Oracle Linux 6264 Published by

The following security updates has been released for Oracle Linux 6:

ELSA-2018-1098 Important: Oracle Linux 6 firefox security update
ELSA-2018-1124 Critical: Oracle Linux 6 python-paramiko security update



ELSA-2018-1098 Important: Oracle Linux 6 firefox security update

Oracle Linux Security Advisory ELSA-2018-1098

http://linux.oracle.com/errata/ELSA-2018-1098.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
firefox-52.7.3-1.0.1.el6_9.i686.rpm

x86_64:
firefox-52.7.3-1.0.1.el6_9.i686.rpm
firefox-52.7.3-1.0.1.el6_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/firefox-52.7.3-1.0.1.el6_9.src.rpm



Description of changes:

[52.7.3-1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red
Hat one
- Force requirement of newer gdk-pixbuf2 to ensure a proper update (Todd
Vierling) [orabug 19847484]

[52.7.3-1]
- Update to 52.7.3 ESR

ELSA-2018-1124 Critical: Oracle Linux 6 python-paramiko security update

Oracle Linux Security Advisory ELSA-2018-1124

http://linux.oracle.com/errata/ELSA-2018-1124.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
python-paramiko-1.7.5-4.el6_9.noarch.rpm

x86_64:
python-paramiko-1.7.5-4.el6_9.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/python-paramiko-1.7.5-4.el6_9.src.rpm



Description of changes:

[1.7.5-4]
- Fix and enable tests (%check).
- Backport a change which makes tests exit with nonzero status when they
fail.
- Add a fix for upstream tests for CVE-2018-7750 (broken in previous).

[1.7.5-3]
- Fix a security flaw (CVE-2018-7750) in Paramiko's server mode
(emphasis on **server** mode; this does **not** impact *client* use!)
Backported from 1.10:
https://gist.github.com/stevebeattie/0eb190004e10ba0926ad8782f89676ad
Resolves #1557140