Oracle Linux 6278 Published by

The following updates has been released for Oracle Linux:

ELBA-2019-2829-1 Oracle Linux 7 kernel bug fix update
ELBA-2019-2871 Oracle Linux 6 tzdata enhancement update
ELBA-2019-2871 Oracle Linux 7 tzdata enhancement update
ELBA-2019-2871 Oracle Linux 7 tzdata enhancement update (aarch64)
ELBA-2019-4801 Oracle Linux 7 xfsprogs bug fix update (aarch64)
ELSA-2019-2863 Important: Oracle Linux 6 kernel security update
ELSA-2019-2885 Important: Oracle Linux 6 dovecot security update
New Ksplice updates for RHCK 8 (ELSA-2019-2827-01)



ELBA-2019-2829-1 Oracle Linux 7 kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2019-2829-1

http://linux.oracle.com/errata/ELBA-2019-2829-1.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
kernel-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1062.1.2.0.1.el7.noarch.rpm
kernel-debug-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
kernel-devel-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
kernel-doc-3.10.0-1062.1.2.0.1.el7.noarch.rpm
kernel-headers-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
kernel-tools-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
perf-3.10.0-1062.1.2.0.1.el7.x86_64.rpm
python-perf-3.10.0-1062.1.2.0.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-1062.1.2.0.1.el7.src.rpm



Description of changes:

[3.10.0-1062.1.2.0.1.el7.OL7]
- [xen/balloon] Support xend-based toolstack (Orabug: 28663970)
- [x86/apic/x2apic] avoid allocate multiple irq vectors for a single
interrupt on multiple
cpu, otherwise irq vectors would be used up when there are only 2 cpu
online per node.
[Orabug: 28691156]
- [bonding] avoid repeated display of same link status change. [Orabug:
28109857]
- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul)
[Orabug: 22552377]

ELBA-2019-2871 Oracle Linux 6 tzdata enhancement update

Oracle Linux Bug Fix Advisory ELBA-2019-2871

http://linux.oracle.com/errata/ELBA-2019-2871.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
tzdata-2019c-1.el6.noarch.rpm
tzdata-java-2019c-1.el6.noarch.rpm

x86_64:
tzdata-2019c-1.el6.noarch.rpm
tzdata-java-2019c-1.el6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/tzdata-2019c-1.el6.src.rpm



Description of changes:

[2019c-1]
- Rebase to tzdata-2019c
- Fiji will observe DST from 2019-11-10 to 2020-01-12.
- Norfolk Island will begin observing Australian-style DST on 2019-10-06.

ELBA-2019-2871 Oracle Linux 7 tzdata enhancement update

Oracle Linux Bug Fix Advisory ELBA-2019-2871

http://linux.oracle.com/errata/ELBA-2019-2871.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
tzdata-2019c-1.el7.noarch.rpm
tzdata-java-2019c-1.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tzdata-2019c-1.el7.src.rpm



Description of changes:

[2019c-1]
- Rebase to tzdata-2019c
- Fiji will observe DST from 2019-11-10 to 2020-01-12.
- Norfolk Island will begin observing Australian-style DST on 2019-10-06.

ELBA-2019-2871 Oracle Linux 7 tzdata enhancement update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2019-2871

http://linux.oracle.com/errata/ELBA-2019-2871.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
tzdata-2019c-1.el7.noarch.rpm
tzdata-java-2019c-1.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tzdata-2019c-1.el7.src.rpm



Description of changes:

[2019c-1]
- Rebase to tzdata-2019c
- Fiji will observe DST from 2019-11-10 to 2020-01-12.
- Norfolk Island will begin observing Australian-style DST on 2019-10-06.

ELBA-2019-4801 Oracle Linux 7 xfsprogs bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2019-4801

http://linux.oracle.com/errata/ELBA-2019-4801.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
xfsprogs-4.15-4.el7.aarch64.rpm
xfsprogs-devel-4.15-4.el7.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/xfsprogs-4.15-4.el7.src.rpm



Description of changes:

[4.15-4.el7]
- Add a wrapper script to detect pmem devices and set mkfs.xfs options
appropriately. (Darrick J. Wong) [Orabug: 29216384]
- Port upstream agfl corruption fixes (Allison Henderson) [Orabug: 28721740]
- Re-apply agfl struct packing revert (Allison Henderson)

[4.15-2.el7]
- Port upstream patches from xfsprogs-4.5.0-18.el7

[4.15-1.el7]
- Add buildrpm tree for autobuilds

ELSA-2019-2863 Important: Oracle Linux 6 kernel security update

Oracle Linux Security Advisory ELSA-2019-2863

http://linux.oracle.com/errata/ELSA-2019-2863.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
kernel-2.6.32-754.23.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm
kernel-debug-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-doc-2.6.32-754.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm
kernel-headers-2.6.32-754.23.1.el6.i686.rpm
perf-2.6.32-754.23.1.el6.i686.rpm
python-perf-2.6.32-754.23.1.el6.i686.rpm

x86_64:
kernel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm
kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm
kernel-doc-2.6.32-754.23.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm
kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm
perf-2.6.32-754.23.1.el6.x86_64.rpm
python-perf-2.6.32-754.23.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-754.23.1.el6.src.rpm



Description of changes:

[2.6.32-754.23.1.el6.OL6]
- Update genkey [bug 25599697]

[2.6.32-754.23.1.el6]
- [vhost] vhost: make sure log_num < in_num (Eugenio Perez) [1750869
1750869] {CVE-2019-14835}

ELSA-2019-2885 Important: Oracle Linux 6 dovecot security update

Oracle Linux Security Advisory ELSA-2019-2885

http://linux.oracle.com/errata/ELSA-2019-2885.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
dovecot-2.0.9-22.el6_10.1.i686.rpm
dovecot-devel-2.0.9-22.el6_10.1.i686.rpm
dovecot-mysql-2.0.9-22.el6_10.1.i686.rpm
dovecot-pgsql-2.0.9-22.el6_10.1.i686.rpm
dovecot-pigeonhole-2.0.9-22.el6_10.1.i686.rpm

x86_64:
dovecot-2.0.9-22.el6_10.1.i686.rpm
dovecot-2.0.9-22.el6_10.1.x86_64.rpm
dovecot-devel-2.0.9-22.el6_10.1.x86_64.rpm
dovecot-mysql-2.0.9-22.el6_10.1.x86_64.rpm
dovecot-pgsql-2.0.9-22.el6_10.1.x86_64.rpm
dovecot-pigeonhole-2.0.9-22.el6_10.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/dovecot-2.0.9-22.el6_10.1.src.rpm



Description of changes:

[1:2.0.9-22.1]
- fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte
when scanning data in quoted strings, leading to out of bounds heap
memory writes (#1752708)

New Ksplice updates for RHCK 8 (ELSA-2019-2827-01)

Synopsis: ELSA-2019-2827-01 can now be patched using Ksplice
CVEs: CVE-2019-14835

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2019-2827-01.
More information about this errata can be found at
https://linux.oracle.com/errata/ELSA-2019-2827-01.html

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 8 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2019-14835: Privilege escalation during live migration of guest.

A failure to check for guest creating a zero length queue in the vhost driver
can lead to a buffer overflow in the host kernel. A guest virtual machine
could use this flaw to crash the host or potentially escalate privileges when
the virtual machine is live migrated.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.