Oracle Linux 6266 Published by

The following updates has been released for Oracle Linux:

ELBA-2018-3832 Oracle Linux 7 resource-agents bug fix update
ELBA-2018-4298 Oracle Linux 7 dtrace-utils, libdtrace-ctf bug fix update
ELBA-2018-4298 Oracle Linux 7 dtrace-utils, libdtrace-ctf bug fix update (aarch64)
ELBA-2018-4306 Oracle Linux 7 oracle-rdma-releasee bug fix update
ELBA-2018-4310 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update
ELBA-2018-4310 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update (aarch64)
ELSA-2018-3831 Critical: Oracle Linux 6 firefox security update
ELSA-2018-3833 Critical: Oracle Linux 7 firefox security update
ELSA-2018-3834 Important: Oracle Linux 7 ghostscript security and bug fix update



ELBA-2018-3832 Oracle Linux 7 resource-agents bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-3832

http://linux.oracle.com/errata/ELBA-2018-3832.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
resource-agents-4.1.1-12.el7_6.7.x86_64.rpm
resource-agents-aliyun-4.1.1-12.el7_6.7.x86_64.rpm
resource-agents-gcp-4.1.1-12.el7_6.7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/resource-agents-4.1.1-12.el7_6.7.src.rpm



Description of changes:

[4.1.1-12.7]
- rabbitmq-cluster: ensure node attributes are removed

Resolves: rhbz#1657138

ELBA-2018-4298 Oracle Linux 7 dtrace-utils, libdtrace-ctf bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4298

http://linux.oracle.com/errata/ELBA-2018-4298.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
dtrace-utils-1.1.1-1.el7.x86_64.rpm
dtrace-utils-devel-1.1.1-1.el7.x86_64.rpm
dtrace-utils-testsuite-1.1.1-1.el7.x86_64.rpm
libdtrace-ctf-1.0.0-1.el7.x86_64.rpm
libdtrace-ctf-devel-1.0.0-1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-utils-1.1.1-1.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/libdtrace-ctf-1.0.0-1.el7.src.rpm



Description of changes:

dtrace-utils
[1.1.1-1]
- Skip unstable tests, as this is a release branch
- Boost timeouts on a few tests for VMs on which fork() is slow
- Mark a few more tests unstable
- Do not run noresolve tests on UEK4 (Vincent Lim)

[1.1.0-1]
- Add more DTRACE_PROBE definitions to sdt.h, for SystemTap
compatibility, and test them (Tomas Jedlicka) [Orabug: 27721525]
- New ctfpath option, allowing explicit specification of ctf archives
to use for the running kernel (Tomas Jedlicka) [Orabug: 28178265]
- Fix memory leaks and minor uninitialized-data bugs [Orabug: 28247636]
- Add test for SDT argument retrieval from stack, in UEK4QU7
(Kris Van Hees) [Orabug: 25949088]
- Remove preallocation from the buffering testsuite (Tomas Jedlicka)
[Orabug: 27998779]
- Include the smoketests in make check [Orabug: 28128338]
- Improve testsuite temporary file creation (Eugene Loh)
[Orabug: 28142056]
- Clean up compiler warnings (Eugene Loh) [Orabug: 27934422, 27998779]

libdtrace-ctf
[1.0.0-1]
- Format v2, supporting many more types and enum/struct/union members.
v1 CTF files are transparently updated to v2. No soname change, but
some API for users directly accessing CTF files is broken.
[Orabug: 28150489]]

[0.8.1-1]
- Fix ctf_rollback() in client containers to delete only the types
added since the last snapshot, rather than all of them.
[Orabug: 27971037]]

ELBA-2018-4298 Oracle Linux 7 dtrace-utils, libdtrace-ctf bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2018-4298

http://linux.oracle.com/errata/ELBA-2018-4298.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
dtrace-utils-1.1.1-1.el7.aarch64.rpm
dtrace-utils-devel-1.1.1-1.el7.aarch64.rpm
dtrace-utils-testsuite-1.1.1-1.el7.aarch64.rpm
libdtrace-ctf-1.0.0-1.el7.aarch64.rpm
libdtrace-ctf-devel-1.0.0-1.el7.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-utils-1.1.1-1.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/libdtrace-ctf-1.0.0-1.el7.src.rpm



Description of changes:

dtrace-utils
[1.1.1-1]
- Skip unstable tests, as this is a release branch
- Boost timeouts on a few tests for VMs on which fork() is slow
- Mark a few more tests unstable
- Do not run noresolve tests on UEK4 (Vincent Lim)

[1.1.0-1]
- Add more DTRACE_PROBE definitions to sdt.h, for SystemTap
compatibility, and test them (Tomas Jedlicka) [Orabug: 27721525]
- New ctfpath option, allowing explicit specification of ctf archives
to use for the running kernel (Tomas Jedlicka) [Orabug: 28178265]
- Fix memory leaks and minor uninitialized-data bugs [Orabug: 28247636]
- Add test for SDT argument retrieval from stack, in UEK4QU7
(Kris Van Hees) [Orabug: 25949088]
- Remove preallocation from the buffering testsuite (Tomas Jedlicka)
[Orabug: 27998779]
- Include the smoketests in make check [Orabug: 28128338]
- Improve testsuite temporary file creation (Eugene Loh)
[Orabug: 28142056]
- Clean up compiler warnings (Eugene Loh) [Orabug: 27934422, 27998779]

libdtrace-ctf
[ 1.0.0-1]
- Format v2, supporting many more types and enum/struct/union members.
v1 CTF files are transparently updated to v2. No soname change, but
some API for users directly accessing CTF files is broken.
[Orabug: 28150489]]

ELBA-2018-4306 Oracle Linux 7 oracle-rdma-releasee bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4306

http://linux.oracle.com/errata/ELBA-2018-4306.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
infiniband-diags-2.0.0-1.0.4.el7vos.x86_64.rpm
libpcap-1.9.0-1.0.3.el7vos.x86_64.rpm
oracle-rdma-release-0.5.1-1.el7vos.x86_64.rpm
oracle-rdma-tools-0.7.0-1.el7vos.x86_64.rpm
perftest-4.2-1.0.4.el7vos.x86_64.rpm
qperf-0.4.11-1.0.4.el7vos.x86_64.rpm
ibacm-17.1-1.0.5.el7vos.x86_64.rpm
libibumad-17.1-1.0.5.el7vos.x86_64.rpm
libibverbs-17.1-1.0.5.el7vos.x86_64.rpm
libibverbs-utils-17.1-1.0.5.el7vos.x86_64.rpm
librdmacm-17.1-1.0.5.el7vos.x86_64.rpm
librdmacm-utils-17.1-1.0.5.el7vos.x86_64.rpm
rdma-core-17.1-1.0.5.el7vos.x86_64.rpm
rdma-core-devel-17.1-1.0.5.el7vos.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/infiniband-diags-2.0.0-1.0.4.el7vos.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/libpcap-1.9.0-1.0.3.el7vos.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/oracle-rdma-release-0.5.1-1.el7vos.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/oracle-rdma-tools-0.7.0-1.el7vos.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/perftest-4.2-1.0.4.el7vos.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/qperf-0.4.11-1.0.4.el7vos.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/rdma-core-17.1-1.0.5.el7vos.src.rpm



Description of changes:

infiniband-diags
[5:2.0.0-1.0.4]
- BUILDINFO: commit=5e1f428478f861a751bcd8d8ca7785714257158b
- libibmad: dont set errno for MAD "no records" err (Mukesh Kacker)
[Orabug: 28278631]


libpcap
[14:1.9.0-1.0.3]
- BUILDINFO: commit=b0c86eb5aa8593d50423767415b7ee4b5daace26
- Rebuild for libibverbs ABI changes [Orabug: 28144657]


oracle-rdma-release
[0:0.5.1-1]
- BUILDINFO: commit=10d9d2792f13bca84378dc0f2a1c23e282e1ac2a
- perftest: Release v5:4.2-1.0.3
- qperf: Release v5:0.4.11-1.0.3

[0:0.5.0-1]
- ibacm: Release v5:17.1-1.0.5
- infiniband-diags: Release v5:2.0.0-1.0.4
- libibumad: Release v5:17.1-1.0.5
- libibverbs: Release v5:17.1-1.0.5
- libibverbs-utils: Release v5:17.1-1.0.5
- librdmacm: Release v5:17.1-1.0.5
- librdmacm-utils: Release v5:17.1-1.0.5
- oracle-rdma-tools: Release v0:0.7.0-1
- rdma-core: Release v5:17.1-1.0.5
- rdma-core-devel: Release v5:17.1-1.0.5

oracle-rdma-tools
[0:0.7.0-1]
- BUILDINFO: commit=46c57d1dab5ebe4aaa475a3bfb4c978918e07ac8
- roce_config: Adjust configuration steps for VFs (Avinash Repaka)
[Orabug: 27482819]
- roce_config: Disable CNP configuration for VFs (Aron Silverton)
[Orabug: 27482819]
- roce_config: Disable CNP configuration (Aron Silverton) [Orabug: 28600183]
- roce_config: Fix multi-thread race condition (Aron Silverton) [Orabug:
28730043]

perftest
[5:4.2-1.0.4]
- BUILDINFO: commit=16641e7b9b84d5181a6e50daaa485079ab528c83
- Rebuild for libibverbs ABI changes [Orabug: 28144657]


qperf
[5:0.4.11-1.0.4]
- BUILDINFO: commit=aa4d2d164f48d38c5ce721af1026757c7927e2a6
- Rebuild for libibverbs ABI changes [Orabug: 28144657]

rdma-core
[5:17.1-1.0.5]
- BUILDINFO: commit=3f451ce14cd351a77f4f14c05b2a1ebd3ad7f0ca
- libibverbs: Add additional "#ifndef WITHOUT_ORACLE_EXTENSIONS" markers
(Gerd Rausch) [Orabug: 28144657]
- libibverbs: Add upstream & old Oracle-ABI compatibility (Gerd Rausch)
[Orabug: 28144657]
- oracle/spec: Cleanup and update to upstream kernel boot framework
(Aron Silverton) [Orabug: 28394710]
- oracle/spec: Load RDS kernel modules using hot-plug (Aron Silverton)
[Orabug: 28667038]
- oracle/spec: Load sysctl settings for RDS (Aron Silverton) [Orabug:
28667038]
- oracle: Disable loading ib_iser (Aron Silverton) [Orabug: 28188517]
- oracle: Disable loading NFS over RDMA (Aron Silverton) [Orabug: 28667412]
- oracle: Load RDMAIP kernel module using hot-plug (Aron Silverton)
[Orabug: 28782057]

ELBA-2018-4310 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4310

http://linux.oracle.com/errata/ELBA-2018-4310.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-4.14.35-1844.0.7.el7uek.x86_64.rpm
kernel-uek-debug-4.14.35-1844.0.7.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.14.35-1844.0.7.el7uek.x86_64.rpm
kernel-uek-devel-4.14.35-1844.0.7.el7uek.x86_64.rpm
kernel-uek-tools-4.14.35-1844.0.7.el7uek.x86_64.rpm
kernel-uek-doc-4.14.35-1844.0.7.el7uek.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1844.0.7.el7uek.src.rpm



Description of changes:

[4.14.35-1844.0.7.el7uek]
- xfs: enhance dinode verifier (Eric Sandeen) [Orabug: 28997653] {CVE-2018-10322}
- xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong) [Orabug: 28997653] {CVE-2018-10322}
- Revert "xfs: move inode fork verifiers to xfs_dinode_verify" (Shan Hai) [Orabug: 28997653]
- Revert "xfs: enhance dinode verifier" (Shan Hai) [Orabug: 28997653]

ELBA-2018-4310 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2018-4310

http://linux.oracle.com/errata/ELBA-2018-4310.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
kernel-uek-4.14.35-1844.0.7.el7uek.aarch64.rpm
kernel-uek-debug-4.14.35-1844.0.7.el7uek.aarch64.rpm
kernel-uek-debug-devel-4.14.35-1844.0.7.el7uek.aarch64.rpm
kernel-uek-devel-4.14.35-1844.0.7.el7uek.aarch64.rpm
kernel-uek-headers-4.14.35-1844.0.7.el7uek.aarch64.rpm
kernel-uek-tools-4.14.35-1844.0.7.el7uek.aarch64.rpm
kernel-uek-tools-libs-4.14.35-1844.0.7.el7uek.aarch64.rpm
kernel-uek-tools-libs-devel-4.14.35-1844.0.7.el7uek.aarch64.rpm
perf-4.14.35-1844.0.7.el7uek.aarch64.rpm
python-perf-4.14.35-1844.0.7.el7uek.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1844.0.7.el7uek.src.rpm



Description of changes:

[4.14.35-1844.0.7.el7uek]
- xfs: enhance dinode verifier (Eric Sandeen) [Orabug: 28997653] {CVE-2018-10322}
- xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong) [Orabug: 28997653] {CVE-2018-10322}
- Revert "xfs: move inode fork verifiers to xfs_dinode_verify" (Shan Hai) [Orabug: 28997653]
- Revert "xfs: enhance dinode verifier" (Shan Hai) [Orabug: 28997653]

[4.14.35-1844.0.6.el7uek]
- hugetlbfs: use truncate mutex to prevent pmd sharing race (Mike Kravetz) [Orabug: 28896272]
- xfs: enhance dinode verifier (Eric Sandeen) [Orabug: 28943577] {CVE-2018-10322}
- xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong) [Orabug: 28943577] {CVE-2018-10322}
- libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (Fred Herard) [Orabug: 28946203]
- ib/core: Use driver pd ident when comparing pds. (Hans Westgaard Ry) [Orabug: 28947972]

ELSA-2018-3831 Critical: Oracle Linux 6 firefox security update

Oracle Linux Security Advisory ELSA-2018-3831

http://linux.oracle.com/errata/ELSA-2018-3831.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
firefox-60.4.0-1.0.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/firefox-60.4.0-1.0.1.el6.src.rpm



Description of changes:

[60.4.0-1.0.1]
- fix LD_LIBRARY_PATH
- Add firefox-oracle-default-prefs.js and remove the corresponding Red
Hat one

[60.4.0-1]
- Update to 60.4.0 ESR

[60.3.0-2]
- Added firefox-gnome-shell-extension

ELSA-2018-3833 Critical: Oracle Linux 7 firefox security update

Oracle Linux Security Advisory ELSA-2018-3833

http://linux.oracle.com/errata/ELSA-2018-3833.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
firefox-60.4.0-1.0.1.el7.i686.rpm
firefox-60.4.0-1.0.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/firefox-60.4.0-1.0.1.el7.src.rpm



Description of changes:

[60.4.0-1.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red
Hat file

[60.4.0-1]
- Update to 60.4.0 ESR

[60.3.0-2]
- Added firefox-gnome-shell-extension

[60.3.0-1]
- Update to 60.3.0 ESR


ELSA-2018-3834 Important: Oracle Linux 7 ghostscript security and bug fix update

Oracle Linux Security Advisory ELSA-2018-3834

http://linux.oracle.com/errata/ELSA-2018-3834.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
ghostscript-9.07-31.el7_6.6.i686.rpm
ghostscript-9.07-31.el7_6.6.x86_64.rpm
ghostscript-cups-9.07-31.el7_6.6.x86_64.rpm
ghostscript-devel-9.07-31.el7_6.6.i686.rpm
ghostscript-devel-9.07-31.el7_6.6.x86_64.rpm
ghostscript-doc-9.07-31.el7_6.6.noarch.rpm
ghostscript-gtk-9.07-31.el7_6.6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ghostscript-9.07-31.el7_6.6.src.rpm



Description of changes:

[9.07-31.el7_6.6]
- Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect
smooth shading object (Error: /rangecheck in --run--)

[9.07-31.el7_6.5]
- Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in
pagedevice replacement (699664)
- Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error
exception table
- Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks
can leak operator arrays
- Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks
can leak operator arrays (incomplete fix for CVE-2018-17183)
- Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator
allows a sandbox protection bypass
- Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in
setpattern (700141)

[9.07-31.el7_6.4]
- Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory
access in the aesdecode operator (699665)
- Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of
privilege" checking when running out of stack during exception handling
- Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented
security check in zsetdevice function in psi/zdevice.c