Oracle Linux 6255 Published by

The following updates has been released for Oracle Linux:

ELBA-2017-3211 Oracle Linux 6 preupgrade-assistant bug fix and enhancement update
ELBA-2017-3212 Oracle Linux 6 preupgrade-assistant-el6toel7 bug fix and enhancement update
ELBA-2017-3213 Oracle Linux 6 redhat-upgrade-tool bug fix update
ELBA-2017-3304 Oracle Linux 7 webkitgtk4 bug fix update
ELBA-2017-3326 Oracle Linux 7 kmod bugfix
ELSA-2017-3372 Important: Oracle Linux 6 thunderbird security update
ELSA-2017-3372 Important: Oracle Linux 7 thunderbird security update
ELSA-2017-3379 Moderate: Oracle Linux 7 sssd security and bug fix update



ELBA-2017-3211 Oracle Linux 6 preupgrade-assistant bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2017-3211

http://linux.oracle.com/errata/ELBA-2017-3211.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
preupgrade-assistant-2.5.1-1.0.1.el6.noarch.rpm
preupgrade-assistant-tools-2.5.1-1.0.1.el6.noarch.rpm
preupgrade-assistant-ui-2.5.1-1.0.1.el6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/preupgrade-assistant-2.5.1-1.0.1.el6.src.rpm



Description of changes:

[2.5.1-1.0.1]
- update rhel references/replace logo
- Add Oracle key id to those considered signed (Dwight Engen)
- Add Oracle key to scripts.txt

[2.5.1-1]
- Rebased to upstream version 2.5.1
- Fixed --upload, --riskcheck and --cleanup options when no module set is
present in /usr/share/preupgrade
Resolves: rhbz#1372090
- Not inserting 'solution' key to module.ini by preupg-content-creator
Related: rhbz#1402480
- Fixed --list-rules with custom module set
Resolves: rhbz#1362708
- Added httpd to the dependencies for the preupgrade-assistant-ui package
- Fixed replacing placeholders with solution texts during the XML/HTML
report
generation

[2.5.0-1]
- rebased to upstream version 2.5.0
New:
- Name of a module set directory can now be arbitrary and
'properties.ini' file
is now required in the directory
- Module set can now contain an executable 'init' script which is executed
after the "common" files-gathering stage and before execution of the
modules
- Possible to skip building UI now
Changed:
- READMEs moved from '/usr/share/preupgrade' to '/usr/share/doc'
- Removed CPE platform from the result report
- Removed obsolete 'RESULT_FAILED' and 'check_root()' from bash API and
'exit_failed()' from python API
- Removed deprecated 'preupg-create-group-xml' utility - it's superseded
by the
'preupg-content-creator' utility
- It's not allowed anymore to have 'solution' and 'check_script' keys in
'module.ini' - the solution file and check script need to named
'solution.txt' and 'check'
Related: rhbz#1400680
Fixed:
- '/common/release_version' file and
'/common/-' directory are
now not
required for performing the system assessment
- Before the STDOUT and STDERR was not shown for the 'pass' and 'fixed'
results
in the simple style report ('--old-report-style' option). Now they
are shown
no matter what the result of a module is.
- 'preupg-content-creator': Not entering module's 'description' or 'title'
could break processing of a module set. They are mandatory to input now.
- Module set 'all-xccdf.xml' is not being corrupted now in case of using the
'--contents' option
- Fixed links to files and directories in Web UI reports
- The Preupgrade Assistant can run again on RHEL 6.7. The previous release
could run on RHEL 6.8+.

ELBA-2017-3212 Oracle Linux 6 preupgrade-assistant-el6toel7 bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2017-3212

http://linux.oracle.com/errata/ELBA-2017-3212.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
preupgrade-assistant-el6toel7-0.7.1-1.0.1.el6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/preupgrade-assistant-el6toel7-0.7.1-1.0.1.el6.src.rpm



Description of changes:

[0.7.1-1.0.1]
- Start getty on tty1 [Orabug 18815298] (Dwight Engen)
- Replace RHEL refrences
- fix rsyslog check script
- fix yum repositories check script
- disable check for non-Oracle groups

[0.7.1-1]
- text polishing
- initscripts/control: Add msg how to migrate custom init scripts
- to unit files
- removed stray output from few modules
- networking/dovecot: resolves troubles with first_valid_uid
- rewrite openssh/sysconfig to provide correct output data and fix
- false negative report
Resolves: rhbz#1372872 rhbz#1388967

[0.7.0-2]
- remove patch leftovers

[0.7.0-1]
- added new informational module for the Samba
- ensure the grub2 rpm is installed after the upgrade to new system
Resolves: #1497731
- modules are compatible with Preupgrade Assistant v2.5.0
- added script that initialize part of environment for modules
- added the properties.ini file with additional metadata about modules
- modified modules to not use deprecated funcionality
- modified openssh/sysconfig module to remove astray output and provide
cleaner information with relevant risk level
- text polishing
- removed pointless dependency on the redhat-upgrade-tool
Resolves: #1497731 #1503757 #1402481

ELBA-2017-3213 Oracle Linux 6 redhat-upgrade-tool bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3213

http://linux.oracle.com/errata/ELBA-2017-3213.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
redhat-upgrade-tool-0.7.51-1.0.1.el6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/redhat-upgrade-tool-0.7.51-1.0.1.el6.src.rpm



Description of changes:

[1:0.7.51-1.0.1]
- update rhel references
- Only check uek3 is new enough when uek installed (Dwight Engen)
- Remove uek3 grub check (Dwight Engen)
- Fix uek3_check error message strings [Orabug 18900135] (Dwight Engen)
- Don't check for specific release of UEK3 [Orabug 18900135] (Dwight Engen)
- Patch out Red Hat Subscription Manager (Dwight Engen)
- Check for UEK3 before doing upgrade [Orabug 18900135] (Dwight Engen)
- remove dependeny on python-rhsm for OL (Srinivas Maturi)
- Update platform and distro info (Jingdong Lu)

[1:0.7.51-1]
- Rebase to 0.7.51
- Remove dependency on preupgrade-assistant-el6toel7 package
- Fail with proper error message when .treeinfo is not available
Related: rhbz#1486439
- Check if upgrading to the RHEL version allowed by the Preupgrade Assistant
Resolves: rhbz#1436310

[1:0.7.50-1]
- Rebase to 0.7.50
- Decompress kernel modules (applies to RHEL 7.4+)
Resolves: rhbz#1486962
- Add rpm dependency of preupgrade-assistant-el6toel7

ELBA-2017-3304 Oracle Linux 7 webkitgtk4 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2017-3304

http://linux.oracle.com/errata/ELBA-2017-3304.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
webkitgtk4-2.14.7-3.el7.i686.rpm
webkitgtk4-2.14.7-3.el7.x86_64.rpm
webkitgtk4-devel-2.14.7-3.el7.i686.rpm
webkitgtk4-devel-2.14.7-3.el7.x86_64.rpm
webkitgtk4-doc-2.14.7-3.el7.noarch.rpm
webkitgtk4-jsc-2.14.7-3.el7.i686.rpm
webkitgtk4-jsc-2.14.7-3.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.14.7-3.el7.i686.rpm
webkitgtk4-jsc-devel-2.14.7-3.el7.x86_64.rpm
webkitgtk4-plugin-process-gtk2-2.14.7-3.el7.i686.rpm
webkitgtk4-plugin-process-gtk2-2.14.7-3.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/webkitgtk4-2.14.7-3.el7.src.rpm



Description of changes:

[2.14.7-3]
- Update the bundled brotli and woff2 to the latest releases due to
woff2's license incompatibility with WebKitGTK+ project
- Resolves: rhbz#1500368

ELBA-2017-3326 Oracle Linux 7 kmod bugfix

Oracle Linux Bug Fix Advisory ELBA-2017-3326

http://linux.oracle.com/errata/ELBA-2017-3326.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kmod-20-15.0.1.el7_4.6.x86_64.rpm
kmod-devel-20-15.0.1.el7_4.6.x86_64.rpm
kmod-libs-20-15.0.1.el7_4.6.i686.rpm
kmod-libs-20-15.0.1.el7_4.6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kmod-20-15.0.1.el7_4.6.src.rpm



Description of changes:

[20-15.0.1.el7_4.6]
- weak-modules: add patch for [Orabug: 26672773]

[20-15.el7_4.6]
- Backport external directories support.
Related: rhbz#1511943.

[20-15.el7_4.5]
- weak-modules: use function to generate weak_updates_dir
- weak-modules: implement dry-run on the tempdir
Resolves: rhbz#1511943.

ELSA-2017-3372 Important: Oracle Linux 6 thunderbird security update

Oracle Linux Security Advisory ELSA-2017-3372

http://linux.oracle.com/errata/ELSA-2017-3372.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
thunderbird-52.5.0-1.0.1.el6_9.i686.rpm

x86_64:
thunderbird-52.5.0-1.0.1.el6_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/thunderbird-52.5.0-1.0.1.el6_9.src.rpm



Description of changes:

[52.5.0-1.0.1]
- Replaced thunderbird-redhat-default-prefs.js with
thunderbird-oracle-default-prefs.js

[52.5.0-1]
- Update to 52.5.0

ELSA-2017-3372 Important: Oracle Linux 7 thunderbird security update

Oracle Linux Security Advisory ELSA-2017-3372

http://linux.oracle.com/errata/ELSA-2017-3372.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
thunderbird-52.5.0-1.0.1.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/thunderbird-52.5.0-1.0.1.el7_4.src.rpm



Description of changes:

[52.5.0-1.0.1]
- Replaced thunderbird-redhat-default-prefs.js with
thunderbird-oracle-default-prefs.js

[52.5.0-1]
- Update to 52.5.0

ELSA-2017-3379 Moderate: Oracle Linux 7 sssd security and bug fix update

Oracle Linux Security Advisory ELSA-2017-3379

http://linux.oracle.com/errata/ELSA-2017-3379.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
libipa_hbac-1.15.2-50.el7_4.8.i686.rpm
libipa_hbac-1.15.2-50.el7_4.8.x86_64.rpm
libipa_hbac-devel-1.15.2-50.el7_4.8.i686.rpm
libipa_hbac-devel-1.15.2-50.el7_4.8.x86_64.rpm
libsss_autofs-1.15.2-50.el7_4.8.x86_64.rpm
libsss_certmap-1.15.2-50.el7_4.8.i686.rpm
libsss_certmap-1.15.2-50.el7_4.8.x86_64.rpm
libsss_certmap-devel-1.15.2-50.el7_4.8.i686.rpm
libsss_certmap-devel-1.15.2-50.el7_4.8.x86_64.rpm
libsss_idmap-1.15.2-50.el7_4.8.i686.rpm
libsss_idmap-1.15.2-50.el7_4.8.x86_64.rpm
libsss_idmap-devel-1.15.2-50.el7_4.8.i686.rpm
libsss_idmap-devel-1.15.2-50.el7_4.8.x86_64.rpm
libsss_nss_idmap-1.15.2-50.el7_4.8.i686.rpm
libsss_nss_idmap-1.15.2-50.el7_4.8.x86_64.rpm
libsss_nss_idmap-devel-1.15.2-50.el7_4.8.i686.rpm
libsss_nss_idmap-devel-1.15.2-50.el7_4.8.x86_64.rpm
libsss_simpleifp-1.15.2-50.el7_4.8.i686.rpm
libsss_simpleifp-1.15.2-50.el7_4.8.x86_64.rpm
libsss_simpleifp-devel-1.15.2-50.el7_4.8.i686.rpm
libsss_simpleifp-devel-1.15.2-50.el7_4.8.x86_64.rpm
libsss_sudo-1.15.2-50.el7_4.8.x86_64.rpm
python-libipa_hbac-1.15.2-50.el7_4.8.x86_64.rpm
python-libsss_nss_idmap-1.15.2-50.el7_4.8.x86_64.rpm
python-sss-1.15.2-50.el7_4.8.x86_64.rpm
python-sss-murmur-1.15.2-50.el7_4.8.x86_64.rpm
python-sssdconfig-1.15.2-50.el7_4.8.noarch.rpm
sssd-1.15.2-50.el7_4.8.x86_64.rpm
sssd-ad-1.15.2-50.el7_4.8.x86_64.rpm
sssd-client-1.15.2-50.el7_4.8.i686.rpm
sssd-client-1.15.2-50.el7_4.8.x86_64.rpm
sssd-common-1.15.2-50.el7_4.8.x86_64.rpm
sssd-common-pac-1.15.2-50.el7_4.8.x86_64.rpm
sssd-dbus-1.15.2-50.el7_4.8.x86_64.rpm
sssd-ipa-1.15.2-50.el7_4.8.x86_64.rpm
sssd-kcm-1.15.2-50.el7_4.8.x86_64.rpm
sssd-krb5-1.15.2-50.el7_4.8.x86_64.rpm
sssd-krb5-common-1.15.2-50.el7_4.8.x86_64.rpm
sssd-ldap-1.15.2-50.el7_4.8.x86_64.rpm
sssd-libwbclient-1.15.2-50.el7_4.8.x86_64.rpm
sssd-libwbclient-devel-1.15.2-50.el7_4.8.i686.rpm
sssd-libwbclient-devel-1.15.2-50.el7_4.8.x86_64.rpm
sssd-polkit-rules-1.15.2-50.el7_4.8.x86_64.rpm
sssd-proxy-1.15.2-50.el7_4.8.x86_64.rpm
sssd-tools-1.15.2-50.el7_4.8.x86_64.rpm
sssd-winbind-idmap-1.15.2-50.el7_4.8.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/sssd-1.15.2-50.el7_4.8.src.rpm



Description of changes:

[1.15.2-50.8]
- Resolves: rhbz#1508972 - Accessing IdM kerberos ticket fails while id
mapping is applied [rhel-7.4.z]
- Resolves: rhbz#1509177 - Race condition between refreshing the cr_domain
list and a request that is using the list can
cause a segfault is sssd_nss [rhel-7.4.z]

[1.15.2-50.7]
- Resolves: rhbz#1506142 - SSSD can crash due to ABI changes in
libldb >= 1.2.0 (1.1.30) [rhel-7.4.z]
- Resolves: rhbz#1506682 - sssd_client: add mutex protected call to the
PAC responder [rhel-7.4.z]
- Resolves: rhbz#1499658 - CVE-2017-12173 sssd: unsanitized input when
searching in local cache database [rhel-7.4.z]