Oracle Linux 6277 Published by

The following updates has been released for Oracle Linux:

ELBA-2019-4694 Oracle Linux 7 iproute bug fix update
ELSA-2019-1579 Important: Oracle Linux 7 libvirt security and bug fix update
ELSA-2019-1587 Important: Oracle Linux 7 python security update (aarch64)
ELSA-2019-4692 Important: Oracle Linux 7 libssh2 security update (aarch64)
New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELBA-2019-4698)



ELBA-2019-4694 Oracle Linux 7 iproute bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-4694

http://linux.oracle.com/errata/ELBA-2019-4694.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
iproute-4.16.0-1.0.5.el7.x86_64.rpm
iproute-devel-4.16.0-1.0.5.el7.x86_64.rpm
iproute-doc-4.16.0-1.0.5.el7.x86_64.rpm
iproute-tc-4.16.0-1.0.5.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/iproute-4.16.0-1.0.5.el7.src.rpm



Description of changes:

[4.16.0-1.0.5]
- Fix rdma: Ignore unknown netlink attributes [Orabug: 29890190]
- Fix rdma: Fix incorrectly handled NLA validation. (also fixes upstream
74bd75c)


ELSA-2019-1579 Important: Oracle Linux 7 libvirt security and bug fix update

Oracle Linux Security Advisory ELSA-2019-1579

http://linux.oracle.com/errata/ELSA-2019-1579.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libvirt-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-admin-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-bash-completion-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-client-4.5.0-10.0.1.el7_6.12.i686.rpm
libvirt-client-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-config-network-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-kvm-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-daemon-lxc-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-devel-4.5.0-10.0.1.el7_6.12.i686.rpm
libvirt-devel-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-docs-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-libs-4.5.0-10.0.1.el7_6.12.i686.rpm
libvirt-libs-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-lock-sanlock-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-login-shell-4.5.0-10.0.1.el7_6.12.x86_64.rpm
libvirt-nss-4.5.0-10.0.1.el7_6.12.i686.rpm
libvirt-nss-4.5.0-10.0.1.el7_6.12.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libvirt-4.5.0-10.0.1.el7_6.12.src.rpm



Description of changes:

[4.5.0-10.0.1]
- added librbd1 as dependency (Keshav Sharma)

[4.5.0-10.el7_6.12]
- api: disallow virDomainSaveImageGetXMLDesc on read-only connections
(CVE-2019-10161)
- api: disallow virDomainManagedSaveDefineXML on read-only connections
(CVE-2019-10166)
- api: disallow virConnectGetDomainCapabilities on read-only connections
(CVE-2019-10167)
- api: disallow virConnect*HypervisorCPU on read-only connections
(CVE-2019-10168)

[4.5.0-10.el7_6.11]
- virfile: added GPFS as shared fs (rhbz#1715867)

ELSA-2019-1587 Important: Oracle Linux 7 python security update (aarch64)

Oracle Linux Security Advisory ELSA-2019-1587

http://linux.oracle.com/errata/ELSA-2019-1587.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
python-2.7.5-80.0.1.el7_6.aarch64.rpm
python-devel-2.7.5-80.0.1.el7_6.aarch64.rpm
python-libs-2.7.5-80.0.1.el7_6.aarch64.rpm
python-debug-2.7.5-80.0.1.el7_6.aarch64.rpm
python-test-2.7.5-80.0.1.el7_6.aarch64.rpm
python-tools-2.7.5-80.0.1.el7_6.aarch64.rpm
tkinter-2.7.5-80.0.1.el7_6.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-2.7.5-80.0.1.el7_6.src.rpm



Description of changes:

[2.7.5-80.0.1]
- Add Oracle Linux distribution in platform.py [orabug 20812544]

[2.7.5-80]
- Security fix for CVE-2019-10160
Resolves: rhbz#1718401

ELSA-2019-4692 Important: Oracle Linux 7 libssh2 security update (aarch64)

Oracle Linux Security Advisory ELSA-2019-4692

http://linux.oracle.com/errata/ELSA-2019-4692.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
libssh2-1.4.3-12.0.1.el7_6.2.aarch64.rpm
libssh2-devel-1.4.3-12.0.1.el7_6.2.aarch64.rpm
libssh2-docs-1.4.3-12.0.1.el7_6.2.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libssh2-1.4.3-12.0.1.el7_6.2.src.rpm



Description of changes:

[1.4.3-12.0.1.el7_6.2]
- [Orabug: 29909723] Added patch CVE-2019-3862
added length checks to prevent out-of-bounds reads and writes in
_libssh2_packet_add()(CVE-2019-3862)

New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELBA-2019-4698)

Synopsis: ELBA-2019-4698 can now be patched using Ksplice

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Bug Fix Advisory, ELBA-2019-4698.
More information about this errata can be found at
https://linux.oracle.com/errata/ELBA-2019-4698.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Missing Spectre v4 protection on late microcode updates.

A logic error when performing a late microcode update could result in
ignoring MSR writes to enable the SSBD mitigation.

Orabug: 29642139

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.