Oracle Linux 6278 Published by

A kernel security and bug fix update has been released for Oracle Linux 6.



El-errata: ELSA-2020-2933 Moderate: Oracle Linux 6 kernel security and bug fix update


Oracle Linux Security Advisory ELSA-2020-2933

  http://linux.oracle.com/errata/ELSA-2020-2933.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
kernel-2.6.32-754.31.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-754.31.1.el6.noarch.rpm
kernel-debug-2.6.32-754.31.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.31.1.el6.i686.rpm
kernel-devel-2.6.32-754.31.1.el6.i686.rpm
kernel-doc-2.6.32-754.31.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.31.1.el6.noarch.rpm
kernel-headers-2.6.32-754.31.1.el6.i686.rpm
perf-2.6.32-754.31.1.el6.i686.rpm
python-perf-2.6.32-754.31.1.el6.i686.rpm

x86_64:
kernel-2.6.32-754.31.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-754.31.1.el6.noarch.rpm
kernel-debug-2.6.32-754.31.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.31.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.31.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.31.1.el6.x86_64.rpm
kernel-doc-2.6.32-754.31.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.31.1.el6.noarch.rpm
kernel-headers-2.6.32-754.31.1.el6.x86_64.rpm
perf-2.6.32-754.31.1.el6.x86_64.rpm
python-perf-2.6.32-754.31.1.el6.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-754.31.1.el6.src.rpm


Description of changes:

[2.6.32-754.31.1.el6.OL6]
- Update genkey [bug 25599697]

[2.6.32-754.31.1.el6]
- [x86] x86/speculation: Provide SRBDS late microcode loading support
(Waiman Long) [1827185] {CVE-2020-0543}
- [documentation] x86/speculation: Add Ivy Bridge to affected list
(Waiman Long) [1827185] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and
mitigation documentation (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling
(SRBDS) mitigation (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Waiman Long)
[1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Waiman
Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu/bugs: Convert to new matching macros (Waiman Long)
[1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add consistent CPU match macros (Waiman Long) [1827185]
{CVE-2020-0543}
- [x86] x86/devicetable: Move x86 specific macro out of generic code
(Waiman Long) [1827185] {CVE-2020-0543}
- [netdrv] bonding/802.3ad: fix link_failure_count tracking (Patrick
Talbert) [1841819]
- [mm] mm: migration: add migrate_entry_wait_huge() (Waiman Long) [1839653]
- [powerpc] powerpc/book3s64: Fix link stack flush on context switch
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: support nospectre_v2 cmdline option (Gustavo
Duarte) [1796810]
- [powerpc] powerpc/security: Fix spectre_v2 reporting (Gustavo Duarte)
[1796810]
- [powerpc] powerpc/fsl: Update Spectre v2 reporting (Gustavo Duarte)
[1796810]
- [powerpc] powerpc/fsl: Add nospectre_v2 command line argument (Gustavo
Duarte) [1796810]
- [powerpc] powerpc/fsl: Fix spectre_v2 mitigations reporting (Gustavo
Duarte) [1796810]
- [powerpc] powerpc/pseries: Query hypervisor for count cache flush
settings (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add support for software count cache flush
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add new security feature flags for count cache
flush (Gustavo Duarte) [1796810]
- [powerpc] powerpc/asm: Add a patch_site macro & helpers for patching
instructions (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Make meltdown reporting Book3S 64 specific
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Call setup_barrier_nospec() from setup_arch()
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (Gustavo Duarte)
[1796810]
- [powerpc] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (Gustavo
Duarte) [1796810]
- [powerpc] powerpc/64: Disable the speculation barrier from the command
line (Gustavo Duarte) [1796810]
- [powerpc] powerpc64s: Show ori31 availability in spectre_v1 sysfs file
not v2 (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Enhance the information in
cpu_show_spectre_v1() (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Use barrier_nospec in syscall entry (Gustavo
Duarte) [1796810]
- [powerpc] powerpc/64s: Enable barrier_nospec based on firmware
settings (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Patch barrier_nospec in modules (Gustavo
Duarte) [1796810]
- [powerpc] powerpc/64s: Add support for ori barrier_nospec patching
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add barrier_nospec (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Add helper to check if offset is within relative
branch range (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Have patch_instruction detect faults (Gustavo
Duarte) [1796810]
- [powerpc] powerpc: Introduce asm-prototypes.h (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Move local setup.h declarations to arch includes
(Gustavo Duarte) [1796810]