Oracle Linux 6277 Published by

The following updates has been released for Oracle Linux:

ELBA-2019-0171 Oracle Linux 7 grub2 bug fix update (aarch64)
ELSA-2019-0229 Important: Oracle Linux 7 ghostscript security and bug fix update (aarch64)
ELSA-2019-0230 Important: Oracle Linux 7 polkit security update (aarch64)
ELSA-2019-0231 Important: Oracle Linux 7 spice security update (aarch64)
ELSA-2019-4528 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2019-4528 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2019-4528)



ELBA-2019-0171 Oracle Linux 7 grub2 bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2019-0171

http://linux.oracle.com/errata/ELBA-2019-0171.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
grub2-2.02-0.76.0.4.el7.1.aarch64.rpm
grub2-common-2.02-0.76.0.4.el7.1.noarch.rpm
grub2-efi-aa64-2.02-0.76.0.4.el7.1.aarch64.rpm
grub2-efi-aa64-cdboot-2.02-0.76.0.4.el7.1.aarch64.rpm
grub2-efi-aa64-modules-2.02-0.76.0.4.el7.1.noarch.rpm
grub2-tools-2.02-0.76.0.4.el7.1.aarch64.rpm
grub2-tools-extra-2.02-0.76.0.4.el7.1.aarch64.rpm
grub2-tools-minimal-2.02-0.76.0.4.el7.1.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/grub2-2.02-0.76.0.4.el7.1.src.rpm



Description of changes:

[2.02.0.76.0.4.1]
- Enable common subpackage build for aarch64
- Disable RHEL patch 0183-efinet-retransmit-if-our-device-is-busy.patch
to comply with UEFI spec
- increase timeout to 10ms in efinet.c, orabug [27982684]

[2.02-0.76.0.3.1]
- build with the updated Oracle certificate
- Restore symlink to grub environment file, that was removed during
grub2-efi update
if grub2 package is also installed on UEFI machines [27345750]
- fix symlink removal scriptlet, to be executed only on removal [bug
19231481]
- Pack files in efidir with disabled rpm verification [27166026]
- Fix comparison in patch for 18504756
- Remove symlink to grub environment file during uninstall on EFI
platforms [bug 19231481]
- replace dynamic EFI boot folder path generation with predefined
'redhat' (Alex Burmashev)
- update Oracle Linux certificates (Alexey Petrenko)
- Put "with" in menuentry instead of "using" [bug 18504756]
- Use different titles for UEK and RHCK kernels [bug 18504756]
- changed efidir with 0700 access rights, redhat chose another approach
in rhbz#1496952, orabug [28622344]
- revert orabug [27166026] changes

[2.02-0.76.e7_6.1]
- Re-enable regexp module
Resolves: rhbz#1647527



ELSA-2019-0229 Important: Oracle Linux 7 ghostscript security and bug fix update (aarch64)

Oracle Linux Security Advisory ELSA-2019-0229

http://linux.oracle.com/errata/ELSA-2019-0229.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
ghostscript-9.07-31.el7_6.9.aarch64.rpm
ghostscript-cups-9.07-31.el7_6.9.aarch64.rpm
ghostscript-devel-9.07-31.el7_6.9.aarch64.rpm
ghostscript-doc-9.07-31.el7_6.9.noarch.rpm
ghostscript-gtk-9.07-31.el7_6.9.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ghostscript-9.07-31.el7_6.9.src.rpm



Description of changes:

[9.07-31.el7_6.9]
- Related: #1667442 - CVE-2019-6116 - added missing parts of patch

[9.07-31.el7_6.8]
- Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within
pseudo-operators must themselves be pseudo-operators

[9.07-31.el7_6.7]
- Resolves: #1665919 pdf2ps reports an error when reading from stdin
- Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in
copydevice handling (699661)
- Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in
psi/zdevice2.c (700153)
- Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in
psi/zicc.c
- Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in
psi/zfjbig2.c (700168)


ELSA-2019-0230 Important: Oracle Linux 7 polkit security update (aarch64)

Oracle Linux Security Advisory ELSA-2019-0230

http://linux.oracle.com/errata/ELSA-2019-0230.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
polkit-0.112-18.0.1.el7_6.1.aarch64.rpm
polkit-devel-0.112-18.0.1.el7_6.1.aarch64.rpm
polkit-docs-0.112-18.0.1.el7_6.1.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/polkit-0.112-18.0.1.el7_6.1.src.rpm



Description of changes:

[0.112-18.0.1]
- Increase timeout to avoid defunct processes [bug26930744]

[0.112-18.el7_6.1]
- Fix of CVE-2019-6133, PID reuse via slow fork
- Resolves: rhbz#1667311

ELSA-2019-0231 Important: Oracle Linux 7 spice security update (aarch64)

Oracle Linux Security Advisory ELSA-2019-0231

http://linux.oracle.com/errata/ELSA-2019-0231.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
spice-server-0.14.0-6.0.2.el7_6.1.aarch64.rpm
spice-server-devel-0.14.0-6.0.2.el7_6.1.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/spice-0.14.0-6.0.2.el7_6.1.src.rpm



Description of changes:

[0.14.0-6.0.2.1]
- Add ARM support

[0.14.0-6.1]
- Fix off-by-one error during guest-to-host memory address conversion
Resolves: CVE-2019-3813


ELSA-2019-4528 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2019-4528

http://linux.oracle.com/errata/ELSA-2019-4528.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.24.5.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.24.5.el6uek.noarch.rpm
kernel-uek-4.1.12-124.24.5.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.24.5.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.24.5.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.24.5.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.24.5.el6uek.src.rpm



Description of changes:

[4.1.12-124.24.5.el6uek]
- rds: congestion updates can be missed when kernel low on memory (Mukesh Kacker) [Orabug: 28425811]
- net/rds: ib: Fix endless RNR Retries caused by memory allocation failures (Venkat Venkatsubra) [Orabug: 28127993]
- net: rds: fix excess initialization of the recv SGEs (Zhu Yanjun) [Orabug: 29004503]
- xhci: fix usb2 resume timing and races. (Mathias Nyman) [Orabug: 29028940]
- xhci: Fix a race in usb2 LPM resume, blocking U3 for usb2 devices (Mathias Nyman) [Orabug: 29028940]
- userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered (Andrea Arcangeli) [Orabug: 29163750] {CVE-2018-18397}
- userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas (Andrea Arcangeli) [Orabug: 29163750] {CVE-2018-18397}
- x86/apic/x2apic: set affinity of a single interrupt to one cpu (Jianchao Wang) [Orabug: 29196396]
- xen/blkback: rework validate_io_op() (Dongli Zhang) [Orabug: 29199843]
- xen/blkback: optimize validate_io_op() to filter BLKIF_OP_RESERVED_1 operation (Dongli Zhang) [Orabug: 29199843]
- xen/blkback: do not BUG() for invalid blkif_request from frontend (Dongli Zhang) [Orabug: 29199843]
- net/rds: WARNING: at net/rds/recv.c:222 rds_recv_hs_exthdrs+0xf8/0x1e0 (Venkat Venkatsubra) [Orabug: 29201779]
- xen-netback: wake up xenvif_dealloc_kthread when it should stop (Dongli Zhang) [Orabug: 29217927]
- Revert "xfs: remove nonblocking mode from xfs_vm_writepage" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: remove xfs_cancel_ioend" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: Introduce writeback context for writepages" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: xfs_cluster_write is redundant" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: factor mapping out of xfs_do_writepage" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: don't chain ioends during writepage submission" (Wengang Wang) [Orabug: 29279692]

[4.1.12-124.24.4.el6uek]
- mstflint: Fix coding style issues - left with LINUX_VERSION_CODE (Idan Mehalel) [Orabug: 28878697]
- mstflint: Fix coding-style issues (Idan Mehalel) [Orabug: 28878697]
- mstflint: Fix errors found with checkpatch script (Idan Mehalel) [Orabug: 28878697]
- Added support for 5th Gen devices in Secure Boot module and mtcr (Adham Masarwah) [Orabug: 28878697]
- Fix typos in mst_kernel (Adham Masarwah) [Orabug: 28878697]
- bnxt_en: Report PCIe link properties with pcie_print_link_status() (Brian Maly) [Orabug: 28942099]
- selinux: Perform both commoncap and selinux xattr checks (Eric W. Biederman) [Orabug: 28951521]
- Introduce v3 namespaced file capabilities (Serge E. Hallyn) [Orabug: 28951521]
- rds: ib: Use a delay when reconnecting to the very same IP address (Håkon Bugge) [Orabug: 29138813]
- Change mincore() to count "mapped" pages rather than "cached" pages (Linus Torvalds) [Orabug: 29187415] {CVE-2019-5489}
- NFSD: Set the attributes used to store the verifier for EXCLUSIVE4_1 (Kinglong Mee) [Orabug: 29204157]

ELSA-2019-4528 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2019-4528

http://linux.oracle.com/errata/ELSA-2019-4528.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.24.5.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.24.5.el7uek.noarch.rpm
kernel-uek-4.1.12-124.24.5.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.24.5.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.24.5.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.24.5.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.24.5.el7uek.src.rpm



Description of changes:

[4.1.12-124.24.5.el7uek]
- rds: congestion updates can be missed when kernel low on memory (Mukesh Kacker) [Orabug: 28425811]
- net/rds: ib: Fix endless RNR Retries caused by memory allocation failures (Venkat Venkatsubra) [Orabug: 28127993]
- net: rds: fix excess initialization of the recv SGEs (Zhu Yanjun) [Orabug: 29004503]
- xhci: fix usb2 resume timing and races. (Mathias Nyman) [Orabug: 29028940]
- xhci: Fix a race in usb2 LPM resume, blocking U3 for usb2 devices (Mathias Nyman) [Orabug: 29028940]
- userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered (Andrea Arcangeli) [Orabug: 29163750] {CVE-2018-18397}
- userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas (Andrea Arcangeli) [Orabug: 29163750] {CVE-2018-18397}
- x86/apic/x2apic: set affinity of a single interrupt to one cpu (Jianchao Wang) [Orabug: 29196396]
- xen/blkback: rework validate_io_op() (Dongli Zhang) [Orabug: 29199843]
- xen/blkback: optimize validate_io_op() to filter BLKIF_OP_RESERVED_1 operation (Dongli Zhang) [Orabug: 29199843]
- xen/blkback: do not BUG() for invalid blkif_request from frontend (Dongli Zhang) [Orabug: 29199843]
- net/rds: WARNING: at net/rds/recv.c:222 rds_recv_hs_exthdrs+0xf8/0x1e0 (Venkat Venkatsubra) [Orabug: 29201779]
- xen-netback: wake up xenvif_dealloc_kthread when it should stop (Dongli Zhang) [Orabug: 29217927]
- Revert "xfs: remove nonblocking mode from xfs_vm_writepage" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: remove xfs_cancel_ioend" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: Introduce writeback context for writepages" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: xfs_cluster_write is redundant" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: factor mapping out of xfs_do_writepage" (Wengang Wang) [Orabug: 29279692]
- Revert "xfs: don't chain ioends during writepage submission" (Wengang Wang) [Orabug: 29279692]

[4.1.12-124.24.4.el7uek]
- mstflint: Fix coding style issues - left with LINUX_VERSION_CODE (Idan Mehalel) [Orabug: 28878697]
- mstflint: Fix coding-style issues (Idan Mehalel) [Orabug: 28878697]
- mstflint: Fix errors found with checkpatch script (Idan Mehalel) [Orabug: 28878697]
- Added support for 5th Gen devices in Secure Boot module and mtcr (Adham Masarwah) [Orabug: 28878697]
- Fix typos in mst_kernel (Adham Masarwah) [Orabug: 28878697]
- bnxt_en: Report PCIe link properties with pcie_print_link_status() (Brian Maly) [Orabug: 28942099]
- selinux: Perform both commoncap and selinux xattr checks (Eric W. Biederman) [Orabug: 28951521]
- Introduce v3 namespaced file capabilities (Serge E. Hallyn) [Orabug: 28951521]
- rds: ib: Use a delay when reconnecting to the very same IP address (Håkon Bugge) [Orabug: 29138813]
- Change mincore() to count "mapped" pages rather than "cached" pages (Linus Torvalds) [Orabug: 29187415] {CVE-2019-5489}
- NFSD: Set the attributes used to store the verifier for EXCLUSIVE4_1 (Kinglong Mee) [Orabug: 29204157]

New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2019-4528)

Synopsis: ELSA-2019-4528 can now be patched using Ksplice
CVEs: CVE-2018-18397 CVE-2019-5489

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-4528.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2019-5489: Side-channel information leak in kernel page cache.

A side-channel exposed through the mincore() system call could allow a
local unprivileged user to leak access timings from other process and
infer sensitive data.

Orabug: 29187415


* Denial-of-service in Reliable Datagram Socket reconnection.

Incorrect timeout logic when performing a reconnection to the same IP
address could result in a flood of reconnect attempts. This could be
exploited by a local user to trigger a network denial of service on the
interface.

Orabug: 29138813


* Incorrect file modification time for empty files on NFSv4.1 mounts.

Incorrect handling of empty file creation on an NFSv4.1 mount could
result in incorrect decoding of the modified time leading to files with
an incorrect mtime on both the client and server.

Orabug: 29204157


* Denial-of-service in Xen block device on invalid request type.

An incorrect kernel assertion could result in a kernel crash when
handling an invalid request type. A privileged user in a Xen guest
could use this flaw to crash the system.

Orabug: 29199843


* CVE-2018-18397: Filesystem permissions bypass with userfaultfd.

Incorrect permissions checks on a tmpfs or hugetlbfs filesystem with
userfaultfd could allow a local user to bypass filesystem permissions
checks and make changes to files that they should not have access to.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.