The following updates has been released for Oracle Linux:
ELBA-2019-0062 Oracle Linux 6 cups bug fix update
ELBA-2019-0064 Oracle Linux 6 kernel bug fix update
ELSA-2019-0059 Important: Oracle Linux 7 libvncserver security update
ELSA-2019-4509 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2019-4509 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)
ELSA-2019-4510 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2019-4510 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELBA-2019-0062 Oracle Linux 6 cups bug fix update
ELBA-2019-0064 Oracle Linux 6 kernel bug fix update
ELSA-2019-0059 Important: Oracle Linux 7 libvncserver security update
ELSA-2019-4509 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2019-4509 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)
ELSA-2019-4510 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2019-4510 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELBA-2019-0062 Oracle Linux 6 cups bug fix update
Oracle Linux Bug Fix Advisory ELBA-2019-0062
http://linux.oracle.com/errata/ELBA-2019-0062.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
cups-1.4.2-80.el6_10.i686.rpm
cups-devel-1.4.2-80.el6_10.i686.rpm
cups-libs-1.4.2-80.el6_10.i686.rpm
cups-lpd-1.4.2-80.el6_10.i686.rpm
cups-php-1.4.2-80.el6_10.i686.rpm
x86_64:
cups-1.4.2-80.el6_10.x86_64.rpm
cups-devel-1.4.2-80.el6_10.i686.rpm
cups-devel-1.4.2-80.el6_10.x86_64.rpm
cups-libs-1.4.2-80.el6_10.i686.rpm
cups-libs-1.4.2-80.el6_10.x86_64.rpm
cups-lpd-1.4.2-80.el6_10.x86_64.rpm
cups-php-1.4.2-80.el6_10.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/cups-1.4.2-80.el6_10.src.rpm
Description of changes:
* Thu Nov 08 2018 Zdenek Dohnal
- 1616443 - Jobs with multiple files don't complete when backend fails
ELBA-2019-0064 Oracle Linux 6 kernel bug fix update
Oracle Linux Bug Fix Advisory ELBA-2019-0064
http://linux.oracle.com/errata/ELBA-2019-0064.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
kernel-2.6.32-754.10.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-754.10.1.el6.noarch.rpm
kernel-debug-2.6.32-754.10.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.10.1.el6.i686.rpm
kernel-devel-2.6.32-754.10.1.el6.i686.rpm
kernel-doc-2.6.32-754.10.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.10.1.el6.noarch.rpm
kernel-headers-2.6.32-754.10.1.el6.i686.rpm
perf-2.6.32-754.10.1.el6.i686.rpm
python-perf-2.6.32-754.10.1.el6.i686.rpm
x86_64:
kernel-2.6.32-754.10.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-754.10.1.el6.noarch.rpm
kernel-debug-2.6.32-754.10.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.10.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.10.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.10.1.el6.x86_64.rpm
kernel-doc-2.6.32-754.10.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.10.1.el6.noarch.rpm
kernel-headers-2.6.32-754.10.1.el6.x86_64.rpm
perf-2.6.32-754.10.1.el6.x86_64.rpm
python-perf-2.6.32-754.10.1.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-754.10.1.el6.src.rpm
Description of changes:
[2.6.32-754.10.1.el6.OL6]
- Update genkey [bug 25599697]
[2.6.32-754.10.1.el6]
- [net] sctp: sctp should release assoc when sctp_make_abort_user return
NULL in sctp_close (Xin Long) [1646405]
- [x86] kvm: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed
(Wei Huang) [1425051]
- [mm] mempolicy: migrate_to_node should only migrate to node (Rafael
Aquini) [1577094]
- [mm] vmscan: avoid possible deadlock caused by too_many_isolated()
(Rafael Aquini) [1577094]
- [fs] seqfile: always allow oom killer (Rodrigo Freire) [1632434]
- [fs] seq_file: fallback to vmalloc instead of oom kill processes
(Rodrigo Freire) [1632434]
- [fs] seq_file: fallback to vmalloc allocation (Rodrigo Freire) [1632434]
- [fs] proc/stat: convert to single_open_size() (Rodrigo Freire) [1632434]
- [fs] seq_file: always clear m->count when we free m->buf (Rodrigo
Freire) [1632434]
- [fs] seq_file: single_open_size() new helper (Rodrigo Freire) [1632434]
- [fs] stat: Use size_t for sizes instead of unsigned (Rodrigo Freire)
[1632434]
- [fs] proc: speed up /proc/stat handling (Rodrigo Freire) [1632434]
ELSA-2019-0059 Important: Oracle Linux 7 libvncserver security update
Oracle Linux Security Advisory ELSA-2019-0059
http://linux.oracle.com/errata/ELSA-2019-0059.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libvncserver-0.9.9-13.el7_6.i686.rpm
libvncserver-0.9.9-13.el7_6.x86_64.rpm
libvncserver-devel-0.9.9-13.el7_6.i686.rpm
libvncserver-devel-0.9.9-13.el7_6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvncserver-0.9.9-13.el7_6.src.rpm
Description of changes:
[0.9.9-13]
- Fix CVE-2018-15127 (Heap out-of-bounds write in
rfbserver.c:rfbProcessFileTransferReadBuffer()) (bug #1662995)
ELSA-2019-4509 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2019-4509
http://linux.oracle.com/errata/ELSA-2019-4509.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-debug-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-devel-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-tools-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-doc-4.14.35-1844.1.3.el7uek.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1844.1.3.el7uek.src.rpm
Description of changes:
[4.14.35-1844.1.3.el7uek]
- net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun)
[Orabug: 29003422] - nfs: don't dirty kernel pages read by direct-io
(Dave Kleikamp) [Orabug: 29122062] - KVM: X86: Fix scan ioapic
use-before-initialization (Wanpeng Li) [Orabug: 29026132] {CVE-2018-19407}
- hugetlb: take PMD sharing into account when flushing tlb/caches (Mike
Kravetz) [Orabug: 28951436] - mm: migration: fix migration of huge PMD
shared pages (Mike Kravetz) [Orabug: 28951436] - mm/mmu_notifier: avoid
double notification when it is useless (Jérôme Glisse) [Orabug: 28951436]
[4.14.35-1844.1.2.el7uek]
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in
card.c (Hui Peng) [Orabug: 29042979] {CVE-2018-19824}
- arm64/kernel: kaslr: reduce module randomization range to 4 GB (Ard
Biesheuvel) [Orabug: 28954789] - xfs: enhance dinode verifier (Eric
Sandeen) [Orabug: 28997653] {CVE-2018-10322}
- xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong)
[Orabug: 28997653] {CVE-2018-10322}
- Revert "xfs: move inode fork verifiers to xfs_dinode_verify" (Shan
Hai) [Orabug: 28997653] - Revert "xfs: enhance dinode verifier" (Shan
Hai) [Orabug: 28997653]
[4.14.35-1844.1.1.el7uek]
- arm64: disable /dev/port on 64 bit ARM (Eric Saint-Etienne) [Orabug:
28961247] - crypto: ccp - add timeout support in the SEV command
(Brijesh Singh) [Orabug: 29029018] - crypto: ccp - Add GET_ID SEV
command (Janakarajan Natarajan) [Orabug: 29029018] - crypto: ccp - Add
DOWNLOAD_FIRMWARE SEV command (Janakarajan Natarajan) [Orabug: 29029018]
- net: phy: mdio-bcm-unimac: fix potential NULL dereference in
unimac_mdio_probe() (Wei Yongjun) [Orabug: 27677743] {CVE-2018-8043}
- vti6: remove !skb->ignore_df check from vti6_xmit() (Alexey Kodanev)
[Orabug: 28940590] - A/A failback does not work in concert with ibacm
(Håkon Bugge) [Orabug: 28972800] - ACPICA: Reference Counts: increase
max to 0x4000 for large servers (Erik Schmauss) [Orabug: 29019053]
[4.14.35-1844.1.0.el7uek]
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug:
28951264] {CVE-2018-5848}
- [PATCH UEK5 u1 v3] dtrace: add DTRACEACT_PCAP for packet capture for
later pcap_dump() (Alan Maguire) [Orabug: 28951771] - floppy: Do not
copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft)
{CVE-2018-7755} {CVE-2018-7755}
- [PATCH UEK5 u1 v2] dtrace: fix ip provider inconsistencies between
IPv4/IPv6 (Alan Maguire) [Orabug: 28956807] - x86/speculation: Make
enhanced IBRS the default spectre v2 mitigation (Alejandro Jimenez)
[Orabug: 28992002] - x86/speculation: Enable enhanced IBRS usage
(Alejandro Jimenez) [Orabug: 28992002] - x86/speculation: functions for
supporting enhanced IBRS (Alejandro Jimenez) [Orabug: 28992002] - Add
forward declaration of tlb_flush, required for asm-generic. (Jack Vogel)
[Orabug: 28866513] - x86/mm: Page size aware flush_tlb_mm_range() (Peter
Zijlstra) [Orabug: 28866513] - mm/memory: Move mmu_gather and TLB
invalidation code into its own file (Peter Zijlstra) [Orabug: 28866513]
- asm-generic/tlb: Track which levels of the page tables have been
cleared (Will Deacon) [Orabug: 28866513] - asm-generic/tlb: Track
freeing of page-table directories in struct mmu_gather (Peter Zijlstra)
[Orabug: 28866513] - mm: mmu_notifier fix for tlb_end_vma (Nicholas
Piggin) [Orabug: 28866513] - mm: update comment describing
tlb_gather_mmu (Mike Rapoport) [Orabug: 28866513]
ELSA-2019-4509 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)
Oracle Linux Security Advisory ELSA-2019-4509
http://linux.oracle.com/errata/ELSA-2019-4509.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
aarch64:
kernel-uek-4.14.35-1844.1.3.el7uek.aarch64.rpm
kernel-uek-debug-4.14.35-1844.1.3.el7uek.aarch64.rpm
kernel-uek-debug-devel-4.14.35-1844.1.3.el7uek.aarch64.rpm
kernel-uek-devel-4.14.35-1844.1.3.el7uek.aarch64.rpm
kernel-uek-tools-4.14.35-1844.1.3.el7uek.aarch64.rpm
kernel-uek-tools-libs-4.14.35-1844.1.3.el7uek.aarch64.rpm
kernel-uek-tools-libs-devel-4.14.35-1844.1.3.el7uek.aarch64.rpm
perf-4.14.35-1844.1.3.el7uek.aarch64.rpm
python-perf-4.14.35-1844.1.3.el7uek.aarch64.rpm
kernel-uek-headers-4.14.35-1844.1.3.el7uek.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1844.1.3.el7uek.src.rpm
Description of changes:
[4.14.35-1844.1.3.el7uek]
- net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun)
[Orabug: 29003422] - nfs: don't dirty kernel pages read by direct-io
(Dave Kleikamp) [Orabug: 29122062] - KVM: X86: Fix scan ioapic
use-before-initialization (Wanpeng Li) [Orabug: 29026132] {CVE-2018-19407}
- hugetlb: take PMD sharing into account when flushing tlb/caches (Mike
Kravetz) [Orabug: 28951436] - mm: migration: fix migration of huge PMD
shared pages (Mike Kravetz) [Orabug: 28951436] - mm/mmu_notifier: avoid
double notification when it is useless (Jérôme Glisse) [Orabug: 28951436]
[4.14.35-1844.1.2.el7uek]
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in
card.c (Hui Peng) [Orabug: 29042979] {CVE-2018-19824}
- arm64/kernel: kaslr: reduce module randomization range to 4 GB (Ard
Biesheuvel) [Orabug: 28954789] - xfs: enhance dinode verifier (Eric
Sandeen) [Orabug: 28997653] {CVE-2018-10322}
- xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong)
[Orabug: 28997653] {CVE-2018-10322}
- Revert "xfs: move inode fork verifiers to xfs_dinode_verify" (Shan
Hai) [Orabug: 28997653] - Revert "xfs: enhance dinode verifier" (Shan
Hai) [Orabug: 28997653]
[4.14.35-1844.1.1.el7uek]
- arm64: disable /dev/port on 64 bit ARM (Eric Saint-Etienne) [Orabug:
28961247] - crypto: ccp - add timeout support in the SEV command
(Brijesh Singh) [Orabug: 29029018] - crypto: ccp - Add GET_ID SEV
command (Janakarajan Natarajan) [Orabug: 29029018] - crypto: ccp - Add
DOWNLOAD_FIRMWARE SEV command (Janakarajan Natarajan) [Orabug: 29029018]
- net: phy: mdio-bcm-unimac: fix potential NULL dereference in
unimac_mdio_probe() (Wei Yongjun) [Orabug: 27677743] {CVE-2018-8043}
- vti6: remove !skb->ignore_df check from vti6_xmit() (Alexey Kodanev)
[Orabug: 28940590] - A/A failback does not work in concert with ibacm
(Håkon Bugge) [Orabug: 28972800] - ACPICA: Reference Counts: increase
max to 0x4000 for large servers (Erik Schmauss) [Orabug: 29019053]
[4.14.35-1844.1.0.el7uek]
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug:
28951264] {CVE-2018-5848}
- [PATCH UEK5 u1 v3] dtrace: add DTRACEACT_PCAP for packet capture for
later pcap_dump() (Alan Maguire) [Orabug: 28951771] - floppy: Do not
copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft)
{CVE-2018-7755} {CVE-2018-7755}
- [PATCH UEK5 u1 v2] dtrace: fix ip provider inconsistencies between
IPv4/IPv6 (Alan Maguire) [Orabug: 28956807] - x86/speculation: Make
enhanced IBRS the default spectre v2 mitigation (Alejandro Jimenez)
[Orabug: 28992002] - x86/speculation: Enable enhanced IBRS usage
(Alejandro Jimenez) [Orabug: 28992002] - x86/speculation: functions for
supporting enhanced IBRS (Alejandro Jimenez) [Orabug: 28992002] - Add
forward declaration of tlb_flush, required for asm-generic. (Jack Vogel)
[Orabug: 28866513] - x86/mm: Page size aware flush_tlb_mm_range() (Peter
Zijlstra) [Orabug: 28866513] - mm/memory: Move mmu_gather and TLB
invalidation code into its own file (Peter Zijlstra) [Orabug: 28866513]
- asm-generic/tlb: Track which levels of the page tables have been
cleared (Will Deacon) [Orabug: 28866513] - asm-generic/tlb: Track
freeing of page-table directories in struct mmu_gather (Peter Zijlstra)
[Orabug: 28866513] - mm: mmu_notifier fix for tlb_end_vma (Nicholas
Piggin) [Orabug: 28866513] - mm: update comment describing
tlb_gather_mmu (Mike Rapoport) [Orabug: 28866513]
ELSA-2019-4510 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2019-4510
http://linux.oracle.com/errata/ELSA-2019-4510.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.24.3.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.24.3.el6uek.noarch.rpm
kernel-uek-4.1.12-124.24.3.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.24.3.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.24.3.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.24.3.el6uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.24.3.el6uek.src.rpm
Description of changes:
[4.1.12-124.24.3.el6uek]
- ext4: update i_disksize when new eof exceeds it (Shan Hai) [Orabug:
28940828] - ext4: update i_disksize if direct write past ondisk size
(Eryu Guan) [Orabug: 28940828] - ext4: protect i_disksize update by
i_data_sem in direct write path (Eryu Guan) [Orabug: 28940828] - ALSA:
usb-audio: Fix UAF decrement if card has no live interfaces in card.c
(Hui Peng) [Orabug: 29042981] {CVE-2018-19824}
- ALSA: usb-audio: Replace probing flag with active refcount (Takashi
Iwai) [Orabug: 29042981] {CVE-2018-19824}
- ALSA: usb-audio: Avoid nested autoresume calls (Takashi Iwai) [Orabug:
29042981] {CVE-2018-19824}
- ext4: validate that metadata blocks do not overlap superblock
(Theodore Ts'o) [Orabug: 29114440] {CVE-2018-1094}
- ext4: update inline int ext4_has_metadata_csum(struct super_block *sb)
(John Donnelly) [Orabug: 29114440] {CVE-2018-1094}
- ext4: always initialize the crc32c checksum driver (Theodore Ts'o)
[Orabug: 29114440] {CVE-2018-1094} {CVE-2018-1094}
- Revert "bnxt_en: Reduce default rings on multi-port cards." (Brian
Maly) [Orabug: 28687746] - mlx4_core: Disable P_Key Violation Traps
(HÃ¥kon Bugge) [Orabug: 27693633] - rds: RDS connection does not
reconnect after CQ access violation error (Venkat Venkatsubra) [Orabug:
28733324]
[4.1.12-124.24.2.el6uek]
- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL (KarimAllah Ahmed)
[Orabug: 28069548] - KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL
- reloaded (Mihai Carabas) [Orabug: 28069548] - KVM/x86: Add IBPB
support (Ashok Raj) [Orabug: 28069548] - KVM: x86: pass host_initiated
to functions that read MSRs (Paolo Bonzini) [Orabug: 28069548] - KVM:
VMX: make MSR bitmaps per-VCPU (Paolo Bonzini) [Orabug: 28069548] - KVM:
VMX: introduce alloc_loaded_vmcs (Paolo Bonzini) [Orabug: 28069548] -
KVM: nVMX: Eliminate vmcs02 pool (Jim Mattson) [Orabug: 28069548] - KVM:
nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC (Radim
KrÄmáÅ) [Orabug: 28069548] - ocfs2: don't clear bh uptodate for block
read (Junxiao Bi) [Orabug: 28762940] - ocfs2: clear journal dirty flag
after shutdown journal (Junxiao Bi) [Orabug: 28924775] - ocfs2: fix
panic due to unrecovered local alloc (Junxiao Bi) [Orabug: 28924775] -
net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun)
[Orabug: 28947481] - x86/speculation: Always disable IBRS in
disable_ibrs_and_friends() (Alejandro Jimenez) [Orabug: 29139710]
ELSA-2019-4510 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2019-4510
http://linux.oracle.com/errata/ELSA-2019-4510.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.24.3.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.24.3.el7uek.noarch.rpm
kernel-uek-4.1.12-124.24.3.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.24.3.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.24.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.24.3.el7uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.24.3.el7uek.src.rpm
Description of changes:
[4.1.12-124.24.3.el7uek]
- ext4: update i_disksize when new eof exceeds it (Shan Hai) [Orabug:
28940828] - ext4: update i_disksize if direct write past ondisk size
(Eryu Guan) [Orabug: 28940828] - ext4: protect i_disksize update by
i_data_sem in direct write path (Eryu Guan) [Orabug: 28940828] - ALSA:
usb-audio: Fix UAF decrement if card has no live interfaces in card.c
(Hui Peng) [Orabug: 29042981] {CVE-2018-19824}
- ALSA: usb-audio: Replace probing flag with active refcount (Takashi
Iwai) [Orabug: 29042981] {CVE-2018-19824}
- ALSA: usb-audio: Avoid nested autoresume calls (Takashi Iwai) [Orabug:
29042981] {CVE-2018-19824}
- ext4: validate that metadata blocks do not overlap superblock
(Theodore Ts'o) [Orabug: 29114440] {CVE-2018-1094}
- ext4: update inline int ext4_has_metadata_csum(struct super_block *sb)
(John Donnelly) [Orabug: 29114440] {CVE-2018-1094}
- ext4: always initialize the crc32c checksum driver (Theodore Ts'o)
[Orabug: 29114440] {CVE-2018-1094} {CVE-2018-1094}
- Revert "bnxt_en: Reduce default rings on multi-port cards." (Brian
Maly) [Orabug: 28687746] - mlx4_core: Disable P_Key Violation Traps
(HÃ¥kon Bugge) [Orabug: 27693633] - rds: RDS connection does not
reconnect after CQ access violation error (Venkat Venkatsubra) [Orabug:
28733324]
[4.1.12-124.24.2.el7uek]
- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL (KarimAllah Ahmed)
[Orabug: 28069548] - KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL
- reloaded (Mihai Carabas) [Orabug: 28069548] - KVM/x86: Add IBPB
support (Ashok Raj) [Orabug: 28069548] - KVM: x86: pass host_initiated
to functions that read MSRs (Paolo Bonzini) [Orabug: 28069548] - KVM:
VMX: make MSR bitmaps per-VCPU (Paolo Bonzini) [Orabug: 28069548] - KVM:
VMX: introduce alloc_loaded_vmcs (Paolo Bonzini) [Orabug: 28069548] -
KVM: nVMX: Eliminate vmcs02 pool (Jim Mattson) [Orabug: 28069548] - KVM:
nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC (Radim
KrÄmáÅ) [Orabug: 28069548] - ocfs2: don't clear bh uptodate for block
read (Junxiao Bi) [Orabug: 28762940] - ocfs2: clear journal dirty flag
after shutdown journal (Junxiao Bi) [Orabug: 28924775] - ocfs2: fix
panic due to unrecovered local alloc (Junxiao Bi) [Orabug: 28924775] -
net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun)
[Orabug: 28947481] - x86/speculation: Always disable IBRS in
disable_ibrs_and_friends() (Alejandro Jimenez) [Orabug: 29139710]