Oracle Linux 6277 Published by

The following updates has been released for Oracle Linux:

ELSA-2017-3071 Moderate: Oracle Linux 6 ntp security update
ELSA-2017-3075 Important: Oracle Linux 7 wget security update
New Ksplice updates for UEKR2 2.6.39 on OL5 and OL6 (ELSA-2017-3633)
New Ksplice updates for UEKR3 3.8.13 on OL6 and OL7 (ELSA-2017-3632)
New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2017-3631)



ELSA-2017-3071 Moderate: Oracle Linux 6 ntp security update

Oracle Linux Security Advisory ELSA-2017-3071

http://linux.oracle.com/errata/ELSA-2017-3071.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
ntp-4.2.6p5-12.0.1.el6_9.1.i686.rpm
ntp-doc-4.2.6p5-12.0.1.el6_9.1.noarch.rpm
ntp-perl-4.2.6p5-12.0.1.el6_9.1.i686.rpm
ntpdate-4.2.6p5-12.0.1.el6_9.1.i686.rpm

x86_64:
ntp-4.2.6p5-12.0.1.el6_9.1.x86_64.rpm
ntp-doc-4.2.6p5-12.0.1.el6_9.1.noarch.rpm
ntp-perl-4.2.6p5-12.0.1.el6_9.1.x86_64.rpm
ntpdate-4.2.6p5-12.0.1.el6_9.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/ntp-4.2.6p5-12.0.1.el6_9.1.src.rpm



Description of changes:

[4.2.6p5-12.0.1.el6_9.1]
- add disable monitor to default ntp.conf [CVE-2013-5211]

[4.2.6p5-12.el6_9.1]
- fix buffer overflow in datum refclock driver (CVE-2017-6462)
- fix crash with invalid unpeer command (CVE-2017-6463)
- fix potential crash with invalid server command (CVE-2017-6464)

[4.2.6p5-12]
- don't limit rate of packets from sources (CVE-2016-7426)
- don't change interface from received packets (CVE-2016-7429)
- fix calculation of root distance again (CVE-2016-7433)
- require authentication for trap commands (CVE-2016-9310)
- fix crash when reporting peer event to trappers (CVE-2016-9311)

[4.2.6p5-11]
- don't allow spoofed packets to demobilize associations (CVE-2015-7979,
CVE-2016-1547)
- don't allow spoofed packet to enable symmetric interleaved mode
(CVE-2016-1548)
- check mode of new source in config command (CVE-2016-2518)
- make MAC check resilient against timing attack (CVE-2016-1550)

ELSA-2017-3075 Important: Oracle Linux 7 wget security update

Oracle Linux Security Advisory ELSA-2017-3075

http://linux.oracle.com/errata/ELSA-2017-3075.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
wget-1.14-15.el7_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/wget-1.14-15.el7_4.1.src.rpm



Description of changes:

[1.14-15.1]
- Fixed various security flaws (CVE-2017-13089, CVE-2017-13090)


New Ksplice updates for UEKR2 2.6.39 on OL5 and OL6 (ELSA-2017-3633)

Synopsis: ELSA-2017-3633 can now be patched using Ksplice
CVEs: CVE-2017-1000111 CVE-2017-11176 CVE-2017-7542

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2017-3633.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR2 2.6.39 on
OL5 and OL6 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2017-1000111: Privilege escalation when setting options on AF_PACKET socket.

A missing locking when setting options on AF_PACKET socket could lead to
an out-of-bounds access. A local attacker with CAP_NET_RAW capability,
or on a system with unprivileged namespace enabled, could use this flaw
to cause a denial-of-service or execute arbitrary code.


* CVE-2017-7542: Buffer overflow when parsing IPV6 fragments header.

An incorrect data type when parsing IPV6 fragments header could lead to
a buffer overflow and to an infinite loop. A remote attacker could use
this flaw to cause a denial-of-service.


* CVE-2017-11176: Use-after-free in message queue notify syscall.

A race condition when closing a message queue file descriptor could
cause the memory for the associated socket to be freed twice, corrupting
memory or causing a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.

New Ksplice updates for UEKR3 3.8.13 on OL6 and OL7 (ELSA-2017-3632)

Synopsis: ELSA-2017-3632 can now be patched using Ksplice
CVEs: CVE-2017-1000111 CVE-2017-11176 CVE-2017-7542

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2017-3632.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR3 3.8.13 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2017-1000111: Privilege escalation when setting options on AF_PACKET socket.

A missing locking when setting options on AF_PACKET socket could lead to
an out-of-bounds access. A local attacker with CAP_NET_RAW capability,
or on a system with unprivileged namespace enabled, could use this flaw
to cause a denial-of-service or execute arbitrary code.


* CVE-2017-7542: Buffer overflow when parsing IPV6 fragments header.

An incorrect data type when parsing IPV6 fragments header could lead to
a buffer overflow and to an infinite loop. A remote attacker could use
this flaw to cause a denial-of-service.


* CVE-2017-11176: Use-after-free in message queue notify syscall.

A race condition when closing a message queue file descriptor could
cause the memory for the associated socket to be freed twice, corrupting
memory or causing a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.


New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2017-3631)

Synopsis: ELSA-2017-3631 can now be patched using Ksplice
CVEs: CVE-2017-1000112 CVE-2017-7542

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Security Advisory, ELSA-2017-3631.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* CVE-2017-1000112: Privilege escalation using the UDP Fragmentation Offload (UFO) code.

Multiple missing checks on headers length when using UDP Fragmentation
Offload (UFO) protocol while sending packets could lead to out-of-bounds
accesses. A local attacker with CAP_NET_RAW capability, or on a system
with unprivileged namespace enabled, could use this flaw to cause a
denial-of-service or execute arbitrary code.


* CVE-2017-7542: Buffer overflow when parsing IPV6 fragments header.

An incorrect data type when parsing IPV6 fragments header could lead to
a buffer overflow and to an infinite loop. A remote attacker could use
this flaw to cause a denial-of-service.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.