[El-errata] ELSA-2015-1083 Important: Oracle Linux 7 abrt security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jun 9 15:51:03 PDT 2015


Oracle Linux Security Advisory ELSA-2015-1083

http://linux.oracle.com/errata/ELSA-2015-1083.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
abrt-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-addon-ccpp-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-addon-kerneloops-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-addon-pstoreoops-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-addon-python-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-addon-upload-watch-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-addon-vmcore-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-addon-xorg-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-cli-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-console-notification-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-dbus-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-desktop-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-devel-2.1.11-22.0.1.el7_1.i686.rpm
abrt-devel-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-gui-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-gui-devel-2.1.11-22.0.1.el7_1.i686.rpm
abrt-gui-devel-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-gui-libs-2.1.11-22.0.1.el7_1.i686.rpm
abrt-gui-libs-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-libs-2.1.11-22.0.1.el7_1.i686.rpm
abrt-libs-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-python-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-python-doc-2.1.11-22.0.1.el7_1.noarch.rpm
abrt-retrace-client-2.1.11-22.0.1.el7_1.x86_64.rpm
abrt-tui-2.1.11-22.0.1.el7_1.x86_64.rpm
libreport-2.1.11-23.0.1.el7_1.i686.rpm
libreport-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-anaconda-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-cli-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-compat-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-devel-2.1.11-23.0.1.el7_1.i686.rpm
libreport-devel-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-filesystem-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-gtk-2.1.11-23.0.1.el7_1.i686.rpm
libreport-gtk-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-gtk-devel-2.1.11-23.0.1.el7_1.i686.rpm
libreport-gtk-devel-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-newt-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-plugin-bugzilla-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-plugin-kerneloops-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-plugin-logger-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-plugin-mailx-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-plugin-reportuploader-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-plugin-ureport-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-python-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-rhel-anaconda-bugzilla-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-rhel-bugzilla-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-web-2.1.11-23.0.1.el7_1.i686.rpm
libreport-web-2.1.11-23.0.1.el7_1.x86_64.rpm
libreport-web-devel-2.1.11-23.0.1.el7_1.i686.rpm
libreport-web-devel-2.1.11-23.0.1.el7_1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/abrt-2.1.11-22.0.1.el7_1.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/libreport-2.1.11-23.0.1.el7_1.src.rpm



Description of changes:

abrt
[2.1.11-22.0.1]
- Drop libreport-rhel and libreport-plugin-rhtsupport requires

[2.1.11-22]
- do not open the build_ids file as the user abrt
- do not unlink failed and big user core files
- Related: #1212819, #1216973

[2.1.11-21]
- validate all D-Bus method arguments
- Related: #1214610

[2.1.11-20]
- remove the old dump directories during upgrade
- abrt-action-install-debuginfo-to-abrt-cache: sanitize arguments and umask
- fix race conditions and directory traversal issues in abrt-dbus
- use /var/spool/abrt instead of /var/tmp/abrt
- make the problem directories owned by root and the group abrt
- validate uploaded problem directories in abrt-handle-upload
- don't override files with user core dump files
- fix symbolic link and race condition flaws
- Resolves: #1211969, #1212819, #1212863, #1212869
- Resolves: #1214453, #1214610, #1216973, #1218583

libreport
[2.1.11-23.0.1]
- Update workflow xml for Oracle [18945470]
- Add oracle-enterprise.patch and oracle-enterprise-po.patch
- Remove libreport-plugin-rhtsupport and libreport-rhel
- Added orabug20390725.patch to remove redhat reference [bug 20390725]
- Added Bug20357383.patch to remove redhat reference [bug 20357383]

[2.1.11-23]
- do not open files outside a dump directory
- Related: #1217484

[2.1.11-22]
- switch the default dump dir mode to 0750
- harden against directory traversal, crafted symbolic links
- avoid race-conditions in dump dir opening
- Resolves: #1212096, #1217499, #1218610, #1217484






More information about the El-errata mailing list