Oracle Linux 6277 Published by

The following updates has been released for Oracle Linux:

ELBA-2018-4107 Oracle Linux 6 mdadm bug fix update
ELSA-2018-1380 Important: Oracle Linux 7 389-ds-base security and bug fix update
ELSA-2018-1396 Low: Oracle Linux 7 libvirt security and bug fix update
ELSA-2018-1414 Critical: Oracle Linux 6 firefox security update
ELSA-2018-1415 Critical: Oracle Linux 7 firefox security update
ELSA-2018-1416 Moderate: Oracle Linux 7 qemu-kvm security update



ELBA-2018-4107 Oracle Linux 6 mdadm bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4107

http://linux.oracle.com/errata/ELBA-2018-4107.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
mdadm-3.3.4-8.0.2.el6.i686.rpm

x86_64:
mdadm-3.3.4-8.0.2.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/mdadm-3.3.4-8.0.2.el6.src.rpm



Description of changes:

[3.3.4-8.0.2]
- 'unacknowledged_bad_blocks' is a long name for sysfs property and it
makes sysfs path over 50 characters long. Increase buffer to the double
length of the longest path available in sysfs at the moment.

[3.3.4-8.0.1]
- Linux allows for 32 character device names. When using the maximum
size device name and also storing "/dev/", devname needs to be 37
character long to store the complete device name.
i.e. "/dev/md_abcdefghijklmnopqrstuvwxyz12\0"
- Newer kernels don't allow for specifying an array larger than 511.
This makes it so find_free_devnm wraps to 511 instead of 2^20 - 1.
- mdadm will fail in operating on a device with a minor number
bigger than (2^19)-1 due to it changing from dev_t to a signed int
and back.

ELSA-2018-1380 Important: Oracle Linux 7 389-ds-base security and bug fix update

Oracle Linux Security Advisory ELSA-2018-1380

http://linux.oracle.com/errata/ELSA-2018-1380.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
389-ds-base-1.3.7.5-21.el7_5.x86_64.rpm
389-ds-base-devel-1.3.7.5-21.el7_5.x86_64.rpm
389-ds-base-libs-1.3.7.5-21.el7_5.x86_64.rpm
389-ds-base-snmp-1.3.7.5-21.el7_5.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/389-ds-base-1.3.7.5-21.el7_5.src.rpm



Description of changes:

[1.3.7.5-21]
- Bump version to 1.3.7.5-21
- Resolves: Bug 1559818 - EMBARGOED CVE-2018-1089 389-ds-base: ns-slapd
crash via large filter value in ldapsearch

[1.3.7.5-20]
- Bump version to 1.3.7.5-20
- Resolves: Bug 1563079 - adjustment of csn_generator can fail so next
generated csn can be equal to the most recent one received
- Resolves: Bug 1559764 - memberof fails if group is moved into scope
- Resolves: Bug 1554720 - "Truncated search results" pop-up appears in
user details in WebUI
- Resolves: Bug 1553605 - ipa-server-install fails with Error: Upgrade
failed with no such entry
- Resolves: Bug 1559760 - ds-replcheck: add -W option to ask for the
password from stdin instead of passing it on command line
- Resolves: Bug 1559464 - replica_write_ruv log a failure even when it
succeeds

ELSA-2018-1396 Low: Oracle Linux 7 libvirt security and bug fix update

Oracle Linux Security Advisory ELSA-2018-1396

http://linux.oracle.com/errata/ELSA-2018-1396.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libvirt-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-admin-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-client-3.9.0-14.el7_5.4.i686.rpm
libvirt-client-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-config-network-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-network-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-kvm-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-daemon-lxc-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-devel-3.9.0-14.el7_5.4.i686.rpm
libvirt-devel-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-docs-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-libs-3.9.0-14.el7_5.4.i686.rpm
libvirt-libs-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-lock-sanlock-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-login-shell-3.9.0-14.el7_5.4.x86_64.rpm
libvirt-nss-3.9.0-14.el7_5.4.i686.rpm
libvirt-nss-3.9.0-14.el7_5.4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-3.9.0-14.el7_5.4.src.rpm



Description of changes:

[3.9.0-14.el7_5.4]
- lxc: Drop useless check in live device update (rhbz#1557922)
- Pass oldDev to virDomainDefCompatibleDevice on device update
(rhbz#1557922)
- qemu: Fix updating device with boot order (rhbz#1557922)
- conf: Fix crash in virDomainDefCompatibleDevice (rhbz#1557922)
- vmx: check for present/enabled devices earlier (rhbz#1566524)
- vmx: allocate space for network interfaces if needed (rhbz#1566524)
- internal: add STRCASEPREFIX (rhbz#1566524)
- vmx: convert any amount of NICs (rhbz#1566524)
- qemu: Use dynamic buffer for storing PTY aliases (rhbz#1566525)
- qemu: avoid denial of service reading from QEMU monitor
(CVE-2018-5748) (CVE-2018-5748)
- qemu: avoid denial of service reading from QEMU guest agent
(CVE-2018-1064) (CVE-2018-1064)

[3.9.0-14.el7_5.3]
- qemu_cgroup: Fix 'rc' argument on virDomainAuditCgroupPath() calls
(rhbz#1564996)
- util: Introduce virStringListMerge (rhbz#1564996)
- util: Introduce virDevMapperGetTargets (rhbz#1564996)
- qemu_cgroup: Handle device mapper targets properly (rhbz#1564996)


ELSA-2018-1414 Critical: Oracle Linux 6 firefox security update

Oracle Linux Security Advisory ELSA-2018-1414

http://linux.oracle.com/errata/ELSA-2018-1414.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
firefox-52.8.0-1.0.1.el6_9.i686.rpm

x86_64:
firefox-52.8.0-1.0.1.el6_9.i686.rpm
firefox-52.8.0-1.0.1.el6_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/firefox-52.8.0-1.0.1.el6_9.src.rpm



Description of changes:

[52.8.0-1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red
Hat one
- Force requirement of newer gdk-pixbuf2 to ensure a proper update (Todd
Vierling) [orabug 19847484]

[52.8.0-1]
- Update to 52.8.0 ESR

ELSA-2018-1415 Critical: Oracle Linux 7 firefox security update

Oracle Linux Security Advisory ELSA-2018-1415

http://linux.oracle.com/errata/ELSA-2018-1415.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
firefox-52.8.0-1.0.1.el7_5.i686.rpm
firefox-52.8.0-1.0.1.el7_5.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/firefox-52.8.0-1.0.1.el7_5.src.rpm



Description of changes:

[52.8.0-1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red
Hat file

[52.8.0-1]
- Update to 52.8.0 ESR

ELSA-2018-1416 Moderate: Oracle Linux 7 qemu-kvm security update

Oracle Linux Security Advisory ELSA-2018-1416

http://linux.oracle.com/errata/ELSA-2018-1416.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
qemu-img-1.5.3-156.el7_5.1.x86_64.rpm
qemu-kvm-1.5.3-156.el7_5.1.x86_64.rpm
qemu-kvm-common-1.5.3-156.el7_5.1.x86_64.rpm
qemu-kvm-tools-1.5.3-156.el7_5.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-156.el7_5.1.src.rpm



Description of changes:

[1.5.3-156.el7_5.1]
- kvm-vga-add-ram_addr_t-cast.patch [bz#1567913]
- kvm-vga-fix-region-calculation.patch [bz#1567913]
- Resolves: bz#1567913
(CVE-2018-7858 qemu-kvm: Qemu: cirrus: OOB access when updating vga
display [rhel-7] [rhel-7.5.z])