The following security updates has been released for Oracle Linux 6:
ELSA-2018-1098 Important: Oracle Linux 6 firefox security update
ELSA-2018-1124 Critical: Oracle Linux 6 python-paramiko security update
ELSA-2018-1098 Important: Oracle Linux 6 firefox security update
ELSA-2018-1124 Critical: Oracle Linux 6 python-paramiko security update
ELSA-2018-1098 Important: Oracle Linux 6 firefox security update
Oracle Linux Security Advisory ELSA-2018-1098
http://linux.oracle.com/errata/ELSA-2018-1098.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
firefox-52.7.3-1.0.1.el6_9.i686.rpm
x86_64:
firefox-52.7.3-1.0.1.el6_9.i686.rpm
firefox-52.7.3-1.0.1.el6_9.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/firefox-52.7.3-1.0.1.el6_9.src.rpm
Description of changes:
[52.7.3-1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red
Hat one
- Force requirement of newer gdk-pixbuf2 to ensure a proper update (Todd
Vierling) [orabug 19847484]
[52.7.3-1]
- Update to 52.7.3 ESR
ELSA-2018-1124 Critical: Oracle Linux 6 python-paramiko security update
Oracle Linux Security Advisory ELSA-2018-1124
http://linux.oracle.com/errata/ELSA-2018-1124.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
python-paramiko-1.7.5-4.el6_9.noarch.rpm
x86_64:
python-paramiko-1.7.5-4.el6_9.noarch.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/python-paramiko-1.7.5-4.el6_9.src.rpm
Description of changes:
[1.7.5-4]
- Fix and enable tests (%check).
- Backport a change which makes tests exit with nonzero status when they
fail.
- Add a fix for upstream tests for CVE-2018-7750 (broken in previous).
[1.7.5-3]
- Fix a security flaw (CVE-2018-7750) in Paramiko's server mode
(emphasis on **server** mode; this does **not** impact *client* use!)
Backported from 1.10:
https://gist.github.com/stevebeattie/0eb190004e10ba0926ad8782f89676ad
Resolves #1557140
