Oracle Linux 6257 Published by

The following updates has been released for Oracle Linux:

ELBA-2018-4236 Oracle Linux 6 Unbreakable Enterprise kernel bug fix update
ELBA-2018-4236 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update
ELBA-2018-4237 Oracle Linux 7 rhn-client-tools bug fix update
ELBA-2018-4238 Oracle Linux 7 rhn-client-tools bug fix update (aarch64)
ELBA-2018-4239 Oracle Linux 6 rhn-client-tools bug fix update
ELSA-2018-4235 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) kernel security update
New Ksplice updates for UEKR2 2.6.39 on OL5 and OL6 (ELSA-2018-4214)
New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2018-4230)



ELBA-2018-4236 Oracle Linux 6 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4236

http://linux.oracle.com/errata/ELBA-2018-4236.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.19.7.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.19.7.el6uek.noarch.rpm
kernel-uek-4.1.12-124.19.7.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.19.7.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.19.7.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.19.7.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.19.7.el6uek.src.rpm



Description of changes:

[4.1.12-124.19.7.el6uek]
- sunrpc: increase UNX_MAXNODENAME from 32 to __NEW_UTS_LEN bytes (Jeff
Layton) [Orabug: 28660177]
- net: rds: Use address family to designate IPv4 or IPv6 addresses
(Håkon Bugge) [Orabug: 28720071]
- net: rds: Fix blank at eol in af_rds.c (Håkon Bugge) [Orabug: 28720071]


ELBA-2018-4236 Oracle Linux 7 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4236

http://linux.oracle.com/errata/ELBA-2018-4236.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.19.7.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.19.7.el7uek.noarch.rpm
kernel-uek-4.1.12-124.19.7.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.19.7.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.19.7.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.19.7.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.19.7.el7uek.src.rpm



Description of changes:

[4.1.12-124.19.7.el7uek]
- sunrpc: increase UNX_MAXNODENAME from 32 to __NEW_UTS_LEN bytes (Jeff
Layton) [Orabug: 28660177]
- net: rds: Use address family to designate IPv4 or IPv6 addresses
(Håkon Bugge) [Orabug: 28720071]
- net: rds: Fix blank at eol in af_rds.c (Håkon Bugge) [Orabug: 28720071]

ELBA-2018-4237 Oracle Linux 7 rhn-client-tools bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4237

http://linux.oracle.com/errata/ELBA-2018-4237.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
rhn-check-2.0.2-21.0.9.el7.noarch.rpm
rhn-client-tools-2.0.2-21.0.9.el7.noarch.rpm
rhn-setup-2.0.2-21.0.9.el7.noarch.rpm
rhn-setup-gnome-2.0.2-21.0.9.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/rhn-client-tools-2.0.2-21.0.9.el7.src.rpm


Notes: Oracle is replacing Symantec-branded certificates with
Digicert-branded certificates across all of its infrastructure to
prevent trust warnings from Chrome and Firefox. Users are advised to
upgrade to these updated packages before Oct 9, 2018. For details please
refer to "How to update ULN-CA-CERT" in the
https://linux.oracle.com/uln_faq.html

Description of changes:

[2.0.2-22.0.9]
- Updated public-yum-ol7.repo [Orabug 28375712]
- Updated replacement ULN-CA-CERT

[2.0.2-22.0.6]
- Updated public-yum-ol7.repo

[2.0.2-22.0.4]
- Updated public-yum-ol7.repo file for aarch64 [OraBug 27029619]
(keshav.sharma@oracle.com)


ELBA-2018-4238 Oracle Linux 7 rhn-client-tools bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2018-4238

http://linux.oracle.com/errata/ELBA-2018-4238.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
rhn-check-2.0.2-21.0.10.el7.noarch.rpm
rhn-client-tools-2.0.2-21.0.10.el7.noarch.rpm
rhn-setup-2.0.2-21.0.10.el7.noarch.rpm
rhn-setup-gnome-2.0.2-21.0.10.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/rhn-client-tools-2.0.2-21.0.10.el7.src.rpm


Notes: Oracle is replacing Symantec-branded certificates with
Digicert-branded certificates across all of its infrastructure to
prevent trust warnings from Chrome and Firefox. Users are advised to
upgrade to these updated packages before Oct 9, 2018. For details please
refer to "How to update ULN-CA-CERT" in the
https://linux.oracle.com/uln_faq.html.

Description of changes:

[2.0.2-22.0.10]
- Build for Arm

[2.0.2-22.0.9]
- Updated public-yum-ol7.repo [Orabug 28375712]
- Updated replacement ULN-CA-CERT

[2.0.2-22.0.6]
- Updated public-yum-ol7.repo

[2.0.2-22.0.4]
- Updated public-yum-ol7.repo file for aarch64 [OraBug 27029619]
(keshav.sharma@oracle.com)

ELBA-2018-4239 Oracle Linux 6 rhn-client-tools bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4239

http://linux.oracle.com/errata/ELBA-2018-4239.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
rhn-check-1.0.0.1-45.0.3.el6.noarch.rpm
rhn-client-tools-1.0.0.1-45.0.3.el6.noarch.rpm
rhn-setup-1.0.0.1-45.0.3.el6.noarch.rpm
rhn-setup-gnome-1.0.0.1-45.0.3.el6.noarch.rpm

x86_64:
rhn-check-1.0.0.1-45.0.3.el6.noarch.rpm
rhn-client-tools-1.0.0.1-45.0.3.el6.noarch.rpm
rhn-setup-1.0.0.1-45.0.3.el6.noarch.rpm
rhn-setup-gnome-1.0.0.1-45.0.3.el6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/rhn-client-tools-1.0.0.1-45.0.3.el6.src.rpm

Notes: Oracle is replacing Symantec-branded certificates with
Digicert-branded certificates across all of its infrastructure to
prevent trust warnings from Chrome and Firefox. Users are advised to
upgrade to these updated packages before Oct 9, 2018. For details please
refer to "How to update ULN-CA-CERT" in the
https://linux.oracle.com/uln_faq.html

Description of changes:

[1.0.0.1-45.0.3]
- Updated Replacement ULN-CA-CERT.

ELSA-2018-4235 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) kernel security update

Oracle Linux Security Advisory ELSA-2018-4235

http://linux.oracle.com/errata/ELSA-2018-4235.html

The following updated rpms for Oracle Linux 5 Extended Lifecycle Support
(ELS) have been uploaded to the Unbreakable Linux Network:

i386:
kernel-2.6.18-419.0.0.0.12.el5.i686.rpm
kernel-debug-2.6.18-419.0.0.0.12.el5.i686.rpm
kernel-debug-devel-2.6.18-419.0.0.0.12.el5.i686.rpm
kernel-devel-2.6.18-419.0.0.0.12.el5.i686.rpm
kernel-doc-2.6.18-419.0.0.0.12.el5.noarch.rpm
kernel-headers-2.6.18-419.0.0.0.12.el5.i386.rpm
kernel-PAE-2.6.18-419.0.0.0.12.el5.i686.rpm
kernel-PAE-devel-2.6.18-419.0.0.0.12.el5.i686.rpm
kernel-xen-2.6.18-419.0.0.0.12.el5.i686.rpm
kernel-xen-devel-2.6.18-419.0.0.0.12.el5.i686.rpm

x86_64:
kernel-2.6.18-419.0.0.0.12.el5.x86_64.rpm
kernel-debug-2.6.18-419.0.0.0.12.el5.x86_64.rpm
kernel-debug-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm
kernel-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm
kernel-doc-2.6.18-419.0.0.0.12.el5.noarch.rpm
kernel-headers-2.6.18-419.0.0.0.12.el5.x86_64.rpm
kernel-xen-2.6.18-419.0.0.0.12.el5.x86_64.rpm
kernel-xen-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm


The following packages were rebuilt to be in sync with the updated
kernel version (no changes other than updating the version number):
i386:
ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.i686.rpm
ocfs2-2.6.18-419.0.0.0.12.el5PAE-1.4.11-1.el5.i686.rpm
ocfs2-2.6.18-419.0.0.0.12.el5xen-1.4.11-1.el5.i686.rpm
ocfs2-2.6.18-419.0.0.0.12.el5debug-1.4.11-1.el5.i686.rpm
oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.i686.rpm
oracleasm-2.6.18-419.0.0.0.12.el5PAE-2.0.5-2.el5.i686.rpm
oracleasm-2.6.18-419.0.0.0.12.el5xen-2.0.5-2.el5.i686.rpm
oracleasm-2.6.18-419.0.0.0.12.el5debug-2.0.5-2.el5.i686.rpm

x86_64:
ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.x86_64.rpm
ocfs2-2.6.18-419.0.0.0.12.el5xen-1.4.11-1.el5.x86_64.rpm
ocfs2-2.6.18-419.0.0.0.12.el5debug-1.4.11-1.el5.x86_64.rpm
oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.x86_64.rpm
oracleasm-2.6.18-419.0.0.0.12.el5xen-2.0.5-2.el5.x86_64.rpm
oracleasm-2.6.18-419.0.0.0.12.el5debug-2.0.5-2.el5.x86_64.rpm



SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.src.rpm


Description of changes:

kernel
[2.6.18-419.0.0.0.12.el5]
- [x86] mm/dump_pagetables: Add a check_l1tf debugfs file (Chris von
Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpu: Make flush_l1d visible in /proc /cpuinfo (Chris von
Recklinghausen) [1593378]
- [x86] cpufeatures: Add detection of L1D cache flush support. (Chris
von Recklinghausen) [1593378]
- [x86] l1tf: protect _PAGE_FILE PTEs against speculation (Chris von
Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Extend 64bit swap file size limit (Chris von
Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] bugs: Move the l1tf function and define pr_fmt properly (Chris
von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Limit swap file size to MAX_PA/2 (Chris von
Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Add sysfs reporting for l1tf (Chris von
Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation
(Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect swap entries against L1TF (Chris von
Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Change order of offset/type in swap entry
(Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
(Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpu: Fix incorrect vulnerabilities files function prototypes
(Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] bugs: Export the internal __cpu_bugs variable (Chris von
Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] spec_ctrl: sync with upstream cpu_set_bug_bits() (Chris von
Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] intel-family.h: Add GEMINI_LAKE SOC (Chris von Recklinghausen)
[1593378] {CVE-2018-3620}
- [x86] mm: Fix swap entry comment and macro (Chris von Recklinghausen)
[1593378] {CVE-2018-3620}
- [x86] mm: Move swap offset/type up in PTE to work around erratum
(Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpufeatures: Resolve X86_FEATURE_SMEP definition conflict
(Radomir Vrbovsky) [1570474]
- [x86] fix kexec load warnings with PTI enabled (Rafael Aquini) [1576191]
- [x86] ia32entry: make target ia32_ret_from_sys_call the common exit
point to long-mode (Rafael Aquini) [1570474] {CVE-2009-2910}
- [x86] spec_ctrl: only perform RSB stuffing on SMEP capable CPUs
(Rafael Aquini) [1570474] {CVE-2009-2910}
- [net] tcp: fix 0 divide in __tcp_select_window (Davide Caratti)
[1488343] {CVE-2017-14106}
- [net] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Davide
Caratti) [1488343] {CVE-2017-14106}
- [x86] adjust / fix LDT handling for PTI (Rafael Aquini) [1584622]
- [x86] Fix up /proc /cpuinfo entries (Chris von Recklinghausen)
[1566896] {CVE-2018-3639}
- [kernel] spec_ctrl: work around broken microcode (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] Only expose PR_{GET, SET}_SPECULATION_CTRL if CONFIG_SPEC_CTRL
is defined (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] misc changes to fix i386 builds (Chris von Recklinghausen)
[1566896] {CVE-2018-3639}
- [x86] amd: Disable AMD SSBD mitigation in a VM (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: add support for SSBD to RHEL IBRS entry/exit macros
(Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Rename _RDS to _SSBD (Chris von Recklinghausen) [1566896]
{CVE-2018-3639}
- [x86] speculation: Add prctl for Speculative Store Bypass mitigation
(Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] process: Allow runtime control of Speculative Store Bypass
(Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] 64: add skeletonized version of __switch_to_xtra (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [kernel] prctl: Add speculation control prctls (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs/AMD: Add support to disable RDS on Fam[15, 16, 17]h if
requested (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: Sync up RDS setting with IBRS code (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Provide boot parameters for the spec_store_bypass_disable
mitigation (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Expose the /sys/../spec_store_bypass and
X86_BUG_SPEC_STORE_BYPASS (Chris von Recklinghausen) [1566896]
{CVE-2018-3639}
- [x86] include: add latest intel-family.h from RHEL6 (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
(Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: Use separate PCP variables for IBRS entry and exit
(Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpuid: Fix up IBRS/IBPB/STIBP feature bits on Intel (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Clean up Spectre v2 related CPUID flags (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Add AMD feature bits for Speculation Control (Chris
von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Add Intel feature bits for Speculation (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpu: Add driver auto probing for x86 features (Chris von
Recklinghausen) [1566896] {CVE-2018-3639}

New Ksplice updates for UEKR2 2.6.39 on OL5 and OL6 (ELSA-2018-4214)

Synopsis: ELSA-2018-4214 can now be patched using Ksplice
CVEs: CVE-2017-18344 CVE-2018-10675 CVE-2018-3620 CVE-2018-3646

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2018-4214.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR2 2.6.39 on
OL5 and OL6 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

ELSA-2018-4214 contains a fix for CVE-2018-3620, CVE-2018-3646 for 32 bits PAE
and Oracle Linux 5 versions that Ksplice will not patch. Users that require the
additional patching of this vulnerability are recommended to reboot into
oracle-uek2 2.6.39-400.301.1 or later.


DESCRIPTION

* CVE-2017-18344: Information disclosure in POSIX timers.

Incorrect validation of POSIX timers could allow a local, unprivileged
user to leak the contents of arbitrary memory through /proc /$PID/timers.

Orabug: 28481397


* CVE-2018-10675: Use-after-free in get_mempolicy due to incorrect reference counting.

A reference count error in the get_mempolicy ioctl implementation can
result in a use-after-free. A local user could use this flaw to
escalate privileges.

Orabug: 28022110


* CVE-2018-3620, CVE-2018-3646: Information leak in Intel CPUs under terminal fault.

A flaw in terminal fault handling on Intel CPUs could result in
information leaks across privilege boundaries including between
processes on a system or between virtual machines.

Orabug: 28505519

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.


New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2018-4230)

Synopsis: ELSA-2018-4230 can now be patched using Ksplice
CVEs: CVE-2018-14634

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2018-4230.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2018-14634: Privilege escalation in ELF executables.

An integer overflow in the argument setup for a new ELF executable could
result in attacker controlled corruption of the user stack when
executing a SUID binary. A local, unprivileged user could use this flaw
to gain superuser privileges.

Orabug: 28709994

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.