Xu) [1653592
1623856]
- [iommu] vt-d: Introduce __mapping_notify_one() (Peter Xu) [1653592
1623856]
- [scsi] libfc: retry PRLI if we cannot analyse the payload (Chris
Leech) [1655045 1631130]
- [scsi] libfc: Do not drop down to FLOGI for fc_rport_login() (Chris
Leech) [1655044 1625721]
- [scsi] libfc: Do not login if the port is already started (Chris
Leech) [1655044 1625721]
- [scsi] libfc: don't advance state machine for incoming FLOGI (Chris
Leech) [1655044 1625721]
- [gpu] drm/i915: Add short HPD IRQ storm detection for non-MST systems
(Lyude Paul) [1654733 1608704]
- [gpu] drm/i915: Clarify flow for disabling IRQs on storms (Lyude Paul)
[1654733 1608704]
- [gpu] drm/i915: Fix threshold check in intel_hpd_irq_storm_detect()
(Lyude Paul) [1654733 1608704]
- [gpu] drm/i915: Fix NULL deref when re-enabling HPD IRQs on systems
with MST (Lyude Paul) [1654733 1608704]
- [gpu] drm/i915: Fix possible race in intel_dp_add_mst_connector()
(Lyude Paul) [1654733 1608704]
- [iommu] amd: Clear memory encryption mask from physical address (Gary
Hook) [1649025 1643293]
- [security] Make [un]register_lsm_notifier() null ops if
!selinux_enabled (Don Dutile) [1648811 1621072]
- [netdrv] bonding/802.3ad: fix link_failure_count tracking (Jarod
Wilson) [1648294 1641660]
- [block] nvme: do not require GENERIC_HARDIRQ interfaces on s390
(Hendrik Brueckner) [1648239 1637637]
- [nvme] nvme-pci: add a memory barrier to
nvme_dbbuf_update_and_check_event (David Milburn) [1648240 1630481]
- [x86] kprobes: Use 5-byte NOP when the code might be modified by
ftrace (Josh Poimboeuf) [1647816 1577050]
- [fs] userfaultfd: check VM_MAYWRITE was set after verifying the uffd
is registered (Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}

[3.10.0-957.3.1.el7]
- [mm] userfaultfd: allow get_mempolicy(MPOL_F_NODE|MPOL_F_ADDR) to
trigger userfaults (Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [mm] userfaultfd: shmem: uffdio_copy: set the page dirty if VM_WRITE
is not set (Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [mm] userfaultfd: shmem: add i_size checks (Andrea Arcangeli) [1640518
1640519] {CVE-2018-18397}
- [mm] userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE
vmas (Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [mm] userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE
shmem (Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [mm] userfaultfd: use ENOENT instead of EFAULT if the atomic copy user
fails (Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [fs] userfaultfd: disable irqs when taking the waitqueue lock (Andrea
Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [fs] userfaultfd.c: remove redundant pointer uwq (Andrea Arcangeli)
[1640518 1640519] {CVE-2018-18397}
- [fs] userfaultfd: remove uffd flags from vma->vm_flags if
UFFD_EVENT_FORK fails (Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [fs] userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte
access (Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [mm] userfaultfd: prevent non-cooperative events vs mcopy_atomic races
(Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [fs] userfaultfd: convert to use anon_inode_getfd() (Andrea Arcangeli)
[1640518 1640519] {CVE-2018-18397}
- [fs] mm, userfaultfd, thp: avoid waiting when PMD under THP migration
(Andrea Arcangeli) [1640518 1640519] {CVE-2018-18397}
- [net] packet: fix a race in packet_bind() and packet_notifier()
(Andrea Claudi) [1643680 1643681] {CVE-2018-18559}
- [x86] kvm: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd
(Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm: x86: #GP when guest attempts to write MCi_STATUS register
w/o 0 (Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/hyper-v: inject #GP only when invalid SINTx vector is
unmasked (Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/hyper-v: remove stale entries from
vec_bitmap/auto_eoi_bitmap on vector change (Vitaly Kuznetsov) [1647097
1631439]
- [x86] kvm: x86: hyperv: avoid livelock in oneshot SynIC timers (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm: x86: hyperv: add KVM_CAP_HYPERV_SYNIC2 (Vitaly Kuznetsov)
[1647097 1631439]
- [x86] kvm: Add kvm_vcpu_get_idx to get vcpu index in kvm->vcpus
(Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm: x86: fix NULL deref in vcpu_scan_ioapic (Vitaly Kuznetsov)
[1647097 1631439]
- [x86] kvm: x86: use delivery to self in hyperv synic (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm: x86: hyperv: make function static to avoid compiling
warning (Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm: hyper-v: do not do hypercall userspace exits if SynIC is
disabled (Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Hyper-V VMBus hypercall userspace exit (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Reject Hyper-V hypercall continuation (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Hyper-V SynIC timers tracepoints (Vitaly Kuznetsov)
[1647097 1631439]
- [x86] kvm/x86: Hyper-V SynIC tracepoints (Vitaly Kuznetsov) [1647097
1631439]
- [x86] kvm/x86: Update SynIC timers on guest entry only (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Skip SynIC vector check for QEMU side (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Hyper-V fix SynIC timer disabling condition (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Reorg stimer_expiration() to better control timer
restart (Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Hyper-V unify stimer_start() and stimer_restart()
(Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Drop stimer_stop() function (Vitaly Kuznetsov) [1647097
1631439]
- [x86] kvm/x86: Hyper-V timers fix incorrect logical operation (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Remove Hyper-V SynIC timer stopping (Vitaly Kuznetsov)
[1647097 1631439]
- [x86] kvm/x86: Hyper-V SynIC timers (Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Hyper-V SynIC message slot pending clearing at SINT ack
(Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Added Hyper-V vcpu_to_hv_vcpu()/hv_vcpu_to_vcpu()
helpers (Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Rearrange func's declarations inside Hyper-V header
(Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Hyper-V kvm exit (Vitaly Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: Hyper-V synthetic interrupt controller (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm/x86: split ioapic-handled and EOI exit bitmaps (Vitaly
Kuznetsov) [1647097 1631439]
- [x86] kvm/irqchip: kvm_arch_irq_routing_update renaming split (Vitaly
Kuznetsov) [1647097 1631439]
- [pinctrl] cannonlake: Fix HOSTSW_OWN register offset of H variant
(Benjamin Tissoires) [1647720 1647717 1609926 1544041]
- [pinctrl] cannonlake: Fix gpio base for GPP-E (Benjamin Tissoires)
[1647720 1647717 1609926 1544041]
- [pinctrl] cannonlake: Fix community ordering for H variant (Benjamin
Tissoires) [1647720 1647717 1609926 1544041]
- [pinctrl] intel: Do pin translation in other GPIO operations as well
(Benjamin Tissoires) [1647720 1647717 1609926 1544041]
- [pinctrl] intel: Implement intel_gpio_get_direction callback (Benjamin
Tissoires) [1647720 1647717 1609926 1544041]
- [platform] x86: dell-smbios-wmi: Correct a memory leak (Jarod Wilson)
[1647706 1640399]
- [scsi] qedi: Initialize the stats mutex lock (Chad Dupuis) [1646870
1633638]
- [s390] facilites: use stfle_fac_list array size for MAX_FACILITY_BIT
(Hendrik Brueckner) [1646868 1628088]
- [netdrv] qed: Add missing device config for RoCE EDPM in UFP mode
(Chad Dupuis) [1646866 1631593]
- [netdrv] qed: Do not add VLAN 0 tag to untagged frames in
multi-function mode (Chad Dupuis) [1646866 1631593]
- [netdrv] qed: Fix populating the invalid stag value in multi function
mode (Chad Dupuis) [1646866 1631593]
- [netdrv] qed: Fix link flap issue due to mismatching EEE capabilities
(Chad Dupuis) [1645150 1636398]
- [netdrv] qed: Fix shmem structure inconsistency between driver and the
mfw (Chad Dupuis) [1645149 1634156]

[3.10.0-957.2.1.el7]
- [md] Simplify ternary operations (Xiao Ni) [1655046 1627563]
- [x86] Mark Intel Cascade Lake supported (Steve Best) [1650213 1639980]
- [net] rtnetlink: give a user socket to get_target_net() (Jiri Benc)
[1639635 1630694] {CVE-2018-14646}
- [net] Add variants of capable for use on on sockets (Jiri Benc)
[1639635 1630694] {CVE-2018-14646}

ELSA-2019-0194 Moderate: Oracle Linux 7 bind security update

Oracle Linux Security Advisory ELSA-2019-0194

http://linux.oracle.com/errata/ELSA-2019-0194.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
bind-9.9.4-73.el7_6.x86_64.rpm
bind-chroot-9.9.4-73.el7_6.x86_64.rpm
bind-devel-9.9.4-73.el7_6.i686.rpm
bind-devel-9.9.4-73.el7_6.x86_64.rpm
bind-libs-9.9.4-73.el7_6.i686.rpm
bind-libs-9.9.4-73.el7_6.x86_64.rpm
bind-libs-lite-9.9.4-73.el7_6.i686.rpm
bind-libs-lite-9.9.4-73.el7_6.x86_64.rpm
bind-license-9.9.4-73.el7_6.noarch.rpm
bind-lite-devel-9.9.4-73.el7_6.i686.rpm
bind-lite-devel-9.9.4-73.el7_6.x86_64.rpm
bind-pkcs11-9.9.4-73.el7_6.x86_64.rpm
bind-pkcs11-devel-9.9.4-73.el7_6.i686.rpm
bind-pkcs11-devel-9.9.4-73.el7_6.x86_64.rpm
bind-pkcs11-libs-9.9.4-73.el7_6.i686.rpm
bind-pkcs11-libs-9.9.4-73.el7_6.x86_64.rpm
bind-pkcs11-utils-9.9.4-73.el7_6.x86_64.rpm
bind-sdb-9.9.4-73.el7_6.x86_64.rpm
bind-sdb-chroot-9.9.4-73.el7_6.x86_64.rpm
bind-utils-9.9.4-73.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/bind-9.9.4-73.el7_6.src.rpm



Description of changes:

[32:9.9.4-73]
- Fixes debug level comments (#1647539)

ELSA-2019-0201 Low: Oracle Linux 7 systemd security update

Oracle Linux Security Advisory ELSA-2019-0201

http://linux.oracle.com/errata/ELSA-2019-0201.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libgudev1-219-62.0.4.el7_6.3.i686.rpm
libgudev1-219-62.0.4.el7_6.3.x86_64.rpm
libgudev1-devel-219-62.0.4.el7_6.3.i686.rpm
libgudev1-devel-219-62.0.4.el7_6.3.x86_64.rpm
systemd-219-62.0.4.el7_6.3.x86_64.rpm
systemd-devel-219-62.0.4.el7_6.3.i686.rpm
systemd-devel-219-62.0.4.el7_6.3.x86_64.rpm
systemd-journal-gateway-219-62.0.4.el7_6.3.x86_64.rpm
systemd-libs-219-62.0.4.el7_6.3.i686.rpm
systemd-libs-219-62.0.4.el7_6.3.x86_64.rpm
systemd-networkd-219-62.0.4.el7_6.3.x86_64.rpm
systemd-python-219-62.0.4.el7_6.3.x86_64.rpm
systemd-resolved-219-62.0.4.el7_6.3.i686.rpm
systemd-resolved-219-62.0.4.el7_6.3.x86_64.rpm
systemd-sysv-219-62.0.4.el7_6.3.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/systemd-219-62.0.4.el7_6.3.src.rpm



Description of changes:

[219-62.0.4]
- do not create utmp update symlinks for reboot and poweroff [Orabug:
27854896]
- OL7 udev rule for virtio net standby interface [Orabug: 28826743]
- fix _netdev is missing for iscsi entry in /etc/fstab [Orabug:
25897792] (tony.l.lam@oracle.com)
- set "RemoveIPC=no" in logind.conf as default for OL7.2 [22224874]
- allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug:
18467469]
- add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]

[219-62.3]
- journald: free cmdline buffers owned by iovec (#1666646)