Oracle Linux 6277 Published by

The following updates has been released for Oracle Linux:

ELBA-2019-1338 Oracle Linux 7 glibc bug fix and enhancement update
ELBA-2019-4673 Oracle Linux 7 lldpad bug fix update
ELBA-2019-4674 Oracle Linux 7 oracle-gluster-release-el7 bug fix update
ELBA-2019-4674 Oracle Linux 7 oracle-gluster-release-el7 bug fix update (aarch64)
ELSA-2019-4675 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
ELSA-2019-4675 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update



ELBA-2019-1338 Oracle Linux 7 glibc bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2019-1338

http://linux.oracle.com/errata/ELBA-2019-1338.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
glibc-2.17-260.0.17.el7_6.6.i686.rpm
glibc-2.17-260.0.17.el7_6.6.x86_64.rpm
glibc-common-2.17-260.0.17.el7_6.6.x86_64.rpm
glibc-devel-2.17-260.0.17.el7_6.6.i686.rpm
glibc-devel-2.17-260.0.17.el7_6.6.x86_64.rpm
glibc-headers-2.17-260.0.17.el7_6.6.x86_64.rpm
glibc-static-2.17-260.0.17.el7_6.6.i686.rpm
glibc-static-2.17-260.0.17.el7_6.6.x86_64.rpm
glibc-utils-2.17-260.0.17.el7_6.6.x86_64.rpm
nscd-2.17-260.0.17.el7_6.6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/glibc-2.17-260.0.17.el7_6.6.src.rpm



Description of changes:

[2.17-260.0.17.6]
- Make _IO_funlockfile match __funlockfile and _IO_flockfile match
__flockfile
Both should test
if (stream->_flags & _IO_USER_LOCK) == 0)
_IO_lock_lock (*stream->_lock);
OraBug 28481550.
Reviewed-by: Jose E. Marchesi
- Modify glibc-ora28849085.patch so it works with RHCK kernels.
Orabug 28849085.
- Reviewed-by: Egeyar Bagcioglu
- Use NLM_F_SKIP_STATS in uek2 and RTEXT_FILTER_SKIP_STATS in uek4 in
getifaddrs.
- Orabug 28849085
- Reviewed-by: Patrick McGehearty
- Mention CVE numbers in the .spec file for CVE-2015-8983 and CVE-2015-8984.
- Orabug 25558067.
- Reviewed-by: Egeyar Bagcioglu
- Regenerate plural.c
- OraBug 28806294.
- Reviewed-by: Jose E. Marchesi
- intl: Port to Bison 3.0
- Backport of upstream gettext commit
19f23e290a5e4a82b9edf9f5a4f8ab6192871be9
- OraBug 28806294.
- Reviewed-by: Patrick McGehearty
- Fix dbl-64/wordsize-64 remquo (bug 17569).
- Backport of upstream d9afe48d55a412e76b0dcb28335fd4b390fe07ae
- OraBug 19570749.
- Reviewed-by: Jose E. Marchesi
- libio: Disable vtable validation in case of interposition.
- Backport of upstream c402355dfa7807b8e0adb27c009135a7e2b9f1b0.
- OraBug 28483336
- Add MAP_SHARED_VALIDATE and MAP_SYNC flags to
- sysdeps/unix/sysv/linux/x86/bits/mman.h
- OraBug 28389572
- Update bits/siginfo.h with Linux hwpoison SIGBUS changes.
- Adds new SIGBUS error codes for hardware poison signals, syncing with
the current kernel headers (v3.9).
- It also adds si_trapno field for alpha.
- New values: BUS_MCEERR_AR, BUS_MCEERR_AO
- OraBug 28124569

[2.17-260.6]
- Backport libio vtable validation improvements (#1705899)


ELBA-2019-4673 Oracle Linux 7 lldpad bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-4673

http://linux.oracle.com/errata/ELBA-2019-4673.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
lldpad-1.0.1-1.0.4.el7ora.x86_64.rpm
lldpad-devel-1.0.1-1.0.4.el7ora.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/lldpad-1.0.1-1.0.4.el7ora.src.rpm



Description of changes:

[5:1.0.1-1.0.4ora]
- oracle: Release v5:1.0.1-1.0.4 (Imanti Mendez) [Orabug: 2922916028610567]

[1.0.1-1.0.3.el7]
- Build version 1.0.1-1.0.3 (Imanti Mendez)

[1.0.1-1.0.2.el7]
- ORACLE: Build version 1.0.1-1.0.2 (Imanti Mendez)

[1.0.1-1.0.1.el7]
- Triggering prod-build release 1.0.1

ELBA-2019-4674 Oracle Linux 7 oracle-gluster-release-el7 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-4674

http://linux.oracle.com/errata/ELBA-2019-4674.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
oracle-gluster-release-el7-1.0-4.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/oracle-gluster-release-el7-1.0-4.el7.src.rpm



Description of changes:

[1.0-4]
- Added new repository entry for gluster 5

ELBA-2019-4674 Oracle Linux 7 oracle-gluster-release-el7 bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2019-4674

http://linux.oracle.com/errata/ELBA-2019-4674.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
oracle-gluster-release-el7-1.0-4.el7.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/oracle-gluster-release-el7-1.0-4.el7.src.rpm



Description of changes:

[1.0-4]
- Added new repository entry for gluster 5

ELSA-2019-4675 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2019-4675

http://linux.oracle.com/errata/ELSA-2019-4675.html

The following updated rpms for Oracle Linux 5 Extended Lifecycle Support
(ELS) have been uploaded to the Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.312.1.el5uek.i686.rpm
kernel-uek-debug-2.6.39-400.312.1.el5uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.312.1.el5uek.i686.rpm
kernel-uek-devel-2.6.39-400.312.1.el5uek.i686.rpm
kernel-uek-doc-2.6.39-400.312.1.el5uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.312.1.el5uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.312.1.el5uek.noarch.rpm
kernel-uek-doc-2.6.39-400.312.1.el5uek.noarch.rpm
kernel-uek-2.6.39-400.312.1.el5uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.312.1.el5uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.312.1.el5uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.312.1.el5uek.x86_64.rpm




Description of changes:

[2.6.39-400.312.1.el5uek]
- Bluetooth: hidp: fix buffer overflow (Young Xiao) [Orabug: 29786788] {CVE-2011-1079} {CVE-2019-11884}
- x86/speculation/mds: Fix verw usage to use memory operand (Patrick Colp) [Orabug: 29791037] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2019-11091}
- x86/speculation/mds: Make cpu_vuln_whitelist __cpuinitconst (Patrick Colp) [Orabug: 29792027]
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Thomas Gleixner) [Orabug: 29792064] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2019-11091}
- x86/speculation/mds: Call VERW on NMI path when returning to user (Patrick Colp) [Orabug: 29792097] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2019-11091}
- x86/speculation/mds: Fix incorrect check against MSR_IA32_ARCH_CAPABILITIES (Patrick Colp) [Orabug: 29820653]


ELSA-2019-4675 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2019-4675

http://linux.oracle.com/errata/ELSA-2019-4675.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.312.1.el6uek.i686.rpm
kernel-uek-debug-2.6.39-400.312.1.el6uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.312.1.el6uek.i686.rpm
kernel-uek-devel-2.6.39-400.312.1.el6uek.i686.rpm
kernel-uek-doc-2.6.39-400.312.1.el6uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.312.1.el6uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.312.1.el6uek.noarch.rpm
kernel-uek-doc-2.6.39-400.312.1.el6uek.noarch.rpm
kernel-uek-2.6.39-400.312.1.el6uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.312.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.312.1.el6uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.312.1.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.39-400.312.1.el6uek.src.rpm



Description of changes:

[2.6.39-400.312.1.el6uek]
- Bluetooth: hidp: fix buffer overflow (Young Xiao) [Orabug: 29786788] {CVE-2011-1079} {CVE-2019-11884}
- x86/speculation/mds: Fix verw usage to use memory operand (Patrick Colp) [Orabug: 29791037] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2019-11091}
- x86/speculation/mds: Make cpu_vuln_whitelist __cpuinitconst (Patrick Colp) [Orabug: 29792027]
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Thomas Gleixner) [Orabug: 29792064] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2019-11091}
- x86/speculation/mds: Call VERW on NMI path when returning to user (Patrick Colp) [Orabug: 29792097] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2019-11091}
- x86/speculation/mds: Fix incorrect check against MSR_IA32_ARCH_CAPABILITIES (Patrick Colp) [Orabug: 29820653]