From el-errata at oss.oracle.com Fri Apr 3 06:15:09 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 3 Apr 2020 06:15:09 -0700 Subject: [El-errata] ELSA-2020-1293 Important: Oracle Linux 8 nodejs:12 security update Message-ID: <0346d495-5a50-47c0-2ce5-a278f5276c62@oracle.com> Oracle Linux Security Advisory ELSA-2020-1293 http://linux.oracle.com/errata/ELSA-2020-1293.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-12.16.1-2.module+el8.1.0+5571+5eb2ddd1.x86_64.rpm nodejs-devel-12.16.1-2.module+el8.1.0+5571+5eb2ddd1.x86_64.rpm nodejs-docs-12.16.1-2.module+el8.1.0+5571+5eb2ddd1.noarch.rpm nodejs-nodemon-1.18.3-1.module+el8.1.0+5393+aaf413e3.noarch.rpm nodejs-packaging-17-3.module+el8.1.0+5393+aaf413e3.noarch.rpm npm-6.13.4-1.12.16.1.2.module+el8.1.0+5571+5eb2ddd1.x86_64.rpm aarch64: nodejs-12.16.1-2.module+el8.1.0+5571+5eb2ddd1.aarch64.rpm nodejs-devel-12.16.1-2.module+el8.1.0+5571+5eb2ddd1.aarch64.rpm nodejs-docs-12.16.1-2.module+el8.1.0+5571+5eb2ddd1.noarch.rpm nodejs-nodemon-1.18.3-1.module+el8.1.0+5393+aaf413e3.noarch.rpm nodejs-packaging-17-3.module+el8.1.0+5393+aaf413e3.noarch.rpm npm-6.13.4-1.12.16.1.2.module+el8.1.0+5571+5eb2ddd1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/nodejs-12.16.1-2.module+el8.1.0+5571+5eb2ddd1.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-1.18.3-1.module+el8.1.0+5393+aaf413e3.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-17-3.module+el8.1.0+5393+aaf413e3.src.rpm Description of changes: nodejs [1:12.16.1-2] - Fix CVE-2020-10531 [1:12.16.1-1] - Resolves: RHBZ#1800393, RHBZ#1800394, RHBZ#1800380 - Rebase to 12.16.1 [1:12.14.1-1] - Rebase to 12.14.1 [1:12.13.1-1] - Resolves: RHBZ# 1773503, update to 12.13.1 - minor clean up and sync with Fedora spec - turn off debug builds [1:12.4.0-2] - Resolves:RHBZ#1685191 - Add condition to libs [1:12.4.0-1] - Update to v12.x - Add v8-devel and libs subpackages from fedora [1:10.14.1-2] - move nodejs-packaging BR out of conditional [1:10.14.1-1] - Resolves: RHBZ#1644207 - fixes node-gyp permissions - rebase [1:10.11.0-2] - BuildRequire nodejs-packaging for proper npm dependency generation - Resolves: rhbz#1615947 [1:10.11.0-1] - Rebase to 10.11.0 - Import changes from fedora - Resolves: rhbz#1621766 [1:10.7.0-5] - Import sources from fedora - Allow using python2 at %build and %install - turn off debug for aarch64 [1:10.7.0-4] - Fix npm upgrade scriptlet - Fix unexpected trailing .1 in npm release field [1:10.7.0-3] - Restore annotations to binaries - Fix unexpected trailing .1 in release field [1:10.7.0-2] - Update to 10.7.0 - https://nodejs.org/en/blog/release/v10.7.0/ - https://nodejs.org/en/blog/release/v10.6.0/ [1:10.5.0-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild [1:10.5.0-1] - Update to 10.5.0 - https://nodejs.org/en/blog/release/v10.5.0/ [1:10.4.1-1] - Update to 10.4.1 to address security issues - https://nodejs.org/en/blog/release/v10.4.1/ - Resolves: rhbz#1590801 - Resolves: rhbz#1591014 - Resolves: rhbz#1591019 [1:10.4.0-1] - Update to 10.4.0 - https://nodejs.org/en/blog/release/v10.4.0/ [1:10.3.0-1] - Update to 10.3.0 - Update npm to 6.1.0 - https://nodejs.org/en/blog/release/v10.3.0/ [1:10.2.1-2] - Fix up bare 'python' to be python2 - Drop redundant entry in docs section [1:10.2.1-1] - Update to 10.2.1 - https://nodejs.org/en/blog/release/v10.2.1/ [1:10.2.0-1] - Update to 10.2.0 - https://nodejs.org/en/blog/release/v10.2.0/ [1:10.1.0-3] - Fix incorrect rpm macro [1:10.1.0-2] - Include upstream v8 fix for ppc64[le] - Disable debug build on ppc64[le] and s390x [1:10.1.0-1] - Update to 10.1.0 - https://nodejs.org/en/blog/release/v10.1.0/ - Reenable node_g binary [1:10.0.0-1] - Update to 10.0.0 - https://nodejs.org/en/blog/release/v10.0.0/ - Drop workaround patch - Temporarily drop node_g binary due to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85587 [1:9.11.1-2] - Use standard Fedora linker flags (bug #1543859) [1:9.11.1-1] - Update to 9.11.1 - https://nodejs.org/en/blog/release/v9.11.0/ - https://nodejs.org/en/blog/release/v9.11.1/ [1:9.10.0-1] - Update to 9.10.0 - https://nodejs.org/en/blog/release/v9.10.0/ [1:9.9.0-1] - Update to 9.9.0 - https://nodejs.org/en/blog/release/v9.9.0/ [1:9.8.0-1] - Update to 9.8.0 - https://nodejs.org/en/blog/release/v9.8.0/ [1:9.7.0-1] - Update to 9.7.0 - https://nodejs.org/en/blog/release/v9.7.0/ - Work around F28 build issue [1:9.6.1-1] - Update to 9.6.1 - https://nodejs.org/en/blog/release/v9.6.1/ - https://nodejs.org/en/blog/release/v9.6.0/ [1:9.5.0-1] - Package Node.js 9.5.0 [1:8.9.4-2] - Fix incorrect Requires: [1:8.9.4-1] - Update to 8.9.4 - https://nodejs.org/en/blog/release/v8.9.4/ - Switch to system copy of nghttp2 [1:8.9.3-2] - Update to 8.9.3 - https://nodejs.org/en/blog/release/v8.9.3/ - https://nodejs.org/en/blog/release/v8.9.2/ [1:8.9.1-2] - Rebuild for ICU 60.1 [1:8.9.1-1] - Update to 8.9.1 [1:8.9.0-1] - Update to 8.9.0 - Drop upstreamed patch [1:8.8.1-1] - Update to 8.8.1 to fix a regression [1:8.8.0-1] - Security update to 8.8.0 - https://nodejs.org/en/blog/release/v8.8.0/ [1:8.7.0-1] - Update to 8.7.0 - https://nodejs.org/en/blog/release/v8.7.0/ [1:8.6.0-2] - Use bcond macro instead of bootstrap conditional [1:8.6.0-1] - Fix nghttp2 version - Update to 8.6.0 - https://nodejs.org/en/blog/release/v8.6.0/ [1:8.5.0-3] - Build with bootstrap + bundle libuv for modularity - backport patch for aarch64 debug build [1:8.5.0-2] - Disable debug builds on aarch64 due to https://github.com/nodejs/node/issues/15395 [1:8.5.0-1] - Update to v8.5.0 - https://nodejs.org/en/blog/release/v8.5.0/ [1:8.4.0-2] - Refactor openssl BR [1:8.4.0-1] - Update to v8.4.0 - https://nodejs.org/en/blog/release/v8.4.0/ - http2 is now supported, add bundled nghttp2 - remove openssl 1.0.1 patches, we won't be using them in fedora [1:8.3.0-1] - Update to v8.3.0 - https://nodejs.org/en/blog/release/v8.3.0/ - update V8 to 6.0 - update minimal gcc and g++ requirements to 4.9.4 [1:8.2.1-2] - Bump release to fix broken dependencies [1:8.2.1-1.2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [1:8.2.1-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [1:8.2.1-1] - Update to v8.2.1 - https://nodejs.org/en/blog/release/v8.2.1/ [1:8.2.0-1] - Update to v8.2.0 - https://nodejs.org/en/blog/release/v8.2.0/ - Update npm to 5.3.0 - Adds npx command [1:8.1.4-3] - s/BuildRequires/Requires/ for http-parser-devel%{?_isa} [1:8.1.4-2] - Rename python-devel to python2-devel - own %{_pkgdocdir}/npm [1:8.1.4-1] - Update to v8.1.4 - https://nodejs.org/en/blog/release/v8.1.4/ - Drop upstreamed c-ares patch [1:8.1.3-1] - Update to v8.1.3 - https://nodejs.org/en/blog/release/v8.1.3/ [1:8.1.2-1] - Update to v8.1.2 - remove GCC 7 patch, as it is now fixed in node >= 6.12 nodejs-nodemon nodejs-packaging From el-errata at oss.oracle.com Fri Apr 3 06:16:17 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 3 Apr 2020 06:16:17 -0700 Subject: [El-errata] ELSA-2020-1288 Critical: Oracle Linux 8 haproxy security update Message-ID: <726590ef-7148-467f-5564-83809a16f6c4@oracle.com> Oracle Linux Security Advisory ELSA-2020-1288 http://linux.oracle.com/errata/ELSA-2020-1288.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: haproxy-1.8.15-6.el8_1.1.x86_64.rpm aarch64: haproxy-1.8.15-6.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/haproxy-1.8.15-6.el8_1.1.src.rpm Description of changes: [1.8.15-6.1] - - Fix hapack zero byte input causing overwrite (CVE-2020-11100, #1819518) [1.8.15-6] - Add gating tests (#1682106) From el-errata at oss.oracle.com Fri Apr 3 09:09:03 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 03 Apr 2020 18:09:03 +0200 Subject: [El-errata] New Ksplice updates for RHCK 7 (ELSA-2020-0834) Message-ID: <202004031606.033G62xH007494@aserv0121.oracle.com> Synopsis: ELSA-2020-0834 can now be patched using Ksplice CVEs: CVE-2019-11487 CVE-2019-17666 CVE-2019-19338 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2020-0834. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2020-0834.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running RHCK 7 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2019-11487: Invalid memory access when overflowing pages refcount. A reference count issue could let an attacker overflow pages reference count and leads to invalid memory accesses. A local attacker could use this flaw to cause a denial-of-service. * CVE-2019-17666: Remote code execution in Realtek peer-to-peer Wifi. Missing validation could result in a kernel buffer overflow and potentially code-execution. A remote attacker in proximity to the device could use this flaw to crash the system or potentially, execute code. * CVE-2019-19338: Missing Intel TAA mitigation in KVM guests. The original vendor fix for CVE-2019-11135 did not correctly pass through mitigation status to KVM guests which could result in guests not fully mitigating against TAA. This update forcibly disables TSX on affected hosts so that guests do not need runtime changes. A new control, /sys/kernel/debug/x86/tsx_force_abort is added to disable TSX, defaulting to 1 on vulnerable systems, writing 0 to this file will re-enable TSX but potentially leave guests vulnerable. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Wed Apr 8 06:12:48 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 8 Apr 2020 06:12:48 -0700 Subject: [El-errata] ELSA-2020-1331 Important: Oracle Linux 6 ipmitool security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1331 http://linux.oracle.com/errata/ELSA-2020-1331.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: ipmitool-1.8.15-3.el6_10.i686.rpm x86_64: ipmitool-1.8.15-3.el6_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/ipmitool-1.8.15-3.el6_10.src.rpm Description of changes: [1.8.15-3] - Backport fix for CVE-2020-5208 From el-errata at oss.oracle.com Wed Apr 8 06:13:08 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 8 Apr 2020 06:13:08 -0700 Subject: [El-errata] ELSA-2020-1335 Important: Oracle Linux 6 telnet security update Message-ID: <5093360f-18bc-8aea-648d-18757ab5a34a@oracle.com> Oracle Linux Security Advisory ELSA-2020-1335 http://linux.oracle.com/errata/ELSA-2020-1335.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: telnet-0.17-49.el6_10.i686.rpm telnet-server-0.17-49.el6_10.i686.rpm x86_64: telnet-0.17-49.el6_10.x86_64.rpm telnet-server-0.17-49.el6_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/telnet-0.17-49.el6_10.src.rpm Description of changes: [1:0.17-49] - Resolves: #1814775 - Arbitrary remote code execution in utility.c via short writes or urgent data From el-errata at oss.oracle.com Wed Apr 8 06:13:31 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 8 Apr 2020 06:13:31 -0700 Subject: [El-errata] ELBA-2020-1355 Oracle Linux 8 flatpak bug fix update Message-ID: <351a3182-e04b-7e63-82b7-6d8fb4ebe0af@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1355 http://linux.oracle.com/errata/ELBA-2020-1355.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: flatpak-1.0.9-2.el8_1.x86_64.rpm flatpak-libs-1.0.9-2.el8_1.i686.rpm flatpak-libs-1.0.9-2.el8_1.x86_64.rpm aarch64: flatpak-1.0.9-2.el8_1.aarch64.rpm flatpak-libs-1.0.9-2.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/flatpak-1.0.9-2.el8_1.src.rpm Description of changes: [1.0.9-2] - Backport OCI fixes from upstream - Resolves: #1767007 From el-errata at oss.oracle.com Wed Apr 8 06:13:50 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 8 Apr 2020 06:13:50 -0700 Subject: [El-errata] ELSA-2020-1318 Important: Oracle Linux 8 telnet security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1318 http://linux.oracle.com/errata/ELSA-2020-1318.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: telnet-0.17-73.el8_1.1.x86_64.rpm telnet-server-0.17-73.el8_1.1.x86_64.rpm aarch64: telnet-0.17-73.el8_1.1.aarch64.rpm telnet-server-0.17-73.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/telnet-0.17-73.el8_1.1.src.rpm Description of changes: [1:0.17-73.1] - Resolves: #1814473 - Arbitrary remote code execution in utility.c via short writes or urgent data From el-errata at oss.oracle.com Wed Apr 8 06:14:11 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 8 Apr 2020 06:14:11 -0700 Subject: [El-errata] ELBA-2020-1361 Oracle Linux 8 fapolicyd bug fix and enhancement update Message-ID: <257938de-cf2c-19d0-1fea-b4f6c88ec8d9@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1361 http://linux.oracle.com/errata/ELBA-2020-1361.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: fapolicyd-0.8.10-3.el8_1.3.x86_64.rpm aarch64: fapolicyd-0.8.10-3.el8_1.3.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/fapolicyd-0.8.10-3.el8_1.3.src.rpm Description of changes: [0.8.10-3.3] RHEL 8.1.0.Z - fixed typo in dracut rule - changed default fapolicyd.rules Resolves: rhbz#1809844 From el-errata at oss.oracle.com Thu Apr 9 15:16:36 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:16:36 -0700 Subject: [El-errata] ELSA-2020-5642 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update Message-ID: <6aeb241b-5685-9b25-d601-e949d999bfb2@oracle.com> Oracle Linux Security Advisory ELSA-2020-5642 http://linux.oracle.com/errata/ELSA-2020-5642.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.38.1.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.38.1.el7uek.noarch.rpm kernel-uek-4.1.12-124.38.1.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.38.1.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.38.1.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.38.1.el7uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.38.1.el7uek.src.rpm Description of changes: [4.1.12-124.38.1.el7uek] - rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 31031928] - KVM: X86: Fix NULL deref in vcpu_scan_ioapic (Wanpeng Li) [Orabug: 31078882] - vhost: Check docket sk_family instead of call getname (Eugenio P?rez) [Orabug: 31085993] {CVE-2020-10942} - Revert "oled: give panic handler chance to run before kexec" (Wengang Wang) [Orabug: 31098797] [4.1.12-124.37.3.el7uek] - kernel: cpu.c: fix return in void function cpu_smt_disable (Mihai Carabas) [Orabug: 31047871] - net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055327] {CVE-2019-18806} - swiotlb: clean up reporting (Kees Cook) [Orabug: 31085017] {CVE-2018-5953} - KVM: x86: Expose more Intel AVX512 feature to guest (Luwei Kang) [Orabug: 31085086] - x86/cpufeature: Enable new AVX-512 features (Fenghua Yu) [Orabug: 31085086] [4.1.12-124.37.2.el7uek] - xenbus: req->err should be updated before req->state (Dongli Zhang) [Orabug: 30705030] - xenbus: req->body should be updated before req->state (Dongli Zhang) [Orabug: 30705030] From el-errata at oss.oracle.com Thu Apr 9 15:17:10 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:17:10 -0700 Subject: [El-errata] ELSA-2020-5642 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update Message-ID: <8afca846-889f-8acf-8748-e2c04bfb6f81@oracle.com> Oracle Linux Security Advisory ELSA-2020-5642 http://linux.oracle.com/errata/ELSA-2020-5642.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.38.1.el6uek.noarch.rpm kernel-uek-firmware-4.1.12-124.38.1.el6uek.noarch.rpm kernel-uek-4.1.12-124.38.1.el6uek.x86_64.rpm kernel-uek-devel-4.1.12-124.38.1.el6uek.x86_64.rpm kernel-uek-debug-4.1.12-124.38.1.el6uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.38.1.el6uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.38.1.el6uek.src.rpm Description of changes: [4.1.12-124.38.1.el6uek] - rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 31031928] - KVM: X86: Fix NULL deref in vcpu_scan_ioapic (Wanpeng Li) [Orabug: 31078882] - vhost: Check docket sk_family instead of call getname (Eugenio P?rez) [Orabug: 31085993] {CVE-2020-10942} - Revert "oled: give panic handler chance to run before kexec" (Wengang Wang) [Orabug: 31098797] [4.1.12-124.37.3.el6uek] - kernel: cpu.c: fix return in void function cpu_smt_disable (Mihai Carabas) [Orabug: 31047871] - net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055327] {CVE-2019-18806} - swiotlb: clean up reporting (Kees Cook) [Orabug: 31085017] {CVE-2018-5953} - KVM: x86: Expose more Intel AVX512 feature to guest (Luwei Kang) [Orabug: 31085086] - x86/cpufeature: Enable new AVX-512 features (Fenghua Yu) [Orabug: 31085086] [4.1.12-124.37.2.el6uek] - xenbus: req->err should be updated before req->state (Dongli Zhang) [Orabug: 30705030] - xenbus: req->body should be updated before req->state (Dongli Zhang) [Orabug: 30705030] From el-errata at oss.oracle.com Thu Apr 9 15:17:35 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:17:35 -0700 Subject: [El-errata] ELBA-2020-1354 Oracle Linux 8 gcc-toolset-9-binutils bug fix update Message-ID: <27400f73-a839-9fdb-cd51-4d1966d1a44e@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1354 http://linux.oracle.com/errata/ELBA-2020-1354.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: gcc-toolset-9-binutils-2.32-17.el8_1.x86_64.rpm gcc-toolset-9-binutils-devel-2.32-17.el8_1.i686.rpm gcc-toolset-9-binutils-devel-2.32-17.el8_1.x86_64.rpm aarch64: gcc-toolset-9-binutils-2.32-17.el8_1.aarch64.rpm gcc-toolset-9-binutils-devel-2.32-17.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/gcc-toolset-9-binutils-2.32-17.el8_1.src.rpm Description of changes: [2.32-17] - Import gating tests from RHEL 8.2.0 branch. [2.32-16] - NVR change in order to test problems with gating. [2.32-15.1] - Fix a potential seg-fault in the BFD library when parsing pathalogical debug_info sections. (#1779255) - Fix a potential memory exhaustion in the BFD library when parsing corrupt DWARF debug information. - Backport H.J.Lu's patch to add a workaround for the JCC Errata to the assembler. (#1783958) - Fix potential integer overflow in readelf. (#1740470) - Fix potential integer overflow in GOLD. (#1739491) From el-errata at oss.oracle.com Thu Apr 9 15:18:12 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:18:12 -0700 Subject: [El-errata] ELBA-2020-1370 Oracle Linux 8 nftables bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1370 http://linux.oracle.com/errata/ELBA-2020-1370.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nftables-0.9.0-14.el8_1.1.i686.rpm nftables-0.9.0-14.el8_1.1.x86_64.rpm aarch64: nftables-0.9.0-14.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/nftables-0.9.0-14.el8_1.1.src.rpm Description of changes: [1:0.9.0-14.1] - monitor: Fix output for ranges in anonymous sets - monitor: Do not decompose non-anonymous sets From el-errata at oss.oracle.com Thu Apr 9 15:18:33 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:18:33 -0700 Subject: [El-errata] ELBA-2020-1367 Oracle Linux 8 coreutils bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1367 http://linux.oracle.com/errata/ELBA-2020-1367.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: coreutils-8.30-6.0.1.el8_1.1.x86_64.rpm coreutils-common-8.30-6.0.1.el8_1.1.x86_64.rpm coreutils-single-8.30-6.0.1.el8_1.1.x86_64.rpm aarch64: coreutils-8.30-6.0.1.el8_1.1.aarch64.rpm coreutils-common-8.30-6.0.1.el8_1.1.aarch64.rpm coreutils-single-8.30-6.0.1.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/coreutils-8.30-6.0.1.el8_1.1.src.rpm Description of changes: [8.30-6.0.1.el8_1.1] - clean up empty file if cp is failed [Orabug 15973168] [8.30-6.el8_1.1] - chcon: do not validate security context if SELinux is disabled (#1777831) From el-errata at oss.oracle.com Thu Apr 9 15:18:55 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:18:55 -0700 Subject: [El-errata] ELBA-2020-1365 Oracle Linux 8 kexec-tools bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1365 http://linux.oracle.com/errata/ELBA-2020-1365.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: kexec-tools-2.0.19-12.0.1.el8_1.2.x86_64.rpm aarch64: kexec-tools-2.0.19-12.0.1.el8_1.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kexec-tools-2.0.19-12.0.1.el8_1.2.src.rpm Description of changes: [2.0.19-12.0.1.el8_1.2] - change makedumpfile fixed size buffer for VMCOREINFO [Orabug: 29870551] - 99kdumpbase: Do not append ip=:dhcp if ip=dhcp is present [Orabug: 29518713] - rebase kexec-tools-2.0.8-dracut-module-setup-ibft-avoid-dup-config.patch [Orabug: 28872281] - don't patch files in SOURCES directory. That breaks building from the srpm (dave.kleikamp at oracle.com) - dracut-module-setup: avoid duplicate config for ibft [Orabug: 22780125] - kdumpctl: exclude default_hugepagesz setting from kdump kernel cmdline (Sriharsha Yadagudde) [Orabug: 19134999] - kdumpctl: verify if kernel support securelevel interface (Sriharsha Yadagudde) [Orabug: 18905671] [2.0.19-12.2] - arm64: kdump: deal with a lot of resource entries in /proc/iomem - arm64: kexec: allocate memory space avoiding reserved regions - kexec: add variant helper functions for handling memory regions From el-errata at oss.oracle.com Thu Apr 9 15:19:19 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:19:19 -0700 Subject: [El-errata] ELBA-2020-1369 Oracle Linux 8 augeas bug fix update Message-ID: <0fb1b629-bc5a-4f64-50c1-9f0f27ead0d7@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1369 http://linux.oracle.com/errata/ELBA-2020-1369.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: augeas-1.12.0-2.el8_1.1.x86_64.rpm augeas-libs-1.12.0-2.el8_1.1.i686.rpm augeas-libs-1.12.0-2.el8_1.1.x86_64.rpm augeas-devel-1.12.0-2.el8_1.1.i686.rpm augeas-devel-1.12.0-2.el8_1.1.x86_64.rpm aarch64: augeas-1.12.0-2.el8_1.1.aarch64.rpm augeas-libs-1.12.0-2.el8_1.1.aarch64.rpm augeas-devel-1.12.0-2.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/augeas-1.12.0-2.el8_1.1.src.rpm Description of changes: [1.12.0-2.el8_1.1] - Krb5: improve handling of [dbmodules]; allow include/includedir directives everywhere (RHBZ#1800552) From el-errata at oss.oracle.com Thu Apr 9 15:19:39 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:19:39 -0700 Subject: [El-errata] ELBA-2020-1366 Oracle Linux 8 rpm bug fix update Message-ID: <8fc288d5-4d34-eb1a-f894-425e0521e619@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1366 http://linux.oracle.com/errata/ELBA-2020-1366.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: python3-rpm-4.14.2-26.el8_1.x86_64.rpm rpm-4.14.2-26.el8_1.x86_64.rpm rpm-apidocs-4.14.2-26.el8_1.noarch.rpm rpm-build-4.14.2-26.el8_1.x86_64.rpm rpm-build-libs-4.14.2-26.el8_1.i686.rpm rpm-build-libs-4.14.2-26.el8_1.x86_64.rpm rpm-cron-4.14.2-26.el8_1.noarch.rpm rpm-devel-4.14.2-26.el8_1.i686.rpm rpm-devel-4.14.2-26.el8_1.x86_64.rpm rpm-libs-4.14.2-26.el8_1.i686.rpm rpm-libs-4.14.2-26.el8_1.x86_64.rpm rpm-plugin-ima-4.14.2-26.el8_1.x86_64.rpm rpm-plugin-prioreset-4.14.2-26.el8_1.x86_64.rpm rpm-plugin-selinux-4.14.2-26.el8_1.x86_64.rpm rpm-plugin-syslog-4.14.2-26.el8_1.x86_64.rpm rpm-plugin-systemd-inhibit-4.14.2-26.el8_1.x86_64.rpm rpm-sign-4.14.2-26.el8_1.x86_64.rpm aarch64: python3-rpm-4.14.2-26.el8_1.aarch64.rpm rpm-4.14.2-26.el8_1.aarch64.rpm rpm-apidocs-4.14.2-26.el8_1.noarch.rpm rpm-build-4.14.2-26.el8_1.aarch64.rpm rpm-build-libs-4.14.2-26.el8_1.aarch64.rpm rpm-cron-4.14.2-26.el8_1.noarch.rpm rpm-devel-4.14.2-26.el8_1.aarch64.rpm rpm-libs-4.14.2-26.el8_1.aarch64.rpm rpm-plugin-ima-4.14.2-26.el8_1.aarch64.rpm rpm-plugin-prioreset-4.14.2-26.el8_1.aarch64.rpm rpm-plugin-selinux-4.14.2-26.el8_1.aarch64.rpm rpm-plugin-syslog-4.14.2-26.el8_1.aarch64.rpm rpm-plugin-systemd-inhibit-4.14.2-26.el8_1.aarch64.rpm rpm-sign-4.14.2-26.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/rpm-4.14.2-26.el8_1.src.rpm Description of changes: [4.14.2-26] - Revert DBUS-shutdown patch, it causes regressions (#1790794) From el-errata at oss.oracle.com Thu Apr 9 15:20:01 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:20:01 -0700 Subject: [El-errata] ELBA-2020-1368 Oracle Linux 8 firewalld bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1368 http://linux.oracle.com/errata/ELBA-2020-1368.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: firewall-applet-0.7.0-5.0.1.el8_1.1.noarch.rpm firewall-config-0.7.0-5.0.1.el8_1.1.noarch.rpm firewalld-0.7.0-5.0.1.el8_1.1.noarch.rpm firewalld-filesystem-0.7.0-5.0.1.el8_1.1.noarch.rpm python3-firewall-0.7.0-5.0.1.el8_1.1.noarch.rpm aarch64: firewall-applet-0.7.0-5.0.1.el8_1.1.noarch.rpm firewall-config-0.7.0-5.0.1.el8_1.1.noarch.rpm firewalld-0.7.0-5.0.1.el8_1.1.noarch.rpm firewalld-filesystem-0.7.0-5.0.1.el8_1.1.noarch.rpm python3-firewall-0.7.0-5.0.1.el8_1.1.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/firewalld-0.7.0-5.0.1.el8_1.1.src.rpm Description of changes: [0.7.0-5.0.1.el8_1.1] - discard empty RH-Satellite-6.xml [Orabug: 30328734] - Red Hat Satellite and Red Hat high availaibility reference found in cockpit UI [Orabug: 30257573] [0.7.0-5.el8_1_0.1] - restore zone drifting as a feature From el-errata at oss.oracle.com Thu Apr 9 15:20:31 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:20:31 -0700 Subject: [El-errata] ELBA-2020-1357 Oracle Linux 8 luksmeta bug fix and enhancement update Message-ID: <5f596816-6710-e7f6-ded5-c4d44fc24e5e@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1357 http://linux.oracle.com/errata/ELBA-2020-1357.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libluksmeta-9-3.el8_1.1.i686.rpm libluksmeta-9-3.el8_1.1.x86_64.rpm libluksmeta-devel-9-3.el8_1.1.i686.rpm libluksmeta-devel-9-3.el8_1.1.x86_64.rpm luksmeta-9-3.el8_1.1.x86_64.rpm aarch64: libluksmeta-9-3.el8_1.1.aarch64.rpm libluksmeta-devel-9-3.el8_1.1.aarch64.rpm luksmeta-9-3.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/luksmeta-9-3.el8_1.1.src.rpm Description of changes: [9-3.1] - LUKSMeta now sets error level from libcryptsetup to CRYPT_LOG_ERROR, and this output is logged to stderr Resolves: rhbz#1770395 [9-3] - Enabled build gating - Synced layout test assumtions with recent cryptsetup changes Resolves: rhbz#1625683 From el-errata at oss.oracle.com Thu Apr 9 15:20:55 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:20:55 -0700 Subject: [El-errata] ELBA-2020-1356 Oracle Linux 8 mutter bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1356 http://linux.oracle.com/errata/ELBA-2020-1356.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: mutter-3.32.2-12.el8_1.i686.rpm mutter-3.32.2-12.el8_1.x86_64.rpm mutter-devel-3.32.2-12.el8_1.i686.rpm mutter-devel-3.32.2-12.el8_1.x86_64.rpm aarch64: SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/mutter-3.32.2-12.el8_1.src.rpm Description of changes: [3.32.2-12] - Handle lack of RANDR Resolves: #1792393 From el-errata at oss.oracle.com Thu Apr 9 15:22:02 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:22:02 -0700 Subject: [El-errata] ELSA-2020-1341 Critical: Oracle Linux 8 firefox security update Message-ID: <9b5a3b5c-7377-7fee-99e5-3a1f4d845cec@oracle.com> Oracle Linux Security Advisory ELSA-2020-1341 http://linux.oracle.com/errata/ELSA-2020-1341.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-68.6.1-1.0.1.el8_1.x86_64.rpm aarch64: firefox-68.6.1-1.0.1.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/firefox-68.6.1-1.0.1.el8_1.src.rpm Description of changes: [68.6.1-1.0.1.el8_1] - Rebuild to pickup Oracle default bookmarks [Orabug: 30069264] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references [Orabug: 30530527] [68.6.1-1] - Update to 68.6.1 ESR From el-errata at oss.oracle.com Thu Apr 9 15:22:23 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:22:23 -0700 Subject: [El-errata] ELSA-2020-1406 Important: Oracle Linux 8 firefox security update Message-ID: <8ccf6ed9-4041-45c1-1699-1059e01aad9e@oracle.com> Oracle Linux Security Advisory ELSA-2020-1406 http://linux.oracle.com/errata/ELSA-2020-1406.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-68.7.0-2.0.1.el8_1.x86_64.rpm aarch64: firefox-68.7.0-2.0.1.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/firefox-68.7.0-2.0.1.el8_1.src.rpm Description of changes: [68.7.0-2.0.1.el8_1] - Rebuild to pickup Oracle default bookmarks [Orabug: 30069264] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references [Orabug: 30530527] [68.7.0-2] - Update to 68.7.0 build3 From el-errata at oss.oracle.com Thu Apr 9 15:22:53 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:22:53 -0700 Subject: [El-errata] ELSA-2020-1372 Moderate: Oracle Linux 8 kernel security and bug fix update Message-ID: Oracle Linux Security Advisory ELSA-2020-1372 http://linux.oracle.com/errata/ELSA-2020-1372.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-abi-whitelists-4.18.0-147.8.1.el8_1.noarch.rpm kernel-core-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-cross-headers-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-debug-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-debug-core-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-debug-devel-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-debug-modules-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-debug-modules-extra-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-devel-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-doc-4.18.0-147.8.1.el8_1.noarch.rpm kernel-headers-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-modules-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-modules-extra-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-tools-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-tools-libs-4.18.0-147.8.1.el8_1.x86_64.rpm perf-4.18.0-147.8.1.el8_1.x86_64.rpm python3-perf-4.18.0-147.8.1.el8_1.x86_64.rpm kernel-tools-libs-devel-4.18.0-147.8.1.el8_1.x86_64.rpm aarch64: bpftool-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-abi-whitelists-4.18.0-147.8.1.el8_1.noarch.rpm kernel-core-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-cross-headers-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-debug-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-debug-core-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-debug-devel-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-debug-modules-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-debug-modules-extra-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-devel-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-doc-4.18.0-147.8.1.el8_1.noarch.rpm kernel-headers-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-modules-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-modules-extra-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-tools-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-tools-libs-4.18.0-147.8.1.el8_1.aarch64.rpm perf-4.18.0-147.8.1.el8_1.aarch64.rpm python3-perf-4.18.0-147.8.1.el8_1.aarch64.rpm kernel-tools-libs-devel-4.18.0-147.8.1.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-147.8.1.el8_1.src.rpm Description of changes: [4.18.0-147.8.1.el8_1.OL8] - Oracle Linux certificates (Alexey Petrenko) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] [4.18.0-147.8.1.el8_1] - rebuild, due infrastructure issues last kernel build wasn't signed properly [1807231 1807216] [4.18.0-147.7.1.el8_1] - [hid] hiddev: do cleanup in failure of opening a device (Benjamin Tissoires) [1803458 1803460] {CVE-2019-19527} - [hid] hiddev: avoid opening a disconnected device (Benjamin Tissoires) [1803458 1803460] {CVE-2019-19527} - [nvme] nvmet: fix discover log page when offsets are used (Gopal Tiwari) [1801216 1745836] - [netdrv] ibmvnic: Serialize device queries (Steve Best) [1794060 1778037] - [netdrv] ibmvnic: Bound waits for device queries (Steve Best) [1794060 1778037] - [netdrv] ibmvnic: Terminate waiting device threads after loss of service (Steve Best) [1794060 1778037] - [netdrv] ibmvnic: Fix completion structure initialization (Steve Best) [1794060 1778037] - [netdrv] ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (Steve Best) [1794060 1778037] - [tools] selftests/powerpc: Fix compile error on tlbie_test due to newer gcc (Desnes Augusto Nunes do Rosario) [1794058 1755707] - [tools] selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue (Desnes Augusto Nunes do Rosario) [1794058 1755707] - [powerpc] powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 (Desnes Augusto Nunes do Rosario) [1794058 1755707] - [powerpc] powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag (Desnes Augusto Nunes do Rosario) [1794058 1755707] - [powerpc] powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions (Desnes Augusto Nunes do Rosario) [1794058 1755707] [4.18.0-147.6.1.el8_1] - [crypto] crypto: chelsio - count incomplete block in IV (Jonathan Toppins) [1798527 1725813] - [crypto] crypto: chelsio - Fix softlockup with heavy I/O (Jonathan Toppins) [1798527 1725813] - [crypto] crypto: chelsio - Fix NULL pointer dereference (Jonathan Toppins) [1798527 1725813] - [nvme] nvme: Treat discovery subsystems as unique subsystems (Ewan Milne) [1798381 1757525] - [mm] mm/page-writeback.c: don't break integrity writeback on ->writepage() error (Christoph von Recklinghausen) [1797962 1782117] - [lib] crc-t10dif: crc_t10dif_mutex can be static (Vladis Dronov) [1797961 1769462] - [lib] crc-t10dif: Allow current transform to be inspected in sysfs (Vladis Dronov) [1797961 1769462] - [lib] crc-t10dif: Pick better transform if one becomes available (Vladis Dronov) [1797961 1769462] - [crypto] api - Introduce notifier for new crypto algorithms (Vladis Dronov) [1797961 1769462] - [block] blk-mq: make sure that line break can be printed (Ming Lei) [1797960 1741462] - [block] blk-mq: avoid sysfs buffer overflow with too many CPU cores (Ming Lei) [1797960 1741462] - [scsi] hpsa: update driver version (Joseph Szczypek) [1797519 1761968] - [scsi] scsi: hpsa: add missing hunks in reset-patch (Joseph Szczypek) [1797519 1761968] - [arm64] arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space (Mark Salter) [1797518 1757828] - [arm64] arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419 (Mark Salter) [1797518 1757828] - [arm64] arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 (Mark Salter) [1797518 1757828] - [arm64] arm64: Handle erratum 1418040 as a superset of erratum 1188873 (Mark Salter) [1797518 1757828] - [arm64] arm64: errata: Add workaround for Cortex-A76 erratum #1463225 (Mark Salter) [1797518 1757828] - [arm64] arm64: Kconfig: Tidy up errata workaround help text (Mark Salter) [1797518 1757828] - [arm64] arm64: Apply ARM64_ERRATUM_1188873 to Neoverse-N1 (Mark Salter) [1797518 1757828] - [arm64] arm64: Add part number for Neoverse N1 (Mark Salter) [1797518 1757828] - [arm64] arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT (Mark Salter) [1797518 1757828] - [arm64] arm64: Restrict ARM64_ERRATUM_1188873 mitigation to AArch32 (Mark Salter) [1797518 1757828] - [arm64] arm64: arch_timer: avoid unused function warning (Mark Salter) [1797518 1757828] - [arm64] arm64: Add workaround for Cortex-A76 erratum 1286807 (Mark Salter) [1797518 1757828] - [md] dm snapshot: rework COW throttling to fix deadlock (Mike Snitzer) [1796490 1758605] - [md] dm snapshot: introduce account_start_copy() and account_end_copy() (Mike Snitzer) [1796490 1758605] - [block] fix memleak of bio integrity data (Ming Lei) [1795338 1779898] - [powerpc] xive: Prevent page fault issues in the machine crash handler (Diego Domingos) [1795337 1756116] - [scsi] scsi: megaraid_sas: IRQ poll to avoid CPU hard lockups (Tomas Henzl) [1795335 1726251] - [powerpc] powerpc/perf: Disable trace_imc pmu (Steve Best) [1794061 1785573] - [s390] s390/qeth: ensure linear access to packet headers (Philipp Rudo) [1794059 1781085] - [s390] s390/qeth: guard against runt packets (Philipp Rudo) [1794059 1781085] - [s390] s390/qeth: handle skb allocation error gracefully (Philipp Rudo) [1794059 1781085] - [s390] s390/qeth: drop unwanted packets earlier in RX path (Philipp Rudo) [1794059 1781085] - [s390] s390/qeth: support per-frame invalidation (Philipp Rudo) [1794059 1781085] - [s390] s390/qeth: gather more detailed RX dropped/error statistics (Philipp Rudo) [1794059 1781085] - [s390] s390/net: Mark expected switch fall-throughs (Philipp Rudo) [1794059 1781085] - [s390] s390/qeth: consolidate skb RX processing in L3 driver (Philipp Rudo) [1794059 1781085] - [s390] s390/qeth: remove RX seqno in skb->cb (Philipp Rudo) [1794059 1781085] - [powerpc] kvm: ppc: book3s hv: Flush link stack on guest exit to host kernel (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660} - [powerpc] book3s64: Fix link stack flush on context switch (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660} - [powerpc] 64s: support nospectre_v2 cmdline option (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660} - [powerpc] fsl: Update Spectre v2 reporting (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660} - [powerpc] fsl: Add nospectre_v2 command line argument (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660} - [powerpc] fsl: Fix spectre_v2 mitigations reporting (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660} - [powerpc] 64: Make meltdown reporting Book3S 64 specific (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660} - [powerpc] 64: Disable the speculation barrier from the command line (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660} - [firmware] efi/memreserve: Register reservations as 'reserved' in /proc/iomem (Bhupesh Sharma) [1792200 1772730] - [firmware] efi/memreserve: deal with memreserve entries in unmapped memory (Bhupesh Sharma) [1792200 1772730] - [s390] s390/cpum_sf: save TOD clock base in SDBs for time conversion (Philipp Rudo) [1792198 1743504] - [s390] s390/sclp: Fix bit checked for has_sipl (Philipp Rudo) [1791408 1748347] - [scsi] qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd (Himanshu Madhani) [1790350 1782598] - [scsi] qla2xxx: Added support for MPI and PEP regions for ISP28XX (Himanshu Madhani) [1790350 1782598] - [scsi] qla2xxx: Correctly retrieve and interpret active flash region (Himanshu Madhani) [1790350 1782598] - [powerpc] powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction (Gustavo Duarte) [1788862 1750653] {CVE-2019-15030} - [powerpc] powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts (Gustavo Duarte) [1791630 1750653] {CVE-2019-15031} - [scsi] scsi: qla2xxx: Fix different size DMA Alloc/Unmap (Himanshu Madhani) [1788206 1753031] - [scsi] qla2xxx: call dma_free_coherent with correct size in all cases in qla24xx_sp_unmap (Himanshu Madhani) [1788206 1753031] - [fs] devpts_pty_kill(): don't bother with d_delete() (Eric Sandeen) [1783959 1772718] - [fs] devpts: always delete dcache dentry-s in dput() (Eric Sandeen) [1783959 1772718] From el-errata at oss.oracle.com Thu Apr 9 15:23:20 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:23:20 -0700 Subject: [El-errata] ELBA-2020-1375 Oracle Linux 8 openssl bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1375 http://linux.oracle.com/errata/ELBA-2020-1375.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: openssl-1.1.1c-2.el8_1.1.x86_64.rpm openssl-devel-1.1.1c-2.el8_1.1.i686.rpm openssl-devel-1.1.1c-2.el8_1.1.x86_64.rpm openssl-libs-1.1.1c-2.el8_1.1.i686.rpm openssl-libs-1.1.1c-2.el8_1.1.x86_64.rpm openssl-perl-1.1.1c-2.el8_1.1.x86_64.rpm aarch64: openssl-1.1.1c-2.el8_1.1.aarch64.rpm openssl-devel-1.1.1c-2.el8_1.1.aarch64.rpm openssl-libs-1.1.1c-2.el8_1.1.aarch64.rpm openssl-perl-1.1.1c-2.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/openssl-1.1.1c-2.el8_1.1.src.rpm Description of changes: [1.1.1c-2.1] - add selftest of the RAND_DRBG implementation - fix incorrect error return value from FIPS_selftest_dsa From el-errata at oss.oracle.com Thu Apr 9 15:23:41 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:23:41 -0700 Subject: [El-errata] ELBA-2020-1377 Oracle Linux 8 sssd bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1377 http://linux.oracle.com/errata/ELBA-2020-1377.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libipa_hbac-2.2.0-19.el8_1.1.i686.rpm libipa_hbac-2.2.0-19.el8_1.1.x86_64.rpm libsss_autofs-2.2.0-19.el8_1.1.x86_64.rpm libsss_certmap-2.2.0-19.el8_1.1.i686.rpm libsss_certmap-2.2.0-19.el8_1.1.x86_64.rpm libsss_idmap-2.2.0-19.el8_1.1.i686.rpm libsss_idmap-2.2.0-19.el8_1.1.x86_64.rpm libsss_nss_idmap-2.2.0-19.el8_1.1.i686.rpm libsss_nss_idmap-2.2.0-19.el8_1.1.x86_64.rpm libsss_simpleifp-2.2.0-19.el8_1.1.i686.rpm libsss_simpleifp-2.2.0-19.el8_1.1.x86_64.rpm libsss_sudo-2.2.0-19.el8_1.1.x86_64.rpm python3-libipa_hbac-2.2.0-19.el8_1.1.x86_64.rpm python3-libsss_nss_idmap-2.2.0-19.el8_1.1.x86_64.rpm python3-sss-2.2.0-19.el8_1.1.x86_64.rpm python3-sss-murmur-2.2.0-19.el8_1.1.x86_64.rpm python3-sssdconfig-2.2.0-19.el8_1.1.noarch.rpm sssd-2.2.0-19.el8_1.1.x86_64.rpm sssd-ad-2.2.0-19.el8_1.1.x86_64.rpm sssd-client-2.2.0-19.el8_1.1.i686.rpm sssd-client-2.2.0-19.el8_1.1.x86_64.rpm sssd-common-2.2.0-19.el8_1.1.x86_64.rpm sssd-common-pac-2.2.0-19.el8_1.1.x86_64.rpm sssd-dbus-2.2.0-19.el8_1.1.x86_64.rpm sssd-ipa-2.2.0-19.el8_1.1.x86_64.rpm sssd-kcm-2.2.0-19.el8_1.1.x86_64.rpm sssd-krb5-2.2.0-19.el8_1.1.x86_64.rpm sssd-krb5-common-2.2.0-19.el8_1.1.x86_64.rpm sssd-ldap-2.2.0-19.el8_1.1.x86_64.rpm sssd-libwbclient-2.2.0-19.el8_1.1.x86_64.rpm sssd-nfs-idmap-2.2.0-19.el8_1.1.x86_64.rpm sssd-polkit-rules-2.2.0-19.el8_1.1.x86_64.rpm sssd-proxy-2.2.0-19.el8_1.1.x86_64.rpm sssd-tools-2.2.0-19.el8_1.1.x86_64.rpm sssd-winbind-idmap-2.2.0-19.el8_1.1.x86_64.rpm libsss_nss_idmap-devel-2.2.0-19.el8_1.1.i686.rpm libsss_nss_idmap-devel-2.2.0-19.el8_1.1.x86_64.rpm aarch64: libipa_hbac-2.2.0-19.el8_1.1.aarch64.rpm libsss_autofs-2.2.0-19.el8_1.1.aarch64.rpm libsss_certmap-2.2.0-19.el8_1.1.aarch64.rpm libsss_idmap-2.2.0-19.el8_1.1.aarch64.rpm libsss_nss_idmap-2.2.0-19.el8_1.1.aarch64.rpm libsss_simpleifp-2.2.0-19.el8_1.1.aarch64.rpm libsss_sudo-2.2.0-19.el8_1.1.aarch64.rpm python3-libipa_hbac-2.2.0-19.el8_1.1.aarch64.rpm python3-libsss_nss_idmap-2.2.0-19.el8_1.1.aarch64.rpm python3-sss-2.2.0-19.el8_1.1.aarch64.rpm python3-sss-murmur-2.2.0-19.el8_1.1.aarch64.rpm python3-sssdconfig-2.2.0-19.el8_1.1.noarch.rpm sssd-2.2.0-19.el8_1.1.aarch64.rpm sssd-ad-2.2.0-19.el8_1.1.aarch64.rpm sssd-client-2.2.0-19.el8_1.1.aarch64.rpm sssd-common-2.2.0-19.el8_1.1.aarch64.rpm sssd-common-pac-2.2.0-19.el8_1.1.aarch64.rpm sssd-dbus-2.2.0-19.el8_1.1.aarch64.rpm sssd-ipa-2.2.0-19.el8_1.1.aarch64.rpm sssd-kcm-2.2.0-19.el8_1.1.aarch64.rpm sssd-krb5-2.2.0-19.el8_1.1.aarch64.rpm sssd-krb5-common-2.2.0-19.el8_1.1.aarch64.rpm sssd-ldap-2.2.0-19.el8_1.1.aarch64.rpm sssd-libwbclient-2.2.0-19.el8_1.1.aarch64.rpm sssd-nfs-idmap-2.2.0-19.el8_1.1.aarch64.rpm sssd-polkit-rules-2.2.0-19.el8_1.1.aarch64.rpm sssd-proxy-2.2.0-19.el8_1.1.aarch64.rpm sssd-tools-2.2.0-19.el8_1.1.aarch64.rpm sssd-winbind-idmap-2.2.0-19.el8_1.1.aarch64.rpm libsss_nss_idmap-devel-2.2.0-19.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/sssd-2.2.0-19.el8_1.1.src.rpm Description of changes: [2.2.0-19.1] - Resolves: rhbz#1816591 - p11_child should have an option to skip C_WaitForSlotEvent if the PKCS#11 module does not implement it properly [rhel-8.1.0.z] From el-errata at oss.oracle.com Thu Apr 9 15:24:12 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:24:12 -0700 Subject: [El-errata] ELBA-2020-1374 Oracle Linux 8 systemd bug fix and enhancement update Message-ID: <0f51b084-9b21-0b23-bdef-c41402f83c6f@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1374 http://linux.oracle.com/errata/ELBA-2020-1374.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: systemd-239-18.0.2.el8_1.5.i686.rpm systemd-239-18.0.2.el8_1.5.x86_64.rpm systemd-container-239-18.0.2.el8_1.5.i686.rpm systemd-container-239-18.0.2.el8_1.5.x86_64.rpm systemd-devel-239-18.0.2.el8_1.5.i686.rpm systemd-devel-239-18.0.2.el8_1.5.x86_64.rpm systemd-journal-remote-239-18.0.2.el8_1.5.x86_64.rpm systemd-libs-239-18.0.2.el8_1.5.i686.rpm systemd-libs-239-18.0.2.el8_1.5.x86_64.rpm systemd-pam-239-18.0.2.el8_1.5.x86_64.rpm systemd-tests-239-18.0.2.el8_1.5.x86_64.rpm systemd-udev-239-18.0.2.el8_1.5.x86_64.rpm aarch64: systemd-239-18.0.2.el8_1.5.aarch64.rpm systemd-container-239-18.0.2.el8_1.5.aarch64.rpm systemd-devel-239-18.0.2.el8_1.5.aarch64.rpm systemd-journal-remote-239-18.0.2.el8_1.5.aarch64.rpm systemd-libs-239-18.0.2.el8_1.5.aarch64.rpm systemd-pam-239-18.0.2.el8_1.5.aarch64.rpm systemd-tests-239-18.0.2.el8_1.5.aarch64.rpm systemd-udev-239-18.0.2.el8_1.5.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/systemd-239-18.0.2.el8_1.5.src.rpm Description of changes: [239-18.0.2.el8_1.5] - fix to generate systemd-pstore.service file [Orabug: 30230056] - fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam at oracle.com) [Orabug: 25897792] - set "RemoveIPC=no" in logind.conf as default for OL7.2 [Orabug: 22224874] - allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469] - add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475] - Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056] [239-18.5] - journal: do not trigger assertion when journal_file_close() get NULL (#1807350) - journal: use cleanup attribute at one more place (#1807350) From el-errata at oss.oracle.com Thu Apr 9 15:24:38 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 9 Apr 2020 15:24:38 -0700 Subject: [El-errata] ELSA-2020-1403 Important: Oracle Linux 6 qemu-kvm security and bug fix update Message-ID: <52f45dd4-80d4-b43f-980c-37748cc00b3f@oracle.com> Oracle Linux Security Advisory ELSA-2020-1403 http://linux.oracle.com/errata/ELSA-2020-1403.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm Description of changes: [0.12.1.2-2.506.el6_10.7] - kvm-slirp-disable-tcp_emu.patch [bz#1791680] - kvm-slirp-add-slirp_fmt-helpers.patch [bz#1798966] - kvm-tcp_emu-fix-unsafe-snprintf-usages.patch [bz#1798966] - Resolves: bz#1791680 (QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-6]) - Resolves: bz#1798966 (CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf() usages [rhel-6.10.z]) From el-errata at oss.oracle.com Fri Apr 10 02:31:30 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 10:31:30 +0100 Subject: [El-errata] New Ksplice updates for RHCK 8 (ELSA-2020-1372) Message-ID: Synopsis: ELSA-2020-1372 can now be patched using Ksplice CVEs: CVE-2019-19527 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2020-1372. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2020-1372.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running RHCK 8 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2019-19527: Denial-of-service in USB HID device open. A race condition when opening a USB HID device could result in a use-after-free and kernel crash. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Fri Apr 10 09:40:33 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:40:33 -0700 Subject: [El-errata] ELBA-2020-1206 Oracle Linux 7 zsh bug fix and enhancement update Message-ID: <594bba90-18f5-ab29-6a6d-b74dd72947ed@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1206 http://linux.oracle.com/errata/ELBA-2020-1206.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: zsh-5.0.2-34.el7_8.2.x86_64.rpm zsh-html-5.0.2-34.el7_8.2.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/zsh-5.0.2-34.el7_8.2.src.rpm Description of changes: [5.0.2-34.el7_8.2] - improve printing of error messages introduced by the fix of CVE-2019-20044 [5.0.2-34.el7_8.1] - drop privileges securely when unsetting PRIVILEGED option (CVE-2019-20044) From el-errata at oss.oracle.com Fri Apr 10 09:41:01 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:41:01 -0700 Subject: [El-errata] ELBA-2020-1204 Oracle Linux 7 lftp bug fix and enhancement update Message-ID: <26d5936f-8da2-2c0a-6062-164fb64821a9@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1204 http://linux.oracle.com/errata/ELBA-2020-1204.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: lftp-4.4.8-12.el7_8.1.i686.rpm lftp-4.4.8-12.el7_8.1.x86_64.rpm lftp-scripts-4.4.8-12.el7_8.1.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/lftp-4.4.8-12.el7_8.1.src.rpm Description of changes: [4.4.8-12.1] - Resolves: #1797964 - lftp with ssl gives error Fatal error: gnutls_record_recv: The TLS connection was non-properly terminated [4.4.8-12] - Resolves: #1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased From el-errata at oss.oracle.com Fri Apr 10 09:44:15 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:44:15 -0700 Subject: [El-errata] ELBA-2020-1205 Oracle Linux 7 bind bug fix and enhancement update Message-ID: <93b003db-861e-33e1-6ccd-01442f20f96d@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1205 http://linux.oracle.com/errata/ELBA-2020-1205.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: bind-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-chroot-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-devel-9.11.4-16.P2.el7_8.2.i686.rpm bind-devel-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-export-devel-9.11.4-16.P2.el7_8.2.i686.rpm bind-export-devel-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-export-libs-9.11.4-16.P2.el7_8.2.i686.rpm bind-export-libs-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-libs-9.11.4-16.P2.el7_8.2.i686.rpm bind-libs-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-libs-lite-9.11.4-16.P2.el7_8.2.i686.rpm bind-libs-lite-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-license-9.11.4-16.P2.el7_8.2.noarch.rpm bind-lite-devel-9.11.4-16.P2.el7_8.2.i686.rpm bind-lite-devel-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-pkcs11-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.2.i686.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.2.i686.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-sdb-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.2.x86_64.rpm bind-utils-9.11.4-16.P2.el7_8.2.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/bind-9.11.4-16.P2.el7_8.2.src.rpm Description of changes: [32:9.11.4-16.P2.2] - Disable unit test timer_test on ppc64le because of its instability [32:9.11.4-16.P2.1] - Prevent deadlock on reload (#1805685) From el-errata at oss.oracle.com Fri Apr 10 09:44:39 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:44:39 -0700 Subject: [El-errata] ELBA-2020-1207 Oracle Linux 7 systemd bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1207 http://linux.oracle.com/errata/ELBA-2020-1207.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libgudev1-219-73.0.1.el7_8.5.i686.rpm libgudev1-219-73.0.1.el7_8.5.x86_64.rpm libgudev1-devel-219-73.0.1.el7_8.5.i686.rpm libgudev1-devel-219-73.0.1.el7_8.5.x86_64.rpm systemd-219-73.0.1.el7_8.5.x86_64.rpm systemd-devel-219-73.0.1.el7_8.5.i686.rpm systemd-devel-219-73.0.1.el7_8.5.x86_64.rpm systemd-journal-gateway-219-73.0.1.el7_8.5.x86_64.rpm systemd-libs-219-73.0.1.el7_8.5.i686.rpm systemd-libs-219-73.0.1.el7_8.5.x86_64.rpm systemd-networkd-219-73.0.1.el7_8.5.x86_64.rpm systemd-python-219-73.0.1.el7_8.5.x86_64.rpm systemd-resolved-219-73.0.1.el7_8.5.i686.rpm systemd-resolved-219-73.0.1.el7_8.5.x86_64.rpm systemd-sysv-219-73.0.1.el7_8.5.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/systemd-219-73.0.1.el7_8.5.src.rpm Description of changes: [219-73.5.0.1] - enable and start the pstore service [Orabug: 30950903] - fix to generate the systemd-pstore.service file [Orabug: 30235241] - Backport upstream patches for the new systemd-pstore tool [Orabug: 30235241] - do not create utmp update symlinks for reboot and poweroff [Orabug: 27854896] - OL7 udev rule for virtio net standby interface [Orabug: 28826743] - fix _netdev is missing for iscsi entry in /etc/fstab [Orabug: 25897792] (tony.l.lam at oracle.com) - set "RemoveIPC=no" in logind.conf as default for OL7.2 [22224874] - allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469] - add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475] [219-73.5] - core: enforce a ratelimiter when stopping units due to StopWhenUnneeded=1 (#1810576) - core: rework StopWhenUnneeded= logic (#1810576) - fix the fix for #1691511 (#1809159) [219-73.4] - mount: don't propagate errors from mount_setup_unit() further up (#1809159) - mount: when allocating a Mount object based on /proc/self/mountinfo mark it so (#1809159) [219-73.3] - journal: do not trigger assertion when journal_file_close() get NULL (#1807798) [219-73.2] - core: when restarting services, don't close fds (#1803802) - unit: rework a bit how we keep the service fdstore from being destroyed during service restart (#1803802) - tests: add basic journal test (#1803802) - tests: add regression test for `systemctl restart systemd-journald` (#1803802) - tests: add test that journald keeps fds over termination by signal (#1803802) From el-errata at oss.oracle.com Fri Apr 10 09:45:01 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:45:01 -0700 Subject: [El-errata] ELBA-2020-1210 Oracle Linux 7 python-requests bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1210 http://linux.oracle.com/errata/ELBA-2020-1210.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: python-requests-2.6.0-9.el7_8.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/python-requests-2.6.0-9.el7_8.src.rpm Description of changes: [2.6.0-9] - Bring back the requests.packages aliasing of its submodules Resolves: rhbz#1811050, rhbz#1811057, rhbz#1811107, rhbz#1811113 From el-errata at oss.oracle.com Fri Apr 10 09:45:26 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:45:26 -0700 Subject: [El-errata] ELBA-2020-1212 Oracle Linux 7 rdma-core bug fix and enhancement update Message-ID: <8a11059e-9146-335e-f26d-07f8566b1515@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1212 http://linux.oracle.com/errata/ELBA-2020-1212.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: ibacm-22.4-2.el7_8.x86_64.rpm iwpmd-22.4-2.el7_8.x86_64.rpm libibumad-22.4-2.el7_8.i686.rpm libibumad-22.4-2.el7_8.x86_64.rpm libibverbs-22.4-2.el7_8.i686.rpm libibverbs-22.4-2.el7_8.x86_64.rpm libibverbs-utils-22.4-2.el7_8.x86_64.rpm librdmacm-22.4-2.el7_8.i686.rpm librdmacm-22.4-2.el7_8.x86_64.rpm librdmacm-utils-22.4-2.el7_8.x86_64.rpm rdma-core-22.4-2.el7_8.i686.rpm rdma-core-22.4-2.el7_8.x86_64.rpm rdma-core-devel-22.4-2.el7_8.i686.rpm rdma-core-devel-22.4-2.el7_8.x86_64.rpm srp_daemon-22.4-2.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/rdma-core-22.4-2.el7_8.src.rpm Description of changes: [22.4-2] - Fix ibacm segfault for dual port HCA support IB and Ethernet - Resolves: rhbz#1793585 From el-errata at oss.oracle.com Fri Apr 10 09:45:48 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:45:48 -0700 Subject: [El-errata] ELSA-2020-1208 Important: Oracle Linux 7 qemu-kvm security update Message-ID: <2a45b8c8-f698-0969-f258-31f59ed099d7@oracle.com> Oracle Linux Security Advisory ELSA-2020-1208 http://linux.oracle.com/errata/ELSA-2020-1208.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: qemu-img-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-common-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-tools-1.5.3-173.el7_8.1.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-173.el7_8.1.src.rpm Description of changes: [1.5.3-173.el7_8.1] - kvm-util-add-slirp_fmt-helpers.patch [bz#1798970] - kvm-tcp_emu-fix-unsafe-snprintf-usages.patch [bz#1798970] - Resolves: bz#1798970 (CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf() usages [rhel-7.8.z]) From el-errata at oss.oracle.com Fri Apr 10 09:46:09 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:46:09 -0700 Subject: [El-errata] ELBA-2020-1213 Oracle Linux 7 net-snmp bug fix and enhancement update Message-ID: <5fde0383-e605-f288-0777-3c8ae36703cf@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1213 http://linux.oracle.com/errata/ELBA-2020-1213.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: net-snmp-5.7.2-48.el7_8.x86_64.rpm net-snmp-agent-libs-5.7.2-48.el7_8.i686.rpm net-snmp-agent-libs-5.7.2-48.el7_8.x86_64.rpm net-snmp-devel-5.7.2-48.el7_8.i686.rpm net-snmp-devel-5.7.2-48.el7_8.x86_64.rpm net-snmp-gui-5.7.2-48.el7_8.x86_64.rpm net-snmp-libs-5.7.2-48.el7_8.i686.rpm net-snmp-libs-5.7.2-48.el7_8.x86_64.rpm net-snmp-perl-5.7.2-48.el7_8.x86_64.rpm net-snmp-python-5.7.2-48.el7_8.x86_64.rpm net-snmp-sysvinit-5.7.2-48.el7_8.x86_64.rpm net-snmp-utils-5.7.2-48.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/net-snmp-5.7.2-48.el7_8.src.rpm Description of changes: [1:5.7.2-48] - fix crash due of double-free of security context (#1809076) From el-errata at oss.oracle.com Fri Apr 10 09:46:30 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:46:30 -0700 Subject: [El-errata] ELSA-2020-1334 Important: Oracle Linux 7 telnet security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1334 http://linux.oracle.com/errata/ELSA-2020-1334.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: telnet-0.17-65.el7_8.x86_64.rpm telnet-server-0.17-65.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/telnet-0.17-65.el7_8.src.rpm Description of changes: [1:0.17-65] - Resolves: #1814475 - Arbitrary remote code execution in utility.c via short writes or urgent data From el-errata at oss.oracle.com Fri Apr 10 09:47:08 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 09:47:08 -0700 Subject: [El-errata] ELSA-2020-1338 Critical: Oracle Linux 7 firefox security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1338 http://linux.oracle.com/errata/ELSA-2020-1338.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-68.6.1-1.0.1.el7_8.i686.rpm firefox-68.6.1-1.0.1.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/firefox-68.6.1-1.0.1.el7_8.src.rpm Description of changes: [68.6.1-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [68.6.1-1] - Update to 68.6.1 ESR From el-errata at oss.oracle.com Fri Apr 10 10:08:16 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 10:08:16 -0700 Subject: [El-errata] ELSA-2020-1420 Important: Oracle Linux 7 firefox security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1420 http://linux.oracle.com/errata/ELSA-2020-1420.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-68.7.0-2.0.1.el7_8.i686.rpm firefox-68.7.0-2.0.1.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/firefox-68.7.0-2.0.1.el7_8.src.rpm Description of changes: [68.7.0-2.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [68.7.0-2] - Update to 68.7.0 build3 From el-errata at oss.oracle.com Fri Apr 10 12:57:12 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 21:57:12 +0200 Subject: [El-errata] New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELSA-2020-5642) Message-ID: <20200410195712.GA21507@chrystal> Synopsis: ELSA-2020-5642 can now be patched using Ksplice CVEs: CVE-2019-18806 CVE-2020-10942 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2020-5642. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2020-5642.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on OL6 and OL7 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2019-18806: Memory leak when allocating large buffers in QLogic QLA3XXX Network driver. A missing free of resources when allocating large buffers in QLogic QLA3XXX Network driver could lead to a memory leak. A local attacker could use this flaw to exhaust kernel memory and cause a denial-of-service. Orabug: 31055327 * NULL dereference while writing Hyper-V SINT14 MSR. It is possible for KVM's IOAPIC scan logic to be triggered inappropriately when attempting to write to Hyper-V's SINT14 MSR. If an IOAPIC has not been initialized, this can lead to a NULL dereference, and subsequent kernel panic. This could be used to cause a denial-of-service. Orabug: 31078882 * CVE-2020-10942: Out-of-bounds memory access in the Virtual host driver. Invalid input validation could lead to type confusion and out-of-bounds memory accesses. A local unprivileged user could use this to cause a denial-of-service or potentially escalate privileges. Orabug: 31085993 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Fri Apr 10 13:38:50 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 13:38:50 -0700 Subject: [El-errata] ELBA-2020-1364 Oracle Linux 8 cloud-init bug fix and enhancement update Message-ID: <04712bfb-bc49-17f7-b886-edb75b47446f@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1364 http://linux.oracle.com/errata/ELBA-2020-1364.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: cloud-init-18.5-7.0.1.el8_1.1.noarch.rpm aarch64: cloud-init-18.5-7.0.1.el8_1.1.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/cloud-init-18.5-7.0.1.el8_1.1.src.rpm Description of changes: [18.5-7.0.1.el8_1.1] - Changes to ignore all enslaved interfaces [Orabug: 30092148] - Fix swap file size allocation logic to allocate maxsize [Orabug: 29952349] - Make Oracle datasource detect dracut based config files [Orabug: 29956753] - add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch: 1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 (Bugzilla) [18.5-7.el8_1_0.1] - ci-azure-avoid.patch [bz#1810112] - Resolves: bz#1810112 ([RHEL-8] cloud-init Azure byte swap (hyperV Gen2 Only) [rhel-8.1.0.z]) From el-errata at oss.oracle.com Fri Apr 10 13:39:15 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 10 Apr 2020 13:39:15 -0700 Subject: [El-errata] ELBA-2020-1371 Oracle Linux 8 binutils bug fix and enhancement update Message-ID: <93150ef7-e365-4b82-9065-c89be5b0c07c@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1371 http://linux.oracle.com/errata/ELBA-2020-1371.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: binutils-2.30-58.0.11.el8_1.2.x86_64.rpm binutils-devel-2.30-58.0.11.el8_1.2.i686.rpm binutils-devel-2.30-58.0.11.el8_1.2.x86_64.rpm aarch64: binutils-2.30-58.0.11.el8_1.2.aarch64.rpm binutils-devel-2.30-58.0.11.el8_1.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/binutils-2.30-58.0.11.el8_1.2.src.rpm Description of changes: [2.30-58.0.11.el8_1.2] - Support cv-qualified bitfields - Fix off-by-one error in SHA-1 sizing [Orabug: 31033044] [Orabug: 31033047] - Fix deduplication of ambiguously-named types in CTF. - CTF types without names are not ambiguously-named. - Stop the CTF_LINK_EMPTY_CU_MAPPINGS flag crashing. - Only emit ambiguous types as hidden if they are named and there is already a type with that name. - Make sure completely empty dicts get their header written out properly - Do not fail if adding anonymous struct/union members to structs/unions that already contain other anonymous members at a different offset - Correctly look up pointers to non-root-visible structures - Emit error messages in dumping into the dump stream - Do not abort early on dump-time errors - Elide likely duplicates (same name, same kind) within a single TU (cross- TU duplicate/ambiguous-type detection works as before). - Fix linking of the CTF variable section - Fix spurious conflicts of variables (also affects the nondeduplicating linker) - Defend against CUs without names - When linking only a single input file, set the output CTF CU name to the name of the input [Orabug: 31001711] [Orabug: 31001722] - Backport the non-cycle-detecting-capable deduplicating CTF linker [Orabug: 31001711] [Orabug: 31001722] - Backport a fix for an upstream hashtab crash (no upstream bug number), triggered by the above. - Backport the following patch with binutils-aarch64-stub-alignment.patch: 9a2ebffd4dd9 - Ensure 8-byte alignment for AArch64 stubs. - Add CTF machinery, including libctf.so and libctf-nonbfd.so. [Orabug: 30102938] [Orabug: 30102941] - Backport the fix for upstream bug 23919, required by above. - Provide PIC libctf*.a files and linker scripts to avoid linking with the shared objects from binutils. This is to avoid adding a hard architecture dependency between binutils-devel and binutils packages. [2.30-58.2] - Allow the BFD library to handle the copying of files containing secondary reloc sections. (#1803825) [2.30-58.1] - Backport H.J.Lu's patch to add a workaround for the JCC Errata to the assembler. (#1783957) [2.30-58] - Stop the BFD library from complaining about sections with multiple sets of relocations. (#1749084) [2.30-57] - Fix a thinko in the new gas tests for the s390x arch13 extension. (#1710860) [2.30-56] - Remove a spurious debugging message left in the binutils-note-merge-improvements.patch. [2.30-55] - Fix a problem when producing non-PIE binaries using the GOLD linker for AArch64. (#1693661) [2.30-54] - Further enhance the support for the arch13 extensions to the s390x architecture. (#1659437) [2.30-53] - Do not enable IBT when an object file contains code but no GNU Property notes. (#1687774) [2.30-52] - Add support for partially relocatable GOT sections on the s390x architecture. (#1525406) [2.30-51] - Add support for the arch13 extension to the s390x architecture. (#1659437) [2.30-50] - Add support for disassembling NFP binaries. (#1644391) [2.30-49] - Have the GOLD linker produce 8-byte aligned GNU Property notes. (#1614908) [2.30-48] - Make the x86_64 linker produce IBT-enabled TLS stubs. (PR 23000). (#1637072) [2.30-47] - Fix a potential buffer overrun when parsing a corrupt ELF file. (#1632912) [2.30-46] - Add a .attach_to_group pseuo-op to assembler (for use by annobin). (#1630574) [2.30-45] - Stop the binutils from statically linking with libstdc++. (#1630550) [2.30-44] - Include gold testsuite results in test logs. [2.30-43] - Add (very basic) gating tests for the binutils. (#1625683) [2.30-42] - Update x86_64 linker testsuite after previous delta. (#1624779) [2.30-41] - Disable the x86_64 linker's elimination of PLT entries. (#1624779) [2.30-40] - Disable readelf's reporting of gaps in build notes. (#1623556) [2.30-39] - Fix some more PowerPC64 linker testsuite failures. (#1584565) [2.30-38] - Remove PLT eliision patch. (#1618748) - Restore the binutils-2.25-set-long-long.patch. [2.30-36] - Fix GOLDs creation of PT_NOTE segments. (#1614908) (#1614920) [2.30-35] - Improve objcopy's --merge-notes option. (#1608390) [2.30-34] - Remove x86 ISA property notes with empty bits. (#1609801) [2.30-33] - Rebuild with fixed binutils [2.30-32] - Move the .gnu.build.attributes section to after the .comment section. [2.30-31] - Fix a thinko in the merge patch. [2.30-30] - Fix a typo in the merge patch. [2.30-29] - Merge .gnu.build.attribute sections together. (#1608390) [2.30-27] - Fix the gold linker so that it can handle relocs in discardeable note sections. (#1607054) [2.30-26] - Fix the generation of relocations for assembler created notes. (#1598551) [2.30-25] - Minor spec cleanups and fixes. [2.30-24] - When installing both ld.bfd and ld.gold, do not reset the current alternative if upgrading. (#1592069) [2.30-23] - Correct warning messages about incompatible PowerPC IEEE long double settings. [2.30-22] - Fix handling of local versioned symbols by the x86 linker. (PR 23194) - Fix linker testsuite failures. [2.30-21] - Fix a seg-fault parsing PE format binaries. (#1560829) [2.30-20] - Have the x86 linker resolve relocations against the _end, _edata and __bss_start symbols locally. (#1576735) - Do not generate GNU build notes for linkonce sections. (#1576362) [2.30-19] - Fix a seg-fault running objcopy on a corrupt PE format file. (#1574702) - Fix a seg-fault running objcopy on a corrupt ELF format file. (#1574705) [2.30-18] - Fix a seg-fault parsing corrupt DWARF information. (#1573360) - Fix another seg-fault parsing corrupt DWARF information. (#1573367) - Fix a seg-fault copying a corrupt ELF file. (#1551788) - Fix a seg-fault parsing a large ELF files on a 32-bit host. (#1539891) - Fix a seg-fault running nm on a corrupt ELF file. (#15343247) - Fix a seg-fault running nm on a file containing corrupt DWARF information. (#1551781) - Fix another seg-fault running nm on a file containing corrupt DWARF information. (#1551763) [2.30-17] - Disable the automatic generation of annobin notes. (#1572485) [2.30-16] - Fix for PR 22887 - crashing objdump by passing it a corrupt AOUT binary. (#1553115) - Fix for PR 22905 - crashing objdump by passing it a corrupt DWARF file. (#1553122) - Fix for PR 22741 - crashing objdump by passing it a corrupt COFF file. (#1571918) [2.30-15] - Enhance the assembler to automatically generate annobin notes if none are present in the input. [2.30-14] - Fix the GOLD linker's processing of protected symbols created by the LLVM plugin. (#1559234 and PR 22868) [2.30-13] - Do not discard debugobj files created by GCC v8 LTO wrapper. (#1543912 and RHBZ 84847 and PR 20882) [2.30-12] - Treat relocs against s390x IFUNC symbols in note sections as relocs against the FUNC symbol instead. - Combined previous patches into one which covers all ifunc supporting architectures. (#1553705) - Retire binutils-s390-ifunc-relocs-in-notes.patch - Retire binutils-x86_64-ifunc-relocs-in-notes.patch [2.30-11] - Treat relocs against s390x IFUNC symbols in note sections as relocs against the FUNC symbol instead. (#1553705) [2.30-10] - Ignore duplicate symbols generated by GOLD. (#1458003) [2.30-9] - Speed up objdump. (#1551540) [2.30-8] - Version bump to allow rebuilding and tagging in to the buildroot. [2.30-7] - Stop strip from replacing unknown relocs with null relocs. (#1545386) [2.30-6] - Fix R_AARCH64 symbols (PR 22764) (#1547781) [2.30-5] - Fix assignment of pages to segments. (PR 22758) [2.30-4] - Inject RPM_LD_FLAGS into the build. (#1541027) [2.30-3] - Fix slowdown in readelf when examining files with lots of debug information. (PR 22802) [2.30-2] - Remove support for PowerPC speculation barrier insertion. [2.30-1] - Rebase on 2.30 [2.29.1-8] - Add standards.info file to documentation distributed with the binutils package. (#1467390 and #1520899) [2.29.1-7] - Do not enable relro by default for the PowerPC64 architecture. (#1523946) [2.29.1-6] - Stop strip from crashing when deleteing relocs in a file with annobin notes. (#1520805) [2.29.1-5] - Have readelf return an exit failure status when attempting to process an empty file. (PR 22555) [2.29.1-4] - Prevent the PowerPC64 linker from triggering a seg-fault when discarding dynamic sections. (#1513014) - Prevent a seg-fault when attempting to pad a section with a NULL padding pointer. - Do not create PLT entries for AARCH64 IFUNC symbols referenced in debug sections. - Fix compile time warning messages. [2.29.1-3] - Disable PLT elision for x86/x86_64. (#1452111 and #1333481) - Fix the GOLD linkers generation of relocations for start and stop symbols. (#1500898) [2.29.1-2] - Enable GOLD for PPC64 and s390x. (#1173780) - Retire: binutils-2.20.51.0.10-sec-merge-emit.patch. (It has been redundant for a long time now...) [2.29.1-1] - Rebase on FSF binutils 2.29.1 release. - Retire: binutils-2.29-ppc64-plt-localentry0-disable.patch - Retire: binutils-2.29-non-elf-orphan-skip.patch [2.29-10] - Extend fix for PR 21884. (#1491023) [2.29-8] - Import fix for PR 21884 which stops a seg-fault in the linker when changing output format to binary during a final link. (#1491023) [2.29-7] - Annotate patches with reason and lifetime expectances. - Retire: binutils-2.24-ldforcele.patch - Retire: binutils-2.25-set-long-long.patch - Retire: binutils-2.25.1-cleansweep.patch - Retire: binutils-2.26-fix-compile-warnings.patch - Retire: binutils-2.28-ignore-gold-duplicates.patch [2.29-6] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [2.29-5] - Update ppc64 localentry0 patch with changes made by Alan Modra to the FSF binutils sources. (#1475636) [2.29-4] - Rebuild with binutils fix for ppc64le, bootstrapping (#1475636) [2.29-3] - Do not enable the PPC64 plt-localentry0 linker optimization by default. (#1475636) [2.29-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [2.29-1] - Rebase on FSF binutils 2.29. - Retire: binutils-2.20.51.0.10-ppc64-pie.patch - Retire: binutils-2.27-ld-buffer-overflow.patch - Retire: binutils-2.28-libiberty-bugfixes.patch - Retire: binutils-gnu-build-notes.patch - Retire: binutils-2.28-gas-comp_dir.patch - Retire: binutils-2.28-ppc-dynamic-relocs.patch - Retire: binutils-2.28-dynamic-section-warning.patch - Retire: binutils-2.28-aarch64-copy-relocs.patch - Retire: binutils-2.28-DW_AT_export_symbols.patch [2.28-14] - Remove -flto compile time option accidentally added to CFLAGS. [2.28-13] - Add support for displaying new DWARF5 tags. (#1472966) [2.28-12] - Correct snafu in previous delta that broke building s390 binaries. (#1472486) [2.28-11] - Fix s390 assembler so that it remove fake local symbols from its output. (#1460254) [2.28-10] - Update support for GNU Build Attribute notes to include version 2 notes. [2.28-9] - Update patch to fix AArch64 copy reloc generation. (#1452170) [2.28-8] - Ignore duplicate indirect symbols generated by the GOLD linker. (#1458003) [2.28-7] - Eliminate the generation of incorrect dynamic copy relocations on AArch64. (#1452170) [2.28-6] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild [2.28-5] - Update GNU BUILD NOTES patch. - Import FSF binutils patch to fix running readelf on debug info binaries. (#1434050) [2.28-4] - Update GNU BUILD NOTES patch. - Import FSF binutils patch to fix an abort with PowerPC dynamic relocs. [2.28-3] - Backport patch to add support for putting name, comp_dir and producer strings into the .debug_str section. (#1429389) [2.28-2] - Add support for GNU BUILD NOTEs. [2.28-1] - Rebase on FSF binutils v2.28. - Retire: binutils-2.23.52.0.1-addr2line-dynsymtab.patch - Retire: binutils-2.27-local-dynsym-count.patch - Retire: binutils-2.27-monotonic-section-offsets.patch - Retire: binutils-2.27-arm-aarch64-default-relro.patch - Retire: binutils-2.28-gold.patch - Retire: binutils-2.27-objdump-improvements.patch - Retire: binutils-2.27-dwarf-parse-speedup.patch - Retire: binutils-2.27-objdump-improvements.2.patch - Retire: binutils-2.27-arm-binary-objects.patch - Retire: binutils-2.27-ppc-fp-attributes.patch - Add patch to sync libiberty with FSF GCC mainline. (#1428310) [2.27-19] - Add support for PowerPC FP attributes. (#1422461) [2.27-18] - Fix running the ARM port of the linker on BINARY objects. (#1422577) [2.27-17] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild [2.27-16] - Install COPYING[*] files using the % license macro. (#1418430) [2.27-15] - Fix buffer overflows when printing translated messages. (#1417411) [2.27-14] - Include the filename concerned in readelf error messages. (#1412348) [2.27-13] - Another speed up for objdump when displaying source code alognside disassembly. (#1397113) [2.27-12] - Speed up objdump when displaying source code alognside disassembly. (#1397113) [2.27-11] - Fix objdumps disassembly of dynamic executables. (#1370275) [2.27-10] - Fix GOLD for ARM and AARCH64 (#1386126) [2.27-9] - Fix invocation of /sbin/ldconfig when reinstalling binutils in order to prevent warnings from rpm. (#1379030) (#1379117) [2.27-8] - Add i386pep emulation for all EFI capable CPU types. (#1376870) [2.27-7] - Use --with-sysroot=/ for native targets. This prevents the default sysroot of /usr/local//sys-root from being used, which breaks locating needed shared libaries, but still allows the --sysroot linker command line option to be effective. (#1374889) (#1377803) (#1377949) [2.27-6] - Omit building GOLD when bootstrapping. - Add a generic build requirement on gcc. - Move bison and m4 build requirements to be conditional upon building GOLD. - Add --with-sysroot configure option when building native targets. - Skip PR14918 linker test for ARM native targets. (#1374889) [2.27-5] - Add support for building the rpm with "--with bootstrap" enabled. - Retire: binutils-2.20.51.0.2-ia64-lib64.patch [2.27-4] - Properly disable the default generation of compressed debug sections. (#1366182) [2.27-3] - Put sections in a monotonically increasing order of file offset. - Allow ARM and AArch64 targets to have relro on by default. [2.27-2] - Fix computation of sh_info field in the header of .dynsym sections. [2.27-1] - Rebase on FSF binutils 2.27 release. - Retire: binutils-2.26-formatting.patch - Retire: binutils-2.26-Bsymbolic_PIE.patch - Retire: binutils-rh1312151.patch - Retire: binutils-2.26-fix-GOT-offset-calculation.patch - Retire: binutils-2.26-common-definitions.patch - Retire: binutils-2.26-x86-PIE-relocations.patch [2.26-23] - Enable support for GCC's LTO. (#1342618) [2.26-22] - Retire the copy-osabi patch. (#1252066) [2.26-21] - Fix another compile time warning, this time in tc-arm.c. (#1333695) [2.26-20] - Housekeeping: Delete retired patches. Renumber patches. - Increase version number past F24 because F24 update is blocked by a version number comparison. [2.26-16] - Import patch to fix generation of x86 relocs in PIE mode. (PR 19827) [2.26-15] - Import patch to have common symbols in an executable override definitions in shared objects (PR 19579) (#1312507) [2.26-14] - Import patch to fix x86 GOT offset calculation in 2.26 sources (PR 19601) (#1312489) [2.26-13] - Import patch to fix symbol versioning bug in 2.26 sources (PR 19698) (#1312151) [2.26-12] - Import H.J.Lu's kernel LTO patch. (#1302071) [2.26-11] - Enable -Bsymbolic and -Bsymbolic-functions to PIE. Needed by Syslinux (#1308296) [2.26-10] - Retire: binutils-2.23.2-aarch64-em.patch (#1305179) [2.26-9] - Fix indentation in bfd/elf64-s390.c, gas/config/tc-ia64.c and bfd/pe-mips.c to avoid compile time warnings. [2.26-8] - Fix indentation in bfd/coff-[i386|x86_64].c to avoid compile time warning. - Suppress GOLD's dir_caches destructor. - Suppress GOLD's Reloc_stub::Key::name function. - Suppress unused ARM architecture variations in GAS. [2.26-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild [2.26-4] - Drop the kernel patch entirely... - Retire: binutils-2.25-kernel-ld-r.patch - Retire: binutils-2.25.1-plugin-format-checking.patch [2.26-3] - Fix kernel patch for AVR targets. [2.26-2] - Fix kernel patch for PPC32 targets. [2.26-1] - Rebase on FSF binutils 2.26 release. - Retire: binutils-2.25.1-ihex-parsing.patch - Retire: binutils-2.25.1-dynamic_list.patch - Retire: binutils-2.25.1-aarch64-pr18668.patch - Retire: binutils-rh1247126.patch (#1271387) [2.25.1-9] - Prevent an infinite recursion when a plugin tries to claim a file in an unrecognised format. (#1174065) [2.25.1-8] - Enable little endian support when configuring for 64-bit PowerPC. (#1275709) [2.25.1-7] - Fix incorrectly generated binaries and DSOs on PPC platforms. (#1247126) [2.25.1-6] - Fix handling of AArch64 local GOT relocs. (#1262091) [2.25.1-5] - Do not enable deterministic archives by default (#1195883) [2.25.1-4] - Qt linked with gold crash on startup (#1193044) [2.25.1-3] - Fix the parsing of corrupt iHex files. - Resovles: 1250141 [2.25.1-2] - Retire: binutils-2.25-aarch64-fPIC-error.patch - Resovles: 1249969 [2.25.1-1] - Rebase on FSF binutils 2.25.1 release. - Retire: binutils-2.25-x86_64-pie-relocs.patch [2.25-12] - For AArch64 issue an error message when attempting to resolve a PC-relative dynamic reloc in a non-PIC object file. - Related: 1232499 [2.25-11] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild [2.25-10] - Make the AArch64 GOLD port use 64K pages. - Resolves: BZ #1225156 and BZ #1215546 [2.25-8] - Require the coreutils so that touch is available. - Resolves: BZ #1215242 [2.25-7] - Enable building GOLD for the AArch64. - Resolves: BZ #1203057 [2.25-6] - Remove the windmc manual page, so that it is not installed. - Resolves: BZ #1203606 [2.25-6] - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code [2.25-5] - Fix scanning for object symbols in binutils-2.25-kernel-ld-r.patch - Resolves: BZ #1149660 [2.25-4] - Import the fix for PR ld/17827 from FSF mainline. - Resolves: BZ #1182511 [2.25-3] - Suppress building of GOLD for PPC, for now... - Resolves: BZ #1173780 [ 2.25-2] - Reflect configure.info/standards.info having been dropped (RHBZ#1177359). [2.25-1] - Rebase on FSF binutils 2.25 release. - Retire: binutils-2.24-s390-mkopc.patch - Retire: binutils-2.24-elfnn-aarch64.patch - Retire: binutils-2.24-DW_FORM_ref_addr.patch - Retire: binutils-2.24-set-section-macros.patch - Retire: binutils-2.24-fake-zlib-sections.patch - Retire: binutils-2.24-arm-static-tls.patch - Retire: binutils-2.24-fat-lto-objects.patch - Retire: binutils-2.24-symbol-warning.patch - Retire: binutils-2.24-aarch64-ld-shared-non-PIC-xfail.patch - Retire: binutils-2.24-weak-sym-merge.patch - Retire: binutils-2.24-indirect-chain.patch - Retire: binutils-2.24-aarch64-fix-final_link_relocate.patch - Retire: binutils-2.24-aarch64-fix-gotplt-offset-ifunc.patch - Retire: binutils-2.24-aarch64-fix-static-ifunc.patch - Retire: binutils-2.24-aarch64-fix-ie-relax.patch - Retire: binutils-HEAD-change-ld-notice-interface.patch - Retire: binutils-2.24-corrupt-binaries.patch - Retire: binutils-2.24-strings-default-all.patch - Retire: binutils-2.24-corrupt-ar.patch [2.24-29] - Fix problems with the ar program reported in FSF PR 17533. Resolves: BZ #1162666, #1162655 [2.24-28] - Fix buffer overrun in ihex parser. - Fix memory corruption in previous patch. - Consoldiate corrupt handling patches into just one patch. - Default strings command to using -a. [2.24-27] - Fix memory corruption bug introduced by the previous patch. [2.24-26] - Import patches for PR/17510 and PR/17512 to fix reading corrupt ELF binaries. Resolves: BZ #1157276, #1157277 [2.24-25] - Import patch from mainline to fix seg-fault when reading corrupt group headers. Resolves: BZ #1157276 [2.24-24] - Import patch from mainline to fix seg-fault when reading corrupt srec fields. Resolves: BZ #1156272 [2.24-23] - aarch64: increase common page size to 64KB - binutils-HEAD-change-ld-notice-interface.patch: backport fix from HEAD that fixes LTO + ifunc when using ld.bfd instead of gold. - binutils-2.24-aarch64-fix-gotplt-offset-ifunc.patch binutils-2.24-aarch64-fix-static-ifunc.patch, split elfnn-aarch64 patches into upstream git commits, to make it easier to figure out what's backported already - binutils-2.24-aarch64-fix-ie-relax.patch: add fix for gd to ie relaxation when target register is >16 (pretty unlikely, but...) [2.24-22] - bfd/elfnn-aarch64.c: use correct offsets in final_link_relocate Resolves: BZ #1126199 [2.24-21] - Import patch from mainline to fix indirect symbol resolution. Resolves: BZ #1123714 [2.24-20] - Enable deterministic archives by default. Resolves: BZ #1124342 [2.24-19] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild [2.24-18] - Correct elf_merge_st_other arguments for weak symbols. Resolves: #1126436 [2.24-17] - Enable gold for PPC. [2.24-16] - Backport a couple LTO testsuite fixes from HEAD. Default to -ffat-lto-objects for some ld tests, which was the default in gcc 4.8, but changed in 4.9, and resulted in some failures. - Add STATIC_TLS flag on ARM when IE relocs are emitted in a shared library. Also fix up offsets in the testsuite resulting from the addition of the flags. - XFail some ld tests on AArch64 to cut some of the spurious testsuite failures down. [2.24-15] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild [2.24-14] - Fix detection of little endian PPC64 binaries. (#1095885) [2.24-13] - Fix detection of uncompressed .debug_str sections. (#1082370) [2.24-12] - Fix compiling using gcc 4.9 (#1087374) [2.24-11] - Use {version} in Source string. Delete unused patches. [2.24-10] - Fix decoding of abbrevs using a DW_FORM_ref_addr attribute. (#1056797) [2.24-9] - Import fixes on 2.24 branch that affect AArch64 IFUNC and PLT handling. [2.24-8] - Fix building opcodes library with -Werror=format-security. (#1037026) [2.24-7] - Update to official binutils 2.24 release. [2.24-6] - Update binutils 2.24 snapshot. [2.24-5] - Update binutils 2.24 snapshot. - Switch to using GIT instead of CVS to access the FSF repository. - Retire binutils-2.24-nm-dynsym.patch [2.24-4] - Update binutils 2.24 snapshot. - Stop NM from halting if it encounters a file with no symbols when displaying dynamic symbols in multiple files. (#1022845) [2.24-3] - Update binutils 2.24 snapshot. [2.24-2] - Update binutils 2.24 snapshot. [2.24-1] - Rebase on binutils 2.24 snapshot. - Retire: binutils-2.23.52.0.1-64-bit-thin-archives.patch, - binutils-2.23.52.0.1-as-doc-texinfo-fixes.patch, - binutils-2.23.52.0.1-check-regular-ifunc-refs.patch, - binutils-2.23.2-ld-texinfo-fixes.patch, - binutils-2.23.2-bfd-texinfo-fixes.patch, - binutils-2.23.2-dwz-alt-debuginfo.patch - binutils-2.23.2-s390-gas-machinemode.patch - binutils-2.23.2-xtensa.memset.patch - binutils-2.23.2-s390-zEC12.patch - binutils-2.23.2-arm-add-float-abi-to-e_flags.patch - binutils-2.23.51.0.1-readelf-flush-stdout.patch [2.23.88.0.1-14] - Make readelf flush stdout before emitting an error or warning message. (#1005182) [2.23.88.0.1-13] - Add the hard-float/soft-float ABI flag as appropriate for ET_DYN/ET_EXEC in EABI_VER5. - Fix last changelog entry, it was release 12, not 14. [2.23.88.0.1-12] - Add support for the s/390 zEC12 architecture to gas. (#996395) [2.23.88.0.1-11] - Fix typos in invocations of memset in elf32-xtensa.c [2.23.88.0.1-10] - disable -Werror on ppc64p7 for #918189 [2.23.88.0.1-9] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild [2.23.88.0.1-8] - Add support for the S/390 .machinemode pseudo-op to GAS. (#986031) [2.23.88.0.1-7] - Add a requirement for libstdc++-static when running the GOLD testsuite. [2.23.88.0.1-6] - Fix building of aarch64 targets after applying the patch for kernel ld -r modules. - Fix building when "--with debug" is specified. [2.23.88.0.1-5] - Add support for the alternative debuging files generated by the DWZ program. (#965255) [2.23.88.0.1-4] - Import H.J.'s patch to add support for kernel ld -r modules. - Fix errors reported by version 5.0 of texinfo when parsing bfd documentation. [2.23.88.0.1-3] - Fix errors reported by version 5.0 of texinfo when parsing assembler documentation. [2.23.88.0.1-2] - Fix errors reported by version 5.0 of texinfo when parsing linker documentation. [2.23.88.0.1-1] - Switch over to basing sources on the official FSF binutils releases. - Retire binutils-2.23.52.0.1-revert-pr15149.patch. - Update binutils-2.22.52.0.1-relro-on-by-default.patch and binutils-2.23.52.0.1-as-doc-texinfo-fixes.patch. [2.23.52.0.1-10] - Import patch for FSF mainline PR 15371 to fix ifunc references in shared libraries. (#927818) [2.23.52.0.1-9] - Enhance opncls.c:find_separate_debug_file() to look in Fedora specific locations. - Enhance dwarf2.c:find_line() to work with shared libraries. (#920542) [2.23.52.0.1-8] - Fix addr2line to use dynamic symbols if it failed to canonicalize ordinary symbols. (#920542) [2.23.52.0.1-7] - Change requirement to explicitly depend upon /usr/bin/pod2man. (#920545) [2.23.52.0.1-6] - Require perl for pod2man for building man pages. (#920545) [2.23.52.0.1-5] - Reverts patch for PR15149 - prevents report weak DT_NEEDED symbols. (#918003) [2.23.52.0.1-4] - Enable building of GOLD for the ARM. (#908966) [2.23.52.0.1-3] - Fix errors reported by version 5.0 of texinfo when parsing assembler documentaion. [2.23.52.0.1-2] - Fix the creation of index tables in 64-bit thin archives. (#915411) [2.23.52.0.1-1] - Rebase on 2.23.51.0.1 release. (#916516) [2.23.51.0.9-2] - Enable 64-bit BFD for aarch64. (#908904) [2.23.51.0.9-1] - Rebase on 2.23.51.0.9 release. (#907089) - Retire binutils-2.23.51.0.8-arm-whitespace.patch. [2.23.51.0.8-4] - Allow more whitespace in ARM instructions. (#892261) [2.23.51.0.8-3] - Add bc to BuildRequires when running the testsuite. (#895321) [2.23.51.0.8-2] - Add runtime link with libdl. (#889134) [2.23.51.0.8-1] - Rebase on 2.23.51.0.8 release. (#890382) [2.23.51.0.7-1] - Rebase on 2.23.51.0.7 release. (#889432) [2.23.51.0.6-1] - Rebase on 2.23.51.0.6 release. (#880508) [2.23.51.0.5-1] - Rebase on 2.23.51.0.5 release. (#876141) - Retire binutils-2.23.51.0.3-arm-ldralt.patch [2.23.51.0.3-3] - Rename ARM LDRALT instruction to LDALT. (#869025) PR/14575 [2.23.51.0.3-2] - Provides: bundled(libiberty) [2.23.51.0.3-1] - Rebase on 2.23.51.0.3 release. (#858560) [2.23.51.0.2-1] - Rebase on 2.23.51.0.2 release. (#856119) - Retire binutils-2.23.51.0.1-gold-keep.patch and binutils-rh805974.patch. [2.23.51.0.1-4] - Correctly handle PLTOFF relocs for s390 IFUNCs. [2.23.51.0.1-3] - apply F17 commit cd2fda5 to honour {powerpc64} macro (#834651) [2.23.51.0.1-2] - Make GOLD honour KEEP directives in linker scripts (#8333355) [2.23.51.0.1-1] - Rebase on 2.23.51.0.1 release. (#846433) - Retire binutils-2.22.52.0.4-dwz.patch, binutils-2.22.52.0.4-ar-4Gb.patch, binutils-2.22.52.0.4-arm-plt-refcount.patch, binutils-2.22.52.0.4-s390-64bit-archive.patch. [2.22.52.0.4-8] - Make the binutils-devel package depend upon the binutils package. (#845082) [2.22.52.0.4-7] - Disable checks that config.h is included before system headers. (#845084) [2.22.52.0.4-6] - Use 64bit indicies in archives for s390 binaries. (#835957) [2.22.52.0.4-5] - Catch attempts to create a broken symbol index with archives > 4Gb in size. (#835957) [2.22.52.0.4-4] - Import fix for ld/14189. (#829311) [2.22.52.0.4-3] - Fix handling of archives > 4Gb in size by importing patch for PR binutils/14302. (#835957) [2.22.52.0.4-2] - Add minimal dwz -m support. [2.22.52.0.4-1] - Rebase on 2.22.52.0.4 release. (#829027) [2.22.52.0.3-1] - Rebase on 2.22.52.0.3 release. (#819823) [2.22.52.0.2-1] - Rebase on 2.22.52.0.2 release. (#816514) - Retire binutils-2.22.52.0.1-weakdef.patch, binutils-2.22.52.0.1-ld-13621.patch, binutils-rh797752.patch, binutils-2.22.52.0.1-x86_64-hidden-ifunc.patch, binutils-2.22.52.0.1-tsx.patch and binutils-2.22.52.0.1-hidden-ifunc.patch. - Update binutils-2.22.52.0.1-reloc-on-by-default.patch. [2.22.52.0.1-12] - Include demangle.h in the devel rpm. [2.22.52.0.1-11] - Enable -zrelro by default for RHEL 7+. (#807831) [2.22.52.0.1-10] - Fix up handling of hidden ifunc relocs on i?86 [2.22.52.0.1-9] - Fix c++filt docs (2nd instance) (#797752) [2.22.52.0.1-8] - Fix up handling of hidden ifunc relocs on x86_64 - Add Intel TSX support [2.22.52.0.1-7] - Enable -zrelro by default. (#621983 #807831) [2.22.52.0.1-6] - Fix c++filt docs (#797752) [2.22.52.0.1-5] - Add upstream ld/13621 'dangling global hidden symbol in symtab' patch. [2.22.52.0.1-4] - Actually apply the patch [2.22.52.0.1-3] - Add upstream weakdef.patch to fix RH #788107 [2.22.52.0.1-2] - Drat - forgot to upload the new tarball. Now done. [2.22.52.0.1-1] - Rebase on 2.22.52 release. - Remove build-id.patch and gold-casts.patch as they are included in the 2.22.52 sources. [2.22-4] - Fix bug in GOLD sources parsing signed integers in command line options. [2.22-3] - Add casts for building gold with 4.7 version of gcc. [2.22-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild [2.22-1] - Rebase on 2.22 release. [2.21.53.0.2-2] - Rebuild libopcodes.a with -fPIC. [2.21.53.0.2-1] - Rebase on 2.21.53.0.2 tarball. Delete unneeded patches. (BZ 728677) [2.21.53.0.1-3] - Update libiberty demangling. (BZ 727453) [2.21.53.0.1-2] - Import Jakub Jelinek's patch to add support for displaying the contents of .debug_macro sections. [2.21.53.0.1-1] - Rebase on 2.21.53.0.1 tarball. Delete unneeded patches. (BZ 712668) [2.21.52.0.1-5] - Import fix for PR ld/12921. [2.21.52.0.1-4] - Run "alternatives --auto" to restore ld symbolic link if it was manually configured. (BZ 661247) [2.21.52.0.1-3] - Fix seg-fault attempting to find a function name without a symbol table. (BZ 713471) [2.21.52.0.1-2] - Import fix for PR ld/12851 (BZ 711268) [2.21.52.0.1-1] - Rebase on 2.21.52.0.1 tarball. (BZ 712025) [2.21.51.0.9-1] - Rebase on 2.21.51.0.9 tarball. (BZ 703105) [2.21.51.0.8-3] - Add ARM to BFD checks [2.21.51.0.8-2] - Delete plugins patch - enable plugins via configure option. [2.21.51.0.8-1] - Rebase on 2.21.51.0.8 tarball. [2.21.51.0.7-1] - Rebase on 2.21.51.0.7 tarball. [2.21.51.0.6-2] - Enable gold plugins. (BZ 682852) [2.21.51.0.6-1] - Rebase on 2.21.51.0.6 tarball. [2.21.51.0.5-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild [2.21.51.0.5-3] - Readd --build-id fix patch. (PR ld/12451) [2.21.51.0.5-2] - fix build on non-gold arches like s390(x) where both ld and ld.bfd is installed [2.21.51.0.5-1] - Rebase on 2.21.51.0.5 tarball. - Delete redundant patches. - Fix gold+ld configure command line option. [2.20.51.0.12-2] - "no" is not valid option for --enable-gold [2.20.51.0.12-1] - Rebase on 2.20.51.0.12 tarball. (BZ 582160) [2.20.51.0.11-1] - Rebase on 2.20.51.0.11 tarball. (BZ 631771) [2.20.51.0.10-3] - Allow ^ and ! characters in linker script wildcard patterns. (BZ 621742) [2.20.51.0.10-2] - Fix seg fault in sec_merge_emit(). (BZ 623687) [2.20.51.0.10-1] - Rebase on 2.20.51.0.10 tarball. - Import GOLD sources from binutils mainline as of 10 Aug 2010. [2.20.51.0.7-5] - Rename the binutils-static package to binutils-devel in line with the Fedora packaging guidelines. [2.20.51.0.7-4] - Allow GOLD linker to parse "-l" directives inside INPUT statements in linker scripts. (BZ 600553) [2.20.51.0.7-3] - Allow unique symbols in archive maps. [2.20.51.0.7-2] - Merge binutils-devel package into binutils-static package. (BZ 576300) [2.20.51.0.7-1] - Rebase on 2.20.51.0.7 tarball. - Delete redundant patches: binutils-2.20.51.0.2-add-needed.patch, binutils-2.20.51.0.2-do-not-set-ifunc.patch, binutils-2.20.51.0.2-enable-gold.patch, binutils-2.20.51.0.2-gas-expr.patch, binutils-2.20.51.0.2-ifunc-ld-s.patch, binutils-2.20.51.0.2-lwp.patch, binutils-2.20.51.0.2-ppc-hidden-plt-relocs.patch, binutils-2.20.51.0.2-x86-hash-table.patch, - Do not allow unique symbols to be bound locally. (PR ld/11434) - Add support for DWARF4 debug information. [2.20.51.0.2-17] - Do not set ELFOSABI_LINUX on binaries which just link to IFUNC using DSOs. (BZ 568941) [2.20.51.0.2-16] - Copy the OSABI field in ELF headers, if set. (BZ 568921) [2.20.51.0.2-15] - Create separate static and devel sub-packages. (BZ 556040) [2.20.51.0.2-14] - Fix seg-fault when linking mixed x86 and x86_64 binaries. (BZ 487472) [2.20.51.0.2-13] - Add a requirement for the coreutils. (BZ 557006) [2.20.51.0.2-12] - Fix --no-copy-dt-needed so that it will not complain about weak references. [2.20.51.0.2-11] - Add missing part of PR 11088 patch. [2.20.51.0.2-10] - Apply patch for PR 11088. (BZ 544149) [2.20.51.0.2-9] - Apply patch for PR 10856. (BZ 544358) [2.20.51.0.2-8] - Build gold only for x86 flavors until others are tested. [2.20.51.0.2-7] - Add support for building gold. [2.20.51.0.2-5] - Fix up --copy-dt-needed-entries default. (Nick Clifton) [2.20.51.0.2-4] - Fix ld -s with IRELATIVE relocations. (BZ 533321, PR ld/10911) - Add AMD Orochi LWP support, fix FMA4 support. [2.20.51.0.2-3] - Rename --add-needed to --copy-dt-needed-entries and improve error message about unresolved symbols in DT_NEEDED DSOs. [2.20.51.0.2-2] - Fix rpm --excludedocs (BZ 515922). - Fix spurious scriplet errors by `exit 0'. (BZ 517979, Nick Clifton) [2.20.51.0.2-1] - Rebase on 2.20 tarball. - Remove redundant moxie patch. - Remove redundant unique is global patch. - Remove redundant cxxfilt java doc patch. [2.19.51.0.14-32] - Remove spurious description of nonexistent --java switch for cxxfilt. [2.19.51.0.14-31] - Fix strip on objects with STB_GNU_UNIQUE symbols. (BZ 515700, PR binutils/10492) [2.19.51.0.14-30] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild [2.19.51.0.11-28] - Rebase sources on 2.19.51.0.14 tarball. Gain fixes for PRs 10429 and 10433. [2.19.51.0.11-28] - Rebase sources on 2.19.51.0.13 tarball. Remove redundant orphan section placement patch. (BZ 512937) [2.19.51.0.11-27] - Add patch to allow moxie target to build, and hence --enable-targets=all to work. [2.19.51.0.11-26] - Import orphan section placement patch from mainline. (BZ 510384) [2.19.51.0.11-25] - Fix build-id patch to avoid memory corruption. (BZ 501582) [2.19.51.0.11-24] - Provide uuencode output of the testsuite results. [2.19.51.0.11-23] - Rebase sources on the 2.19.51.0.11 tarball. [2.19.51.0.10-22] - Rebase sources on the 2.19.51.0.10 tarball. [2.19.51.0.2-21] - Do not attempt to set execute permission on non-regular files. (BZ 503426) [2.19.51.0.2-20] - Fix .cfi_* skip over >= 64KB of code. (PR gas/10255) [2.19.51.0.2-19] - Import fix for binutils PR #9938. (BZ 500295) [2.19.51.0.2-18] - Update IBM Power 7 support patch to fix tlbilx opcode. (BZ 494718) [2.19.51.0.2-17] - Add glibc-static to BuildRequires when running the testsuite. [2.19.51.0.2-16] - Add IBM Power7 support. (BZ 487887) [2.19.51.0.2-15] - Add IFUNC support. (BZ 465302) [2.19.51.0.2-14] - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild [2.19.50.0.2-13] - Rediff the symbolic-envvar-revert patch to comply with rpm patch --fuzz=0. [2.19.51.0.2-12] - Rebase sources on 2.19.51.0.2 tarball. Remove linkonce-r-discard and gcc-expect-table patches. [2.19.50.0.1-11] - Fix .eh_frame_hdr build also for .gcc_except_table LSDA refs (BZ 461675). [2.19.50.0.1-10] - Only require dejagnu if the testsuites are going to be run. (BZ 481169) [2.19.50.0.1-8] - Add build-id patch to ensure that section contents are incorporated into a build id. (BZ 472152) [2.19.50.0.1] - Rebase sources on 2.19.50.0.1 tarball. Update all patches, trimming those that are no longer needed. [2.18.50.0.9-7] - Fix %{_prefix}/include/bfd.h on 32-bit hosts due the 64-bit BFD target support from 2.18.50.0.8-2 (BZ 468495). [2.18.50.0.9-6] - binutils-devel now requires zlib-devel (BZ 463101 comment 5). - Fix complains on .gnu.linkonce.r relocations to their discarded .gnu.linkonce.t counterparts. [2.18.50.0.9-5] - Remove %makeinstall to comply with the spu-binutils review (BZ 452211). [2.18.50.0.9-4] - Fix *.so scripts for multilib linking (BZ 463101, suggested by Jakub Jelinek). [2.18.50.0.9-3] - Provide libbfd.so and libopcodes.so for automatic dependencies (BZ 463101). - Fix .eh_frame_hdr build on C++ files with discarded common groups (BZ 458950). - Provide --build and --host to fix `rpmbuild --target' biarch builds. - Include %{binutils_target}- filename prefix for binaries for cross builds. - Fix multilib conflict on %{_prefix}/include/bfd.h's BFD_HOST_64BIT_LONG_LONG. [2.18.50.0.9-2] - Package review, analysed by Jon Ciesla and Patrice Dumas (BZ 225615). - build back in the sourcedir without problems as gasp is no longer included. - Fix the install-info requirement. - Drop the needless gzipping of the info files. - Provide Obsoletes versions. - Use the %configure macro. [2.18.50.0.9-1] - Update to 2.18.50.0.9. - Drop the ppc-only spu target pre-build stage (BZ 455242). - Drop parsing elf64-i386 files for kdump PAE vmcore dumps (BZ 457189). - New .spec BuildRequires zlib-devel (/-static) for compressed sections. - Update .spec Buildroot to be more unique. [2.18.50.0.8-2] - Fix parsing elf64-i386 files for kdump PAE vmcore dumps (BZ 457189). - Turn on 64-bit BFD support for i386, globally enable AC_SYS_LARGEFILE. - `--with debug' builds now with --disable-shared. - Removed a forgotten unused ld/eelf32_spu.c workaround from 2.18.50.0.8-1. [2.18.50.0.8-1] - Update to 2.18.50.0.8. - Drop the .clmul -> .pclmul renaming backport. - Add %{binutils_target} macro to support building cross-binutils. (David Woodhouse) - Support `--without testsuite' to suppress the testsuite run. - Support `--with debug' to build without optimizations. - Refresh the patchset with fuzz 0 (for new rpmbuild). - Enable the spu target on ppc/ppc64 (BZ 455242). [2.18.50.0.6-4] - include the `dist' tag in the Release number - libbfd.a symbols visibility is now hidden (for #447426, suggested by Jakub) [2.18.50.0.6-3] - rebuild libbfd.a with -fPIC for inclusion into shared libraries (#447426) [2.18.50.0.6-2] - backport .clmul -> .pclmul renaming [2.18.50.0.6-1] - update to 2.18.50.0.6 - Intel AES, CLMUL, AVX/FMA support [2.18.50.0.4-2] - revert aranges optimization (Alan Modra, BZ#5303, BZ#5755) - fix ld-shared testcase for GCC 4.3 (H.J. Lu) [2.18.50.0.4-1] - update to 2.18.50.0.4 [2.18.50.0.3-2] - Autorebuild for GCC 4.3 [2.18.50.0.3-1] - update to 2.18.50.0.3 - fix build with recent makeinfo (#415271) [2.17.50.0.18-1] - update to 2.17.50.0.18 - GPLv3+ - preserve .note.gnu.build-id in objcopy --only-keep-debug (#251935) - fix sparc64/alpha broken by --build-id patch (#252936) - update License tag - fix ld crash with --build-id and non-ELF output format (Alan Modra, BZ#4923) [2.17.50.0.17-7] - fix ppc32 secure PLT detection (Alan Modra) [2.17.50.0.17-6] - rebuilt to make sure even libbfd.so and libopcodes.so aren't broken by #249435 [2.17.50.0.17-5] - add .note.gnu.build-id into default linker script (#249435) [2.17.50.0.17-4] - don't kill the %{_gnu} part of target name on arm (Lennert Buytenhek, #243516) - create just one PT_NOTE segment header for all consecutive SHT_NOTE sections [2.17.50.0.17-3] - fix for ld --build-id [2.17.50.0.17-2] - ld --build-id support [2.17.50.0.17-1] - update to 2.17.50.0.17 [2.17.50.0.16-1] - update to 2.17.50.0.16 [2.17.50.0.12-4] - fix linking non-ELF input objects into ELF output (#235747) [2.17.50.0.12-3] - don't require matching ELF_OSABI for target vecs with ELFOSABI_NONE, only prefer specific osabi target vecs over the generic ones (H.J.Lu, #230964, BZ#3826) - build libbfd.so and libopcodes.so with -Bsymbolic-functions [2.17.50.0.12-2] - ignore install-info errors from scriptlets (#223678) [2.17.50.0.12-1] - update to 2.17.50.0.12 - revert the misdesigned LD_SYMBOLIC{,_FUNCTIONS} env var support, only support -Bsymbolic/-Bsymbolic-functions/--dynamic-list* [2.17.50.0.9-1] - update to 2.17.50.0.9 - fix tekhex reader [2.17.50.0.8-2] - fix --as-needed on ppc64 (#219629) [2.17.50.0.8-1] - update to 2.17.50.0.8 - initialize frch_cfi_data (BZ#3607) [2.17.50.0.7-1] - update to 2.17.50.0.7 - .cfi_personality and .cfi_lsda directives, per subsection .cfi_* directives, better .eh_frame CIE merging [2.17.50.0.6-3] - fix popcnt instruction assembly and disassembly on amd64 (#214767) [2.17.50.0.6-2] - update to 2.17.50.0.6 - fix for section relative linker script defined symbols in empty sections (#207598, BZ#3267) - fix handling of DW_CFA_set_loc in .eh_frame optimizations - fix R_PPC_{PLT,GOT{,_TLSGD,_TLSLD,_TPREL,_DTPREL}}16_HA relocation handling with weak undefined symbols (Alan Modra, #211094) [2.17.50.0.3-6] - fix multilib conflict in %{_prefix}/include/bfd.h [2.17.50.0.3-5] - fix efi-app-ia64 magic number (#206002, BZ#3171) [2.17.50.0.3-4] - link libopcodes*.so against libbfd*.so (#202327) - split *.a and header files into binutils-devel [2.17.50.0.3-3] - on ppc and ppc64 increase default -z commonpagesize to 64K (#203001) [2.17.50.0.3-2] - do not infer x86 arch implicitly based on instruction in the input (#200330) [2.17.50.0.3-1] - update to 2.17.50.0.3 [2.17.50.0.2-8] - add support for new AMDFAM10 instructions (#198281, IT#97662) - add -march=/-mtune= gas support on x86/x86-64 - x86/x86-64 nop insn improvements - fix DT_GNU_HASH shift count value computation [2.17.50.0.2-7] - add DT_GNU_HASH support (--hash-style=gnu and --hash-style=both ld options) [2.17.50.0.2-4] - fix i?86 TLS GD->IE transition in executables (#196157, BZ#2513) [2.17.50.0.2-3] - fix two places in ld that misbehaved with MALLOC_PERTURB_=N - fix .tls_common handling in relocatable linking [2.17.50.0.2-2] - fix --as-needed (Alan Modra, #193689, BZ#2721) [2.17.50.0.2-1] - update to 2.17.50.0.2 - update from CVS to 20060601 - speed up the ELF linker by caching the result of kept section check (H.J. Lu) [2.17.50.0.1-1] - update to 2.17.50.0.1 [2.16.91.0.6-6] - fix ld error message formatting, so that collect2 parser can parse it again for g++ -frepo (#187142) [2.16.91.0.6-4] - fix relaxation of TLS GD to LE on PPC (#184590) [2.16.91.0.6-3] - support DW_CFA_val_{offset,offset_sf,expression} in readelf/objdump [2.16.91.0.6-2] - add MNI support on i?86/x86_64 (#183080) - support S signal frame augmentation flag in .eh_frame, add .cfi_signal_frame support (#175951, PR other/26208, BZ#300) [2.16.91.0.6-1] - update to 2.16.91.0.6 - fix ppc64 --gc-sections - disassembler fixes for x86_64 cr/debug regs - fix linker search order for DT_NEEDED libs [2.16.91.0.5-1] - update to 2.16.91.0.5 - don't error about .toc1 references to discarded sectiosn on ppc64 (#175944) [2.16.91.0.3-2] - put .gnu.linkonce.d.rel.ro.* sections into relro region * Fri Dec 09 2005 Jesse Keating - rebuilt [2.16.91.0.3-1] - update to 2.16.91.0.3 - add .weakref support (Alexandre Oliva, #115157, #165728) [2.16.91.0.2-4] - install-info also configure.info - update standards.texi from gnulib (#165530) [2.16.91.0.2-3] - update to 20050816 CVS - better fix for ld-cdtest - fix symbol version script parsing [2.16.91.0.2-2] - don't complain about relocs to discarded sections in ppc32 .got2 sections (Alan Modra, PR target/17828) [2.16.91.0.2-1] - update to 2.16.91.0.2 [2.16.91.0.1-3] - fix buffer overflow in readelf ia64 unwind printing code - use vsnprintf rather than vsprintf in gas diagnostics (Tavis Ormandy) - fix ld-cdtest when CFLAGS contains -fexceptions [2.16.91.0.1-2] - update to 20050720 CVS [2.16.91.0.1-1] - update to 2.16.91.0.1 plus 20050708 CVS [2.16.90.0.3-1] - update to 2.16.90.0.3 - update to 20050615 CVS - ppc32 secure PLT support (Alan Modra) - further bfd/readelf robustification [2.15.94.0.2.2-4] - further bfd robustification (CAN-2005-1704, #158680) [2.15.94.0.2.2-3] - further objdump and readelf robustification (CAN-2005-1704, #158680) [2.15.94.0.2.2-2] - bfd and readelf robustification (CAN-2005-1704, #158680) [2.15.94.0.2.2-1] - update to 2.15.94.0.2.2 - speed up walk_wild_section (Robert O'Callahan) [2.15.94.0.2-4] - rebuilt with GCC 4 [2.15.94.0.2-3] - fix buffer overflows in readelf (#149506) - move c++filt to binutils from gcc-c++, conflict with gcc-c++ < 4.0 (#86333) [2.15.94.0.2-1] - update to 2.15.94.0.2 - fix .note.GNU-stack/PT_GNU_STACK computation in linker on ppc64 (#147296) - fix stripping of binaries/libraries that have empty sections right before .dynamic section (with the same starting address; #144038) - handle AS_NEEDED (...) in linker script INPUT/GROUP [2.15.92.0.2-11] - fix a longstanding -z relro bug [2.15.92.0.2-10] - avoid unnecessary gap with -z relro showing on i686 libc.so - ppc64 --emit-relocs fix (Alan Modra) - don't crash if STT_SECTION symbol has incorrect st_shndx (e.g. SHN_ABS, as created by nasm; #142181) - don't try to make absptr LSDAs relative if they don't have relocations against them (Alan Modra, #141162) [2.15.92.0.2-5.EL4] - fix ar xo (#104344) [2.15.92.0.2-5] - fix --just-symbols on ppc64 (Alan Modra, #135498) [2.15.92.0.2-4] - fix code detecting matching linkonce and single member comdat group sections (#133078) [2.15.92.0.2-3] - revert Sep 09 change to make ppc L second argument e.g. for tlbie non-optional - fix stripping of prelinked binaries and libraries (#133734) - allow strings(1) on 32-bit arches to be used again with > 2GB files (#133555) [2.15.92.0.2-2] - update to 2.15.92.0.2 - change ld's ld.so.conf parser to match ldconfig's (#129340) [2.15.91.0.2-9] - avoid almost 1MB (sparse) gaps in the middle of -z relro libraries on x86-64 (Andreas Schwab) - fix -z relro to make sure end of PT_GNU_RELRO segment is always COMMONPAGESIZE aligned [2.15.91.0.2-8] - fix linker segfaults on input objects with SHF_LINK_ORDER with incorrect sh_link (H.J.Lu, Nick Clifton, #130198, BZ #290) [2.15.91.0.2-7] - resolve all undefined ppc64 .* syms to the function bodies through .opd, not just those used in brach instructions (Alan Modra) [2.15.91.0.2-6] - fix ppc64 ld --dotsyms (Alan Modra) [2.15.91.0.2-5] - various ppc64 make check fixes when using non-dot-syms gcc (Alan Modra) - fix --gc-sections - on ia64 create empty .gnu.linkonce.ia64unw*.* sections for .gnu.linkonce.t.* function doesn't need unwind info [2.15.91.0.2-4] - kill ppc64 dot symbols (Alan Modra) - objdump -d support for objects without dot symbols - support for overlapping ppc64 .opd entries [2.15.91.0.2-3] - fix a newly introduced linker crash on x86-64 [2.15.91.0.2-2] - BuildRequire bison and macroise buildroot - from Steve Grubb [2.15.91.0.2-1] - update to 2.15.91.0.2 - BuildRequire flex (#117763) [2.15.90.0.3-7] - use lib64 instead of lib directories on ia64 if %{_lib} is set to lib64 by rpm [2.15.90.0.3-6] - fix a bug introduced in the ++/-- rejection patch from 2.15.90.0.3 (Alan Modra) [2.15.90.0.3-5] - fix s390{,x} .{,b,p2}align handling - ppc/ppc64 testsuite fix [2.15.90.0.3-4] - -z relro ppc/ppc64/ia64 fixes - change x86-64 .plt symbol st_size handling to match ia32 - prettify objdump -d output [2.15.90.0.3-3] - several SPARC fixes [2.15.90.0.3-2] - yet another fix for .tbss handling [2.15.90.0.3-1] - update to 2.15.90.0.3 [2.15.90.0.1.1-2] - update to 20040326 CVS - fix ppc64 weak .opd symbol handling (Alan Modra, #119086) - fix .tbss handling bug introduced [2.15.90.0.1.1-1] - update to 2.15.90.0.1.1 [2.14.90.0.8-8] - with -z now without --enable-new-dtags create DT_BIND_NOW dynamic entry in addition to DT_FLAGS_1 with DF_1_NOW bit set [2.14.90.0.8-7] - fix -pie on ppc32 [2.14.90.0.8-6] - clear .plt sh_entsize on sparc32 - put whole .got into relro area with -z now -z relro * Fri Feb 13 2004 Elliot Lee - rebuilt [2.14.90.0.8-4] - fix -pie on IA64 [2.14.90.0.8-3] - fix testcases on s390 and s390x [2.14.90.0.8-2] - fix testcases on AMD64 - fix .got's sh_entsize on IA32/AMD64 - set COMMONPAGESIZE on s390/s390x - set COMMONPAGESIZE on ppc32 (Alan Modra) [2.14.90.0.8-1] - update to 2.14.90.0.8 [2.14.90.0.7-4] - fix -z relro on 64-bit arches [2.14.90.0.7-3] - fix some bugs in -z relro support [2.14.90.0.7-2] - -z relro support, reordering of RW sections [2.14.90.0.7-1] - update to 2.14.90.0.7 [2.14.90.0.6-4] - fix assembly parsing of foo=(.-bar)/4 (Alan Modra) - fix IA-64 assembly parsing of (p7) hint @pause [2.14.90.0.6-3] - don't abort on some linker warnings/errors on IA-64 [2.14.90.0.6-2] - fix up merge2.s to use .p2align instead of .align [2.14.90.0.6-1] - update to 2.14.90.0.6 - speed up string merging (Lars Knoll, Michael Matz, Alan Modra) - speed up IA-64 local symbol handling during linking [2.14.90.0.5-7] - avoid ld -s segfaults introduced in 2.14.90.0.5-5 (Dmitry V. Levin, [2.14.90.0.5-6] - build old demangler into libiberty.a (#102268) - SPARC .cfi* support [2.14.90.0.5-5] - fix orphan section placement [2.14.90.0.5-4] - fix ppc64 elfvsb linker tests - some more 64-bit cleanliness fixes, give ppc64 fdesc symbols type and size (Alan Modra) [2.14.90.0.5-3] - fix 64-bit unclean code in ppc-opc.c [2.14.90.0.5-2] - fix 64-bit unclean code in tc-ppc.c [2.14.90.0.5-1] - update to 2.14.90.0.5 - fix ld -r on ppc64 (Alan Modra) [2.14.90.0.4-23] - rebuilt [2.14.90.0.4-22] - fix elfNN_ia64_dynamic_symbol_p (Richard Henderson, #86661) - don't access memory beyond what was allocated in readelf (Richard Henderson) [2.14.90.0.4-21] - add .cfi_* support on ppc{,64} and s390{,x} [2.14.90.0.4-20] - remove lib{bfd,opcodes}.la (#98190) [2.14.90.0.4-19] - fix -pie support on amd64, s390, s390x and ppc64 - issue relocation overflow errors for s390/s390x -fpic code when accessing .got slots above 4096 bytes from .got start [2.14.90.0.4-18] - rebuilt [2.14.90.0.4-17] - fix ia64 -pie support - require no undefined non-weak symbols in PIEs like required for normal binaries [2.14.90.0.4-16] - fix readelf -d on IA-64 - build libiberty.a with -fPIC, so that it can be lined into shared libraries [2.14.90.0.4-15] - rebuilt [2.14.90.0.4-14] - added support for Intel Prescott instructions - fix hint at pause for ia64 - add workaround for LTP sillyness (#97934) [2.14.90.0.4-13] - update CFI stuff to 2003-06-18 - make sure .eh_frame is aligned to 8 bytes on 64-bit arches, remove padding within one .eh_frame section [2.14.90.0.4-12] - rebuilt [2.14.90.0.4-11] - one more fix for the same patch [2.14.90.0.4-10] - fix previous patch [2.14.90.0.4-9] - ensure R_PPC64_{RELATIVE,ADDR64} have *r_offset == r_addend and the other relocs have *r_offset == 0 [2.14.90.0.4-8] - remove some unnecessary provides in ppc64 linker script which were causing e.g. empty .ctors/.dtors section creation [2.14.90.0.4-7] - some CFI updates/fixes - don't create dynamic relocations against symbols defined in PIE exported from its .dynsym [2.14.90.0.4-6] - update gas to 20030604 - PT_GNU_STACK support [2.14.90.0.4-5] - buildrequire gettext (#91838) [2.14.90.0.4-4] - fix shared libraries with >= 8192 .plt slots on ppc32 [2.14.90.0.4-3] - rebuilt [2.14.90.0.4-2] - rename ld --dynamic option to --pic-executable or --pie - fix ld --help output - document --pie/--pic-executable in ld.info and ld.1 [2.14.90.0.4-1] - update to 2.14.90.0.4-1 - gas CFI updates (Richard Henderson) - dynamic executables (Ulrich Drepper) [2.14.90.0.2-2] - fix ELF visibility handling - tidy plt entries on IA-32, ppc and ppc64 [2.14.90.0.2-1] - update to 2.14.90.0.2-1 [2.13.90.0.20-8] - fix bfd_elf_hash on 64-bit arches (Andrew Haley) [2.13.90.0.20-7] - rebuilt [2.13.90.0.20-6] - optimize DW_CFA_advance_loc4 in gas even if there is 'z' augmentation with size 0 in FDE [2.13.90.0.20-5] - fix SPARC build [2.13.90.0.20-4] - fix ppc32 plt reference counting - don't include %{_prefix}/%{_lib}/debug in the non-debuginfo package (#87729) [2.13.90.0.20-3] - make elf64ppc target native extra on ppc and elf32ppc native extra on ppc64. [2.13.90.0.20-2] - fix TLS on IA-64 with ld relaxation [2.13.90.0.20-1] - update to 2.13.90.0.20 [2.13.90.0.18-9] - rebuilt [2.13.90.0.18-8] - don't strip binaries in %install, so that there is non-empty debuginfo [2.13.90.0.18-7] - don't optimize .eh_frame during ld -r [2.13.90.0.18-6] - don't clear elf_link_hash_flags in the .symver patch - only use TC_FORCE_RELOCATION in s390's TC_FORCE_RELOCATION_SUB_SAME (Alan Modra) [2.13.90.0.18-5] - fix the previous .symver change - remove libbfd.so and libopcodes.so symlinks, so that other packages link statically, not dynamically against libbfd and libopcodes whose ABI is everything but stable [2.13.90.0.18-4] - do .symver x, x at FOO handling earlier - support .file and .loc on s390* [2.13.90.0.18-3] - handle .symver x, x at FOO in ld such that relocs against x become dynamic relocations against x at FOO (#83325) - two PPC64 TLS patches (Alan Modra) [2.13.90.0.18-2] - fix SEARCH_DIR on x86_64/s390x - fix Alpha --relax - create DT_RELA{,SZ,ENT} on s390 even if there is just .rela.plt and no .rela.dyn section - support IA-32 on IA-64 (#83752) - .eh_frame_hdr fix (Andreas Schwab) [2.13.90.0.18-1] - update to 2.13.90.0.18 + 20030121->20030206 CVS diff [2.13.90.0.16-8] - alpha TLS fixes - use .debug_line directory table to make the section tiny bit smaller - libtool fix from Jens Petersen [2.13.90.0.16-7] - sparc32 TLS [2.13.90.0.16-6] - s390{,x} TLS and two other mainframe patches [2.13.90.0.16-5] - fix IA-64 TLS IE in shared libs - .{preinit,init,fini}_array compat hack from Alexandre Oliva [2.13.90.0.16-4] - IA-64 TLS fixes - fix .plt sh_entsize on Alpha - build with %_smp_mflags [2.13.90.0.16-3] - fix strip on TLS binaries and libraries [2.13.90.0.16-2] - fix IA-64 ld bootstrap [2.13.90.0.16-1] - update to 2.13.90.0.16 - STT_TLS SHN_UNDEF fix [2.13.90.0.10-4] - pad .rodata.cstNN sections at the end if they aren't sized to multiple of sh_entsize - temporary patch to make .eh_frame and .gcc_except_table sections readonly if possible (should be removed when AUTO_PLACE is implemented) - fix .PPC.EMB.apuinfo section flags [2.13.90.0.10-3] - fix names and content of alpha non-alloced .rela.* sections (#76583) - delete unpackaged files from the buildroot [2.13.90.0.10-2] - enable s390x resp. s390 emulation in linker too [2.13.90.0.10-1] - update to 2.13.90.0.10 - add a bi-arch patch for sparc/s390/x86_64 - add --enable-64-bit-bfd on sparc, s390 and ppc [2.13.90.0.4-3] - fix combreloc testcase [2.13.90.0.4-2] - fix orphan .rel and .rela section placement with -z combreloc (Alan Modra) - skip incompatible linker scripts when searching for libraries [2.13.90.0.4-1] - update to 2.13.90.0.4 - x86-64 TLS support - some IA-32 TLS fixes - some backported patches from trunk - include opcodes, ld, gas and bfd l10n too [2.13.90.0.2-3] - allow addends for IA-32 TLS @tpoff, @ntpoff and @dtpoff - clear memory at *r_offset of dynamic relocs on PPC - avoid ld crash if accessing non-local symbols through LE relocs - new IA-32 TLS relocs, bugfixes and testcases - use brl insn on IA-64 (Richard Henderson) - fix R_IA64_PCREL21{M,F} handling (Richard Henderson) - build in separate builddir, so that gasp tests don't fail - include localization [2.13.90.0.2-2] - fix R_386_TPOFF32 addends (#70824) [2.13.90.0.2-1] - update to 2.13.90.0.2 - fix ld TLS assertion failure (#70084) - fix readelf --debug-dump= handling to match man page and --help (#68997) - fix _GLOBAL_OFFSET_TABLE gas handling (#70241) [2.12.90.0.15-1] - update to 2.12.90.0.15 - TLS .tbss fix - don't use rpm %configure macro, it is broken too often (#69366) [2.12.90.0.9-1] - update to 2.12.90.0.9 - TLS support - remove gasp.info from %post/%preun (#65400) [2.12.90.0.7-1] - update to 2.12.90.0.7 - run make check [2.11.93.0.2-12] - fix .hidden handling on SPARC (Richard Henderson) - don't crash when linking -shared non-pic code with SHF_MERGE - fix .eh_frame_hdr for DW_EH_PE_aligned - correctly adjust DW_EH_PE_pcrel encoded personalities in CIEs [2.11.93.0.2-11] - don't emit dynamic R_SPARC_DISP* relocs against STV_HIDDEN symbols into shared libraries [2.11.93.0.2-10] - don't merge IA-64 unwind info sections together during ld -r [2.11.93.0.2-9] - fix DATA_SEGMENT_ALIGN on ia64/alpha/sparc/sparc64 [2.11.93.0.2-8] - don't crash on SHN_UNDEF local dynsyms (Andrew MacLeod) [2.11.93.0.2-7] - fix bfd configury bug (Alan Modra) [2.11.93.0.2-6] - don't copy visibility when equating symbols - fix alpha .text/.data with .previous directive bug [2.11.93.0.2-5] - fix SHF_MERGE crash with --gc-sections (#60369) - C++ symbol versioning patch [2.11.93.0.2-4] - add DW_EH_PE_absptr -> DW_EH_PE_pcrel optimization for shared libs, if DW_EH_PE_absptr cannot be converted that way, don't build the .eh_frame_hdr search table [2.11.93.0.2-3] - fix ld -N broken by last patch [2.11.93.0.2-2] - trade one saved runtime page for data segment (=almost always not shared) for up to one page of disk space where possible [2.11.93.0.2-1] - update to 2.11.93.0.2 - use %{ix86} instead of i386 for -z combreloc default (#59086) [2.11.92.0.12-10] - don't create SHN_UNDEF STB_WEAK symbols unless there are any relocations against them [2.11.92.0.12-9.1] - rebuild (fix ia64 miscompilation) * Wed Jan 09 2002 Tim Powers - automated rebuild [2.11.92.0.12-8] - two further .eh_frame patch fixes [2.11.92.0.12-7] - as ld is currently not able to shrink input sections to zero size during discard_info, build a fake minimal CIE in that case - update elf-strtab patch to what was commited [2.11.92.0.12-6] - one more .eh_frame patch fix - fix alpha .eh_frame handling - optimize elf-strtab finalize [2.11.92.0.12-5] - yet another fix for the .eh_frame patch [2.11.92.0.12-4] - Alan Modra's patch to avoid crash if there is no dynobj [2.11.92.0.12-3] - H.J.'s patch to avoid crash if input files are not ELF - don't crash if a SHF_MERGE for some reason could not be merged - fix objcopy/strip to preserve SHF_MERGE sh_entsize - optimize .eh_frame sections, add PT_GNU_EH_FRAME support - support anonymous version tags in version script [2.11.92.0.12-2] - fix IA-64 SHF_MERGE handling [2.11.92.0.12-1] - update to 2.11.92.0.12 - optimize .dynstr and .shstrtab sections (#55524) - fix ld.1 glitch (#55459) - turn relocs against SHF_MERGE local symbols with zero addend into STT_SECTION + addend - remove man pages for programs not included (nlmconv, windres, dlltool; - add BuildRequires for texinfo [2.11.92.0.7-2] - duh, fix strings on bfd objects (#55084) [2.11.92.0.7-1] - update to 2.11.92.0.7 - remove .rel{,a}.dyn from output if it is empty [2.11.92.0.5-2] - fix strings patch - use getc_unlocked in strings to speed it up by 50% on large files [2.11.92.0.5-1] - update to 2.11.92.0.5 - binutils localization (#45148) - fix typo in REPORT_BUGS_TO (#54325) - support files bigger than 2GB in strings (#54406) [2.11.90.0.8-12] - on IA-64, don't mix R_IA64_IPLTLSB relocs with non-PLT relocs in .rela.dyn section. [2.11.90.0.8-11] - add iplt support for IA-64 (Richard Henderson) - switch to new section flags for SHF_MERGE and SHF_STRINGS, put in compatibility code - "s" section flag for small data sections on IA-64 and Alpha (Richard Henderson) - fix sparc64 .plt[32768+] handling - don't emit .rela.stab on sparc [2.11.90.0.8-10] - fix SHF_MERGE on Sparc [2.11.90.0.8-9] - on Alpha, copy *r_offset to R_ALPHA_RELATIVE's r_addend [2.11.90.0.8-8] - on IA-64, put crtend{,S}.o's .IA_64.unwind section last in .IA_64.unwind output section (for compatibility with 7.1 eh) [2.11.90.0.8-7] - put RELATIVE relocs first, not last - enable -z combreloc by default on IA-{32,64}, Alpha, Sparc* [2.11.90.0.8-6] - support for -z combreloc - remove .dynamic patch, -z combreloc patch does this better - set STT_FUNC default symbol sizes in .endp directive on IA-64 [2.11.90.0.8-5] - fix last patch (H.J.Lu) [2.11.90.0.8-4] - fix placing of orphan sections * Sat Jun 23 2001 Jakub Jelinek - fix SHF_MERGE support on Alpha * Fri Jun 08 2001 Jakub Jelinek - 2.11.90.0.8 - some SHF_MERGE suport fixes - don't build with tooldir /usrusr instead of /usr (#40937) - reserve few .dynamic entries for prelinking * Mon Apr 16 2001 Jakub Jelinek - 2.11.90.0.5 - SHF_MERGE support * Tue Apr 03 2001 Jakub Jelinek - 2.11.90.0.4 - fix uleb128 support, so that CVS gcc bootstraps - some ia64 fixes * Mon Mar 19 2001 Jakub Jelinek - add -Bgroup support from Ulrich Drepper * Fri Mar 09 2001 Jakub Jelinek - hack - add elf_i386_glibc21 emulation * Fri Feb 16 2001 Jakub Jelinek - 2.10.91.0.2 * Fri Feb 09 2001 Jakub Jelinek - 2.10.1.0.7 - remove ExcludeArch ia64 - back out the -oformat, -omagic and -output change for now * Fri Dec 15 2000 Jakub Jelinek - Prereq /sbin/install-info * Tue Nov 21 2000 Jakub Jelinek - 2.10.1.0.2 * Tue Nov 21 2000 Jakub Jelinek - add one more alpha patch * Wed Nov 15 2000 Jakub Jelinek - fix alpha visibility as problem - add support for Ultra-III * Fri Sep 15 2000 Jakub Jelinek - and one more alpha patch * Fri Sep 15 2000 Jakub Jelinek - two sparc patches * Mon Jul 24 2000 Jakub Jelinek - 2.10.0.18 * Mon Jul 10 2000 Jakub Jelinek - 2.10.0.12 * Mon Jun 26 2000 Jakub Jelinek - 2.10.0.9 * Thu Jun 15 2000 Jakub Jelinek - fix ld -r * Mon Jun 05 2000 Jakub Jelinek - 2.9.5.0.46 - use _mandir/_infodir/_lib * Mon May 08 2000 Bernhard Rosenkraenzer - 2.9.5.0.41 * Wed Apr 12 2000 Bernhard Rosenkraenzer - 2.9.5.0.34 * Wed Mar 22 2000 Bernhard Rosenkraenzer - 2.9.5.0.31 * Fri Feb 04 2000 Cristian Gafton - man pages are compressed - apply kingdon's patch from #5031 * Wed Jan 19 2000 Jeff Johnson - Permit package to be built with a prefix other than /usr. * Thu Jan 13 2000 Cristian Gafton - add pacth from hjl to fix the versioning problems in ld * Tue Jan 11 2000 Bernhard Rosenkraenzer - Add sparc patches from Jakub Jelinek - Add URL: * Tue Dec 14 1999 Bernhard Rosenkraenzer - 2.9.5.0.22 * Wed Nov 24 1999 Bernhard Rosenkraenzer - 2.9.5.0.19 * Sun Oct 24 1999 Bernhard Rosenkraenzer - 2.9.5.0.16 * Mon Sep 06 1999 Jakub Jelinek - make shared non-pic libraries work on sparc with glibc 2.1. * Fri Aug 27 1999 Jim Kingdon - No source/spec changes, just rebuilding with egcs-1.1.2-18 because the older egcs was miscompling gprof. * Mon Apr 26 1999 Cristian Gafton - back out very *stupid* sparc patch done by HJLu. People, keep out of things you don't understand. - add alpha relax patch from rth * Mon Apr 05 1999 Cristian Gafton - version 2.9.1.0.23 - patch to make texinfo documentation compile - auto rebuild in the new build environment (release 2) * Tue Feb 23 1999 Cristian Gafton - updated to 2.9.1.0.21 - merged with UltraPenguin * Mon Jan 04 1999 Cristian Gafton - added ARM patch from philb - version 2.9.1.0.19a - added a patch to allow arm* arch to be identified as an ARM * Thu Oct 01 1998 Cristian Gafton - updated to 2.9.1.0.14. * Sat Sep 19 1998 Jeff Johnson - updated to 2.9.1.0.13. * Wed Sep 09 1998 Cristian Gafton - updated to 2.9.1.0.12 * Thu Jul 02 1998 Jeff Johnson - updated to 2.9.1.0.7. * Wed Jun 03 1998 Jeff Johnson - updated to 2.9.1.0.6. * Tue Jun 02 1998 Erik Troan - added patch from rth to get right offsets for sections in relocateable objects on sparc32 * Thu May 07 1998 Prospector System - translations modified for de, fr, tr * Tue May 05 1998 Cristian Gafton - version 2.9.1.0.4 is out; even more, it is public ! * Tue May 05 1998 Jeff Johnson - updated to 2.9.1.0.3. * Mon Apr 20 1998 Cristian Gafton - updated to 2.9.0.3 * Tue Apr 14 1998 Cristian Gafton - upgraded to 2.9.0.2 * Sun Apr 05 1998 Cristian Gafton - updated to 2.8.1.0.29 (HJ warned me that this thing is a moving target... :-) - "fixed" the damn make install command so that all tools get installed * Thu Apr 02 1998 Cristian Gafton - upgraded again to 2.8.1.0.28 (at least on alpha now egcs will compile) - added info packages handling * Tue Mar 10 1998 Cristian Gafton - upgraded to 2.8.1.0.23 * Mon Mar 02 1998 Cristian Gafton - updated to 2.8.1.0.15 (required to compile the newer glibc) - all patches are obsoleted now * Wed Oct 22 1997 Erik Troan - added 2.8.1.0.1 patch from hj - added patch for alpha palcode form rth From el-errata at oss.oracle.com Sun Apr 12 18:41:21 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:41:21 -0700 Subject: [El-errata] ELSA-2020-5644 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update Message-ID: <99586e5a-ba67-8674-6b65-0b63c1364967@oracle.com> Oracle Linux Security Advisory ELSA-2020-5644 http://linux.oracle.com/errata/ELSA-2020-5644.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-firmware-3.8.13-118.44.1.el7uek.noarch.rpm kernel-uek-doc-3.8.13-118.44.1.el7uek.noarch.rpm kernel-uek-3.8.13-118.44.1.el7uek.x86_64.rpm kernel-uek-devel-3.8.13-118.44.1.el7uek.x86_64.rpm kernel-uek-debug-devel-3.8.13-118.44.1.el7uek.x86_64.rpm kernel-uek-debug-3.8.13-118.44.1.el7uek.x86_64.rpm dtrace-modules-3.8.13-118.44.1.el7uek-0.4.5-3.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.44.1.el7uek.src.rpm http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.44.1.el7uek-0.4.5-3.el7.src.rpm Description of changes: kernel-uek [3.8.13-118.44.1.el7uek] - net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055328] {CVE-2019-18806} - swiotlb: clean up reporting (Kees Cook) [Orabug: 31085018] {CVE-2018-5953} From el-errata at oss.oracle.com Sun Apr 12 18:41:48 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:41:48 -0700 Subject: [El-errata] ELSA-2020-5644 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update Message-ID: <23fb42ca-e79c-7219-b97d-c18a4045aa78@oracle.com> Oracle Linux Security Advisory ELSA-2020-5644 http://linux.oracle.com/errata/ELSA-2020-5644.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-firmware-3.8.13-118.44.1.el6uek.noarch.rpm kernel-uek-doc-3.8.13-118.44.1.el6uek.noarch.rpm kernel-uek-3.8.13-118.44.1.el6uek.x86_64.rpm kernel-uek-devel-3.8.13-118.44.1.el6uek.x86_64.rpm kernel-uek-debug-devel-3.8.13-118.44.1.el6uek.x86_64.rpm kernel-uek-debug-3.8.13-118.44.1.el6uek.x86_64.rpm dtrace-modules-3.8.13-118.44.1.el6uek-0.4.5-3.el6.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-3.8.13-118.44.1.el6uek.src.rpm http://oss.oracle.com/ol6/SRPMS-updates/dtrace-modules-3.8.13-118.44.1.el6uek-0.4.5-3.el6.src.rpm Description of changes: kernel-uek [3.8.13-118.44.1.el6uek] - net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055328] {CVE-2019-18806} - swiotlb: clean up reporting (Kees Cook) [Orabug: 31085018] {CVE-2018-5953} From el-errata at oss.oracle.com Sun Apr 12 18:42:10 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:42:10 -0700 Subject: [El-errata] ELSA-2020-5645 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update Message-ID: <71dc0591-040d-d802-0e23-3ccf87a9ab65@oracle.com> Oracle Linux Security Advisory ELSA-2020-5645 http://linux.oracle.com/errata/ELSA-2020-5645.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: kernel-uek-2.6.39-400.321.1.el6uek.i686.rpm kernel-uek-debug-2.6.39-400.321.1.el6uek.i686.rpm kernel-uek-debug-devel-2.6.39-400.321.1.el6uek.i686.rpm kernel-uek-devel-2.6.39-400.321.1.el6uek.i686.rpm kernel-uek-doc-2.6.39-400.321.1.el6uek.noarch.rpm kernel-uek-firmware-2.6.39-400.321.1.el6uek.noarch.rpm x86_64: kernel-uek-firmware-2.6.39-400.321.1.el6uek.noarch.rpm kernel-uek-doc-2.6.39-400.321.1.el6uek.noarch.rpm kernel-uek-2.6.39-400.321.1.el6uek.x86_64.rpm kernel-uek-devel-2.6.39-400.321.1.el6uek.x86_64.rpm kernel-uek-debug-devel-2.6.39-400.321.1.el6uek.x86_64.rpm kernel-uek-debug-2.6.39-400.321.1.el6uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.39-400.321.1.el6uek.src.rpm Description of changes: [2.6.39-400.321.1.el6uek] - net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055329] {CVE-2019-18806} From el-errata at oss.oracle.com Sun Apr 12 18:42:42 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:42:42 -0700 Subject: [El-errata] ELSA-2020-5645 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update Message-ID: <06b45c62-d41f-1a50-5fb8-1718e131f3a5@oracle.com> Oracle Linux Security Advisory ELSA-2020-5645 http://linux.oracle.com/errata/ELSA-2020-5645.html The following updated rpms for Oracle Linux 5 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: i386: kernel-uek-2.6.39-400.321.1.el5uek.i686.rpm kernel-uek-debug-2.6.39-400.321.1.el5uek.i686.rpm kernel-uek-debug-devel-2.6.39-400.321.1.el5uek.i686.rpm kernel-uek-devel-2.6.39-400.321.1.el5uek.i686.rpm kernel-uek-doc-2.6.39-400.321.1.el5uek.noarch.rpm kernel-uek-firmware-2.6.39-400.321.1.el5uek.noarch.rpm x86_64: kernel-uek-firmware-2.6.39-400.321.1.el5uek.noarch.rpm kernel-uek-doc-2.6.39-400.321.1.el5uek.noarch.rpm kernel-uek-2.6.39-400.321.1.el5uek.x86_64.rpm kernel-uek-devel-2.6.39-400.321.1.el5uek.x86_64.rpm kernel-uek-debug-devel-2.6.39-400.321.1.el5uek.x86_64.rpm kernel-uek-debug-2.6.39-400.321.1.el5uek.x86_64.rpm Description of changes: [2.6.39-400.321.1.el5uek] - net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055329] {CVE-2019-18806} From el-errata at oss.oracle.com Sun Apr 12 18:43:17 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:43:17 -0700 Subject: [El-errata] ELBA-2020-1203 Oracle Linux 7 firewalld bug fix and enhancement update Message-ID: <1141638c-b655-a7a4-d136-a98e67633652@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1203 http://linux.oracle.com/errata/ELBA-2020-1203.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: firewall-applet-0.6.3-8.0.1.el7_8.1.noarch.rpm firewall-config-0.6.3-8.0.1.el7_8.1.noarch.rpm firewalld-0.6.3-8.0.1.el7_8.1.noarch.rpm firewalld-filesystem-0.6.3-8.0.1.el7_8.1.noarch.rpm python-firewall-0.6.3-8.0.1.el7_8.1.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/firewalld-0.6.3-8.0.1.el7_8.1.src.rpm Description of changes: [0.6.3-8.0.1] - Remove the service definition file for Sattelite and remove references in HA serivce file. [Orabug: 30152337] [0.6.3-8.el7_8.1] - fix: firewalld not falling back to interface zone From el-errata at oss.oracle.com Sun Apr 12 18:43:41 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:43:41 -0700 Subject: [El-errata] ELBA-2020-1214 Oracle Linux 7 sssd bug fix and enhancement update Message-ID: <754fd979-cbfb-38c3-fdaf-dfb7e2e54191@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1214 http://linux.oracle.com/errata/ELBA-2020-1214.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libipa_hbac-1.16.4-37.0.1.el7_8.1.i686.rpm libipa_hbac-1.16.4-37.0.1.el7_8.1.x86_64.rpm libipa_hbac-devel-1.16.4-37.0.1.el7_8.1.i686.rpm libipa_hbac-devel-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_autofs-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_certmap-1.16.4-37.0.1.el7_8.1.i686.rpm libsss_certmap-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_certmap-devel-1.16.4-37.0.1.el7_8.1.i686.rpm libsss_certmap-devel-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_idmap-1.16.4-37.0.1.el7_8.1.i686.rpm libsss_idmap-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_idmap-devel-1.16.4-37.0.1.el7_8.1.i686.rpm libsss_idmap-devel-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_nss_idmap-1.16.4-37.0.1.el7_8.1.i686.rpm libsss_nss_idmap-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_nss_idmap-devel-1.16.4-37.0.1.el7_8.1.i686.rpm libsss_nss_idmap-devel-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_simpleifp-1.16.4-37.0.1.el7_8.1.i686.rpm libsss_simpleifp-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_simpleifp-devel-1.16.4-37.0.1.el7_8.1.i686.rpm libsss_simpleifp-devel-1.16.4-37.0.1.el7_8.1.x86_64.rpm libsss_sudo-1.16.4-37.0.1.el7_8.1.x86_64.rpm python-libipa_hbac-1.16.4-37.0.1.el7_8.1.x86_64.rpm python-libsss_nss_idmap-1.16.4-37.0.1.el7_8.1.x86_64.rpm python-sss-1.16.4-37.0.1.el7_8.1.x86_64.rpm python-sss-murmur-1.16.4-37.0.1.el7_8.1.x86_64.rpm python-sssdconfig-1.16.4-37.0.1.el7_8.1.noarch.rpm sssd-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-ad-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-client-1.16.4-37.0.1.el7_8.1.i686.rpm sssd-client-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-common-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-common-pac-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-dbus-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-ipa-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-kcm-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-krb5-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-krb5-common-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-ldap-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-libwbclient-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-libwbclient-devel-1.16.4-37.0.1.el7_8.1.i686.rpm sssd-libwbclient-devel-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-polkit-rules-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-proxy-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-tools-1.16.4-37.0.1.el7_8.1.x86_64.rpm sssd-winbind-idmap-1.16.4-37.0.1.el7_8.1.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/sssd-1.16.4-37.0.1.el7_8.1.src.rpm Description of changes: [1.16.4-37.0.1] - Revert Redhat's change of disallowing duplicated incomplete gid when "id_provider=ldap" is used, which caused regression in AD environment. [Orabug: 29286774] [Doc ID 2605732.1] [1.16.4-37.1] - Resolves: rhbz#1801208 - id command taking 1+ minute for returning user information [rhel-7.8.z] - Also updates spec file to not replace /pam.d/sssd-shadowutils on update From el-errata at oss.oracle.com Sun Apr 12 18:44:17 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:44:17 -0700 Subject: [El-errata] ELBA-2020-1204 Oracle Linux 7 lftp bug fix and enhancement update (aarch64) Message-ID: <376edc71-0ebe-1a49-7bb7-6761917372ee@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1204 http://linux.oracle.com/errata/ELBA-2020-1204.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: lftp-4.4.8-12.el7_8.1.aarch64.rpm lftp-scripts-4.4.8-12.el7_8.1.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/lftp-4.4.8-12.el7_8.1.src.rpm Description of changes: [4.4.8-12.1] - Resolves: #1797964 - lftp with ssl gives error Fatal error: gnutls_record_recv: The TLS connection was non-properly terminated [4.4.8-12] - Resolves: #1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased From el-errata at oss.oracle.com Sun Apr 12 18:44:38 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:44:38 -0700 Subject: [El-errata] ELBA-2020-1206 Oracle Linux 7 zsh bug fix and enhancement update (aarch64) Message-ID: <7d3018c5-8b7b-04f1-5029-04b3fafdc367@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1206 http://linux.oracle.com/errata/ELBA-2020-1206.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: zsh-5.0.2-34.el7_8.2.aarch64.rpm zsh-html-5.0.2-34.el7_8.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/zsh-5.0.2-34.el7_8.2.src.rpm Description of changes: [5.0.2-34.el7_8.2] - improve printing of error messages introduced by the fix of CVE-2019-20044 [5.0.2-34.el7_8.1] - drop privileges securely when unsetting PRIVILEGED option (CVE-2019-20044) From el-errata at oss.oracle.com Sun Apr 12 18:45:03 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:45:03 -0700 Subject: [El-errata] ELBA-2020-1205 Oracle Linux 7 bind bug fix and enhancement update (aarch64) Message-ID: <78933e8e-104b-4be0-2029-19e2e8833dd7@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1205 http://linux.oracle.com/errata/ELBA-2020-1205.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: bind-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-chroot-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-libs-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-libs-lite-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-license-9.11.4-16.P2.el7_8.2.noarch.rpm bind-pkcs11-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-utils-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-devel-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-lite-devel-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-sdb-9.11.4-16.P2.el7_8.2.aarch64.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/bind-9.11.4-16.P2.el7_8.2.src.rpm Description of changes: [32:9.11.4-16.P2.2] - Disable unit test timer_test on ppc64le because of its instability [32:9.11.4-16.P2.1] - Prevent deadlock on reload (#1805685) From el-errata at oss.oracle.com Sun Apr 12 18:45:22 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:45:22 -0700 Subject: [El-errata] ELBA-2020-1203 Oracle Linux 7 firewalld bug fix and enhancement update (aarch64) Message-ID: <207f4106-2b72-8196-5aa8-042d5e3ca5b2@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1203 http://linux.oracle.com/errata/ELBA-2020-1203.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: firewall-config-0.6.3-8.0.1.el7_8.1.noarch.rpm firewalld-0.6.3-8.0.1.el7_8.1.noarch.rpm firewalld-filesystem-0.6.3-8.0.1.el7_8.1.noarch.rpm python-firewall-0.6.3-8.0.1.el7_8.1.noarch.rpm firewall-applet-0.6.3-8.0.1.el7_8.1.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/firewalld-0.6.3-8.0.1.el7_8.1.src.rpm Description of changes: [0.6.3-8.0.1] - Remove the service definition file for Sattelite and remove references in HA serivce file. [Orabug: 30152337] [0.6.3-8.el7_8.1] - fix: firewalld not falling back to interface zone [0.6.3-8] - fix: failure to load modules no longer fatal [0.6.3-7] - fix: Revert "ebtables: drop support for broute table" [0.6.3-6] - fix: direct: removeRules() not removing all rules in chain [0.6.3-5] - doc: add --default-config and --system-config [0.6.3-4] - fix: guarantee zone source dispatch is sorted by zone name [0.6.3-3] - backport recent upstream stable fixes - backport fix --remove-rules deleting all direct rules - backport fix unable to delete rich rule forward-port - backport fix forward-port for external zone hijacking internal zone - backport fix testsuite iptables locking [0.6.3-2] - backport recent upstream stable fixes - backport fix to enable IP forwarding only if toaddr specified [0.6.3-1] - rebase package to v0.6.3, include recent stable fixes - use QT4 patch for firewall-applet - remove cockpit service definition, cockpit package still ships their own - remove testsuite force of LC_ALL=C.UTF-8. RHEL-7 doesn't have C.UTF-8 - remove nftables support [0.5.3-5] - even if startup failed, reapply non-permanent interface to zone assignments [0.5.3-4] - backport patches to enter failed state if startup fails [0.5.3-3] - backport patches to avoid NM for generated connections [0.5.3-2] - backport patches for --check-config option [0.5.3-1] - rebase package to v0.5.3 [0.4.4.4-14] - services/high-availability: Add port 9929 (RHBZ#1486143) [0.4.4.4-13] - firewalld: also reload dbus config interface for global options (RHBZ#1514043) [0.4.4.4-12] - Fix and improve firewalld-sysctls.conf (RHBZ#1516881) * Mon Sep 18 2017 Phil Sutter - 0.4.4.4-11 - core: Log unsupported ICMP types as informational only (RHBZ#1479951) - doc: firewall-cmd: Document --query-* options return codes (RHBZ#1372716) - doc: firewall-cmd: Document quirk in --reload option (RHBZ#1452137) - firewall-cmd: Use colors only if output is a TTY (RHBZ#1368544) - firewall-offline-cmd: Don't require root for help output (RHBZ#1445214) [0.4.4.4-10] - Add missing ports to RH-Satellite-6 service (RHBZ#1422149) [0.4.4.4-9] - Reload nf_conntrack sysctls after the module is loaded (RHBZ#1462977) [0.4.4.4-8] - Add NFSv3 service (a127d697177b) (RHBZ#1462088) [0.4.4.4-7] - firewall.functions: New function get_nf_nat_helpers (RHBZ#1452681) - firewall.core.fw: Get NAT helpers and store them internally. (RHBZ#1452681) - firewall.core.fw_zone: Load NAT helpers with conntrack helpers (RHBZ#1452681) - firewalld.dbus: Add missing properties nf_conntrach_helper_setting and nf_conntrack_helpers (RHBZ#1452681) - D-Bus interfaces: Fix GetAll for interfaces without properties (RHBZ#1452017) - firewall.server.firewalld: New property for NAT helpers supported by the kernel (RHBZ#1452681) [0.4.4.4-6] - IPv6 ICMP type only rich-rule fix (cf50bd0) (RHBZ#1459921) [0.4.4.4-5] - Translation update for japanese (RHBZ#1382652) [0.4.4.4-4] - Add services for oVirt: ovirt-imageio, ovirt-vmconsole, ovirt-storageconsole, ctbc and nrpe (RHBZ#1449158) - Fix policy issue with the choice policies by using the .policy.choice extension (RHBZ#1449754) [0.4.4.4-3] - Fix --{set,get}-{short,description} for zones (RHBZ#1416325) - Man pages: Add sctp and dccp for ports, ... (RHBZ#1429808) - Add support for new wait option in restore commands (RHBZ#1446162) [0.4.4.4-2] - Add support for sctp and dccp in ports, source-ports and forward-ports (RHBZ#1429808) - Fix firewall-offline-cmd --remove-service-from-zone= option (RHBZ#1438127) [0.4.4.4-1] - Rebase to firewalld-0.4.4.4 http://www.firewalld.org/2017/03/firewalld-0-4-4-4-release - Drop references to fedorahosted.org from spec file and Makefile.am, use archive from github - Fix inconsistent ordering of rules in INPUT_ZONE_SOURCE (issue#166) (RHBZ#1421222) - Fix ipset overloading from /etc/firewalld/ipsets (RHBZ#1423941) - Fix permanent rich rules using icmp-type elements (RHBZ#1434763) - firewall-config: Deactivate edit, remove, .. buttons if there are no items - Check if ICMP types are supported by kernel before trying to use them (RHBZ#1401978) - firewall-config: Show invalid ipset type in the ipset configuration dialog in a special label (RHBZ#1419058) [0.4.4.3-2] - Drop ghost flag on policy file again [0.4.4.3-1] - Rebase to firewalld-0.4.4.3 (RHBZ#1414584) - Support disabled automatic helper assignment in firewalld (RHBZ#1006225) - Fix masquerade rules to be created always the same (RHBZ#1374001) - Properly handle quoted ifcfg file values (RHBZ#1395348) - Fix extension of ifcfg backup files (RHBZ#1400478) - Complete icmp types list (RHBZ#1401978) - Fix LOG rule placement for LogDenied (RHBZ#1402932) - Show error messages from NM and do not trace back (RHBZ#1405562) - Support icmp-type usage in rich rules (RHBZ#1409544) - New service file for freeipa-trust (RHBZ#1411650) - Fix --{set,get}-{short,description} for ipset in commands (RHBZ#1416325) - Speed up large ipset file loading and import (RHBZ#1416817) - Improve support for ipsets in firewalld (RHBZ#1419058) - ALREADY_ errors should result in warnings and zero exit code (RHBZ#1420457) [0.4.3.2-10] - Fix LOG rule placement for LogDenied (RHBZ#1402932) [0.4.3.2-9] - Fix ZONE being blanked in ifcfg on reboot (RHBZ#1381314) [0.4.3.2-8] - Exclude firewallctl (RHBZ#1374799) [0.4.3.2-7] - Tolerate ipv6_rpfilter fail (RHBZ#1285769) - Fix set_rules to copy the rule before extracting the table (RHBZ#1373260) - Translation update (RHBZ#1273296) - Conflict with NetworkManager < 1:1.4.0-3.el7 (RHBZ#1366288) [0.4.3.2-6] - Do not use exit code 254 for {ALREADY,NOT}_ENABLED sequences (RHBZ#1366654) - Fail with NOT_AUTHORIZED if authorization fails (RHBZ#1368549) - firewall-cmd: Fix get and set description for permanent zones (RHBZ#1368949) - Fix loading of service helpers in active zones (RHBZ#1371116) [0.4.3.2-5] - Print errors and warnings to stderr additional patch (RHBZ#1360894) - Fixed trace back in firewallctl (RHBZ#1367155) - Fix client crash if systembus can not be aquired (RHBZ#1367038) - Make ALREADY_ENABLED a warning (RHBZ#1366654) - Added conflict to old squid package providing the squid.service file (RHBZ#1366308) - Fixed firewall-cmd help typo (RHBZ#1367171) [0.4.3.2-4] - Fixed firewall-config gettext usage (RHBZ#1361612) - Fixed ifcfg file reader and writer (RHBZ#1362171) - Fixed loading ipset entries from file in commands (RHBZ#1365198) - Added conflicts to old main package to sub packages (RHBZ#1361669) - Do not show settings of zones etc. without authentication (RHBZ#1357098) - Fixed CVE-2016-5410 (RHBZ#1359296) [0.4.3.2-3] - Fix test suite for command change (RHBZ#1360871) - Fix test suite with stderr usage (RHBZ#1360894) - Rebuild for wrong docdir without version (RHBZ#1057327#c7) [0.4.3.2-2] - Updated conflict for selinux-policy (RHBZ#1304723) - Fixed exit codes in command line clients (RHBZ#1357050) - Fixed traceback in firewall-cmd without args (RHBZ#1357063) - Fixed source docs in man pages and help output (RHBZ#1357888) - Fixed rebuild of changed man pages (RHBZ#1360362) - Use stderr for errors and warnings in command line tools (RHBZ#1360894) - Fixed lockdown not denying invalid commands (RHBZ#1360871) [0.4.3.2-1] - Rebase to 0.4.3.2 - Fix regression with unavailable optional commands - All missing backend messages should be warnings - Individual calls for missing restore commands - Only one authenticate call for add and remove options and also sequences - RH-Satellite-6 service now upstream - Conflict for selinux-policy needed to be updated to newer release (RHBZ#1304723) [0.4.3.1-1] - Rebase to 0.4.3.1 - firewall.command: Fix python3 DBusException message not interable error - src/Makefile.am: Fix path in firewall-[offline-]cmd_test.sh while installing - firewallctl: Do not trace back on list command without further arguments - firewallctl (man1): Added remaining sections zone, service, .. - firewallctl: Added runtime-to-permanent, interface and source parser, IndividualCalls setting - firewall.server.config: Allow to set IndividualCalls property in config interface - Fix missing icmp rules for some zones - runProg: Fix issue with running programs - firewall-offline-cmd: Fix issues with missing system-config-firewall - firewall.core.ipXtables: Split up source and dest addresses for transaction - firewall.server.config: Log error in case of loading malformed files in watcher - Install and package the firewallctl man page [0.4.3-3] - Readding RH-Satellite-6 service [0.4.3-2] - Fixed typo in Requires(post) [0.4.3-1] - Rebase to 0.4.3 - Rebase to the new upstream and new release (RHBZ#1302802) - New firewallctl command line utility (RHBZ#1147959) - Adds radius TCP ports (RHBZ#1219717) - XSD enhancements for conflicting tag specification (RHBZ#1296573) - Adds port for corosync-qnetd to high-availability service (RHBZ#1347530) [0.4.2-1] - Rebase to 0.4.2 - Allows unspecifying zone binding for interfaces in firewall-config (RHBZ#1066037) - Adds improved management of zone binding for interfaces, connections and sources (RHBZ#1083626) - Adds commands to showing details of zones, services, .. (RHBZ#1147500) - Adds a default logging option (RHBZ#1147951) - Adds quiet option for firewall-offline-cmd (RHBZ#1220467) - Adds support for zone chain usage in direct rules (RHBZ#1136801, RHBZ#1336881) - Adds source port support in zones, services and rich rules (RHBZ#1214770) - Adds services imap and smtps (RHBZ#1220196) - Fixes runtime to permanent migration(RHBZ#1237242) - Fixes removal of destination addresses for services in permanent view in firewall-config (RHBZ#1278281) - Fixes firewall-config usage over ssh (RHBZ#1281416) - Fixes reload disconnects with existing connections (RHBZ#1287449) - Fixes ICMP packet drops while reloading (RHBZ#1288177) - Adds option to add a new zone, service, .. from existing file (RHBZ#1292926) - Adds improved checks for file readers, fixes error reporting of strings containing illegal characters (RHBZ#1303026) - Transforms direct.passthrough errors into warnings (RHBZ#1301573) - Reduced getprotobyname and getservbyname calls for NIS use (RHBZ#1305434) - Fixes (repeated) firewalld reload by sending SIGHUP signal (RHBZ#1313023) - Adds After=dbus.service to service file to fix shutdown (RHBZ#1313845) - Adds ICMP block inversion support (RHBZ#1325335) - Fixes local traffic issue with masquerading in default zone (RHBZ#1326130) - Adds destination rich rules without an element (RHBZ#1326462) - Fixes reload after default zone change to newly introduced zone (RHBZ#1273888) - Fixes start without ipv6_rpfilter module (RHBZ#1285769) - Adds log of denied packets option (RHBZ#1322505) [0.3.9-14] - Fixed file mode of schema configuration file verifier check.sh als in files (RHBZ#994479) [0.3.9-13] - Fixed file mode of schema configuration file verifier check.sh (RHBZ#994479) - Include upstream testsuite in SRPM package (RHBZ#1261502) - Added missing ports to RH-Satellite-6 mservice (RHBZ#1254531) [0.3.9-12] - New schema configuration file verifier (RHBZ#994479) - More information about interface handling with and without NetworkManager (RHBZ#1122739) (RHBZ#1128563) - Apply all rich rules for non-default targets (RHBZ#1142741) - New iscsi service (RHBZ#1150656) - New rsync service (RHBZ#1150659) - ipXtables: use -w or -w2 if supported (RHBZ#1161745) - Do not use ipv6header for protocol matching. (RHBZ#1164605) - Iptables does not like limit of 1/d (RHBZ#1176813) - Fix readdition of removed permanent direct settings (RHBZ#1182671) - Fix bugs found by upstream test suite (RHBZ#1183008) - Fix polkit auth for query and get passthroughs methods (RHBZ#1183688) - New vdsm service (RHBZ#1194382) - New freeipa services (RHBZ#1206490) - Add missing parts to firewall-offline-cmd man page (RHBZ#1217678) [0.3.9-11] - added missing upstream commit 265bfe90 for (RHBZ#993650) - also add log message in the firewall-cmd output (RHBZ#1057095) [0.3.9-10] - additional upstream commits for (RHBZ#993650) - additional upstream commits for (RHBZ#1127706) [0.3.9-9] - added lost runtime passthrough check and reverse patch (RHBZ#993650) [0.3.9-8] - fixed GUI missing name of active zone (RHBZ#993655) - recreate man pages at build time (RHBZ#1071303) - fixes rich language log level (RHBZ#993740) - fixes typo in firewall-cmd man page (RHBZ#1064401) - new support to save runtime as permanent (RHBZ#993650) - new cli --timeout time specifiers support (RHBZ#994044) - updated translations (RHBZ#1048119) (RHBZ#1083592) - more descriptive error message in case of mistakes in iptables (RHBZ#1057095) - use apparent name for default target (RHBZ#1075675) - simplified firewalld usage on servers by dropping at_console (RHBZ#1097765) - fixed enable/disable of lockdown (RHBZ#1111573) - new Satellite 6 service (RHBZ#1135634) - fixed inconsistent color usage for firewall-cmd messages (RHBZ#1097841) - fixed missing -Es in lockdown whitelist firewall-config command (RHBZ#1099065) - unified runtime and permanent D-Bus API (RHBZ#1127706) - fixed missing update of the connections menu in firewall-config (RHBZ#1120212) - better docs for interface bindings in firewalld and NetworkManager (RHBZ#1112742) - firewall-config: Show target REJECT (RHBZ#1058794) - fixed inconsistent PolicyKit domain usage in main D-Bus interface (RHBZ#1061809) [0.3.9-7] - firewall-cmd: prevent argparse from parsing iptables options (RHBZ#1070683) [0.3.9-6] - firewall-offline-cmd: options from 'firewall-cmd --permanent *' (RHBZ#1059800) [0.3.9-5] - fixed rich language log level (RHBZ#993740) - firewall-config: use simple tool to change zones for connections (RHBZ#993782) - translations update (RHBZ#1030330) - firewall-config: fixed service and icmptype name dulications (RHBZ#1067639) - allow router advertisements for IPv6 rpfilter (RHBZ#1067652) - firewall-applet: allow to bind connections to the defaut zone (RHBZ#1068148) [0.3.9-4] - firewall-config creates unloadable config; port forwarding broken (RHBZ#1057628) - Network connection is lost after changing Zones Default Target to DROP (RHBZ#1057629) - permanently adding rich rule with audit creates unloadable config XML (RHBZ#1057684) - firewalld input_zones has default rule for public zone (RHBZ#1058339) - firewall-cmd is not able to add and remove zones, services and icmptypes (RHBZ#1064386) - firewall-config leaves deleted services shown if they were in use (RHBZ#1058853) - firewall-cmd does not allow user to change zone default target (RHBZ#1058791) - firewall-cmd man page has a typo in --help description (RHBZ#1064401) [0.3.9-3] - fixed enforcing of trusted, drop and block zones (RHBZ#1054415) [0.3.9-2] - fixed rich rules (RHBZ#1054270) - fixed small defects in firewall-cmd and firewall-config (RHBZ#1054289) [0.3.9-1] - rebase to 0.3.9 version: - translation updates - New IPv6_rpfilter setting to enable source address validation (RHBZ#847707) - Do not mix original and customized zones in case of target changes, apply only used zones - firewall-cmd: fix --*_lockdown_whitelist_uid to work with uid 0 - Don't show main window maximized. (RHBZ#1046811) - Use rmmod instead of 'modprobe -r' (RHBZ#1031102) - Deprecate 'enabled' attribute of 'masquerade' element - firewall-config: new zone was added twice to the list - firewalld.dbus(5) - Enable python shebang fix again - firewall/client: handle_exceptions: Use loop in decorator - firewall-offline-cmd: Do not mask firewalld service with disabled option - firewall-config: richRuleDialogActionRejectType Entry -> ComboBox - Rich_Rule: fix parsing of reject element (RHBZ#1027373) - Show combined zones in permanent configuration (RHBZ#1002016) - firewall-cmd(1): document exit code 2 and colored output (RHBZ#1028507) - firewall-config: fix RHBZ#1028853 [0.3.8-2] - Mass rebuild 2013-12-27 [0.3.8-1] - fix memory leaks - New option --debug-gc - Python3 compatibility - Better non-ascii support - several firewall-config & firewall-applet fixes - New --remove-rules commands for firewall-cmd and removeRules methods for D-Bus - Fixed FirewallDirect.get_rules to return proper list - Fixed LastUpdatedOrderedDict.keys() - Enable rich rule usage in trusted zone (RHBZ#994144) - New error codes: INVALID_CONTEXT, INVALID_COMMAND, INVALID_USER and INVALID_UID [0.3.7-1] - Don't fail on missing ip[6]tables/ebtables table. (RHBZ#967376) - bash-completion: --permanent --direct options - firewall/core/fw.py: fix checking for iptables & ip6tables (RHBZ#1017087) - firewall-cmd: use client's exception_handler instead of catching exceptions ourselves - FirewallClientZoneSettings: fix {add|remove|query}RichRule() - Extend amanda-client service with 10080/tcp (RHBZ#1016867) - Simplify Rich_Rule()_lexer() by using functions.splitArgs() - Fix encoding problems in exception handling (RHBZ#1015941) [0.3.6.2-1] - firewall-offline-cmd: --forward-port 'toaddr' is optional (RHBZ#1014958) - firewall-cmd: fix variable name (RHBZ#1015011) [0.3.6.1-1] - remove superfluous po files from archive [0.3.6-1] - firewalld.richlanguage.xml: correct log levels (RHBZ#993740) - firewall-config: Make sure that all zone settings are updated properly on firewalld restart - Rich_Limit: Allow long representation for duration (RHBZ#994103 - firewall-config: Show "Changes applied." after changes (RHBZ#993643) - Use own connection dialog to change zones for NM connections - Rename service cluster-suite to high-availability (RHBZ#885257) - Permanent direct support for firewall-config and firewall-cmd - Try to avoid file descriptor leaking (RHBZ#951900) - New functions to split and join args properly (honoring quotes) - firewall-cmd(1): 2 simple examples - Better IPv6 NAT checking. - Ship firewalld.direct(5). [0.3.5-1] - Only use one PK action for configuration (RHBZ#994729) - firewall-cmd: indicate non-zero exit code with red color - rich-rule: enable to have log without prefix & log_level & limit - log-level warn/err -> warning/error (RHBZ#1009436) - Use policy DROP while reloading, do not reset policy in restart twice - Add _direct chains to all table and chain combinations - documentation improvements - New firewalld.direct(5) man page docbook source - tests/firewall-cmd_test.sh: make rich language tests work - Rich_Rule._import_from_string(): improve error messages (RHBZ#994150) - direct.passthrough wasn't always matching out_signature (RHBZ#967800) - firewall-config: twist ICMP Type IP address family logic. - firewall-config: port-forwarding/masquerading dialog (RHBZ#993658) - firewall-offline-cmd: New --remove-service= option (BZ#969106) - firewall-config: Options->Lockdown was not changing permanent. - firewall-config: edit line on doubleclick (RHBZ#993572) - firewall-config: System Default Zone -> Default Zone (RHBZ#993811) - New direct D-Bus interface, persistent direct rule handling, enabled passthough - src/firewall-cmd: Fixed help output to use more visual parameters - src/firewall-cmd: New usage output, no redirection to man page anymore - src/firewall/core/rich.py: Fixed forwad port destinations - src/firewall-offline-cmd: Early enable/disable handling now with mask/unmask - doc/xml/firewalld.zone.xml: Added more information about masquerade use - Prefix to log message is optional (RHBZ#998079) - firewall-cmd: fix --permanent --change-interface (RHBZ#997974) - Sort zones/interfaces/service/icmptypes on output. - wbem-https service (RHBZ#996668) - applet&config: add support for KDE NetworkManager connection editor - firewall/core/fw_config.py: New method update_lockdown_whitelist - Added missing file watcher for lockdown whitelist in config D-Bus interface - firewall/core/watcher: New add_watch_file for lockdown-whitelist and direct - Make use of IPv6 NAT conditional, based on kernel number (RHBZ#967376) [0.3.4-1] - several rich rule check enhancements and fixes - firewall-cmd: direct options - check ipv4|ipv6|eb (RHBZ#970505) - firewall-cmd(1): improve description of direct options (RHBZ#970509) - several firewall-applet enhancements and fixes - New README - several doc and man page fixes - Service definitions for PCP daemons (RHBZ#972262) - bash-completion: add lockdown and rich language options - firewall-cmd: add --permanent --list-all[-zones] - firewall-cmd: new -q/--quiet option - firewall-cmd: warn when default zone not active (RHBZ#971843) - firewall-cmd: check priority in --add-rule (RHBZ#914955) - add dhcpv6 (for server) service (RHBZ#917866) - firewall-cmd: add --permanent --get-zone-of-interface/source --change-interface/source - firewall-cmd: print result (yes/no) of all --query-* commands - move permanent-getZoneOf{Interface|Source} from firewall-cmd to server - Check Interfaces/sources when updating permanent zone settings. - FirewallDConfig: getZoneOfInterface/Source can actually return more zones - Fixed toaddr check in forward port to only allow single address, no range - firewall-cmd: various output improvements - fw_zone: use check_single_address from firewall.functions - getZoneOfInterface/Source does not need to throw exception - firewall.functions: Use socket.inet_pton in checkIP, fixed checkIP*nMask - firewall.core.io.service: Properly check port/proto and destination address - Install applet desktop file into /etc/xdg/autostart - Fixed option problem with rich rule destinations (RHBZ#979804) - Better exception creation in dbus_handle_exceptions() decorator (RHBZ#979790) - Updated firewall-offline-cmd - Use priority in add, remove, query and list of direct rules (RHBZ#979509) - New documentation (man pages are created from docbook sources) - firewall/core/io/direct.py: use prirority for rule methods, new get_all_ methods - direct: pass priority also to client.py and firewall-cmd - applet: New blink and blink-count settings - firewall.functions: New function ppid_of_pid - applet: Check for gnome3 and fix it, use new settings, new size-changed cb - firewall-offline-cmd: Fix use of systemctl in chroot - firewall-config: use string.ascii_letters instead of string.letters - dbus_to_python(): handle non-ascii chars in dbus.String. - Modernize old syntax constructions. - dict.keys() in Python 3 returns a "view" instead of list - Use gettext.install() to install _() in builtins namespace. - Allow non-ascii chars in 'short' and 'description' - README: More information for "Working With The Source Repository" - Build environment fixes - firewalld.spec: Added missing checks for rhel > 6 for pygobject3-base - firewall-applet: New setting show-inactive - Don't stop on reload when lockdown already enabled (RHBZ#987403) - firewall-cmd: --lockdown-on/off did not touch firewalld.conf - FirewallApplet.gschema.xml: Dropped unused sender-info setting - doc/firewall-applet.xml: Added information about gsettings - several debug and log message fixes - Add chain for sources so they can be checked before interfaces (RHBZ#903222) - Add dhcp and proxy-dhcp services (RHBZ#986947) - io/Zone(): don't error on deprecated family attr of source elem - Limit length of zone file name (to 12 chars) due to Netfilter internals. - It was not possible to overload a zone with defined source(s). - DEFAULT_ZONE_TARGET: {chain}_ZONE_{zone} -> {chain}_{zone} - New runtime getSettings for services and icmptypes, fixed policies callbacks - functions: New functions checkUser, checkUid and checkCommand - src/firewall/client: Fixed lockdown-whitelist-updated signal handling - firewall-cmd(1): move firewalld.richlanguage(5) reference in --*-rich-rule - Rich rule service: Only add modules for accept action - firewall/core/rich: Several fixes and enhanced checks - Fixed reload of direct rules - firewall/client: New functions to set and get the exception handler - firewall-config: New and enhanced UI to handle lockdown and rich rules - zone's immutable attribute is redundant - Do not allow to set settings in config for immutable zones. - Ignore deprecated 'immutable' attribute in zone files. - Eviscerate 'immutable' completely. - FirewallDirect.query_rule(): fix it - permanent direct: activate firewall.core.io.direct:Direct reader - core/io/*: simplify getting of character data - FirewallDirect.set_config(): allow reloading * Thu Jun 20 2013 Jiri Popelka - Remove migrating to a systemd unit file from a SysV initscript - Remove pointless "ExclusiveOS" tag [0.3.3-2] - Fixed rich rule check for use in D-Bus [0.3.3-1] - new service files - relicensed logger.py under GPLv2+ - firewall-config: sometimes we don't want to use client's exception handler - When removing Service/IcmpType remove it from zones too (RHBZ#958401) - firewall-config: work-around masquerade_check_cb() being called more times - Zone(IO): add interfaces/sources to D-Bus signature - Added missing UNKNOWN_SOURCE error code - fw_zone.check_source: Raise INVALID_FAMILY if family is invalid - New changeZoneOfInterface method, marked changeZone as deprecated - Fixed firewall-cmd man page entry for --panic-on - firewall-applet: Fixed possible problems of unescaped strings used for markup - New support to bind zones to source addresses and ranges (D-BUS, cmd, applet - Cleanup of unused variables in FirewallD.start - New firewall/fw_types.py with LastUpdatedOrderedDict - direct.chains, direct.rules: Using LastUpdatedOrderedDict - Support splitted zone files - New reader and writer for stored direct chains and rules - LockdownWhitelist: fix write(), add get_commands/uids/users/contexts() - fix service_writer() and icmptype_writer() to put newline at end of file - firewall-cmd: fix --list-sources - No need to specify whether source address family is IPv4 or IPv6 - add getZoneOfSource() to D-Bus interface - Add tests and bash-completion for the new "source" operations - Convert all input args in D-Bus methods - setDefaultZone() was calling accessCheck() *after* the action - New uniqify() function to remove duplicates from list whilst preserving order - Zone.combine() merge also services and ports - config/applet: silence DBusException during start when FirewallD is not running (RHBZ#966518) - firewall-applet: more fixes to make the address sources family agnostic - Better defaults for lockdown white list - Use auth_admin_keep for allow_any and allow_inactive also - New D-Bus API for lockdown policies - Use IPv4, IPv6 and BRIDGE for FirewallD properties - Use rich rule action as audit type - Prototype of string-only D-Bus interface for rich language - Fixed wrongly merged source family check in firewall/core/io/zone.py - handle_cmr: report errors, cleanup modules in error case only, mark handling - Use audit type from rule action, fixed rule output - Fixed lockdown whitelist D-Bus handling method names - New rich rule handling in runtime D-Bus interface - Added interface, source and rich rule handling (runtime and permanent) - Fixed dbus_obj in FirewallClientConfigPolicies, added queryLockdown - Write changes in setLockdownWhitelist - Fixed typo in policies log message in method calls - firewall-cmd: Added rich rule, lockdown and lockdown whitelist handling - Don't check access in query/getLockdownWhitelist*() - firewall-cmd: Also output masquerade flag in --list-all - firewall-cmd: argparse is able to convert argument to desired type itself - firewall-cmd_test.sh: tests for permanent interfaces/sources and lockdown whitelist - Makefile.am: add missing files - firewall-cmd_test.sh: tests for rich rules - Added lockdown, source, interface and rich rule docs to firewall-cmd - Do not masquerade lo if masquerade is enabled in the default zone (RHBZ#904098) - Use in metavar for firewall-cmd parser [0.3.2-2] - removed unintentional en_US.po from tarball [0.3.2-1] - Fix signal handling for SIGTERM - Additional service files (RHBZ#914859) - Updated po files - s/persistent/permanent/ (Trac Ticket #7) - Better behaviour when running without valid DISPLAY (RHBZ#955414) - client.handle_exceptions(): do not loop forever - Set Zone.defaults in zone_reader (RHBZ#951747) - client: do not pass the dbus exception name to handler - IO_Object_XMLGenerator: make it work with Python 2.7.4 (RHBZ#951741) - firewall-cmd: do not use deprecated BaseException.message - client.py: fix handle_exceptions() (RHBZ#951314) - firewall-config: check zone/service/icmptype name (RHBZ#947820) - Allow 3121/tcp (pacemaker_remote) in cluster-suite service. (RHBZ#885257) - firewall-applet: fix default zone hangling in 'shields-up' (RHBZ#947230) - FirewallError.get_code(): check for unknown error [0.3.1-2] - Make permanenent changes work with Python 2.7.4 (RHBZ#951741) [0.3.1-1] - Use explicit file lists for make dist - New rich rule validation check code - New global check_port and check_address functions - Allow source white and black listing with the rich rule - Fix error handling in case of unsupported family in rich rule - Enable ip_forwarding in masquerade and forward-port - New functions to read and write simple files using filename and content - Add --enable-sysconfig to install Fedora-specific sysconfig config file. - Add chains for security table (RHBZ#927015) - firewalld.spec: no need to specify --with-systemd-unitdir - firewalld.service: remove syslog.target and dbus.target - firewalld.service: replace hard-coded paths - Move bash-completion to new location. - Revert "Added configure for new build env" - Revert "Added Makefile.in files" - Revert "Added po/Makefile.in.in" - Revert "Added po/LINGUAS" - Revert "Added aclocal.m4" - Amend zone XML Schema [0.3.0-1] - Added rich language support - Added lockdown feature - Allow to bind interfaces and sources to zones permanently - Enabled IPv6 NAT support masquerading and port/packet forwarding for IPv6 only with rich language - Handle polkit errors in client class and firewall-config - Added priority description for --direct --add-rule in firewall-cmd man page - Add XML Schemas for zones/services/icmptypes XMLs - Don't keep file descriptors open when forking - Introduce --nopid option for firewalld - New FORWARD_IN_ZONES and FORWARD_OUT_ZONES chains (RHBZ#912782) - Update cluster-suite service (RHBZ#885257) - firewall-cmd: rename --enable/disable-panic to --panic-on/off (RHBZ#874912) - Fix interaction problem of changed event of gtk combobox with polkit-kde by processing all remaining events (RHBZ#915892) - Stop default zone rules being applied to all zones (RHBZ#912782) - Firewall.start(): don't call set_default_zone() - Add wiki's URL to firewalld(1) and firewall-cmd(1) man pages - firewalld-cmd: make --state verbose (RHBZ#886484) - improve firewalld --help (RHBZ#910492) - firewall-cmd: --add/remove-* can be used multiple times (RHBZ#879834) - Continue loading zone in case of wrong service/port etc. (RHBZ#909466) - Check also services and icmptypes in Zone() (RHBZ#909466) - Increase the maximum length of the port forwarding fields from 5 to 11 in firewall-config - firewall-cmd: add usage to fail message - firewall-cmd: redefine usage to point to man page - firewall-cmd: fix visible problems with arg. parsing - Use argparse module for parsing command line options and arguments - firewall-cmd.1: better clarify where to find ACTIONs - firewall-cmd Bash completion - firewall-cmd.1: comment --zone= usage and move some options - Use zone's target only in %s_ZONES chains - default zone in firewalld.conf was set to public with every restart (#902845) - man page cleanup - code cleanup [0.2.12-5] - Another fix for RHBZ#912782 [0.2.12-4] - Stop default zone rules being applied to all zones (RHBZ#912782) [0.2.12-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild [0.2.12-2] - Default zone in firewalld.conf was reseted with every restart (RHBZ#902845) - Add icon cache related scriptlets for firewall-config (RHBZ#902680) - Fix typo in firewall-config (RHBZ#895812) - Fix few mistakes in firewall-cmd(1) man page [0.2.12-1] - firewall-cmd: use -V instead of -v for version info (RHBZ#886477) - firewall-cmd: don't check reload()'s return value (RHBZ#886461) - actually install firewalld.zones.5 - firewall-config: treat exceptions when adding new zone/service/icmp (RHBZ#886602) - firewalld.spec: Fixed requirements of firewall-config to use gtk2 and pygobject3 - Fail gracefully when running in non X environment.(RHBZ#886551) - offline-cmd: fail gracefully when no s-c-f config - fix duplicated iptables rules (RHBZ#886515) - detect errors and duplicates in config file (RHBZ#886581) - firewall-config: don't make 'Edit Service' and 'Edit ICMP Type' insensitive - firewalld.spec: fixed requirements, require pygobject3-base - frewall-applet: Unused code cleanup - firewall-applet: several usability fixes and enhancements (RHBZ#886531) (RHBZ#886534) - firewall/server/server.py: fixed KeyboardInterrupt message (RHBZ#886558) - Moved fallback zone and minimal_mark to firewall.config.__init__ - Do not raise ZONE_ALREADY_SET in change_zone if old zone is set again (RHBZ#886432) - Make default zone default for all unset connections/interfaces (RHBZ#888288) (RHBZ#882736) - firewall-config: Use Gtk.MessageType.WARNING for warning dialog - firewall-config: Handle unknown services and icmptypes in persistent mode - firewall-config: Do not load settings more than once - firewall-config: UI cleanup and fixes (RHBZ#888242) - firewall-cmd: created alias --change-zone for --change-interface - firewall-cmd man page updates (RHBZ#806511) - Merged branch 'build-cleanups' - dropped call to autogen.sh in build stage, not needed anymore due to 'build-cleanups' merge [0.2.11-2] - require pygobject3-base instead of pygobject3 (no cairo needed) (RHBZ#874378) - fixed dependencies of firewall-config to use gtk3 with pygobject3-base and not pygtk2 [0.2.11-1] - Fixed more _xmlplus (PyXML) incompatibilities to python xml - Several man page updates - Fixed error in addForwardPort, removeForwardPort and queryForwardPort - firewall-cmd: use already existing queryForwardPort() - Update firewall.cmd man page, use man page as firewall-cmd usage (rhbz#876394) - firewall-config: Do not force to show labels in the main toolbar - firewall-config: Dropped "Change default zone" from toolbar - firewall-config: Added menu entry to change zones of connections - firewall-applet: Zones can be changed now using nm-connection-editor (rhbz#876661) - translation updates: cs, hu, ja [0.2.10-1] - tests/firewalld_config.py: tests for config.service and config.icmptype - FirewallClientConfigServiceSettings(): destinations are dict not list - service/zone/icmptype: do not write deprecated name attribute - New service ntp - firewall-config: Fixed name of about dialog - configure.in: Fixed getting of error codes - Added coding to all pyhton files - Fixed copyright years - Beautified file headers - Force use of pygobject3 in python-slip (RHBZ#874378) - Log: firewall.server.config_icmptype, firewall.server.config_service and firewall.server.config_zone: Prepend full path - Allow ":" in interface names for interface aliases - Add name argument to Updated and Renamed signal - Disable IPv4, IPv6 and EB tables if missing - for IPv4/IPv6 only environments - firewall-config.glade file cleanup - firewall-config: loadDefaults() can throw exception - Use toolbars for Add/Edit/Remove/LoadDefaults buttons for zones, services and icmp types - New vnc-server service, opens ports for displays :0 to :3 (RHBZ#877035) - firewall-cmd: Fix typo in help output, allow default zone usage for permanenent options - Translation updates: cs, fr, ja, pt_BR and zh_CN [0.2.9-1] - firewall-config: some UI usability changes - firewall-cmd: New option --list-all-zones, output of --list-all changed, more option combination checks - firewall-applet: Replaced NMClient by direct DBUS calls to fix python core dumps in case of connection activates/deactivates - Use fallback 'C' locale if current locale isn't supported (RHBZ#860278) - Add interfaces to zones again after reload - firewall-cmd: use FirewallClient().connected value - firewall-cmd: --remove-interface was not working due to a typo - Do not use restorecon for new and backup files - Fixed use of properties REJECT and DROP - firewalld_test.py: check interfaces after reload - Translation updates - Renamed firewall-convert-scfw-config to firewall-offline-cmd, used by anaconda for firewall configuration (e.g. kickstart) - Fix python shebang to use -Es at installation time for bin_SCRIPTS and sbin_SCRIPTS and at all times in gtk3_chooserbutton.py - tests/firewalld_config.py: update test_zones() test case - Config interface: improve renaming of zones/services/icmp_types - Move emiting of Added signals closer to source. - FirewallClient(): config:ServiceAdded signal was wrongly mapped - Add argument 'name' to Removed signal - firewall-config: Add callbacks for config:[service|icmp]-[added|removed] - firewall-config: catch INVALID_X error when removing zone/service/icmp_type - firewall-config: remove unused code - Revert "Neutralize _xmlplus instead of conforming it" - firewall-applet: some UI usability changes - firewall-cmd: ALREADY_ENABLED, NOT_ENABLED, ZONE_ALREADY_SET are warnings [0.2.8-1] - Do not apply old settings to zones after reload - FirewallClient: Added callback structure for firewalld signals - New firewall-config with full zone, service and icmptype support - Added Shields Up/Down configuration dialog to firewall-applet - Name attribute of main tag deprecated for zones, services and icmptypes, will be ignored if present - Fixed wrong references in firewalld man page - Unregister DBus interfaces after sending out the Removed signal - Use proper DBus signature in addIcmpType, addService and addZone - New builtin property for config interfaces - New test case for Config interface - spec: use new systemd-rpm macros (rhbz#850110) - More config file verifications - Lots of smaller fixes and enhancements [0.2.7-2] - use new systemd-rpm macros (rhbz#850110) [0.2.7-1] - Update of firewall-config - Some bug fixes [0.2.6-1] - New D-BUS interface for persistent configuration - Aded support for persistent zone configuration in firewall-cmd - New Shields Up feature in firewall-applet - New requirements for python-decorator and pygobject3 - New firewall-config sub-package - New firewall-convert-scfw-config config script [0.2.5-1] - Fixed traceback in firewall-cmd for failed or canceled authorization, return proper error codes, new error codes NOT_RUNNING and NOT_AUTHORIZED - Enhanced firewalld service file (RHBZ#806868) and (RHBZ#811240) - Fixed duplicates in zone after reload, enabled timed settings after reload - Removed conntrack --ctstate INVALID check from default ruleset, because it results in ICMP problems (RHBZ#806017). - Update interfaces in default zone after reload (rhbz#804814) - New man pages for firewalld(1), firewalld.conf(5), firewalld.icmptype(5), firewalld.service(5) and firewalld.zone(5), updated firewall-cmd man page (RHBZ#811257) - Fixed firewall-cmd help output - Fixed missing icon for firewall-applet (RHBZ#808759) - Added root user check for firewalld (RHBZ#767654) - Fixed requirements of firewall-applet sub package (RHBZ#808746) - Update interfaces in default zone after changing of default zone (RHBZ#804814) - Start firewalld before NetworkManager (RHBZ#811240) - Add Type=dbus and BusName to service file (RHBZ#811240) [0.2.4-1] - fixed firewalld.conf save exception if no temporary file can be written to /etc/firewalld/ [0.2.3-1] - firewall-cmd: several changes and fixes - code cleanup - fixed icmp protocol used for ipv6 (rhbz#801182) - added and fixed some comments - properly restore zone settings, timeout is always set, check for 0 - some FirewallError exceptions were actually not raised - do not REJECT in each zone - removeInterface() don't require zone - new tests in firewall-test script - dbus_to_python() was ignoring certain values - added functions for the direct interface: chains, rules, passthrough - fixed inconsistent data after reload - some fixes for the direct interface: priority positions are bound to ipv, table and chain - added support for direct interface in firewall-cmd: - added isImmutable(zone) to zone D-Bus interface - renamed policy file - enhancements for error messages, enables output for direct.passthrough - added allow_any to firewald policies, using at leas auth_admin for policies - replaced ENABLE_FAILED, DISABLE_FAILED, ADD_FAILED and REMOVE_FAILED by COMMAND_FAILED, resorted error codes - new firewalld configuration setting CleanupOnExit - enabled polkit again, found a fix for property problem with slip.dbus.service - added dhcpv6-client to 'public' (the default) and to 'internal' zones. - fixed missing settings form zone config files in "firewall-cmd --list=all --zone=" call - added list functions for services and icmptypes, added --list=services and --list=icmptypes to firewall-cmd [0.2.2-1] - enabled dhcpv6-client service for zones home and work - new dhcpv6-client service - firewall-cmd: query mode returns reversed values - new zone.changeZone(zone, interface) - moved zones, services and icmptypes to /usr/lib/firewalld, can be overloaded by files in /etc/firewalld (no overload of immutable zones block, drop, trusted) - reset MinimalMark in firewalld.cnf to default value - fixed service destination (addresses not used) - fix xmlplus to be compatible with the python xml sax parser and python 3 by adding __contains__ to xml.sax.xmlreader.AttributesImpl - use icon and glib related post, postun and posttrans scriptes for firewall - firewall-cmd: fix typo in state - firewall-cmd: fix usage() - firewall-cmd: fix interface action description in usage() - client.py: fix definition of queryInterface() - client.py: fix typo in getInterfaces() - firewalld.service: do not fork - firewall-cmd: fix bug in --list=port and --port action help message - firewall-cmd: fix bug in --list=service * Mon Mar 05 2012 Thomas Woerner - moved zones, services and icmptypes to /usr/lib/firewalld, can be overloaded by files in /etc/firewalld (no overload of immutable zones block, drop, trusted) [0.2.1-1] - added missing firewall.dbus_utils [0.2.0-2] - added glib2-devel to build requires, needed for gsettings.m4 - added --with-system-unitdir arg to fix installaiton of system file - added glib-compile-schemas calls for postun and posttrans - added EXTRA_DIST file lists [0.2.0-1] - version 0.2.0 with new FirewallD1 D-BUS interface - supports zones with a default zone - new direct interface as a replacement of the partial virt interface with additional passthrough functionality - dropped custom rules, use direct interface instead - dropped trusted interface funcionality, use trusted zone instead - using zone, service and icmptype configuration files - not using any system-config-firewall parts anymore [0.1.3-1] - new version 0.1.3 - restore all firewall features for reload: panic and virt rules and chains - string fixes for firewall-cmd man page (by Jiri Popelka) - fixed firewall-cmd port list (by Jiri Popelka) - added firewall dbus client connect check to firewall-cmd (by Jiri Popelka) - translation updates: de, es, gu, it, ja, kn, ml, nl, or, pa, pl, ru, ta, uk, zh_CN [0.1.2-1] - fixed package according to package review (rhbz#665395): - non executable scripts: dropped shebang - using newer GPL license file - made /etc/dbus-1/system.d/FirewallD.conf config(noreplace) - added requires(post) and (pre) for chkconfig [0.1.1-1] - new version 0.1.1 - fixed source path in POTFILES* - added missing firewall_config.py.in - added misssing space for spec_ver line - using firewall_config.VARLOGFILE - added date to logging output - also log fatal and error logs to stderr and firewall_config.VARLOGFILE - make log message for active_firewalld fatal [0.1-1] - initial package (proof of concept implementation) From el-errata at oss.oracle.com Sun Apr 12 18:45:44 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:45:44 -0700 Subject: [El-errata] ELBA-2020-1212 Oracle Linux 7 rdma-core bug fix and enhancement update (aarch64) Message-ID: <3f2551bc-a1ce-9df0-70d2-e962b416ed94@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1212 http://linux.oracle.com/errata/ELBA-2020-1212.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: ibacm-22.4-2.el7_8.aarch64.rpm iwpmd-22.4-2.el7_8.aarch64.rpm libibumad-22.4-2.el7_8.aarch64.rpm libibverbs-22.4-2.el7_8.aarch64.rpm libibverbs-utils-22.4-2.el7_8.aarch64.rpm librdmacm-22.4-2.el7_8.aarch64.rpm librdmacm-utils-22.4-2.el7_8.aarch64.rpm rdma-core-22.4-2.el7_8.aarch64.rpm rdma-core-devel-22.4-2.el7_8.aarch64.rpm srp_daemon-22.4-2.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/rdma-core-22.4-2.el7_8.src.rpm Description of changes: [22.4-2] - Fix ibacm segfault for dual port HCA support IB and Ethernet - Resolves: rhbz#1793585 From el-errata at oss.oracle.com Sun Apr 12 18:46:04 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:46:04 -0700 Subject: [El-errata] ELBA-2020-1207 Oracle Linux 7 systemd bug fix and enhancement update (aarch64) Message-ID: <55a5b807-b95e-63dd-4699-8ea0b0331127@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1207 http://linux.oracle.com/errata/ELBA-2020-1207.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: libgudev1-219-73.0.1.el7_8.5.aarch64.rpm libgudev1-devel-219-73.0.1.el7_8.5.aarch64.rpm systemd-219-73.0.1.el7_8.5.aarch64.rpm systemd-devel-219-73.0.1.el7_8.5.aarch64.rpm systemd-libs-219-73.0.1.el7_8.5.aarch64.rpm systemd-python-219-73.0.1.el7_8.5.aarch64.rpm systemd-sysv-219-73.0.1.el7_8.5.aarch64.rpm systemd-journal-gateway-219-73.0.1.el7_8.5.aarch64.rpm systemd-networkd-219-73.0.1.el7_8.5.aarch64.rpm systemd-resolved-219-73.0.1.el7_8.5.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/systemd-219-73.0.1.el7_8.5.src.rpm Description of changes: [219-73.5.0.1] - enable and start the pstore service [Orabug: 30950903] - fix to generate the systemd-pstore.service file [Orabug: 30235241] - Backport upstream patches for the new systemd-pstore tool [Orabug: 30235241] - do not create utmp update symlinks for reboot and poweroff [Orabug: 27854896] - OL7 udev rule for virtio net standby interface [Orabug: 28826743] - fix _netdev is missing for iscsi entry in /etc/fstab [Orabug: 25897792] (tony.l.lam at oracle.com) - set "RemoveIPC=no" in logind.conf as default for OL7.2 [22224874] - allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469] - add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475] [219-73.5] - core: enforce a ratelimiter when stopping units due to StopWhenUnneeded=1 (#1810576) - core: rework StopWhenUnneeded= logic (#1810576) - fix the fix for #1691511 (#1809159) [219-73.4] - mount: don't propagate errors from mount_setup_unit() further up (#1809159) - mount: when allocating a Mount object based on /proc/self/mountinfo mark it so (#1809159) [219-73.3] - journal: do not trigger assertion when journal_file_close() get NULL (#1807798) [219-73.2] - core: when restarting services, don't close fds (#1803802) - unit: rework a bit how we keep the service fdstore from being destroyed during service restart (#1803802) - tests: add basic journal test (#1803802) - tests: add regression test for `systemctl restart systemd-journald` (#1803802) - tests: add test that journald keeps fds over termination by signal (#1803802) [219-73.1] - unit: fix potential use of cgroup_path after free() when freeing unit (#1760149) From el-errata at oss.oracle.com Sun Apr 12 18:46:26 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:46:26 -0700 Subject: [El-errata] ELBA-2020-1213 Oracle Linux 7 net-snmp bug fix and enhancement update (aarch64) Message-ID: <65a6956d-c0c8-6f98-9873-a55b69999638@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1213 http://linux.oracle.com/errata/ELBA-2020-1213.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: net-snmp-5.7.2-48.el7_8.aarch64.rpm net-snmp-agent-libs-5.7.2-48.el7_8.aarch64.rpm net-snmp-devel-5.7.2-48.el7_8.aarch64.rpm net-snmp-libs-5.7.2-48.el7_8.aarch64.rpm net-snmp-utils-5.7.2-48.el7_8.aarch64.rpm net-snmp-gui-5.7.2-48.el7_8.aarch64.rpm net-snmp-perl-5.7.2-48.el7_8.aarch64.rpm net-snmp-python-5.7.2-48.el7_8.aarch64.rpm net-snmp-sysvinit-5.7.2-48.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/net-snmp-5.7.2-48.el7_8.src.rpm Description of changes: [1:5.7.2-48] - fix crash due of double-free of security context (#1809076) From el-errata at oss.oracle.com Sun Apr 12 18:46:46 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:46:46 -0700 Subject: [El-errata] ELBA-2020-1210 Oracle Linux 7 python-requests bug fix and enhancement update (aarch64) Message-ID: <20b7b360-73f7-0903-8b20-3f5e2d8ba205@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1210 http://linux.oracle.com/errata/ELBA-2020-1210.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: python-requests-2.6.0-9.el7_8.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/python-requests-2.6.0-9.el7_8.src.rpm Description of changes: [2.6.0-9] - Bring back the requests.packages aliasing of its submodules Resolves: rhbz#1811050, rhbz#1811057, rhbz#1811107, rhbz#1811113 From el-errata at oss.oracle.com Sun Apr 12 18:47:04 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:47:04 -0700 Subject: [El-errata] ELSA-2020-1334 Important: Oracle Linux 7 telnet security update (aarch64) Message-ID: Oracle Linux Security Advisory ELSA-2020-1334 http://linux.oracle.com/errata/ELSA-2020-1334.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: telnet-0.17-65.el7_8.aarch64.rpm telnet-server-0.17-65.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/telnet-0.17-65.el7_8.src.rpm Description of changes: [1:0.17-65] - Resolves: #1814475 - Arbitrary remote code execution in utility.c via short writes or urgent data From el-errata at oss.oracle.com Sun Apr 12 18:47:25 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:47:25 -0700 Subject: [El-errata] ELBA-2020-1214 Oracle Linux 7 sssd bug fix and enhancement update (aarch64) Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1214 http://linux.oracle.com/errata/ELBA-2020-1214.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: libipa_hbac-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_autofs-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_certmap-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_idmap-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_nss_idmap-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_simpleifp-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_sudo-1.16.4-37.0.1.el7_8.1.aarch64.rpm python-libipa_hbac-1.16.4-37.0.1.el7_8.1.aarch64.rpm python-libsss_nss_idmap-1.16.4-37.0.1.el7_8.1.aarch64.rpm python-sss-1.16.4-37.0.1.el7_8.1.aarch64.rpm python-sssdconfig-1.16.4-37.0.1.el7_8.1.noarch.rpm python-sss-murmur-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-ad-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-client-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-common-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-common-pac-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-dbus-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-ipa-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-kcm-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-krb5-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-krb5-common-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-ldap-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-libwbclient-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-polkit-rules-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-proxy-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-tools-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-winbind-idmap-1.16.4-37.0.1.el7_8.1.aarch64.rpm libipa_hbac-devel-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_certmap-devel-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_idmap-devel-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_nss_idmap-devel-1.16.4-37.0.1.el7_8.1.aarch64.rpm libsss_simpleifp-devel-1.16.4-37.0.1.el7_8.1.aarch64.rpm sssd-libwbclient-devel-1.16.4-37.0.1.el7_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/sssd-1.16.4-37.0.1.el7_8.1.src.rpm Description of changes: [1.16.4-37.0.1] - Revert Redhat's change of disallowing duplicated incomplete gid when "id_provider=ldap" is used, which caused regression in AD environment. [Orabug: 29286774] [Doc ID 2605732.1] [1.16.4-37.1] - Resolves: rhbz#1801208 - id command taking 1+ minute for returning user information [rhel-7.8.z] - Also updates spec file to not replace /pam.d/sssd-shadowutils on update From el-errata at oss.oracle.com Sun Apr 12 18:47:55 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:47:55 -0700 Subject: [El-errata] ELSA-2020-1338 Critical: Oracle Linux 7 firefox security update (aarch64) Message-ID: Oracle Linux Security Advisory ELSA-2020-1338 http://linux.oracle.com/errata/ELSA-2020-1338.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: firefox-68.6.1-1.0.1.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/firefox-68.6.1-1.0.1.el7_8.src.rpm Description of changes: [68.6.1-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [68.6.1-1] - Update to 68.6.1 ESR From el-errata at oss.oracle.com Sun Apr 12 18:48:15 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 12 Apr 2020 18:48:15 -0700 Subject: [El-errata] ELSA-2020-1420 Important: Oracle Linux 7 firefox security update (aarch64) Message-ID: <21fbf8fa-d15c-94f9-6a88-8844592dfdae@oracle.com> Oracle Linux Security Advisory ELSA-2020-1420 http://linux.oracle.com/errata/ELSA-2020-1420.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: firefox-68.7.0-2.0.1.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/firefox-68.7.0-2.0.1.el7_8.src.rpm Description of changes: [68.7.0-2.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [68.7.0-2] - Update to 68.7.0 build3 From el-errata at oss.oracle.com Mon Apr 13 08:22:27 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 13 Apr 2020 08:22:27 -0700 Subject: [El-errata] ELBA-2020-1380 Oracle Linux 8 dotnet3.1 bugfix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1380 http://linux.oracle.com/errata/ELBA-2020-1380.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-3.1-3.1.3-1.0.1.el8_1.x86_64.rpm aspnetcore-targeting-pack-3.1-3.1.3-1.0.1.el8_1.x86_64.rpm dotnet-3.1.103-1.0.1.el8_1.x86_64.rpm dotnet-apphost-pack-3.1-3.1.3-1.0.1.el8_1.x86_64.rpm dotnet-host-3.1.3-1.0.1.el8_1.x86_64.rpm dotnet-hostfxr-3.1-3.1.3-1.0.1.el8_1.x86_64.rpm dotnet-runtime-3.1-3.1.3-1.0.1.el8_1.x86_64.rpm dotnet-sdk-3.1-3.1.103-1.0.1.el8_1.x86_64.rpm dotnet-targeting-pack-3.1-3.1.3-1.0.1.el8_1.x86_64.rpm dotnet-templates-3.1-3.1.103-1.0.1.el8_1.x86_64.rpm netstandard-targeting-pack-2.1-3.1.103-1.0.1.el8_1.x86_64.rpm aarch64: SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/dotnet3.1-3.1.103-1.0.1.el8_1.src.rpm Description of changes: [03-1.0.1.el8_1] - support OL release scheme (alexander.burmashev at oracle.com) [3.1.103-1] - Update to .NET Core Runtime 3.1.3 and SDK 3.1.103 - Resolves: RHBZ#1816192 [3.1.102-1] - Update to .NET Core Runtime 3.1.2 and SDK 3.1.102 - Resolves: RHBZ#1806670 From el-errata at oss.oracle.com Mon Apr 13 08:22:51 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 13 Apr 2020 08:22:51 -0700 Subject: [El-errata] ELBA-2020-1376 Oracle Linux 8 net-snmp bug fix and enhancement update Message-ID: <47283c09-0ff3-7975-9c78-efc5b520ea97@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1376 http://linux.oracle.com/errata/ELBA-2020-1376.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: net-snmp-5.8-12.el8_1.1.x86_64.rpm net-snmp-agent-libs-5.8-12.el8_1.1.i686.rpm net-snmp-agent-libs-5.8-12.el8_1.1.x86_64.rpm net-snmp-devel-5.8-12.el8_1.1.i686.rpm net-snmp-devel-5.8-12.el8_1.1.x86_64.rpm net-snmp-libs-5.8-12.el8_1.1.i686.rpm net-snmp-libs-5.8-12.el8_1.1.x86_64.rpm net-snmp-utils-5.8-12.el8_1.1.x86_64.rpm aarch64: net-snmp-5.8-12.el8_1.1.aarch64.rpm net-snmp-agent-libs-5.8-12.el8_1.1.aarch64.rpm net-snmp-devel-5.8-12.el8_1.1.aarch64.rpm net-snmp-libs-5.8-12.el8_1.1.aarch64.rpm net-snmp-utils-5.8-12.el8_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/net-snmp-5.8-12.el8_1.1.src.rpm Description of changes: [1:5.8-12.1] - fix double free or corruption error caused by freeing security context (#1802055) - remove deprecated CFLAG From el-errata at oss.oracle.com Tue Apr 14 08:46:04 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 14 Apr 2020 08:46:04 -0700 Subject: [El-errata] ELSA-2020-5649 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update Message-ID: <20b06e4e-0608-2298-be37-8a385e5c4f0b@oracle.com> Oracle Linux Security Advisory ELSA-2020-5649 http://linux.oracle.com/errata/ELSA-2020-5649.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-4.14.35-1902.301.1.el7uek.x86_64.rpm kernel-uek-debug-4.14.35-1902.301.1.el7uek.x86_64.rpm kernel-uek-debug-devel-4.14.35-1902.301.1.el7uek.x86_64.rpm kernel-uek-devel-4.14.35-1902.301.1.el7uek.x86_64.rpm kernel-uek-tools-4.14.35-1902.301.1.el7uek.x86_64.rpm kernel-uek-doc-4.14.35-1902.301.1.el7uek.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1902.301.1.el7uek.src.rpm Description of changes: [4.14.35-1902.301.1.el7uek] - vhost: Check docket sk_family instead of call getname (Eugenio P?rez) [Orabug: 31085991] {CVE-2020-10942} - uek-rpm: config-mips64-embedded misc pruning (Eric Saint-Etienne) [Orabug: 31079017] - ubifs: Check for name being NULL while mounting (Richard Weinberger) [Orabug: 29410897] - team: avoid complex list operations in team_nl_cmd_options_set() (Cong Wang) [Orabug: 30886420] - Revert "oled: give panic handler chance to run before kexec" (Wengang Wang) [Orabug: 31098796] - Revert "oled: Limit panic routine change x86 only" (Wengang Wang) [Orabug: 31098796] - net/mlx5: Add pci AtomicOps request (Michael Guralnik) [Orabug: 30750027] - PCI: Add pci_enable_atomic_ops_to_root() (Jay Cornwall) [Orabug: 30750027] - locking/rwsem: Prevent decrement of reader count before increment (Waiman Long) [Orabug: 31087349] - net: core: another layer of lists, around PF_MEMALLOC skb handling (Sasha Levin) [Orabug: 31087349] - locking/rwsem: Fix (possible) missed wakeup (Xie Yongji) [Orabug: 31087349] - swiotlb: clean up reporting (Kees Cook) [Orabug: 31085014] {CVE-2018-5953} - nfs: optimise readdir cache page invalidation (Dai Ngo) [Orabug: 31015775] - NFS: Directory page cache pages need to be locked when read (Trond Myklebust) [Orabug: 31015775] - ppp: remove the PPPIOCDETACH ioctl (Eric Biggers) [Orabug: 31061772] - batman-adv: Avoid WARN on net_device without parent in netns (Sven Eckelmann) [Orabug: 30857690] - net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055325] {CVE-2019-18806} - net_sched: fix datalen for ematch (Cong Wang) [Orabug: 30877993] - net/xfrm: fix out-of-bounds packet access (Alexei Starovoitov) [Orabug: 30885434] - RDMA/nldev: Provide MR statistics (Erez Alfasi) [Orabug: 30729404] - RDMA/mlx5: Return ODP type per MR (Erez Alfasi) [Orabug: 30729404] - RDMA/nldev: Allow different fill function per resource (Erez Alfasi) [Orabug: 30729404] - IB/mlx5: Introduce ODP diagnostic counters (Erez Alfasi) [Orabug: 30729404] - RDMA/mlx5: Use odp instead of mr->umem in pagefault_mr (Jason Gunthorpe) [Orabug: 30729404] - RDMA/mlx5: Use ib_umem_start instead of umem.address (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Use kvcalloc for the dma_list and page_list (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Check for overflow when computing the umem_odp end (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Provide ib_umem_odp_release() to undo the allocs (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Split creating a umem_odp from ib_umem_get (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Make the three ways to create a umem_odp clear (Jason Gunthorpe) [Orabug: 30729404] - RMDA/odp: Consolidate umem_odp initialization (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Make it clearer when a umem is an implicit ODP umem (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Iterate over the whole rbtree directly (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Use the common interval tree library instead of generic (Jason Gunthorpe) [Orabug: 30729404] - RDMA/mlx5: Fix MR npages calculation for IB_ACCESS_HUGETLB (Jason Gunthorpe) [Orabug: 30729404] - IB/mlx5: Fix implicit MR release flow (Yishai Hadas) [Orabug: 30729404] - RDMA/netlink: Implement counter dumpit calback (Mark Zhang) [Orabug: 30729404] - RDMA/nldev: Allow counter auto mode configration through RDMA netlink (Mark Zhang) [Orabug: 30729404] - RDMA/odp: Fix missed unlock in non-blocking invalidate_start (Jason Gunthorpe) [Orabug: 30729404] - RDMA: Report available cdevs through RDMA_NLDEV_CMD_GET_CHARDEV (Jason Gunthorpe) [Orabug: 30729404] - RDMA: Add NLDEV_GET_CHARDEV to allow char dev discovery and autoload (Jason Gunthorpe) [Orabug: 30729404] - RDMA: Convert put_page() to put_user_page*() (John Hubbard) [Orabug: 30729404] - RDMA/umem: Move page_shift from ib_umem to ib_odp_umem (Jason Gunthorpe) [Orabug: 30729404] - mm: introduce put_user_page*(), placeholder versions (John Hubbard) [Orabug: 30729404] - RDMA/umem: Remove hugetlb flag (Shiraz Saleem) [Orabug: 30729404] - RDMA/bnxt_re: Use core helpers to get aligned DMA address (Shiraz Saleem) [Orabug: 30729404] - RDMA/i40iw: Use core helpers to get aligned DMA address within a supported page size (Shiraz Saleem) [Orabug: 30729404] - RDMA/verbs: Add a DMA iterator to return aligned contiguous memory blocks (Shiraz Saleem) [Orabug: 30729404] - RDMA/umem: Add API to find best driver supported page size in an MR (Shiraz Saleem) [Orabug: 30729404] - RDMA/umem: Handle page combining avoidance correctly in ib_umem_add_sg_table() (Shiraz Saleem) [Orabug: 30729404] - RDMA/core: Add a netlink command to change net namespace of rdma device (Parav Pandit) [Orabug: 30729404] - RDMA/umem: Use correct value for SG entries in sg_copy_to_buffer() (Shiraz Saleem) [Orabug: 30729404] - RDMA/nldev: Return device protocol (Leon Romanovsky) [Orabug: 30729404] - RDMA/umem: Combine contiguous PAGE_SIZE regions in SGEs (Shiraz Saleem) [Orabug: 30729404] - RDMA/core: Add interface to read device namespace sharing mode (Parav Pandit) [Orabug: 30729404] - IB/mlx5: Reset access mask when looping inside page fault handler (Moni Shoua) [Orabug: 30729404] - IB/core: Ensure an invalidate_range callback on ODP MR (Ira Weiny) [Orabug: 30729404] - RDMA/umem: Revert broken 'off by one' fix (John Hubbard) [Orabug: 30729404] - RDMA/umem: minor bug fix in error handling path (John Hubbard) [Orabug: 30729404] - RDMA/nldev: Provide parent IDs for PD, MR and QP objects (Leon Romanovsky) [Orabug: 30729404] - RDMA/nldev: Share with user-space object IDs (Leon Romanovsky) [Orabug: 30729404] - IB/uverbs: Add ib_ucontext to uverbs_attr_bundle sent from ioctl and cmd flows (Shamir Rabinovitch) [Orabug: 30729404] - RDMA/rdmavt: Adapt to handle non-uniform sizes on umem SGEs (Shiraz, Saleem) [Orabug: 30729404] - RDMA/rxe: Use for_each_sg_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/ocrdma: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/qedr: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/cxgb3: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/cxgb4: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/i40iw: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/mthca: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/bnxt_re: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - lib/scatterlist: Provide a DMA page iterator (Jason Gunthorpe) [Orabug: 30729404] - RDMA/nldev: Dynamically generate restrack dumpit callbacks (Leon Romanovsky) [Orabug: 30729404] - IB/{core,hw}: Have ib_umem_get extract the ib_ucontext from ib_udata (Jason Gunthorpe) [Orabug: 30729404] - RDMA/uverbs: Use uverbs_attr_bundle to pass udata for ioctl() (Jason Gunthorpe) [Orabug: 30729404] - RDMA/uverbs: Use uverbs_attr_bundle to pass udata for write_ex (Jason Gunthorpe) [Orabug: 30729404] - RDMA/uverbs: Replace ib_uverbs_file with uverbs_attr_bundle for write (Jason Gunthorpe) [Orabug: 30729404] - RDMA/core: Refactor ib_register_device() function (Parav Pandit) [Orabug: 30729404] - RDMA/core: Fix unwinding flow in case of error to register device (Parav Pandit) [Orabug: 30729404] - RDMA/nldev: Allow IB device rename through RDMA netlink (Leon Romanovsky) [Orabug: 30729404] - RDMA: Fully setup the device name in ib_register_device (Jason Gunthorpe) [Orabug: 30729404] - mm: Introduce kvcalloc() (Kees Cook) [Orabug: 30729404] - RDMA/uapi: Fix uapi breakage (Doug Ledford) [Orabug: 30729404] - RDMA/nldev: helper functions to add driver attributes (Steve Wise) [Orabug: 30729404] - RDMA/nldev: add driver-specific resource tracking (Steve Wise) [Orabug: 30729404] - RDMA/nldev: Add explicit pad attribute (Steve Wise) [Orabug: 30729404] - RDMA/bnxt_re: Add support for MRs with Huge pages (Somnath Kotur) [Orabug: 30729404] - IB/{rdmavt, hfi1, qib}: Self determine driver name (Michael J. Ruhl) [Orabug: 30729404] - RDMA/vmw_pvrdma: Do not re-calculate npages (Yuval Shaia) [Orabug: 30729404] - iw_cxgb4: allocate wait object for each memory object (Steve Wise) [Orabug: 30729404] - IB/uverbs: clean up INIT_UDATA() macro usage (Arnd Bergmann) [Orabug: 30729404] - x86/init: Fix kasan gcc8+ type miss match error. (John Donnelly) [Orabug: 31076337] [4.14.35-1902.301.0.el7uek] - kernel: cpu.c: fix return in void function cpu_smt_disable (Mihai Carabas) [Orabug: 31049316] - media: usb: fix memory leak in af9005_identify_state (Navid Emamdoost) [Orabug: 31029908] {CVE-2019-18809} - nvme: fix possible deadlock when nvme_update_formats fails (Sagi Grimberg) [Orabug: 31002557] - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (Thadeu Lima de Souza Cascardo) [Orabug: 30995760] - uek-rpm: Make sure perf builds against libnuma and add run-time dependency (Dave Kleikamp) [Orabug: 30896468] - perf/x86/intel: Add Icelake support (Thomas Tai) [Orabug: 30872256] - x86/CPU: Add Icelake model number (Rajneesh Bhardwaj) [Orabug: 30872256] - perf/x86/intel/ds: Handle PEBS overflow for fixed counters (Kan Liang) [Orabug: 30872256] - perf/x86/intel: Introduce PMU flag for Extended PEBS (Kan Liang) [Orabug: 30872256] - tty: Don't hold ldisc lock in tty_reopen() if ldisc present (Dmitry Safonov) [Orabug: 30591419] - tty: Simplify tty->count math in tty_reopen() (Dmitry Safonov) [Orabug: 30591419] - tty: Hold tty_ldisc_lock() during tty_reopen() (Dmitry Safonov) [Orabug: 30591419] - tty/ldsem: Wake up readers after timed out down_write() (Dmitry Safonov) [Orabug: 30591419] - tty: Drop tty->count on tty_reopen() failure (Dmitry Safonov) [Orabug: 30591419] - rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 30328633] - net: erspan: fix use-after-free (William Tu) [Orabug: 29784424] - batman-adv: Force mac header to start of data on xmit (Sven Eckelmann) [Orabug: 29784399] - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (Cong Wang) [Orabug: 30886600] - ptr_ring: wrap back ->producer in __ptr_ring_swap_queue() (Cong Wang) [Orabug: 30884437] - add extra symbols from UEK5R3 to the kABI whitelist (Dan Duval) [Orabug: 30295161] - iommu: Force iommu shutdown on panic (John Donnelly) [Orabug: 31043947] - iommu/amd: Only free resources once on init error (Kevin Mitchell) [Orabug: 31043947] - iommu/amd: Move gart fallback to amd_iommu_init (Kevin Mitchell) [Orabug: 31043947] - iommu/amd: Make iommu_disable safer (Kevin Mitchell) [Orabug: 31043947] - iommu/vt-d: Turn off translations at shutdown (Deepa Dinamani) [Orabug: 31043947] From el-errata at oss.oracle.com Tue Apr 14 08:46:23 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 14 Apr 2020 08:46:23 -0700 Subject: [El-errata] ELSA-2020-5649 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64) Message-ID: <748a4deb-dafc-c4e7-a8bc-3b0d6f3d7088@oracle.com> Oracle Linux Security Advisory ELSA-2020-5649 http://linux.oracle.com/errata/ELSA-2020-5649.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-4.14.35-1902.301.1.el7uek.aarch64.rpm kernel-uek-debug-4.14.35-1902.301.1.el7uek.aarch64.rpm kernel-uek-debug-devel-4.14.35-1902.301.1.el7uek.aarch64.rpm kernel-uek-devel-4.14.35-1902.301.1.el7uek.aarch64.rpm kernel-uek-tools-4.14.35-1902.301.1.el7uek.aarch64.rpm kernel-uek-tools-libs-4.14.35-1902.301.1.el7uek.aarch64.rpm kernel-uek-tools-libs-devel-4.14.35-1902.301.1.el7uek.aarch64.rpm perf-4.14.35-1902.301.1.el7uek.aarch64.rpm python-perf-4.14.35-1902.301.1.el7uek.aarch64.rpm kernel-uek-headers-4.14.35-1902.301.1.el7uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1902.301.1.el7uek.src.rpm Description of changes: [4.14.35-1902.301.1.el7uek] - vhost: Check docket sk_family instead of call getname (Eugenio P?rez) [Orabug: 31085991] {CVE-2020-10942} - uek-rpm: config-mips64-embedded misc pruning (Eric Saint-Etienne) [Orabug: 31079017] - ubifs: Check for name being NULL while mounting (Richard Weinberger) [Orabug: 29410897] - team: avoid complex list operations in team_nl_cmd_options_set() (Cong Wang) [Orabug: 30886420] - Revert "oled: give panic handler chance to run before kexec" (Wengang Wang) [Orabug: 31098796] - Revert "oled: Limit panic routine change x86 only" (Wengang Wang) [Orabug: 31098796] - net/mlx5: Add pci AtomicOps request (Michael Guralnik) [Orabug: 30750027] - PCI: Add pci_enable_atomic_ops_to_root() (Jay Cornwall) [Orabug: 30750027] - locking/rwsem: Prevent decrement of reader count before increment (Waiman Long) [Orabug: 31087349] - net: core: another layer of lists, around PF_MEMALLOC skb handling (Sasha Levin) [Orabug: 31087349] - locking/rwsem: Fix (possible) missed wakeup (Xie Yongji) [Orabug: 31087349] - swiotlb: clean up reporting (Kees Cook) [Orabug: 31085014] {CVE-2018-5953} - nfs: optimise readdir cache page invalidation (Dai Ngo) [Orabug: 31015775] - NFS: Directory page cache pages need to be locked when read (Trond Myklebust) [Orabug: 31015775] - ppp: remove the PPPIOCDETACH ioctl (Eric Biggers) [Orabug: 31061772] - batman-adv: Avoid WARN on net_device without parent in netns (Sven Eckelmann) [Orabug: 30857690] - net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055325] {CVE-2019-18806} - net_sched: fix datalen for ematch (Cong Wang) [Orabug: 30877993] - net/xfrm: fix out-of-bounds packet access (Alexei Starovoitov) [Orabug: 30885434] - RDMA/nldev: Provide MR statistics (Erez Alfasi) [Orabug: 30729404] - RDMA/mlx5: Return ODP type per MR (Erez Alfasi) [Orabug: 30729404] - RDMA/nldev: Allow different fill function per resource (Erez Alfasi) [Orabug: 30729404] - IB/mlx5: Introduce ODP diagnostic counters (Erez Alfasi) [Orabug: 30729404] - RDMA/mlx5: Use odp instead of mr->umem in pagefault_mr (Jason Gunthorpe) [Orabug: 30729404] - RDMA/mlx5: Use ib_umem_start instead of umem.address (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Use kvcalloc for the dma_list and page_list (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Check for overflow when computing the umem_odp end (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Provide ib_umem_odp_release() to undo the allocs (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Split creating a umem_odp from ib_umem_get (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Make the three ways to create a umem_odp clear (Jason Gunthorpe) [Orabug: 30729404] - RMDA/odp: Consolidate umem_odp initialization (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Make it clearer when a umem is an implicit ODP umem (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Iterate over the whole rbtree directly (Jason Gunthorpe) [Orabug: 30729404] - RDMA/odp: Use the common interval tree library instead of generic (Jason Gunthorpe) [Orabug: 30729404] - RDMA/mlx5: Fix MR npages calculation for IB_ACCESS_HUGETLB (Jason Gunthorpe) [Orabug: 30729404] - IB/mlx5: Fix implicit MR release flow (Yishai Hadas) [Orabug: 30729404] - RDMA/netlink: Implement counter dumpit calback (Mark Zhang) [Orabug: 30729404] - RDMA/nldev: Allow counter auto mode configration through RDMA netlink (Mark Zhang) [Orabug: 30729404] - RDMA/odp: Fix missed unlock in non-blocking invalidate_start (Jason Gunthorpe) [Orabug: 30729404] - RDMA: Report available cdevs through RDMA_NLDEV_CMD_GET_CHARDEV (Jason Gunthorpe) [Orabug: 30729404] - RDMA: Add NLDEV_GET_CHARDEV to allow char dev discovery and autoload (Jason Gunthorpe) [Orabug: 30729404] - RDMA: Convert put_page() to put_user_page*() (John Hubbard) [Orabug: 30729404] - RDMA/umem: Move page_shift from ib_umem to ib_odp_umem (Jason Gunthorpe) [Orabug: 30729404] - mm: introduce put_user_page*(), placeholder versions (John Hubbard) [Orabug: 30729404] - RDMA/umem: Remove hugetlb flag (Shiraz Saleem) [Orabug: 30729404] - RDMA/bnxt_re: Use core helpers to get aligned DMA address (Shiraz Saleem) [Orabug: 30729404] - RDMA/i40iw: Use core helpers to get aligned DMA address within a supported page size (Shiraz Saleem) [Orabug: 30729404] - RDMA/verbs: Add a DMA iterator to return aligned contiguous memory blocks (Shiraz Saleem) [Orabug: 30729404] - RDMA/umem: Add API to find best driver supported page size in an MR (Shiraz Saleem) [Orabug: 30729404] - RDMA/umem: Handle page combining avoidance correctly in ib_umem_add_sg_table() (Shiraz Saleem) [Orabug: 30729404] - RDMA/core: Add a netlink command to change net namespace of rdma device (Parav Pandit) [Orabug: 30729404] - RDMA/umem: Use correct value for SG entries in sg_copy_to_buffer() (Shiraz Saleem) [Orabug: 30729404] - RDMA/nldev: Return device protocol (Leon Romanovsky) [Orabug: 30729404] - RDMA/umem: Combine contiguous PAGE_SIZE regions in SGEs (Shiraz Saleem) [Orabug: 30729404] - RDMA/core: Add interface to read device namespace sharing mode (Parav Pandit) [Orabug: 30729404] - IB/mlx5: Reset access mask when looping inside page fault handler (Moni Shoua) [Orabug: 30729404] - IB/core: Ensure an invalidate_range callback on ODP MR (Ira Weiny) [Orabug: 30729404] - RDMA/umem: Revert broken 'off by one' fix (John Hubbard) [Orabug: 30729404] - RDMA/umem: minor bug fix in error handling path (John Hubbard) [Orabug: 30729404] - RDMA/nldev: Provide parent IDs for PD, MR and QP objects (Leon Romanovsky) [Orabug: 30729404] - RDMA/nldev: Share with user-space object IDs (Leon Romanovsky) [Orabug: 30729404] - IB/uverbs: Add ib_ucontext to uverbs_attr_bundle sent from ioctl and cmd flows (Shamir Rabinovitch) [Orabug: 30729404] - RDMA/rdmavt: Adapt to handle non-uniform sizes on umem SGEs (Shiraz, Saleem) [Orabug: 30729404] - RDMA/rxe: Use for_each_sg_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/ocrdma: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/qedr: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/cxgb3: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/cxgb4: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/i40iw: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/mthca: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - RDMA/bnxt_re: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404] - lib/scatterlist: Provide a DMA page iterator (Jason Gunthorpe) [Orabug: 30729404] - RDMA/nldev: Dynamically generate restrack dumpit callbacks (Leon Romanovsky) [Orabug: 30729404] - IB/{core,hw}: Have ib_umem_get extract the ib_ucontext from ib_udata (Jason Gunthorpe) [Orabug: 30729404] - RDMA/uverbs: Use uverbs_attr_bundle to pass udata for ioctl() (Jason Gunthorpe) [Orabug: 30729404] - RDMA/uverbs: Use uverbs_attr_bundle to pass udata for write_ex (Jason Gunthorpe) [Orabug: 30729404] - RDMA/uverbs: Replace ib_uverbs_file with uverbs_attr_bundle for write (Jason Gunthorpe) [Orabug: 30729404] - RDMA/core: Refactor ib_register_device() function (Parav Pandit) [Orabug: 30729404] - RDMA/core: Fix unwinding flow in case of error to register device (Parav Pandit) [Orabug: 30729404] - RDMA/nldev: Allow IB device rename through RDMA netlink (Leon Romanovsky) [Orabug: 30729404] - RDMA: Fully setup the device name in ib_register_device (Jason Gunthorpe) [Orabug: 30729404] - mm: Introduce kvcalloc() (Kees Cook) [Orabug: 30729404] - RDMA/uapi: Fix uapi breakage (Doug Ledford) [Orabug: 30729404] - RDMA/nldev: helper functions to add driver attributes (Steve Wise) [Orabug: 30729404] - RDMA/nldev: add driver-specific resource tracking (Steve Wise) [Orabug: 30729404] - RDMA/nldev: Add explicit pad attribute (Steve Wise) [Orabug: 30729404] - RDMA/bnxt_re: Add support for MRs with Huge pages (Somnath Kotur) [Orabug: 30729404] - IB/{rdmavt, hfi1, qib}: Self determine driver name (Michael J. Ruhl) [Orabug: 30729404] - RDMA/vmw_pvrdma: Do not re-calculate npages (Yuval Shaia) [Orabug: 30729404] - iw_cxgb4: allocate wait object for each memory object (Steve Wise) [Orabug: 30729404] - IB/uverbs: clean up INIT_UDATA() macro usage (Arnd Bergmann) [Orabug: 30729404] - x86/init: Fix kasan gcc8+ type miss match error. (John Donnelly) [Orabug: 31076337] [4.14.35-1902.301.0.el7uek] - kernel: cpu.c: fix return in void function cpu_smt_disable (Mihai Carabas) [Orabug: 31049316] - media: usb: fix memory leak in af9005_identify_state (Navid Emamdoost) [Orabug: 31029908] {CVE-2019-18809} - nvme: fix possible deadlock when nvme_update_formats fails (Sagi Grimberg) [Orabug: 31002557] - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (Thadeu Lima de Souza Cascardo) [Orabug: 30995760] - uek-rpm: Make sure perf builds against libnuma and add run-time dependency (Dave Kleikamp) [Orabug: 30896468] - perf/x86/intel: Add Icelake support (Thomas Tai) [Orabug: 30872256] - x86/CPU: Add Icelake model number (Rajneesh Bhardwaj) [Orabug: 30872256] - perf/x86/intel/ds: Handle PEBS overflow for fixed counters (Kan Liang) [Orabug: 30872256] - perf/x86/intel: Introduce PMU flag for Extended PEBS (Kan Liang) [Orabug: 30872256] - tty: Don't hold ldisc lock in tty_reopen() if ldisc present (Dmitry Safonov) [Orabug: 30591419] - tty: Simplify tty->count math in tty_reopen() (Dmitry Safonov) [Orabug: 30591419] - tty: Hold tty_ldisc_lock() during tty_reopen() (Dmitry Safonov) [Orabug: 30591419] - tty/ldsem: Wake up readers after timed out down_write() (Dmitry Safonov) [Orabug: 30591419] - tty: Drop tty->count on tty_reopen() failure (Dmitry Safonov) [Orabug: 30591419] - rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 30328633] - net: erspan: fix use-after-free (William Tu) [Orabug: 29784424] - batman-adv: Force mac header to start of data on xmit (Sven Eckelmann) [Orabug: 29784399] - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (Cong Wang) [Orabug: 30886600] - ptr_ring: wrap back ->producer in __ptr_ring_swap_queue() (Cong Wang) [Orabug: 30884437] - add extra symbols from UEK5R3 to the kABI whitelist (Dan Duval) [Orabug: 30295161] - iommu: Force iommu shutdown on panic (John Donnelly) [Orabug: 31043947] - iommu/amd: Only free resources once on init error (Kevin Mitchell) [Orabug: 31043947] - iommu/amd: Move gart fallback to amd_iommu_init (Kevin Mitchell) [Orabug: 31043947] - iommu/amd: Make iommu_disable safer (Kevin Mitchell) [Orabug: 31043947] - iommu/vt-d: Turn off translations at shutdown (Deepa Dinamani) [Orabug: 31043947] From el-errata at oss.oracle.com Tue Apr 14 08:46:47 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 14 Apr 2020 08:46:47 -0700 Subject: [El-errata] ELSA-2020-1349 Important: Oracle Linux 6 krb5-appl security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1349 http://linux.oracle.com/errata/ELSA-2020-1349.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: krb5-appl-clients-1.0.1-10.el6_10.i686.rpm krb5-appl-servers-1.0.1-10.el6_10.i686.rpm x86_64: krb5-appl-clients-1.0.1-10.el6_10.x86_64.rpm krb5-appl-servers-1.0.1-10.el6_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/krb5-appl-1.0.1-10.el6_10.src.rpm Description of changes: [1.0.1-10] - Apply previous patch - Resolves: #1814774 [1.0.1-9] - Fix CVE-2020-10188 (netclear()/nextitem() buffer overrun) - Resolves: #1814774 [1.0.1-8] - bump release number to sort newer than the recent 6.2 update From el-errata at oss.oracle.com Wed Apr 15 06:48:20 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 15 Apr 2020 06:48:20 -0700 Subject: [El-errata] ELBA-2020-1211 Oracle Linux 7 lvm2 bug fix and enhancement update Message-ID: <0e0b9600-4ba0-513a-3a32-390ea3996f7f@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1211 http://linux.oracle.com/errata/ELBA-2020-1211.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: device-mapper-1.02.164-7.0.1.el7_8.1.x86_64.rpm device-mapper-devel-1.02.164-7.0.1.el7_8.1.i686.rpm device-mapper-devel-1.02.164-7.0.1.el7_8.1.x86_64.rpm device-mapper-event-1.02.164-7.0.1.el7_8.1.x86_64.rpm device-mapper-event-devel-1.02.164-7.0.1.el7_8.1.i686.rpm device-mapper-event-devel-1.02.164-7.0.1.el7_8.1.x86_64.rpm device-mapper-event-libs-1.02.164-7.0.1.el7_8.1.i686.rpm device-mapper-event-libs-1.02.164-7.0.1.el7_8.1.x86_64.rpm device-mapper-libs-1.02.164-7.0.1.el7_8.1.i686.rpm device-mapper-libs-1.02.164-7.0.1.el7_8.1.x86_64.rpm lvm2-2.02.186-7.0.1.el7_8.1.x86_64.rpm lvm2-devel-2.02.186-7.0.1.el7_8.1.i686.rpm lvm2-devel-2.02.186-7.0.1.el7_8.1.x86_64.rpm lvm2-libs-2.02.186-7.0.1.el7_8.1.i686.rpm lvm2-libs-2.02.186-7.0.1.el7_8.1.x86_64.rpm lvm2-lockd-2.02.186-7.0.1.el7_8.1.x86_64.rpm lvm2-python-boom-0.9-25.0.1.el7_8.1.noarch.rpm lvm2-python-libs-2.02.186-7.0.1.el7_8.1.x86_64.rpm lvm2-sysvinit-2.02.186-7.0.1.el7_8.1.x86_64.rpm cmirror-2.02.186-7.0.1.el7_8.1.x86_64.rpm lvm2-cluster-2.02.186-7.0.1.el7_8.1.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/lvm2-2.02.186-7.0.1.el7_8.1.src.rpm Description of changes: [7:2.02.186-7.0.2.el7_8.1] - Enable cluster support on aarch64 [Orabug:28712283] [Orabug: 28785446] [7:2.02.186-7.0.1] - Reduce delay in case of lvmetad update (ritika.srivastava at oracle.com) [7:2.02.186-7.el7_8.1] - Fix failing pvs with locking_type 4. From el-errata at oss.oracle.com Wed Apr 15 06:48:48 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 15 Apr 2020 06:48:48 -0700 Subject: [El-errata] ELBA-2020-1016-1 Oracle Linux 7 kernel bug fix update Message-ID: <7b94456f-9fab-cd44-56c9-d0ddb09052d6@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1016-1 http://linux.oracle.com/errata/ELBA-2020-1016-1.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-3.10.0-1127.0.0.0.1.el7.x86_64.rpm kernel-3.10.0-1127.0.0.0.1.el7.x86_64.rpm kernel-abi-whitelists-3.10.0-1127.0.0.0.1.el7.noarch.rpm kernel-debug-3.10.0-1127.0.0.0.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1127.0.0.0.1.el7.x86_64.rpm kernel-devel-3.10.0-1127.0.0.0.1.el7.x86_64.rpm kernel-doc-3.10.0-1127.0.0.0.1.el7.noarch.rpm kernel-headers-3.10.0-1127.0.0.0.1.el7.x86_64.rpm kernel-tools-3.10.0-1127.0.0.0.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1127.0.0.0.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1127.0.0.0.1.el7.x86_64.rpm perf-3.10.0-1127.0.0.0.1.el7.x86_64.rpm python-perf-3.10.0-1127.0.0.0.1.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-1127.0.0.0.1.el7.src.rpm Description of changes: [3.10.0-1127.0.0.0.1.el7.OL7] - [x86] efi/x86: Partial revert x86/efi: Use efi_switch_mm() rather twiddling with %cr3. (Mike Kravetz) [Orabug: 30598533] - [xen/balloon] Support xend-based toolstack (Orabug: 28663970) - [x86/apic/x2apic] avoid allocate multiple irq vectors for a single interrupt on multiple cpu, otherwise irq vectors would be used up when there are only 2 cpu online per node. [Orabug: 28691156] - [bonding] avoid repeated display of same link status change. [Orabug: 28109857] - [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [Orabug: 22552377] From el-errata at oss.oracle.com Wed Apr 15 06:49:11 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 15 Apr 2020 06:49:11 -0700 Subject: [El-errata] ELBA-2020-1211 Oracle Linux 7 lvm2 bug fix and enhancement update (aarch64) Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1211 http://linux.oracle.com/errata/ELBA-2020-1211.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: cmirror-2.02.186-7.0.2.el7_8.1.aarch64.rpm device-mapper-1.02.164-7.0.2.el7_8.1.aarch64.rpm device-mapper-event-1.02.164-7.0.2.el7_8.1.aarch64.rpm device-mapper-event-libs-1.02.164-7.0.2.el7_8.1.aarch64.rpm device-mapper-libs-1.02.164-7.0.2.el7_8.1.aarch64.rpm lvm2-2.02.186-7.0.2.el7_8.1.aarch64.rpm lvm2-cluster-2.02.186-7.0.2.el7_8.1.aarch64.rpm lvm2-libs-2.02.186-7.0.2.el7_8.1.aarch64.rpm lvm2-python-boom-0.9-25.0.2.el7_8.1.noarch.rpm lvm2-python-libs-2.02.186-7.0.2.el7_8.1.aarch64.rpm device-mapper-devel-1.02.164-7.0.2.el7_8.1.aarch64.rpm device-mapper-event-devel-1.02.164-7.0.2.el7_8.1.aarch64.rpm lvm2-devel-2.02.186-7.0.2.el7_8.1.aarch64.rpm lvm2-lockd-2.02.186-7.0.2.el7_8.1.aarch64.rpm lvm2-sysvinit-2.02.186-7.0.2.el7_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/lvm2-2.02.186-7.0.2.el7_8.1.src.rpm Description of changes: [7:2.02.186-7.0.2.el7_8.1] - Enable cluster support on aarch64 [Orabug:28712283] [Orabug: 28785446] [7:2.02.186-7.0.1] - Reduce delay in case of lvmetad update (ritika.srivastava at oracle.com) [7:2.02.186-7.el7_8.1] - Fix failing pvs with locking_type 4. From el-errata at oss.oracle.com Wed Apr 15 22:53:36 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 15 Apr 2020 22:53:36 -0700 Subject: [El-errata] ELBA-2020-1362 Oracle Linux 8 .NET Core 2.1 and 3.0 bugfix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1362 http://linux.oracle.com/errata/ELBA-2020-1362.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-3.0-3.0.3-1.0.1.el8_1.x86_64.rpm aspnetcore-targeting-pack-3.0-3.0.3-1.0.1.el8_1.x86_64.rpm dotnet-3.0.103-1.0.1.el8_1.x86_64.rpm dotnet-apphost-pack-3.0-3.0.3-1.0.1.el8_1.x86_64.rpm dotnet-host-3.0.3-1.0.1.el8_1.x86_64.rpm dotnet-host-fxr-2.1-2.1.17-1.el8_1.x86_64.rpm dotnet-hostfxr-3.0-3.0.3-1.0.1.el8_1.x86_64.rpm dotnet-runtime-2.1-2.1.17-1.el8_1.x86_64.rpm dotnet-runtime-3.0-3.0.3-1.0.1.el8_1.x86_64.rpm dotnet-sdk-2.1-2.1.513-1.el8_1.x86_64.rpm dotnet-sdk-2.1.5xx-2.1.513-1.el8_1.x86_64.rpm dotnet-sdk-3.0-3.0.103-1.0.1.el8_1.x86_64.rpm dotnet-targeting-pack-3.0-3.0.3-1.0.1.el8_1.x86_64.rpm dotnet-templates-3.0-3.0.103-1.0.1.el8_1.x86_64.rpm netstandard-targeting-pack-2.1-3.0.103-1.0.1.el8_1.x86_64.rpm aarch64: SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/dotnet-2.1.513-1.el8_1.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/dotnet3.0-3.0.103-1.0.1.el8_1.src.rpm Description of changes: dotnet [2.1.513-1] - Update to .NET Core Runtime 2.1.17 and SDK 2.1.513 - Resolves: RHBZ#1816197 [2.1.512-1] - Update to .NET Core Runtime 2.1.16 and SDK 2.1.512 - Resolves: RHBZ#1806955 dotnet3.0 [3.0.103-1.0.1.el8_1] - support OL release scheme [3.0.103-1] - Update to .NET Core Runtime 3.0.3 and SDK 3.0.103 - Resolves: RHBZ#1806956 From el-errata at oss.oracle.com Wed Apr 15 22:54:02 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 15 Apr 2020 22:54:02 -0700 Subject: [El-errata] ELBA-2020-1373 Oracle Linux 8 kmod-kvdo bug fix and enhancement update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1373 http://linux.oracle.com/errata/ELBA-2020-1373.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: kmod-kvdo-6.2.1.138-58.0.1.el8_1.x86_64.rpm aarch64: kmod-kvdo-6.2.1.138-58.0.1.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kmod-kvdo-6.2.1.138-58.0.1.el8_1.src.rpm Description of changes: [6.2.1.138-58.0.1.el8_1] - add OL signature [6.2.1.138-58] - Bumped NVR for new 4.18 kernel - Resolves: rhbz#1805138 From el-errata at oss.oracle.com Wed Apr 15 22:55:09 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 15 Apr 2020 22:55:09 -0700 Subject: [El-errata] ELSA-2020-1317 Important: Oracle Linux 8 nodejs:10 security update Message-ID: <54408960-5746-02f0-7922-3ed03e22da5b@oracle.com> Oracle Linux Security Advisory ELSA-2020-1317 http://linux.oracle.com/errata/ELSA-2020-1317.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nodejs-10.19.0-2.module+el8.1.0+5572+a2a7be63.x86_64.rpm nodejs-devel-10.19.0-2.module+el8.1.0+5572+a2a7be63.x86_64.rpm nodejs-docs-10.19.0-2.module+el8.1.0+5572+a2a7be63.noarch.rpm nodejs-nodemon-1.18.3-1.module+el8.1.0+5392+4d6b561f.noarch.rpm nodejs-packaging-17-3.module+el8.1.0+5392+4d6b561f.noarch.rpm npm-6.13.4-1.10.19.0.2.module+el8.1.0+5572+a2a7be63.x86_64.rpm aarch64: nodejs-10.19.0-2.module+el8.1.0+5572+a2a7be63.aarch64.rpm nodejs-devel-10.19.0-2.module+el8.1.0+5572+a2a7be63.aarch64.rpm nodejs-docs-10.19.0-2.module+el8.1.0+5572+a2a7be63.noarch.rpm nodejs-nodemon-1.18.3-1.module+el8.1.0+5392+4d6b561f.noarch.rpm nodejs-packaging-17-3.module+el8.1.0+5392+4d6b561f.noarch.rpm npm-6.13.4-1.10.19.0.2.module+el8.1.0+5572+a2a7be63.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/nodejs-10.19.0-2.module+el8.1.0+5572+a2a7be63.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/nodejs-nodemon-1.18.3-1.module+el8.1.0+5392+4d6b561f.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/nodejs-packaging-17-3.module+el8.1.0+5392+4d6b561f.src.rpm Description of changes: nodejs [1:10.19.0-2] - Resolves: RHBZ#1811498 [1:10.19.0-1] - Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606 [ From el-errata at oss.oracle.com Wed Apr 15 23:05:27 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 15 Apr 2020 23:05:27 -0700 Subject: [El-errata] ELSA-2020-1379 Important: Oracle Linux 8 container-tools:ol8 security and bug fix update Message-ID: <84f55422-dc75-75f8-ae9a-c55ce5a533c2@oracle.com> Oracle Linux Security Advisory ELSA-2020-1379 http://linux.oracle.com/errata/ELSA-2020-1379.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: buildah-1.11.6-6.0.1.module+el8.1.1+5573+1c3f6079.x86_64.rpm buildah-tests-1.11.6-6.0.1.module+el8.1.1+5573+1c3f6079.x86_64.rpm cockpit-podman-11-1.module+el8.1.1+5502+fbec5cc6.noarch.rpm conmon-2.0.6-1.module+el8.1.1+5502+fbec5cc6.x86_64.rpm container-selinux-2.124.0-1.module+el8.1.1+5502+fbec5cc6.noarch.rpm containernetworking-plugins-0.8.3-4.0.1.module+el8.1.1+5502+fbec5cc6.x86_64.rpm containers-common-0.1.40-8.0.1.module+el8.1.1+5502+fbec5cc6.x86_64.rpm fuse-overlayfs-0.7.2-5.module+el8.1.1+5573+1c3f6079.x86_64.rpm podman-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.x86_64.rpm podman-docker-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.noarch.rpm podman-manpages-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.noarch.rpm podman-remote-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.x86_64.rpm podman-tests-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.x86_64.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.1.1+5502+fbec5cc6.noarch.rpm runc-1.0.0-64.rc9.module+el8.1.1+5502+fbec5cc6.x86_64.rpm skopeo-0.1.40-8.0.1.module+el8.1.1+5502+fbec5cc6.x86_64.rpm skopeo-tests-0.1.40-8.0.1.module+el8.1.1+5502+fbec5cc6.x86_64.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.1.1+5573+1c3f6079.x86_64.rpm toolbox-0.0.4-1.module+el8.1.1+5502+fbec5cc6.x86_64.rpm udica-0.2.1-2.module+el8.1.1+5502+fbec5cc6.noarch.rpm aarch64: buildah-1.11.6-6.0.1.module+el8.1.1+5573+1c3f6079.aarch64.rpm buildah-tests-1.11.6-6.0.1.module+el8.1.1+5573+1c3f6079.aarch64.rpm cockpit-podman-11-1.module+el8.1.1+5502+fbec5cc6.noarch.rpm conmon-2.0.6-1.module+el8.1.1+5502+fbec5cc6.aarch64.rpm container-selinux-2.124.0-1.module+el8.1.1+5502+fbec5cc6.noarch.rpm containernetworking-plugins-0.8.3-4.0.1.module+el8.1.1+5502+fbec5cc6.aarch64.rpm containers-common-0.1.40-8.0.1.module+el8.1.1+5502+fbec5cc6.aarch64.rpm fuse-overlayfs-0.7.2-5.module+el8.1.1+5573+1c3f6079.aarch64.rpm podman-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.aarch64.rpm podman-docker-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.noarch.rpm podman-manpages-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.noarch.rpm podman-remote-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.aarch64.rpm podman-tests-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.aarch64.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.1.1+5502+fbec5cc6.noarch.rpm runc-1.0.0-64.rc9.module+el8.1.1+5502+fbec5cc6.aarch64.rpm skopeo-0.1.40-8.0.1.module+el8.1.1+5502+fbec5cc6.aarch64.rpm skopeo-tests-0.1.40-8.0.1.module+el8.1.1+5502+fbec5cc6.aarch64.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.1.1+5573+1c3f6079.aarch64.rpm toolbox-0.0.4-1.module+el8.1.1+5502+fbec5cc6.aarch64.rpm udica-0.2.1-2.module+el8.1.1+5502+fbec5cc6.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/buildah-1.11.6-6.0.1.module+el8.1.1+5573+1c3f6079.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/cockpit-podman-11-1.module+el8.1.1+5502+fbec5cc6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/conmon-2.0.6-1.module+el8.1.1+5502+fbec5cc6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/container-selinux-2.124.0-1.module+el8.1.1+5502+fbec5cc6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/containernetworking-plugins-0.8.3-4.0.1.module+el8.1.1+5502+fbec5cc6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/fuse-overlayfs-0.7.2-5.module+el8.1.1+5573+1c3f6079.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/podman-1.6.4-4.0.1.module+el8.1.1+5573+1c3f6079.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.1.1+5502+fbec5cc6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/runc-1.0.0-64.rc9.module+el8.1.1+5502+fbec5cc6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/skopeo-0.1.40-8.0.1.module+el8.1.1+5502+fbec5cc6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/slirp4netns-0.4.2-3.git21fdece.module+el8.1.1+5573+1c3f6079.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/toolbox-0.0.4-1.module+el8.1.1+5502+fbec5cc6.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/udica-0.2.1-2.module+el8.1.1+5502+fbec5cc6.src.rpm Description of changes: buildah [1.11.6-6.0.1] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.11.6-6] - fix "COPY command takes long time with buildah" - Resolves: #1806119 [1.11.6-5] - fix "Podman support for FIPS Mode requires a bind mount inside the container" - Resolves: #1804188 cockpit-podman [11-1] - Fix Alert notification in Image Search Modal - Allow more than a single Error Notification for Container action errors - Various Alert cleanups - Translation updates - Related: RHELPLAN-25138 [10-1] - Support for user containers - Show list of containers that use given image - Show placeholder while loading containers and images - Fix setting memory limit - bug 1732713 - Add container Terminal - bug 1703245 - Related: RHELPLAN-25138 conmon [2:2.0.6-1] - update to 2.0.6 - Related: RHELPLAN-25138 [2:2.0.5-1] - update to 2.0.5 - Related: RHELPLAN-25138 [2:2.0.4-1] - update to 2.0.4 bugfix release - Related: RHELPLAN-25138 [2:2.0.3-2.giteb5fa88] - BR: systemd-devel - Related: RHELPLAN-25138 [2:2.0.3-1.giteb5fa88] - update to 2.0.3 [2:2.0.2-0.1.dev.git422ce21] - build latest upstream master [2:2.0.0-2] - remove BR: go-md2man since no manpages yet container-selinux [2:2.124.0-1] - update to 2.124.0 - Related: RHELPLAN-25138 fuse-overlayfs [0.7.2-5] - be sure to work properly also with older rhel8 kernels, thanks to Giuseppe Scrivano - Resolves: #1803495 [0.7.2-4] - latest iteration of segfault fix patch, thanks to Giuseppe Scrivano - Resolves: #1803495 [0.7.2-3] - fix "fuse-overlayfs segfault" - Resolves: #1805016 [0.7.2-2] - fix "useradd and groupadd fail under rootless Buildah and podman" - Resolves: #1803495 podman [1.6.4-4.0.1] - delivering fix for [Orabug: 29874238] by Nikita Gerasimov [1.6.4-4] - fix "podman (1.6.4) rhel 8.1 no route to host from inside container" - Resolves: #1806900 [1.6.4-3] - fix "Podman support for FIPS Mode requires a bind mount inside the container" - Resolves: #1804194 python-podman-api [1.2.0-0.2.gitd0a45fe] - revert update to 1.6.0 due to new python3-pbr dependency which is not in RHEL - Related: RHELPLAN-25138 runc [1.0.0-64.rc9] - use no_openssl in BUILDTAGS (no vendored crypto in runc) - Related: RHELPLAN-25138 [1.0.0-63.rc9] - be sure to use golang >= 1.12.12-4 - Related: RHELPLAN-25138 [1.0.0-62.rc9] - rebuild because of CVE-2019-9512 and CVE-2019-9514 - Related: RHELPLAN-25138 [1.0.0-61.rc9] - update to runc 1.0.0-rc9 release - amend golang deps - fixes CVE-2019-16884 [1.0.0-60.rc8] - Resolves: #1721247 - enable fips mode [1.0.0-59.rc8] - Resolves: #1720654 - rebase to v1.0.0-rc8 [1.0.0-57.rc5.dev.git2abd837] - Resolves: #1693424 - podman rootless: cannot specify gid= mount options skopeo [0.1.40-8.0.1] - Add oracle registry into the conf file [Orabug: 29845934] - Fix oracle registry login issues [Orabug: 29937192] [1:0.1.40-8] - change the search order of registries and remove quay.io (#1784267) slirp4netns [0.4.2-3.git21fdece] - Fix CVE-2020-8608 - Related: RHELPLAN-25138 toolbox [0.0.4-1.el8] - Update for rhel8.1 container-tools module udica [0.2.1-2] - initial import to container-tools 8.2.0 - Related: RHELPLAN-25139 From el-errata at oss.oracle.com Wed Apr 15 23:21:43 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 15 Apr 2020 23:21:43 -0700 Subject: [El-errata] ELSA-2020-1358 Important: Oracle Linux 8 virt:ol security and bug fix update Message-ID: Oracle Linux Security Advisory ELSA-2020-1358 http://linux.oracle.com/errata/ELSA-2020-1358.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm hivex-devel-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-bash-completion-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-benchmarking-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-gfs2-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-gobject-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-gobject-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-inspect-icons-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-java-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-java-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-javadoc-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-man-pages-ja-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-man-pages-uk-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-rescue-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-rsync-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-tools-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-tools-c-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-winsupport-8.0-4.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libguestfs-xfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libiscsi-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libiscsi-devel-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libiscsi-utils-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libvirt-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-admin-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-bash-completion-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-client-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-config-network-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-config-nwfilter-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-interface-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-network-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-nodedev-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-nwfilter-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-qemu-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-secret-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-core-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-disk-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-logical-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-rbd-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-daemon-kvm-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-dbus-1.2.0-3.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm libvirt-devel-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-docs-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-libs-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-lock-sanlock-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm libvirt-nss-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.x86_64.rpm lua-guestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-bash-completion-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.noarch.rpm nbdkit-basic-plugins-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-devel-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-example-plugins-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-plugin-gzip-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-plugin-python-common-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-plugin-python3-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-plugin-vddk-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm nbdkit-plugin-xz-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm netcf-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm netcf-devel-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm netcf-libs-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm ocaml-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm ocaml-hivex-devel-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm ocaml-libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm ocaml-libguestfs-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm perl-Sys-Guestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm perl-Sys-Virt-4.5.0-5.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm perl-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm python3-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm python3-libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm python3-libvirt-4.5.0-2.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm qemu-guest-agent-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-img-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-kvm-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-kvm-block-curl-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-kvm-block-gluster-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-kvm-block-iscsi-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-kvm-block-rbd-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-kvm-block-ssh-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-kvm-common-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm qemu-kvm-core-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm ruby-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm ruby-libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm seabios-1.11.1-4.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm seabios-bin-1.11.1-4.module+el8.1.0+5378+c5e0f4d7.noarch.rpm seavgabios-bin-1.11.1-4.module+el8.1.0+5378+c5e0f4d7.noarch.rpm sgabios-0.20170427git-3.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm sgabios-bin-0.20170427git-3.module+el8.1.0+5378+c5e0f4d7.noarch.rpm supermin-5.1.19-9.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm supermin-devel-5.1.19-9.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm virt-dib-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm virt-p2v-maker-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm virt-v2v-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.i686.rpm hivex-devel-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.i686.rpm libguestfs-winsupport-8.0-4.module+el8.1.0+5378+c5e0f4d7.i686.rpm libiscsi-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.i686.rpm libiscsi-devel-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.i686.rpm libiscsi-utils-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.i686.rpm libvirt-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-admin-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-bash-completion-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-client-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-config-network-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-config-nwfilter-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-interface-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-network-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-nodedev-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-nwfilter-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-secret-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-storage-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-storage-core-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-storage-disk-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-storage-logical-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-storage-mpath-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-storage-rbd-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-daemon-driver-storage-scsi-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-dbus-1.2.0-3.module+el8.1.0+5378+c5e0f4d7.i686.rpm libvirt-devel-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-docs-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-libs-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm libvirt-nss-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.i686.rpm netcf-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.i686.rpm netcf-devel-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.i686.rpm netcf-libs-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.i686.rpm ocaml-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.i686.rpm ocaml-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm ocaml-hivex-devel-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.i686.rpm ocaml-hivex-devel-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm ocaml-libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm ocaml-libguestfs-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.x86_64.rpm perl-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.i686.rpm perl-Sys-Virt-4.5.0-5.module+el8.1.0+5378+c5e0f4d7.i686.rpm python3-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.i686.rpm python3-libvirt-4.5.0-2.module+el8.1.0+5378+c5e0f4d7.i686.rpm qemu-kvm-tests-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.x86_64.rpm ruby-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.i686.rpm sgabios-0.20170427git-3.module+el8.1.0+5378+c5e0f4d7.i686.rpm aarch64: hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm hivex-devel-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-bash-completion-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-benchmarking-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-gfs2-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-gobject-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-gobject-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-inspect-icons-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-java-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-java-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-javadoc-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-man-pages-ja-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-man-pages-uk-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-rescue-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-rsync-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-tools-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.noarch.rpm libguestfs-tools-c-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-winsupport-8.0-4.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libguestfs-xfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libiscsi-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libiscsi-devel-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libiscsi-utils-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libvirt-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-admin-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-bash-completion-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-client-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-config-network-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-config-nwfilter-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-interface-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-network-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-nodedev-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-nwfilter-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-qemu-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-secret-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-core-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-disk-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-logical-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-rbd-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-daemon-kvm-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-dbus-1.2.0-3.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm libvirt-devel-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-docs-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-libs-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-lock-sanlock-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm libvirt-nss-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.aarch64.rpm lua-guestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm nbdkit-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm nbdkit-bash-completion-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.noarch.rpm nbdkit-basic-plugins-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm nbdkit-devel-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm nbdkit-example-plugins-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm nbdkit-plugin-gzip-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm nbdkit-plugin-python-common-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm nbdkit-plugin-python3-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm nbdkit-plugin-xz-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm netcf-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm netcf-devel-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm netcf-libs-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ocaml-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ocaml-hivex-devel-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ocaml-libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ocaml-libguestfs-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm perl-Sys-Guestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm perl-Sys-Virt-4.5.0-5.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm perl-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm python3-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm python3-libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm python3-libvirt-4.5.0-2.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm qemu-guest-agent-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm qemu-img-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm qemu-kvm-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm qemu-kvm-block-curl-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm qemu-kvm-block-iscsi-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm qemu-kvm-block-rbd-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm qemu-kvm-block-ssh-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm qemu-kvm-common-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm qemu-kvm-core-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm ruby-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ruby-libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm supermin-5.1.19-9.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm supermin-devel-5.1.19-9.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm virt-dib-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ocaml-hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ocaml-hivex-devel-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ocaml-libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm ocaml-libguestfs-devel-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.aarch64.rpm qemu-kvm-tests-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libguestfs-winsupport-8.0-4.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libiscsi-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libvirt-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libvirt-dbus-1.2.0-3.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libvirt-python-4.5.0-2.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/nbdkit-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/netcf-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/perl-Sys-Virt-4.5.0-5.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/qemu-kvm-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/seabios-1.11.1-4.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/sgabios-0.20170427git-3.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/supermin-5.1.19-9.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/hivex-1.3.15-7.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libguestfs-1.38.4-14.0.1.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libguestfs-winsupport-8.0-4.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libiscsi-1.18.0-8.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libvirt-4.5.0-35.3.0.1.module+el8.1.0+5574+a95766b2.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libvirt-dbus-1.2.0-3.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libvirt-python-4.5.0-2.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/nbdkit-1.4.2-5.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/netcf-0.2.8-12.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/perl-Sys-Virt-4.5.0-5.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/qemu-kvm-2.12.0-88.0.1.module+el8.1.0+5574+a95766b2.3.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/seabios-1.11.1-4.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/sgabios-0.20170427git-3.module+el8.1.0+5378+c5e0f4d7.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/supermin-5.1.19-9.module+el8.1.0+5378+c5e0f4d7.src.rpm Description of changes: qemu-kvm [2.12.0-88.0.1.el8_1_0.3] - Added bug30251155-remove-upstream-reference [Orabug: 30251155] [2.12.0-88.el8_1_0.3] - kvm-tcp_emu-Fix-oob-access.patch [bz#1791565] - kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791565] - kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791565] - kvm-iscsi-Avoid-potential-for-get_status-overflow.patch [bz#1794500] - kvm-iscsi-Cap-block-count-from-GET-LBA-STATUS-CVE-2020-1.patch [bz#1794500] - Resolves: bz#1791565 ? (CVE-2020-7039 virt:rhel/qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-8.1.0.z]) - Resolves: bz#1794500 ? (CVE-2020-1711 qemu-kvm: QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server [rhel-8.1.0.z]) libvirt [4.5.0-35.3.0.1] - added librbd1 as dependency (Keshav Sharma) [4.5.0-35.3.el8] - qemu: Translate features in virQEMUCapsGetCPUFeatures (rhbz#1809510) From el-errata at oss.oracle.com Thu Apr 16 18:09:24 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 16 Apr 2020 18:09:24 -0700 Subject: [El-errata] ELSA-2020-1489 Important: Oracle Linux 7 thunderbird security update Message-ID: <0b249673-0989-e527-3388-5d0a013a5a45@oracle.com> Oracle Linux Security Advisory ELSA-2020-1489 http://linux.oracle.com/errata/ELSA-2020-1489.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-68.7.0-1.0.1.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/thunderbird-68.7.0-1.0.1.el7_8.src.rpm Description of changes: [68.7.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [68.7.0-1] - Update to 68.7.0 build1 From el-errata at oss.oracle.com Fri Apr 17 02:16:38 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 17 Apr 2020 11:16:38 +0200 Subject: [El-errata] New Ksplice updates for Oracle Enhanced RHCK 7 (ELBA-2020-1016-1) Message-ID: <20200417091638.GE32424@chrystal> Synopsis: ELBA-2020-1016-1 can now be patched using Ksplice CVEs: CVE-2015-9289 CVE-2017-17807 CVE-2018-19985 CVE-2018-20169 CVE-2018-7191 CVE-2019-10207 CVE-2019-10638 CVE-2019-10639 CVE-2019-11190 CVE-2019-11884 CVE-2019-12382 CVE-2019-13233 CVE-2019-14283 CVE-2019-15916 CVE-2019-16746 CVE-2019-3901 CVE-2019-9503 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Bug Fix Advisory, ELBA-2020-1016-1. More information about this errata can be found at https://linux.oracle.com/errata/ELBA-2020-1016-1.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running Oracle Enhanced RHCK 7 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2015-9289: Privilege escalation in DVB frontend. Missing user input validation could allow a local user with access to the device to trigger buffer overflows when reading or writing data. This out of bounds access could result in a kernel crash or potentially escalate privileges. Orabug: 30254282 * CVE-2017-17807: Permissions bypass when requesting key on default keyring. When calling request_key() with no keyring specified, the requested key is generated and added to the keyring even if the user does not have write permissions. * CVE-2018-7191: Denial-of-service in network tunnel TUNSETIFF ioctl(). Missing error checking when setting a network tunnel device interface could result in a NULL pointer dereference when passed a malformed interface name. A local user with privileges to create TUN devices could use this flaw to crash the system. * CVE-2018-19985, CVE-2018-20169: Missing bound check when reading extra USB descriptors. A failure to properly check the minimum and maximum size of an extra USB descriptor in the USB sub-system could lead to reading or writing past memory bounds. An attacker with the ability to send specially crafted extra descriptors from a USB device could use this flaw to escalate privileges or cause a denial-of-service. * CVE-2019-3901: Privilege escalation when opening performance events. A race condition between perf_event_open and execve can allow an unprivileged user to trace a privileged process, potentially allowing an unprivileged user to escalate privileges. * CVE-2019-9503: Denial-of-service when receiving firmware event frames over a Broadcom WLAN USB dongle. A failure to validate firmware event frames received over a Broadcom WLAN USB dongle could let a remote attacker cause a denial-of-service. * CVE-2019-10207: NULL pointer dereference in Bluetooth TTY operations. A missing check in some Bluetooth drivers could lead to a NULL pointer dereference triggered by an unprivileged user while executing certain tty operations. This could be exploited to cause a denial of service attack. * CVE-2019-11884: Information leak in Bluetooth HIDP HIDPCONNADD ioctl(). Missing string termination in the Bluetooth HIDP HIDPCONNADD ioctl() could result in leaking the contents of the kernel stack to a local user. * CVE-2019-12382: Denial-of-service in DRM firmware loading. Incorrect error handling could result in a NULL pointer dereference and crash when loading firmware under low memory conditions. * CVE-2019-13233: Use-after-free when accessing LDT entry. A locking error while accessing LDT entry could lead to a use-after-free. A local attacker could use this flaw to cause a denial-of-service. * CVE-2019-14283: Denial-of-service in floppy disk geometry setting during insertion. Missing input validation in the floppy disk geometry setting calls could allow a malicious local user with access to the floppy device to cause an out-of-bounds access either crashing the system or leaking the contents of kernel memory. * CVE-2019-15916: Denial-of-service in network device registration. A missing free of resources when registering a kobject for a net device fails could lead to a memory leak. A local attacker could use this flaw to exhaust kernel memory and cause a denial-of-service. * Note: Oracle will not be providing a zero downtime update for CVE-2019-10638. CVE-2019-10638 is a flaw in the IP ID generation code that could allow a remote user to track remote Linux devices. * Note: Oracle will not be providing a zero downtime update for CVE-2019-10639. CVE-2019-10639 could allow a remote user to derive the value of the IP ID field and thus partially defeating kernel address space layout randomizaton. * CVE-2019-11190: Information leak using a setuid program and accessing process stats. A late setup of credentials when running a setuid program could let an attacker dump /proc//stat and get more information about running kernel. * CVE-2019-16746: Potential buffer overflow when processing IEEE80211 beacon head. A failure to validate the beacon frame header along with other beacon frame attributes can lead to malformed data eventually being processed. This can potentially be exploited by a remote attacker to cause a buffer overflow, which can be leveraged to perform other types of attacks. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Fri Apr 17 02:16:51 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 17 Apr 2020 11:16:51 +0200 Subject: [El-errata] New Ksplice updates for UEKR2 2.6.39 on OL5 and OL6 (ELSA-2020-5645) Message-ID: <20200417091651.GF32424@chrystal> Synopsis: ELSA-2020-5645 can now be patched using Ksplice CVEs: CVE-2019-18806 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2020-5645. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2020-5645.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR2 2.6.39 on OL5 and OL6 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2019-18806: Memory leak when allocating large buffers in QLogic QLA3XXX Network driver. A missing free of resources when allocating large buffers in QLogic QLA3XXX Network driver could lead to a memory leak. A local attacker could use this flaw to exhaust kernel memory and cause a denial-of-service. Orabug: 31055329 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Fri Apr 17 02:17:18 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 17 Apr 2020 11:17:18 +0200 Subject: [El-errata] New Ksplice updates for UEKR3 3.8.13 on OL6 and OL7 (ELSA-2020-5644) Message-ID: <20200417091718.GG32424@chrystal> Synopsis: ELSA-2020-5644 can now be patched using Ksplice CVEs: CVE-2019-18806 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2020-5644. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2020-5644.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR3 3.8.13 on OL6 and OL7 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2019-18806: Memory leak when allocating large buffers in QLogic QLA3XXX Network driver. A missing free of resources when allocating large buffers in QLogic QLA3XXX Network driver could lead to a memory leak. A local attacker could use this flaw to exhaust kernel memory and cause a denial-of-service. Orabug: 31055328 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Fri Apr 17 07:48:11 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 17 Apr 2020 16:48:11 +0200 Subject: [El-errata] New Ksplice updates for UEKR5 4.14.35 on OL7 (ELSA-2020-5649) Message-ID: <20200417144811.GA9600@chrystal> Synopsis: ELSA-2020-5649 can now be patched using Ksplice CVEs: CVE-2018-5953 CVE-2019-18806 CVE-2019-18809 CVE-2020-10942 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2020-5649. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2020-5649.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR5 4.14.35 on OL7 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * Denial-of-service in the batman-adv subsystem. An out-of-bound access in kernel memory is possible when transmitting packets through raw socket in the batman-adv routing protocol. An unprivileged local user with CAP_NET_RAW capability could possibly exploit this flaw to cause a denial-of-service. Orabug: 29784399 * Spurious signals during TTY reopen. A logic error when locking a TTY when it is reopened can result in unnecessary signals being sent to userspace processes. Orabug: 30591419 * CVE-2019-18809: Memory leak when identifying state in Afatech AF9005 DVB-T USB1.1 driver. A logic error when identifying state in Afatech AF9005 DVB-T USB1.1 driver fails could lead to a memory leak. A local attacker could use this flaw to exhaust kernel memory and cause a denial-of-service. Orabug: 31029908 * CVE-2019-18806: Memory leak when allocating large buffers in QLogic QLA3XXX Network driver. A missing free of resources when allocating large buffers in QLogic QLA3XXX Network driver could lead to a memory leak. A local attacker could use this flaw to exhaust kernel memory and cause a denial-of-service. Orabug: 31055325 * Use-after-free when using NFS with page cache. A logic error when using NFS with page cache could lead to a use-after-free. A local attacker could use this flaw to cause a denial- of-service. Orabug: 31015775 * NULL pointer dereference during UBIFS mount. A missing NULL pointer check when reading the device name in a UBIFS filesystem can result in a NULL pointer dereference, leading to a kernel crash. Orabug: 29410897 * CVE-2020-10942: Out-of-bounds memory access in the Virtual host driver. Invalid input validation could lead to type confusion and out-of-bounds memory accesses. A local unprivileged user could use this to cause a denial-of-service or potentially escalate privileges. Orabug: 31085991 * Use-after-free when constructing ERSPAN packet header. When constructing the header for a v1 or v2 ERSPAN packet header, data is written to an out-of-date ethernet header structure, which might be freed memory. This could result in memory corruption or a kernel crash. Orabug: 29784424 * Deadlock when deleting NVMe namespace fails. When removing an NVMe namespace, an unexpected error could result in the deleting thread waiting on a lock held by the parent command, causing a deadlock and system hang. Orabug: 31002557 * Out-of-bounds read when transmitting packet using XFRM. The kernel XFRM implementation reads data out-of-bounds when decoding the offloaded IPsec structure. In combination with another exploit, this might leak sensitive kernel information. Orabug: 30885434 * Point-to-Point Protocol IOCDETACH ioctl causes use-after-free. The PPPIOCDETACH ioctl for the Point-to-Point Protocol is fundamentally race-prone, and can result in memory corruption or a denial-of-service. Orabug: 31061772 * Flawed logic in read/write semaphore implementation causes crash. The implementation of read/write sempahores since kernel version 4.9 contains a flaw if multiple threads are waiting on the same lock, resulting in multiple writers being allowed access. This manifests as various data corruptions and kernel crashes. Orabug: 31087349 * System fails to generate vmcore dump after panic. When encountering a kernel BUG or other catastrophic system error, the vmcore diagnostic file is not properly created. This is not a security issue of itself, but makes diagnosing failures difficult. Orabug: 31098796 * CVE-2018-5953: Information leak in software IO TLB driver. Too verbose prints in software IO TLB driver leak information about running kernel. A local attacker could use this flaw to facilitate an attack. Orabug: 31085014 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Sun Apr 19 18:49:12 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 19 Apr 2020 18:49:12 -0700 Subject: [El-errata] ELSA-2020-1489 Important: Oracle Linux 7 thunderbird security update (aarch64) Message-ID: <1182297b-6139-6c5f-1eaa-460271783dc2@oracle.com> Oracle Linux Security Advisory ELSA-2020-1489 http://linux.oracle.com/errata/ELSA-2020-1489.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: thunderbird-68.7.0-1.0.1.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/thunderbird-68.7.0-1.0.1.el7_8.src.rpm Description of changes: [68.7.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [68.7.0-1] - Update to 68.7.0 build1 From el-errata at oss.oracle.com Sun Apr 19 19:04:10 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 19 Apr 2020 19:04:10 -0700 Subject: [El-errata] ELBA-2020-5657 Oracle Linux 7 cloud-init bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-5657 http://linux.oracle.com/errata/ELBA-2020-5657.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: cloud-init-18.5-6.0.3.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/cloud-init-18.5-6.0.3.el7.src.rpm Description of changes: [18.5-6.0.3] - Add cloud-init hotplug event handling support [Orabug: 30485135] - Oracle data source should configure secondary VNICs [Orabug: 30487563] - Add support for netfailover detection [Orabug: 30487591] - Avoid hotplug handling when configure_secondary_nics is disabled [Orabug: 31086905] - Set per-platform default NM_CONTROLLED=no for OCI [Orabug: 31086905] - Remove secondary VNIC config from cache for hot unplug [Orabug: 31086905] From el-errata at oss.oracle.com Sun Apr 19 19:04:42 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 19 Apr 2020 19:04:42 -0700 Subject: [El-errata] ELBA-2020-5656 Oracle Linux 6 cloud-init bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-5656 http://linux.oracle.com/errata/ELBA-2020-5656.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: x86_64: cloud-init-18.4-2.0.7.el6.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/cloud-init-18.4-2.0.7.el6.src.rpm Description of changes: [18.4-2.0.7] - Avoid hotplug handling when configure_secondary_nics is disabled [Orabug: 31086918] - Set per-platform default NM_CONTROLLED=no for OCI [Orabug: 31086918] - Remove secondary vnic config from cache during hot unplug [Orabug: 31086918] - Do not overwrite HOSTNAME config in /etc/sysconfig/network [Orabug: 31086918] [18.4-2.0.6] - Add hotplug event handling support [Orabug: 30778399] - Oracle data source should configure secondary VNICs [Orabug: 30778440] - Add support for net_failover 3-netdev model [Orabug: 30778451] [18.4-2.0.5] - Fix OL distro specific issues and dependency compatibility [Orabug: 30435672] - Issus related to cloud-init upgrade from 0.7.4 to 18.4 [30510275] [18.4-2.0.2] - Changes to ignore all enslaved interfaces [Orabug: 30092148] - add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch for 18.2: 1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader [18.4-2.0.1] - Fix swap file size allocation logic to allocate maxsize [Orabug: 29952349] - Make Oracle datasource detect dracut based config files [Orabug: 29956753] - Backport: net: Wait for dhclient to daemonize before reading lease file [Orabug: 29934932] [18.4-2] - remove pyserial requriement and CloudSigma/SmartOS data source [18.4-1] - rebase to upstream 18.4 [18.2-1.el7_6.1] - ci-Adding-systemd-mount-options-to-wait-for-cloud-init.patch [bz#1633282] - ci-Azure-Ignore-NTFS-mount-errors-when-checking-ephemer.patch [bz#1633282] - ci-azure-Add-reported-ready-marker-file.patch [bz#1633282] - ci-Adding-disk_setup-to-rhel-cloud.cfg.patch [bz#1633282] - Resolves: bz#1633282 ([Azure] cloud-init fails to mount /dev/sdb1 after stop(deallocate)&&start VM) * Thu Jun 21 2018 Miroslav Rezanina - Rebase to 18.2 Resolves: rhbz#1525267 [0.7.9-24] - Set DHCP_HOSTNAME on Azure to allow for the hostname to be published correctly when bouncing the network. Resolves: rhbz#1434109 [0.7.9-23] - Fix a bug tha caused cloud-init to fail as a result of trying to rename bonds. Resolves: rhbz#1512247 [0.7.9-22] - Apply patch from -21 Resolves: rhbz#1489270 [0.7.9-21] - sysconfig: Fix a potential traceback introduced in the 0.7.9-17 build Resolves: rhbz#1489270 [0.7.9-20] - sysconfig: Correct rendering for dhcp on ipv6 Resolves: rhbz#1519271 [0.7.9-19] - sysconfig: Fix rendering of default gateway for ipv6 Resolves: rhbz#1492726 [0.7.9-18] - Start the cloud-init init local service after the dbus socket is created so that the hostnamectl command works. Resolves: rhbz#1450521 [0.7.9-17] - Correctly render DNS and DOMAIN for sysconfig Resolves: rhbz#1489270 [0.7.9-16] - Disable NetworkManager management of resolv.conf if nameservers are specified by configuration. Resolves: rhbz#1454491 [0.7.9-15] - Fix a null reference error in the rh_subscription module Resolves: rhbz#1498974 [0-7.9-14] - Include gateway if it's included in subnet configration Resolves: rhbz#1492726 [0-7.9-13] - Do proper cleanup of systemd units when upgrading from versions 0.7.9-3 through 0.7.9-8. Resolves: rhbz#1465730 [0.7.9-12] - Prevent Azure NM and dhclient hooks from running when cloud-init is disabled (rhbz#1474226) [0.7.9-11] - Fix rendering of multiple static IPs per interface file Resolves: rhbz#bz1497954 [0.7.9-10] - AliCloud: Add support for the Alibaba Cloud datasource (rhbz#1482547) [0.7.9-9] - RHEL/CentOS: Fix default routes for IPv4/IPv6 configuration. (rhbz#1438082) - azure: ensure that networkmanager hook script runs (rhbz#1440831 rhbz#1460206) - Fix ipv6 subnet detection (rhbz#1438082) [0.7.9-8] - Update patches [0.7.9-7] - Add missing sysconfig unit test data (rhbz#1438082) - Fix dual stack IPv4/IPv6 configuration for RHEL (rhbz#1438082) - sysconfig: Raise ValueError when multiple default gateways are present. (rhbz#1438082) - Bounce network interface for Azure when using the built-in path. (rhbz#1434109) - Do not write NM_CONTROLLED=no in generated interface config files (rhbz#1385172) [0.7.9-6] - add power-state-change module to cloud_final_modules (rhbz#1252477) - remove 'tee' command from logging configuration (rhbz#1424612) - limit permissions on def_log_file (rhbz#1424612) - Bounce network interface for Azure when using the built-in path. (rhbz#1434109) - OpenStack: add 'dvs' to the list of physical link types. (rhbz#1442783) [0.7.9-5] - systemd: replace generator with unit conditionals (rhbz#1440831) [0.7.9-4] - Import to RHEL 7 Resolves: rhbz#1427280 [0.7.9-3] - fixes for network config generation - avoid dependency cycle at boot (rhbz#1420946) [0.7.9-2] - use timeout from datasource config in openstack get_data (rhbz#1408589) [0.7.9-1] - Rebased on upstream 0.7.9. - Remove dependency on run-parts [0.7.6-8] - make rh_subscription plugin do nothing in the absence of a valid configuration [RH:1295953] - move rh_subscription module to cloud_config stage [0.7.6-7] - correct permissions on /etc/ssh/sshd_config [RH:1296191] [0.7.6-6] - rebuild for ppc64le [0.7.6-5] - bump revision for new build [0.7.6-4] - ensure rh_subscription plugin is enabled by default [0.7.6-3] - added dependency on python-jinja2 [RH:1215913] - added rhn_subscription plugin [RH:1227393] - require pyserial to support smartos data source [RH:1226187] [0.7.6-2] - Rebased RHEL version to Fedora rawhide - Backported fix for https://bugs.launchpad.net/cloud-init/+bug/1246485 - Backported fix for https://bugs.launchpad.net/cloud-init/+bug/1411829 [0.7.6-1] - New upstream version [RH:974327] - Drop python-cheetah dependency (same as above bug) From el-errata at oss.oracle.com Sun Apr 19 19:05:08 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 19 Apr 2020 19:05:08 -0700 Subject: [El-errata] ELSA-2020-1495 Important: Oracle Linux 8 thunderbird security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1495 http://linux.oracle.com/errata/ELSA-2020-1495.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-68.7.0-1.0.1.el8_1.x86_64.rpm aarch64: SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/thunderbird-68.7.0-1.0.1.el8_1.src.rpm Description of changes: [68.7.0-1.0.1.el8_1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [68.7.0-1] - Update to 68.7.0 build1 From el-errata at oss.oracle.com Sun Apr 19 19:05:45 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 19 Apr 2020 19:05:45 -0700 Subject: [El-errata] ELSA-2020-1497 Moderate: Oracle Linux 8 tigervnc security update Message-ID: <377487eb-f33e-da9d-e0f0-741051827ded@oracle.com> Oracle Linux Security Advisory ELSA-2020-1497 http://linux.oracle.com/errata/ELSA-2020-1497.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: tigervnc-1.9.0-14.el8_1.x86_64.rpm tigervnc-icons-1.9.0-14.el8_1.noarch.rpm tigervnc-license-1.9.0-14.el8_1.noarch.rpm tigervnc-server-1.9.0-14.el8_1.x86_64.rpm tigervnc-server-applet-1.9.0-14.el8_1.noarch.rpm tigervnc-server-minimal-1.9.0-14.el8_1.x86_64.rpm tigervnc-server-module-1.9.0-14.el8_1.x86_64.rpm aarch64: tigervnc-1.9.0-14.el8_1.aarch64.rpm tigervnc-icons-1.9.0-14.el8_1.noarch.rpm tigervnc-license-1.9.0-14.el8_1.noarch.rpm tigervnc-server-1.9.0-14.el8_1.aarch64.rpm tigervnc-server-applet-1.9.0-14.el8_1.noarch.rpm tigervnc-server-minimal-1.9.0-14.el8_1.aarch64.rpm tigervnc-server-module-1.9.0-14.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/tigervnc-1.9.0-14.el8_1.src.rpm Description of changes: [1.9.0-14] - Bump build version Resolves: bz#1819877 Resolves: bz#1819879 Resolves: bz#1819882 Resolves: bz#1819886 Resolves: bz#1819884 [1.9.0-13] - Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz#1819877 - Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz#1819879 - Fix heap buffer overflow in TightDecoder::FilterGradient Resolves: bz#1819882 - Fix heap-based buffer overflow triggered from CopyRectDecoder Resolves: bz#1819886 - Fix stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder Resolves: bz#1819884 From el-errata at oss.oracle.com Sun Apr 19 19:06:14 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Sun, 19 Apr 2020 19:06:14 -0700 Subject: [El-errata] ELBA-2020-1363 Oracle Linux 8 pcp bug fix update Message-ID: <36689b74-9c2e-9f89-16a3-47c1c3075d11@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1363 http://linux.oracle.com/errata/ELBA-2020-1363.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: pcp-4.3.2-3.el8_1.x86_64.rpm pcp-conf-4.3.2-3.el8_1.x86_64.rpm pcp-devel-4.3.2-3.el8_1.i686.rpm pcp-devel-4.3.2-3.el8_1.x86_64.rpm pcp-doc-4.3.2-3.el8_1.noarch.rpm pcp-export-pcp2graphite-4.3.2-3.el8_1.x86_64.rpm pcp-export-pcp2influxdb-4.3.2-3.el8_1.x86_64.rpm pcp-export-pcp2json-4.3.2-3.el8_1.x86_64.rpm pcp-export-pcp2xml-4.3.2-3.el8_1.x86_64.rpm pcp-export-pcp2zabbix-4.3.2-3.el8_1.x86_64.rpm pcp-export-zabbix-agent-4.3.2-3.el8_1.x86_64.rpm pcp-gui-4.3.2-3.el8_1.x86_64.rpm pcp-import-collectl2pcp-4.3.2-3.el8_1.x86_64.rpm pcp-import-ganglia2pcp-4.3.2-3.el8_1.x86_64.rpm pcp-import-iostat2pcp-4.3.2-3.el8_1.x86_64.rpm pcp-import-mrtg2pcp-4.3.2-3.el8_1.x86_64.rpm pcp-import-sar2pcp-4.3.2-3.el8_1.x86_64.rpm pcp-libs-4.3.2-3.el8_1.i686.rpm pcp-libs-4.3.2-3.el8_1.x86_64.rpm pcp-libs-devel-4.3.2-3.el8_1.i686.rpm pcp-libs-devel-4.3.2-3.el8_1.x86_64.rpm pcp-manager-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-activemq-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-apache-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-bash-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-bcc-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-bind2-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-bonding-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-cifs-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-cisco-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-dbping-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-dm-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-docker-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-ds389-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-ds389log-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-elasticsearch-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-gfs2-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-gluster-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-gpfs-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-gpsd-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-haproxy-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-infiniband-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-json-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-libvirt-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-lio-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-lmsensors-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-logger-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-lustre-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-lustrecomm-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-mailq-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-memcache-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-mic-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-mounts-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-mysql-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-named-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-netfilter-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-news-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-nfsclient-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-nginx-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-nvidia-gpu-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-oracle-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-pdns-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-perfevent-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-podman-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-postfix-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-postgresql-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-prometheus-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-redis-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-roomtemp-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-rpm-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-rsyslog-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-samba-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-sendmail-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-shping-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-slurm-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-smart-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-snmp-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-summary-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-systemd-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-trace-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-unbound-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-vmware-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-weblog-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-zimbra-4.3.2-3.el8_1.x86_64.rpm pcp-pmda-zswap-4.3.2-3.el8_1.x86_64.rpm pcp-selinux-4.3.2-3.el8_1.x86_64.rpm pcp-system-tools-4.3.2-3.el8_1.x86_64.rpm pcp-testsuite-4.3.2-3.el8_1.x86_64.rpm pcp-webapi-4.3.2-3.el8_1.x86_64.rpm pcp-webapp-blinkenlights-4.3.2-3.el8_1.noarch.rpm pcp-webapp-grafana-4.3.2-3.el8_1.noarch.rpm pcp-webapp-graphite-4.3.2-3.el8_1.noarch.rpm pcp-webapp-vector-4.3.2-3.el8_1.noarch.rpm pcp-webjs-4.3.2-3.el8_1.noarch.rpm pcp-zeroconf-4.3.2-3.el8_1.x86_64.rpm perl-PCP-LogImport-4.3.2-3.el8_1.x86_64.rpm perl-PCP-LogSummary-4.3.2-3.el8_1.x86_64.rpm perl-PCP-MMV-4.3.2-3.el8_1.x86_64.rpm perl-PCP-PMDA-4.3.2-3.el8_1.x86_64.rpm python3-pcp-4.3.2-3.el8_1.x86_64.rpm aarch64: pcp-4.3.2-3.el8_1.aarch64.rpm pcp-conf-4.3.2-3.el8_1.aarch64.rpm pcp-devel-4.3.2-3.el8_1.aarch64.rpm pcp-doc-4.3.2-3.el8_1.noarch.rpm pcp-export-pcp2graphite-4.3.2-3.el8_1.aarch64.rpm pcp-export-pcp2influxdb-4.3.2-3.el8_1.aarch64.rpm pcp-export-pcp2json-4.3.2-3.el8_1.aarch64.rpm pcp-export-pcp2xml-4.3.2-3.el8_1.aarch64.rpm pcp-export-pcp2zabbix-4.3.2-3.el8_1.aarch64.rpm pcp-export-zabbix-agent-4.3.2-3.el8_1.aarch64.rpm pcp-gui-4.3.2-3.el8_1.aarch64.rpm pcp-import-collectl2pcp-4.3.2-3.el8_1.aarch64.rpm pcp-import-ganglia2pcp-4.3.2-3.el8_1.aarch64.rpm pcp-import-iostat2pcp-4.3.2-3.el8_1.aarch64.rpm pcp-import-mrtg2pcp-4.3.2-3.el8_1.aarch64.rpm pcp-import-sar2pcp-4.3.2-3.el8_1.aarch64.rpm pcp-libs-4.3.2-3.el8_1.aarch64.rpm pcp-libs-devel-4.3.2-3.el8_1.aarch64.rpm pcp-manager-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-activemq-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-apache-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-bash-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-bind2-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-bonding-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-cifs-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-cisco-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-dbping-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-dm-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-docker-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-ds389-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-ds389log-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-elasticsearch-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-gfs2-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-gluster-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-gpfs-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-gpsd-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-haproxy-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-infiniband-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-json-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-libvirt-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-lio-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-lmsensors-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-logger-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-lustre-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-lustrecomm-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-mailq-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-memcache-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-mic-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-mounts-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-mysql-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-named-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-netfilter-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-news-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-nfsclient-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-nginx-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-nvidia-gpu-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-oracle-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-pdns-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-perfevent-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-podman-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-postfix-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-postgresql-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-prometheus-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-redis-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-roomtemp-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-rpm-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-rsyslog-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-samba-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-sendmail-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-shping-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-slurm-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-smart-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-snmp-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-summary-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-systemd-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-trace-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-unbound-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-vmware-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-weblog-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-zimbra-4.3.2-3.el8_1.aarch64.rpm pcp-pmda-zswap-4.3.2-3.el8_1.aarch64.rpm pcp-selinux-4.3.2-3.el8_1.aarch64.rpm pcp-system-tools-4.3.2-3.el8_1.aarch64.rpm pcp-testsuite-4.3.2-3.el8_1.aarch64.rpm pcp-webapi-4.3.2-3.el8_1.aarch64.rpm pcp-webapp-blinkenlights-4.3.2-3.el8_1.noarch.rpm pcp-webapp-grafana-4.3.2-3.el8_1.noarch.rpm pcp-webapp-graphite-4.3.2-3.el8_1.noarch.rpm pcp-webapp-vector-4.3.2-3.el8_1.noarch.rpm pcp-webjs-4.3.2-3.el8_1.noarch.rpm pcp-zeroconf-4.3.2-3.el8_1.aarch64.rpm perl-PCP-LogImport-4.3.2-3.el8_1.aarch64.rpm perl-PCP-LogSummary-4.3.2-3.el8_1.aarch64.rpm perl-PCP-MMV-4.3.2-3.el8_1.aarch64.rpm perl-PCP-PMDA-4.3.2-3.el8_1.aarch64.rpm python3-pcp-4.3.2-3.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/pcp-4.3.2-3.el8_1.src.rpm Description of changes: [4.3.2-3] - Fix pmdalinux mishandling of large CPU counts (BZ 1755069) From el-errata at oss.oracle.com Tue Apr 21 21:17:19 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 21 Apr 2020 21:17:19 -0700 Subject: [El-errata] ELSA-2020-1508 Important: Oracle Linux 6 java-1.7.0-openjdk security update Message-ID: <2826443d-e189-c018-9e69-b52cc0580b52@oracle.com> Oracle Linux Security Advisory ELSA-2020-1508 http://linux.oracle.com/errata/ELSA-2020-1508.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: java-1.7.0-openjdk-1.7.0.261-2.6.22.1.0.1.el6_10.i686.rpm java-1.7.0-openjdk-demo-1.7.0.261-2.6.22.1.0.1.el6_10.i686.rpm java-1.7.0-openjdk-devel-1.7.0.261-2.6.22.1.0.1.el6_10.i686.rpm java-1.7.0-openjdk-javadoc-1.7.0.261-2.6.22.1.0.1.el6_10.noarch.rpm java-1.7.0-openjdk-src-1.7.0.261-2.6.22.1.0.1.el6_10.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.261-2.6.22.1.0.1.el6_10.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.261-2.6.22.1.0.1.el6_10.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.261-2.6.22.1.0.1.el6_10.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.261-2.6.22.1.0.1.el6_10.noarch.rpm java-1.7.0-openjdk-src-1.7.0.261-2.6.22.1.0.1.el6_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/java-1.7.0-openjdk-1.7.0.261-2.6.22.1.0.1.el6_10.src.rpm Description of changes: [1:1.7.0.261-2.6.22.1.0.1] - Update DISTRO_NAME in specfile [1:1.7.0.261-2.6.22.1] - Add release notes from IcedTea. - Resolves: rhbz#1810557 [1:1.7.0.261-2.6.22.0] - Bump to 2.6.22 and OpenJDK 7u261-b02. - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Tue Apr 21 21:17:57 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 21 Apr 2020 21:17:57 -0700 Subject: [El-errata] ELSA-2020-1506 Important: Oracle Linux 6 java-1.8.0-openjdk security update Message-ID: <76b5a5e2-d230-e0d8-f18a-6432f9f10e6f@oracle.com> Oracle Linux Security Advisory ELSA-2020-1506 http://linux.oracle.com/errata/ELSA-2020-1506.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el6_10.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el6_10.noarch.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10.i686.rpm java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10.i686.rpm x86_64: java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el6_10.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el6_10.noarch.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10.src.rpm Description of changes: [1:1.8.0.252.b09-2] - Add release notes. - Resolves: rhbz#1810557 [1:1.8.0.252.b09-1] - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz#1810557 [1:1.8.0.252.b09-0] - Update to aarch64-shenandoah-jdk8u242-b09. - Switch to GA mode for final release. - Resolves: rhbz#1810557 [1:1.8.0.252.b08-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b08. - Resolves: rhbz#1810557 [1:1.8.0.252.b07-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b07. - Resolves: rhbz#1810557 [1:1.8.0.252.b06-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b06. - Resolves: rhbz#1810557 [1:1.8.0.252.b05-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b05. - Resolves: rhbz#1810557 [1:1.8.0.252.b04-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b04. - Resolves: rhbz#1810557 [1:1.8.0.252.b03-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b03. - Resolves: rhbz#1810557 [1:1.8.0.252.b02-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b02. - Resolves: rhbz#1810557 [1:1.8.0.252.b01-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b01. - Switch to EA mode. - Adjust JDK-8199936/PR3533 patch following JDK-8227397 configure change - Resolves: rhbz#1810557 [1:1.8.0.242.b08-0] - Update to aarch64-shenandoah-jdk8u242-b08. - Remove local copies of JDK-8031111 & JDK-8132111 as replaced by upstream versions. - Resolves: rhbz#1785753 From el-errata at oss.oracle.com Wed Apr 22 10:45:53 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 10:45:53 -0700 Subject: [El-errata] ELSA-2020-1507 Important: Oracle Linux 7 java-1.7.0-openjdk security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1507 http://linux.oracle.com/errata/ELSA-2020-1507.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: java-1.7.0-openjdk-1.7.0.261-2.6.22.2.0.1.el7_8.x86_64.rpm java-1.7.0-openjdk-accessibility-1.7.0.261-2.6.22.2.0.1.el7_8.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.261-2.6.22.2.0.1.el7_8.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.261-2.6.22.2.0.1.el7_8.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.261-2.6.22.2.0.1.el7_8.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.261-2.6.22.2.0.1.el7_8.noarch.rpm java-1.7.0-openjdk-src-1.7.0.261-2.6.22.2.0.1.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/java-1.7.0-openjdk-1.7.0.261-2.6.22.2.0.1.el7_8.src.rpm Description of changes: [1:1.7.0.261-2.6.22.2.0.1] - Update DISTRO_NAME in specfile [1:1.7.0.261-2.6.22.2] - Modify NEWS installation to avoid subpackage naming. - Resolves: rhbz#1810557 [1:1.7.0.261-2.6.22.1] - Add release notes from IcedTea. - Mark license files with appropriate macro. - Resolves: rhbz#1810557 [1:1.7.0.261-2.6.22.0] - Bump to 2.6.22 and OpenJDK 7u261-b02. - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Wed Apr 22 10:46:03 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 10:46:03 -0700 Subject: [El-errata] ELSA-2020-1511 Important: Oracle Linux 7 git security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1511 http://linux.oracle.com/errata/ELSA-2020-1511.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: emacs-git-1.8.3.1-22.el7_8.noarch.rpm emacs-git-el-1.8.3.1-22.el7_8.noarch.rpm git-1.8.3.1-22.el7_8.x86_64.rpm git-all-1.8.3.1-22.el7_8.noarch.rpm git-bzr-1.8.3.1-22.el7_8.noarch.rpm git-cvs-1.8.3.1-22.el7_8.noarch.rpm git-daemon-1.8.3.1-22.el7_8.x86_64.rpm git-email-1.8.3.1-22.el7_8.noarch.rpm git-gnome-keyring-1.8.3.1-22.el7_8.x86_64.rpm git-gui-1.8.3.1-22.el7_8.noarch.rpm git-hg-1.8.3.1-22.el7_8.noarch.rpm git-instaweb-1.8.3.1-22.el7_8.noarch.rpm git-p4-1.8.3.1-22.el7_8.noarch.rpm git-svn-1.8.3.1-22.el7_8.x86_64.rpm gitk-1.8.3.1-22.el7_8.noarch.rpm gitweb-1.8.3.1-22.el7_8.noarch.rpm perl-Git-1.8.3.1-22.el7_8.noarch.rpm perl-Git-SVN-1.8.3.1-22.el7_8.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/git-1.8.3.1-22.el7_8.src.rpm Description of changes: [1.8.3.1-22 ] - Crafted URL containing new lines can cause credential leak - Resolves: CVE-2020-5260 From el-errata at oss.oracle.com Wed Apr 22 10:46:14 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 10:46:14 -0700 Subject: [El-errata] ELSA-2020-1512 Important: Oracle Linux 7 java-1.8.0-openjdk security update Message-ID: <0fc5f2f0-a4be-4ba3-2cff-c7d51ec770b2@oracle.com> Oracle Linux Security Advisory ELSA-2020-1512 http://linux.oracle.com/errata/ELSA-2020-1512.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el7_8.x86_64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.252.b09-2.el7_8.i686.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el7_8.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.src.rpm Description of changes: [1:1.8.0.252.b09-2] - Add release notes. - Mark license files with appropriate macro. - Resolves: rhbz#1810557 [1:1.8.0.252.b09-1] - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz#1810557 [1:1.8.0.252.b09-0] - Update to aarch64-shenandoah-jdk8u242-b09. - Switch to GA mode for final release. - Resolves: rhbz#1810557 [1:1.8.0.252.b08-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b08. - Resolves: rhbz#1810557 [1:1.8.0.252.b07-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b07. - Resolves: rhbz#1810557 [1:1.8.0.252.b06-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b06. - Resolves: rhbz#1810557 [1:1.8.0.252.b05-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b05. - Resolves: rhbz#1810557 [1:1.8.0.252.b04-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b04. - Resolves: rhbz#1810557 [1:1.8.0.252.b03-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b03. - Adjust PR2974/RH1337583 & PR3083/RH1346460 following context changes in JDK-8230978 - Resolves: rhbz#1810557 [1:1.8.0.252.b02-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b02. - Resolves: rhbz#1810557 [1:1.8.0.252.b01-0.1.ea] - Update to aarch64-shenandoah-jdk8u252-b01. - Switch to EA mode. - Adjust JDK-8199936/PR3533 patch following JDK-8227397 configure change - Remove local copies of JDK-8231991 & JDK-8234107 as replaced by upstream versions. - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Wed Apr 22 13:57:10 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 13:57:10 -0700 Subject: [El-errata] ELSA-2020-1509 Important: Oracle Linux 7 java-11-openjdk security update Message-ID: <146f4510-2605-2691-988c-a111fce19c58@oracle.com> Oracle Linux Security Advisory ELSA-2020-1509 http://linux.oracle.com/errata/ELSA-2020-1509.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: java-11-openjdk-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-demo-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-demo-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-devel-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-devel-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-headless-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-headless-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-javadoc-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-javadoc-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-javadoc-zip-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-jmods-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-jmods-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-src-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-src-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-javadoc-zip-debug-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-devel-debug-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-debug-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-headless-debug-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-jmods-debug-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-src-debug-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-javadoc-debug-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-demo-debug-11.0.7.10-4.0.1.el7_8.i686.rpm java-11-openjdk-devel-debug-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-demo-debug-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-src-debug-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-headless-debug-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-jmods-debug-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-javadoc-debug-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-debug-11.0.7.10-4.0.1.el7_8.x86_64.rpm java-11-openjdk-javadoc-zip-debug-11.0.7.10-4.0.1.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/java-11-openjdk-11.0.7.10-4.0.1.el7_8.src.rpm Description of changes: [1:11.0.7.10-4.0.1] - link atomic for ix86 build [1:11.0.7.10-4] - Add JDK-8228407 backport to resolve crashes during verification. - Resolves: rhbz#1810557 [1:11.0.7.10-3] - Amend release notes, removing issue actually fixed in 11.0.6. - Resolves: rhbz#1810557 [1:11.0.7.10-2] - Add release notes. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Make use of --with-extra-asflags introduced in jdk-11.0.6+1. - Resolves: rhbz#1810557 [1:11.0.7.10-0] - Update to shenandoah-jdk-11.0.7+10 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1810557 [1:11.0.7.9-0.0.ea] - Update to shenandoah-jdk-11.0.7+9 (EA) - Resolves: rhbz#1810557 [1:11.0.7.8-0.0.ea] - Update to shenandoah-jdk-11.0.7+8 (EA) - Resolves: rhbz#1810557 [1:11.0.7.7-0.0.ea] - Update to shenandoah-jdk-11.0.7+7 (EA) - Resolves: rhbz#1810557 [1:11.0.7.6-0.0.ea] - Update to shenandoah-jdk-11.0.7+6 (EA) - Resolves: rhbz#1810557 [1:11.0.7.5-0.0.ea] - Update to shenandoah-jdk-11.0.7+5 (EA) - Resolves: rhbz#1810557 [1:11.0.7.4-0.0.ea] - Update to shenandoah-jdk-11.0.7+4 (EA) - Resolves: rhbz#1810557 [1:11.0.7.3-0.0.ea] - Update to shenandoah-jdk-11.0.7+3 (EA) - Resolves: rhbz#1810557 [1:11.0.7.2-0.0.ea] - Update to shenandoah-jdk-11.0.7+2 (EA) - Resolves: rhbz#1810557 [1:11.0.7.1-0.0.ea] - Update to shenandoah-jdk-11.0.7+1 (EA) - Switch to EA mode for 11.0.7 pre-release builds. - Drop JDK-8236039 backport now applied upstream. - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Wed Apr 22 15:59:12 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 15:59:12 -0700 Subject: [El-errata] ELSA-2020-1514 Important: Oracle Linux 8 java-11-openjdk security update Message-ID: <75498abf-86a5-efeb-3d30-207fb52dd053@oracle.com> Oracle Linux Security Advisory ELSA-2020-1514 http://linux.oracle.com/errata/ELSA-2020-1514.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: java-11-openjdk-11.0.7.10-1.el8_1.x86_64.rpm java-11-openjdk-demo-11.0.7.10-1.el8_1.x86_64.rpm java-11-openjdk-devel-11.0.7.10-1.el8_1.x86_64.rpm java-11-openjdk-headless-11.0.7.10-1.el8_1.x86_64.rpm java-11-openjdk-javadoc-11.0.7.10-1.el8_1.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.7.10-1.el8_1.x86_64.rpm java-11-openjdk-jmods-11.0.7.10-1.el8_1.x86_64.rpm java-11-openjdk-src-11.0.7.10-1.el8_1.x86_64.rpm aarch64: java-11-openjdk-11.0.7.10-1.el8_1.aarch64.rpm java-11-openjdk-demo-11.0.7.10-1.el8_1.aarch64.rpm java-11-openjdk-devel-11.0.7.10-1.el8_1.aarch64.rpm java-11-openjdk-headless-11.0.7.10-1.el8_1.aarch64.rpm java-11-openjdk-javadoc-11.0.7.10-1.el8_1.aarch64.rpm java-11-openjdk-javadoc-zip-11.0.7.10-1.el8_1.aarch64.rpm java-11-openjdk-jmods-11.0.7.10-1.el8_1.aarch64.rpm java-11-openjdk-src-11.0.7.10-1.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/java-11-openjdk-11.0.7.10-1.el8_1.src.rpm Description of changes: [1:11.0.7.10-1] - Add JDK-8228407 backport to resolve crashes during verification. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Amend release notes, removing issue actually fixed in 11.0.6. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Re-apply --with-extra-asflags as crash was not due to this. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Add release notes. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Revert asflags changes as build remains broken. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Build still failing with just assembler build notes option, trying with just optimisation flags. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Passing optimisation flags to assembler causes build to crash. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Make use of --with-extra-asflags introduced in jdk-11.0.6+1. - Resolves: rhbz#1810557 [1:11.0.7.10-0] - Update to shenandoah-jdk-11.0.7+10 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1810557 [1:11.0.7.9-0.0.ea] - Update to shenandoah-jdk-11.0.7+9 (EA) - Resolves: rhbz#1810557 [1:11.0.7.8-0.0.ea] - Update to shenandoah-jdk-11.0.7+8 (EA) - Resolves: rhbz#1810557 [1:11.0.7.7-0.0.ea] - Update to shenandoah-jdk-11.0.7+7 (EA) - Resolves: rhbz#1810557 [1:11.0.7.6-0.0.ea] - Update to shenandoah-jdk-11.0.7+6 (EA) - Resolves: rhbz#1810557 [1:11.0.7.5-0.0.ea] - Update to shenandoah-jdk-11.0.7+5 (EA) - Resolves: rhbz#1810557 [1:11.0.7.4-0.0.ea] - Update to shenandoah-jdk-11.0.7+4 (EA) - Resolves: rhbz#1810557 [1:11.0.7.3-0.0.ea] - Update to shenandoah-jdk-11.0.7+3 (EA) - Resolves: rhbz#1810557 [1:11.0.7.2-0.0.ea] - Update to shenandoah-jdk-11.0.7+2 (EA) - Resolves: rhbz#1810557 [1:11.0.7.1-0.0.ea] - Update to shenandoah-jdk-11.0.7+1 (EA) - Switch to EA mode for 11.0.7 pre-release builds. - Drop JDK-8236039 backport now applied upstream. - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Wed Apr 22 16:01:15 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 16:01:15 -0700 Subject: [El-errata] ELSA-2020-1513 Important: Oracle Linux 8 git security update Message-ID: <70a518c0-fd90-3761-d7da-4d57cb10b54a@oracle.com> Oracle Linux Security Advisory ELSA-2020-1513 http://linux.oracle.com/errata/ELSA-2020-1513.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: git-2.18.2-2.el8_1.x86_64.rpm git-all-2.18.2-2.el8_1.noarch.rpm git-core-2.18.2-2.el8_1.x86_64.rpm git-core-doc-2.18.2-2.el8_1.noarch.rpm git-daemon-2.18.2-2.el8_1.x86_64.rpm git-email-2.18.2-2.el8_1.noarch.rpm git-gui-2.18.2-2.el8_1.noarch.rpm git-instaweb-2.18.2-2.el8_1.x86_64.rpm git-subtree-2.18.2-2.el8_1.x86_64.rpm git-svn-2.18.2-2.el8_1.x86_64.rpm gitk-2.18.2-2.el8_1.noarch.rpm gitweb-2.18.2-2.el8_1.noarch.rpm perl-Git-2.18.2-2.el8_1.noarch.rpm perl-Git-SVN-2.18.2-2.el8_1.noarch.rpm aarch64: git-2.18.2-2.el8_1.aarch64.rpm git-all-2.18.2-2.el8_1.noarch.rpm git-core-2.18.2-2.el8_1.aarch64.rpm git-core-doc-2.18.2-2.el8_1.noarch.rpm git-daemon-2.18.2-2.el8_1.aarch64.rpm git-email-2.18.2-2.el8_1.noarch.rpm git-gui-2.18.2-2.el8_1.noarch.rpm git-instaweb-2.18.2-2.el8_1.aarch64.rpm git-subtree-2.18.2-2.el8_1.aarch64.rpm git-svn-2.18.2-2.el8_1.aarch64.rpm gitk-2.18.2-2.el8_1.noarch.rpm gitweb-2.18.2-2.el8_1.noarch.rpm perl-Git-2.18.2-2.el8_1.noarch.rpm perl-Git-SVN-2.18.2-2.el8_1.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/git-2.18.2-2.el8_1.src.rpm Description of changes: [2.18.2-2] - Crafted URL containing new lines can cause credential leak - Resolves: CVE-2020-5260 From el-errata at oss.oracle.com Wed Apr 22 19:33:33 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 19:33:33 -0700 Subject: [El-errata] ELSA-2020-1511 Important: Oracle Linux 7 git security update (aarch64) Message-ID: Oracle Linux Security Advisory ELSA-2020-1511 http://linux.oracle.com/errata/ELSA-2020-1511.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: git-1.8.3.1-22.el7_8.aarch64.rpm perl-Git-1.8.3.1-22.el7_8.noarch.rpm emacs-git-1.8.3.1-22.el7_8.noarch.rpm emacs-git-el-1.8.3.1-22.el7_8.noarch.rpm git-all-1.8.3.1-22.el7_8.noarch.rpm git-bzr-1.8.3.1-22.el7_8.noarch.rpm git-cvs-1.8.3.1-22.el7_8.noarch.rpm git-daemon-1.8.3.1-22.el7_8.aarch64.rpm git-email-1.8.3.1-22.el7_8.noarch.rpm git-gnome-keyring-1.8.3.1-22.el7_8.aarch64.rpm git-gui-1.8.3.1-22.el7_8.noarch.rpm git-hg-1.8.3.1-22.el7_8.noarch.rpm git-instaweb-1.8.3.1-22.el7_8.noarch.rpm gitk-1.8.3.1-22.el7_8.noarch.rpm git-p4-1.8.3.1-22.el7_8.noarch.rpm git-svn-1.8.3.1-22.el7_8.aarch64.rpm gitweb-1.8.3.1-22.el7_8.noarch.rpm perl-Git-SVN-1.8.3.1-22.el7_8.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/git-1.8.3.1-22.el7_8.src.rpm Description of changes: [1.8.3.1-22 ] - Crafted URL containing new lines can cause credential leak - Resolves: CVE-2020-5260 From el-errata at oss.oracle.com Wed Apr 22 19:34:04 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 19:34:04 -0700 Subject: [El-errata] ELSA-2020-1509 Important: Oracle Linux 7 java-11-openjdk security update (aarch64) Message-ID: Oracle Linux Security Advisory ELSA-2020-1509 http://linux.oracle.com/errata/ELSA-2020-1509.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: java-11-openjdk-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-devel-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-headless-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-debug-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-demo-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-demo-debug-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-devel-debug-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-headless-debug-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-javadoc-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-javadoc-debug-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-javadoc-zip-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-javadoc-zip-debug-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-jmods-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-jmods-debug-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-src-11.0.7.10-4.0.1.el7_8.aarch64.rpm java-11-openjdk-src-debug-11.0.7.10-4.0.1.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/java-11-openjdk-11.0.7.10-4.0.1.el7_8.src.rpm Description of changes: [1:11.0.7.10-4.0.1] - link atomic for ix86 build [1:11.0.7.10-4] - Add JDK-8228407 backport to resolve crashes during verification. - Resolves: rhbz#1810557 [1:11.0.7.10-3] - Amend release notes, removing issue actually fixed in 11.0.6. - Resolves: rhbz#1810557 [1:11.0.7.10-2] - Add release notes. - Resolves: rhbz#1810557 [1:11.0.7.10-1] - Make use of --with-extra-asflags introduced in jdk-11.0.6+1. - Resolves: rhbz#1810557 [1:11.0.7.10-0] - Update to shenandoah-jdk-11.0.7+10 (GA) - Switch to GA mode for final release. - Resolves: rhbz#1810557 [1:11.0.7.9-0.0.ea] - Update to shenandoah-jdk-11.0.7+9 (EA) - Resolves: rhbz#1810557 [1:11.0.7.8-0.0.ea] - Update to shenandoah-jdk-11.0.7+8 (EA) - Resolves: rhbz#1810557 [1:11.0.7.7-0.0.ea] - Update to shenandoah-jdk-11.0.7+7 (EA) - Resolves: rhbz#1810557 [1:11.0.7.6-0.0.ea] - Update to shenandoah-jdk-11.0.7+6 (EA) - Resolves: rhbz#1810557 [1:11.0.7.5-0.0.ea] - Update to shenandoah-jdk-11.0.7+5 (EA) - Resolves: rhbz#1810557 [1:11.0.7.4-0.0.ea] - Update to shenandoah-jdk-11.0.7+4 (EA) - Resolves: rhbz#1810557 [1:11.0.7.3-0.0.ea] - Update to shenandoah-jdk-11.0.7+3 (EA) - Resolves: rhbz#1810557 [1:11.0.7.2-0.0.ea] - Update to shenandoah-jdk-11.0.7+2 (EA) - Resolves: rhbz#1810557 [1:11.0.7.1-0.0.ea] - Update to shenandoah-jdk-11.0.7+1 (EA) - Switch to EA mode for 11.0.7 pre-release builds. - Drop JDK-8236039 backport now applied upstream. - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Wed Apr 22 19:35:06 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 19:35:06 -0700 Subject: [El-errata] ELSA-2020-1507 Important: Oracle Linux 7 java-1.7.0-openjdk security update (aarch64) Message-ID: <1c281ce0-4863-b25e-c844-6baf5c4d3878@oracle.com> Oracle Linux Security Advisory ELSA-2020-1507 http://linux.oracle.com/errata/ELSA-2020-1507.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: java-1.7.0-openjdk-1.7.0.261-2.6.22.2.0.1.el7_8.aarch64.rpm java-1.7.0-openjdk-devel-1.7.0.261-2.6.22.2.0.1.el7_8.aarch64.rpm java-1.7.0-openjdk-headless-1.7.0.261-2.6.22.2.0.1.el7_8.aarch64.rpm java-1.7.0-openjdk-accessibility-1.7.0.261-2.6.22.2.0.1.el7_8.aarch64.rpm java-1.7.0-openjdk-demo-1.7.0.261-2.6.22.2.0.1.el7_8.aarch64.rpm java-1.7.0-openjdk-javadoc-1.7.0.261-2.6.22.2.0.1.el7_8.noarch.rpm java-1.7.0-openjdk-src-1.7.0.261-2.6.22.2.0.1.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/java-1.7.0-openjdk-1.7.0.261-2.6.22.2.0.1.el7_8.src.rpm Description of changes: [1:1.7.0.261-2.6.22.2.0.1] - Update DISTRO_NAME in specfile [1:1.7.0.261-2.6.22.2] - Modify NEWS installation to avoid subpackage naming. - Resolves: rhbz#1810557 [1:1.7.0.261-2.6.22.1] - Add release notes from IcedTea. - Mark license files with appropriate macro. - Resolves: rhbz#1810557 [1:1.7.0.261-2.6.22.0] - Bump to 2.6.22 and OpenJDK 7u261-b02. - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Wed Apr 22 19:35:40 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 19:35:40 -0700 Subject: [El-errata] ELSA-2020-1512 Important: Oracle Linux 7 java-1.8.0-openjdk security update (aarch64) Message-ID: <28532402-7fe1-2adc-421f-4bed542e2989@oracle.com> Oracle Linux Security Advisory ELSA-2020-1512 http://linux.oracle.com/errata/ELSA-2020-1512.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.252.b09-2.el7_8.noarch.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8.aarch64.rpm java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8.src.rpm Description of changes: [1:1.8.0.252.b09-2] - Add release notes. - Mark license files with appropriate macro. - Resolves: rhbz#1810557 [1:1.8.0.252.b09-1] - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz#1810557 [1:1.8.0.252.b09-0] - Update to aarch64-shenandoah-jdk8u242-b09. - Switch to GA mode for final release. - Resolves: rhbz#1810557 [1:1.8.0.252.b08-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b08. - Resolves: rhbz#1810557 [1:1.8.0.252.b07-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b07. - Resolves: rhbz#1810557 [1:1.8.0.252.b06-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b06. - Resolves: rhbz#1810557 [1:1.8.0.252.b05-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b05. - Resolves: rhbz#1810557 [1:1.8.0.252.b04-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b04. - Resolves: rhbz#1810557 [1:1.8.0.252.b03-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b03. - Adjust PR2974/RH1337583 & PR3083/RH1346460 following context changes in JDK-8230978 - Resolves: rhbz#1810557 [1:1.8.0.252.b02-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b02. - Resolves: rhbz#1810557 [1:1.8.0.252.b01-0.1.ea] - Update to aarch64-shenandoah-jdk8u252-b01. - Switch to EA mode. - Adjust JDK-8199936/PR3533 patch following JDK-8227397 configure change - Remove local copies of JDK-8231991 & JDK-8234107 as replaced by upstream versions. - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Wed Apr 22 19:36:23 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 22 Apr 2020 19:36:23 -0700 Subject: [El-errata] ELSA-2020-1515 Important: Oracle Linux 8 java-1.8.0-openjdk security update Message-ID: <7e01c0fa-3950-1d72-2cdb-fe6ac5ec53c7@oracle.com> Oracle Linux Security Advisory ELSA-2020-1515 http://linux.oracle.com/errata/ELSA-2020-1515.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1.x86_64.rpm java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1.noarch.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1.x86_64.rpm aarch64: java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1.aarch64.rpm java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1.aarch64.rpm java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1.aarch64.rpm java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1.aarch64.rpm java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1.aarch64.rpm java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1.noarch.rpm java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1.src.rpm Description of changes: [1:1.8.0.252.b09-2] - Add release notes. - Resolves: rhbz#1810557 [1:1.8.0.252.b09-1] - Make use of --with-extra-asflags introduced in jdk8u252-b01. - Resolves: rhbz#1810557 [1:1.8.0.252.b09-0] - Update to aarch64-shenandoah-jdk8u252-b09. - Switch to GA mode for final release. - Resolves: rhbz#1810557 [1:1.8.0.252.b08-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b08. - Resolves: rhbz#1810557 [1:1.8.0.252.b07-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b07. - Resolves: rhbz#1810557 [1:1.8.0.252.b06-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b06. - Resolves: rhbz#1810557 [1:1.8.0.252.b05-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b05. - Resolves: rhbz#1810557 [1:1.8.0.252.b04-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b04. - Resolves: rhbz#1810557 [1:1.8.0.252.b03-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b03. - Adjust PR2974/RH1337583 & PR3083/RH1346460 following context changes in JDK-8230978 - Resolves: rhbz#1810557 [1:1.8.0.252.b02-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b02. - Resolves: rhbz#1810557 [1:1.8.0.252.b01-0.0.ea] - Update to aarch64-shenandoah-jdk8u252-b01. - Switch to EA mode. - Adjust JDK-8199936/PR3533 patch following JDK-8227397 configure change - Resolves: rhbz#1810557 From el-errata at oss.oracle.com Thu Apr 23 13:07:12 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 23 Apr 2020 13:07:12 -0700 Subject: [El-errata] ELSA-2020-1524 Important: Oracle Linux 6 kernel security update Message-ID: <20ee22cb-a6ea-155a-8c68-00687994f5d7@oracle.com> Oracle Linux Security Advisory ELSA-2020-1524 http://linux.oracle.com/errata/ELSA-2020-1524.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: kernel-2.6.32-754.29.1.el6.i686.rpm kernel-abi-whitelists-2.6.32-754.29.1.el6.noarch.rpm kernel-debug-2.6.32-754.29.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.29.1.el6.i686.rpm kernel-devel-2.6.32-754.29.1.el6.i686.rpm kernel-doc-2.6.32-754.29.1.el6.noarch.rpm kernel-firmware-2.6.32-754.29.1.el6.noarch.rpm kernel-headers-2.6.32-754.29.1.el6.i686.rpm perf-2.6.32-754.29.1.el6.i686.rpm python-perf-2.6.32-754.29.1.el6.i686.rpm x86_64: kernel-2.6.32-754.29.1.el6.x86_64.rpm kernel-abi-whitelists-2.6.32-754.29.1.el6.noarch.rpm kernel-debug-2.6.32-754.29.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.29.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.29.1.el6.x86_64.rpm kernel-devel-2.6.32-754.29.1.el6.x86_64.rpm kernel-doc-2.6.32-754.29.1.el6.noarch.rpm kernel-firmware-2.6.32-754.29.1.el6.noarch.rpm kernel-headers-2.6.32-754.29.1.el6.x86_64.rpm perf-2.6.32-754.29.1.el6.x86_64.rpm python-perf-2.6.32-754.29.1.el6.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-754.29.1.el6.src.rpm Description of changes: [2.6.32-754.29.1.el6.OL6] - Update genkey [bug 25599697] [2.6.32-754.29.1.el6] - [wireless] rtlwifi: Fix potential overflow on P2P code (Jarod Wilson) [1775226] {CVE-2019-17666} - [x86] mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes (Denys Vlasenko) [1485759] - [powerpc] powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB (Denys Vlasenko) [1485759] - binfmt_elf: use ELF_ET_DYN_BASE only for PIE (Denys Vlasenko) [1485759] - [powerpc] powerpc: Use generic PIE randomization (Denys Vlasenko) [1485759] From el-errata at oss.oracle.com Thu Apr 23 17:20:25 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 23 Apr 2020 17:20:25 -0700 Subject: [El-errata] ELSA-2020-1561 Important: Oracle Linux 7 python-twisted-web security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1561 http://linux.oracle.com/errata/ELSA-2020-1561.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: python-twisted-web-12.1.0-7.el7_8.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/python-twisted-web-12.1.0-7.el7_8.src.rpm Description of changes: [12.1.0-7] - Fix CVE-2020-10108 and CVE-2020-10109 multiple HTTP request smuggling vulnderabilities Resolves: rhbz#1813439 rhbz#1813447 - Remove useless macros definitions From el-errata at oss.oracle.com Thu Apr 23 21:26:02 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 23 Apr 2020 21:26:02 -0700 Subject: [El-errata] ELSA-2020-1561 Important: Oracle Linux 7 python-twisted-web security update (aarch64) Message-ID: Oracle Linux Security Advisory ELSA-2020-1561 http://linux.oracle.com/errata/ELSA-2020-1561.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: python-twisted-web-12.1.0-7.el7_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/python-twisted-web-12.1.0-7.el7_8.src.rpm Description of changes: [12.1.0-7] - Fix CVE-2020-10108 and CVE-2020-10109 multiple HTTP request smuggling vulnderabilities Resolves: rhbz#1813439 rhbz#1813447 - Remove useless macros definitions From el-errata at oss.oracle.com Thu Apr 23 21:47:51 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 23 Apr 2020 21:47:51 -0700 Subject: [El-errata] ELBA-2020-1560 Oracle Linux 8 tigervnc bugfix and enhancement update Message-ID: <3c5d8533-63e7-2f03-351e-59d3a2c8ad39@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1560 http://linux.oracle.com/errata/ELBA-2020-1560.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: tigervnc-1.9.0-15.el8_1.x86_64.rpm tigervnc-icons-1.9.0-15.el8_1.noarch.rpm tigervnc-license-1.9.0-15.el8_1.noarch.rpm tigervnc-server-1.9.0-15.el8_1.x86_64.rpm tigervnc-server-applet-1.9.0-15.el8_1.noarch.rpm tigervnc-server-minimal-1.9.0-15.el8_1.x86_64.rpm tigervnc-server-module-1.9.0-15.el8_1.x86_64.rpm aarch64: tigervnc-1.9.0-15.el8_1.aarch64.rpm tigervnc-icons-1.9.0-15.el8_1.noarch.rpm tigervnc-license-1.9.0-15.el8_1.noarch.rpm tigervnc-server-1.9.0-15.el8_1.aarch64.rpm tigervnc-server-applet-1.9.0-15.el8_1.noarch.rpm tigervnc-server-minimal-1.9.0-15.el8_1.aarch64.rpm tigervnc-server-module-1.9.0-15.el8_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/tigervnc-1.9.0-15.el8_1.src.rpm Description of changes: [1.9.0-15] - Bump build version Resolves: bz#1819877 Resolves: bz#1819879 Resolves: bz#1819882 Resolves: bz#1819886 Resolves: bz#1819884 From el-errata at oss.oracle.com Fri Apr 24 12:34:32 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Fri, 24 Apr 2020 12:34:32 -0700 Subject: [El-errata] ELBA-2020-5661 Oracle Linux 7 scap-security-guide bug fix update Message-ID: <4a3ceedb-3f21-388d-0df0-95b849522726@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-5661 http://linux.oracle.com/errata/ELBA-2020-5661.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: scap-security-guide-0.1.46-11.0.2.el7.noarch.rpm scap-security-guide-doc-0.1.46-11.0.2.el7.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/scap-security-guide-0.1.46-11.0.2.el7.src.rpm Description of changes: [0.1.46-11.0.2] - Ship OL7 stig profile aligned with DISA STIG for OL7 v1r1 [Orabug: 31188462] - Reduce number of build threads to avoid concurrency failure [Orabug: 31188462] From el-errata at oss.oracle.com Mon Apr 27 20:05:39 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 27 Apr 2020 20:05:39 -0700 Subject: [El-errata] ELSA-2020-5663 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update Message-ID: <83e376f5-cfc5-ffd7-300a-b644fa67c2e8@oracle.com> Oracle Linux Security Advisory ELSA-2020-5663 http://linux.oracle.com/errata/ELSA-2020-5663.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2011.1.2.el7uek.x86_64.rpm kernel-uek-debug-5.4.17-2011.1.2.el7uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2011.1.2.el7uek.x86_64.rpm kernel-uek-devel-5.4.17-2011.1.2.el7uek.x86_64.rpm kernel-uek-doc-5.4.17-2011.1.2.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2011.1.2.el7uek.x86_64.rpm aarch64: kernel-uek-5.4.17-2011.1.2.el7uek.aarch64.rpm kernel-uek-debug-5.4.17-2011.1.2.el7uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2011.1.2.el7uek.aarch64.rpm kernel-uek-devel-5.4.17-2011.1.2.el7uek.aarch64.rpm kernel-uek-doc-5.4.17-2011.1.2.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2011.1.2.el7uek.aarch64.rpm kernel-uek-tools-libs-5.4.17-2011.1.2.el7uek.aarch64.rpm perf-5.4.17-2011.1.2.el7uek.aarch64.rpm python-perf-5.4.17-2011.1.2.el7uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2011.1.2.el7uek.src.rpm Description of changes: [5.4.17-2011.1.2.el7uek] - ctf: discard CTF from the vDSO (Nick Alcock) [Orabug: 31194036] [5.4.17-2011.1.1.el7uek] - slcan: Don't transmit uninitialized stack data in padding (Richard Palethorpe) [Orabug: 31136750] {CVE-2020-11494} - blktrace: Protect q->blk_trace with RCU (Jan Kara) [Orabug: 31123573] {CVE-2019-19768} - KVM: x86: clear stale x86_emulate_ctxt->intercept value (Vitaly Kuznetsov) [Orabug: 31118688] - perf/x86/amd: Add support for Large Increment per Cycle Events (Kim Phillips) [Orabug: 31104924] - perf/x86/amd: Constrain Large Increment per Cycle events (Kim Phillips) [Orabug: 31104924] - kvm/svm: PKU not currently supported (John Allen) [Orabug: 31104924] - KVM: SVM: Override default MMIO mask if memory encryption is enabled (Tom Lendacky) [Orabug: 31104924] - EDAC/amd64: Drop some family checks for newer systems (Yazen Ghannam) [Orabug: 31104924] - x86/amd_nb: Add Family 19h PCI IDs (Yazen Ghannam) [Orabug: 31104924] - EDAC/mce_amd: Always load on SMCA systems (Yazen Ghannam) [Orabug: 31104924] - x86/MCE/AMD, EDAC/mce_amd: Add new Load Store unit McaType (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Add family ops for Family 19h Models 00h-0Fh (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Check for memory before fully initializing an instance (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Use cached data when checking for ECC (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Save max number of controllers to family type (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Gather hardware information early (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Make struct amd64_family_type global (Yazen Ghannam) [Orabug: 31104924] - floppy: check FDC index for errors before assigning it (Linus Torvalds) [Orabug: 31067510] {CVE-2020-9383} - KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (Tom Lendacky) [Orabug: 31012269] - KVM: SVM: Serialize access to the SEV ASID bitmap (Tom Lendacky) [Orabug: 31012269] - iommu/vt-d: Allow devices with RMRRs to use identity domain (Lu Baolu) [Orabug: 31127400] [5.4.17-2011.1.0.el7uek] - vhost: Check docket sk_family instead of call getname (Eugenio P?rez) [Orabug: 31085989] {CVE-2020-10942} - selftests/net: add definition for SOL_DCCP to fix compilation errors for old libc (Alan Maguire) [Orabug: 31078892] - kernel: cpu.c: fix print typo about SMT status (Mihai Carabas) [Orabug: 31053334] - nfs: optimise readdir cache page invalidation (Dai Ngo) [Orabug: 31044292] - NFS: Directory page cache pages need to be locked when read (Trond Myklebust) [Orabug: 31044292] - rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 31032126] - efi: Fix a race and a buffer overflow while reading efivars via sysfs (Vladis Dronov) [Orabug: 31020408] - net: Support GRO/GSO fraglist chaining. (Steffen Klassert) [Orabug: 30670829] - net: Add fraglist GRO/GSO feature flags (Steffen Klassert) [Orabug: 30670829] - udp: Support UDP fraglist GRO/GSO. (Steffen Klassert) [Orabug: 30670829] - net: remove the check argument from __skb_gro_checksum_convert (Li RongQing) [Orabug: 30670829] - Revert "nvme_fc: add module to ops template to allow module references" (John Donnelly) [Orabug: 31119387] - ext4: add cond_resched() to ext4_protect_reserved_inode (Shijie Luo) [Orabug: 31067112] {CVE-2020-8992} - dsa: disable module unloading for ARM64 (Allen Pais) [Orabug: 30456791] - bpf: Undo incorrect __reg_bound_offset32 handling (Daniel Borkmann) [Orabug: 31127385] {CVE-2020-8835} - bpf: Fix tnum constraints for 32-bit comparisons (Jann Horn) [Orabug: 31127385] {CVE-2020-8835} From el-errata at oss.oracle.com Mon Apr 27 21:09:08 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Mon, 27 Apr 2020 21:09:08 -0700 Subject: [El-errata] ELSA-2020-5663 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update Message-ID: <638d9451-c1d6-3077-2c86-0f905671572d@oracle.com> Oracle Linux Security Advisory ELSA-2020-5663 http://linux.oracle.com/errata/ELSA-2020-5663.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2011.1.2.el8uek.x86_64.rpm kernel-uek-debug-5.4.17-2011.1.2.el8uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.x86_64.rpm kernel-uek-devel-5.4.17-2011.1.2.el8uek.x86_64.rpm kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm Description of changes: [5.4.17-2011.1.2.el8uek] - ctf: discard CTF from the vDSO (Nick Alcock) [Orabug: 31194036] [5.4.17-2011.1.1.el8uek] - slcan: Don't transmit uninitialized stack data in padding (Richard Palethorpe) [Orabug: 31136750] {CVE-2020-11494} - blktrace: Protect q->blk_trace with RCU (Jan Kara) [Orabug: 31123573] {CVE-2019-19768} - KVM: x86: clear stale x86_emulate_ctxt->intercept value (Vitaly Kuznetsov) [Orabug: 31118688] - perf/x86/amd: Add support for Large Increment per Cycle Events (Kim Phillips) [Orabug: 31104924] - perf/x86/amd: Constrain Large Increment per Cycle events (Kim Phillips) [Orabug: 31104924] - kvm/svm: PKU not currently supported (John Allen) [Orabug: 31104924] - KVM: SVM: Override default MMIO mask if memory encryption is enabled (Tom Lendacky) [Orabug: 31104924] - EDAC/amd64: Drop some family checks for newer systems (Yazen Ghannam) [Orabug: 31104924] - x86/amd_nb: Add Family 19h PCI IDs (Yazen Ghannam) [Orabug: 31104924] - EDAC/mce_amd: Always load on SMCA systems (Yazen Ghannam) [Orabug: 31104924] - x86/MCE/AMD, EDAC/mce_amd: Add new Load Store unit McaType (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Add family ops for Family 19h Models 00h-0Fh (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Check for memory before fully initializing an instance (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Use cached data when checking for ECC (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Save max number of controllers to family type (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Gather hardware information early (Yazen Ghannam) [Orabug: 31104924] - EDAC/amd64: Make struct amd64_family_type global (Yazen Ghannam) [Orabug: 31104924] - floppy: check FDC index for errors before assigning it (Linus Torvalds) [Orabug: 31067510] {CVE-2020-9383} - KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (Tom Lendacky) [Orabug: 31012269] - KVM: SVM: Serialize access to the SEV ASID bitmap (Tom Lendacky) [Orabug: 31012269] - iommu/vt-d: Allow devices with RMRRs to use identity domain (Lu Baolu) [Orabug: 31127400] [5.4.17-2011.1.0.el8uek] - vhost: Check docket sk_family instead of call getname (Eugenio P?rez) [Orabug: 31085989] {CVE-2020-10942} - selftests/net: add definition for SOL_DCCP to fix compilation errors for old libc (Alan Maguire) [Orabug: 31078892] - kernel: cpu.c: fix print typo about SMT status (Mihai Carabas) [Orabug: 31053334] - nfs: optimise readdir cache page invalidation (Dai Ngo) [Orabug: 31044292] - NFS: Directory page cache pages need to be locked when read (Trond Myklebust) [Orabug: 31044292] - rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 31032126] - efi: Fix a race and a buffer overflow while reading efivars via sysfs (Vladis Dronov) [Orabug: 31020408] - net: Support GRO/GSO fraglist chaining. (Steffen Klassert) [Orabug: 30670829] - net: Add fraglist GRO/GSO feature flags (Steffen Klassert) [Orabug: 30670829] - udp: Support UDP fraglist GRO/GSO. (Steffen Klassert) [Orabug: 30670829] - net: remove the check argument from __skb_gro_checksum_convert (Li RongQing) [Orabug: 30670829] - Revert "nvme_fc: add module to ops template to allow module references" (John Donnelly) [Orabug: 31119387] - ext4: add cond_resched() to ext4_protect_reserved_inode (Shijie Luo) [Orabug: 31067112] {CVE-2020-8992} - dsa: disable module unloading for ARM64 (Allen Pais) [Orabug: 30456791] - bpf: Undo incorrect __reg_bound_offset32 handling (Daniel Borkmann) [Orabug: 31127385] {CVE-2020-8835} - bpf: Fix tnum constraints for 32-bit comparisons (Jann Horn) [Orabug: 31127385] {CVE-2020-8835} From el-errata at oss.oracle.com Tue Apr 28 01:20:13 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Tue, 28 Apr 2020 10:20:13 +0200 Subject: [El-errata] New Ksplice updates for RHCK 6 (ELSA-2020-1524) Message-ID: <20200428082013.GD24380@chrystal> Synopsis: ELSA-2020-1524 can now be patched using Ksplice CVEs: CVE-2017-1000371 CVE-2019-17666 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2020-1524. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2020-1524.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running RHCK 6 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2019-17666: Remote code execution in Realtek peer-to-peer Wifi. Missing validation could result in a kernel buffer overflow and potentially code-execution. A remote attacker in proximity to the device could use this flaw to crash the system or potentially, execute code. * CVE-2017-1000371: Privilege escalation when executing a shared object file. A logic error when loading shared object file with ELF format could facilitate an exploit leading to privilege escalation. Note: Oracle will not be providing a zero downtime update for CVE-2017-1000371 on 32 bits kernels. SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Wed Apr 29 12:29:05 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 29 Apr 2020 12:29:05 -0700 Subject: [El-errata] ELBA-2020-5659 Oracle Linux 7 hdparm bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-5659 http://linux.oracle.com/errata/ELBA-2020-5659.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: hdparm-9.54-2.el7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/hdparm-9.54-2.el7.src.rpm Description of changes: [9.54-2] - fix resource leaks * Thu Mar 15 2018 Michal Min?? miminar at redhat.com - 9.54-1 - New upstream version 9.54 [9.52-3] - Use LDFLAGS from redhat-rpm-config [9.52-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [9.52-1] - New upstream version. [9.51-4] - Cleanup spec [9.51-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [9.51-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [9.51-1] - New upstream version. [9.48-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild [9.48-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild [9.48-1] - New upstream version. [9.47-1] - New upstream version. [9.45-2] - Removing ExcludeArch for s390 & s390x (it works) [9.45-7] - New upstream version 9.45. [9.43-7] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild [9.43-6] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild [9.43-5] - Fixed division by zero. - Resolves: #986072 [9.43-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild [9.43-3] - Added patches fixing covscan defects. [9.43-2] - Fixed inconsistency between man page and program's help. [9.43-1] - hdparm-9.43 [9.42-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild [9.42-1] - hdparm-9.42 [9.39-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild [9.39-1] - hdparm-9.39 [9.36-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild [9.36-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild [9.36-1] - update to hdparm-9.36 (#645048) [9.33-1] - update to hdparm-9.33 (#592896) [9.27-1] - update to 9.27 - enhance security-erase timeout to 12h (#536731) [9.16-3] - Let rpmbuild strip the executable (#513025). [9.16-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild [9.16-1] - update to 9.16, fixes disk spindowns [9.12-1] - update to 9.12 to fix #488560 [9.8-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild [9.8-1] - update [8.6-1] - update to 8.6 - fix source URL [8.5-1] - version 8.5, fixes u8->u16 bug in security commands [8.4-2] - fix debuginfo package (#434644) [8.4-1] - version 8.4 [8.1-3] - upload 8.1 sources and rebuild [8.1-2] - Autorebuild for GCC 4.3 [8.1-1] - update to 8.1 [7.7-1] - update to 7.7 [7.6-1] - update to version 7.6 [6.9-3] - more review cleanups (#225882) [6.9-2] - clean up spec file for merge review (#225882) [6.9-1] - update to 6.9 [6.6-2] - test builds on ia64, ppc, ppc64 [6.6-1.1] - rebuild [6.3-3] - remove obsolute include patch - disable idestruct patch, rebuild [6.3-2.2] - bump again for double-long bug on ppc(64) [6.3-2.1] - rebuilt for new gcc4.1 snapshot and glibc changes [6.3-2] - use ExcludeArch, this allows building on archs we don't ship such as Alpha (#175919) * Fri Dec 09 2005 Jesse Keating - rebuilt [6.3-1] - fix package URL [6.3-1] - update to hdparm-6.3 [6.1-1] - update to 6.1 (BLKGETSIZE fixes) - work around hdparm's usage of kernel headers, assume that we run it on little-endian machines only [5.9-3] - remove /etc/sysconfig/harddisks (#157673) [5.9-2] - enable debuginfo [5.9-1] - update to 5.9 - build with gcc-4 [5.8-2] - add --help option (#143916) [5.8-1] - update [5.7-2] - rebuilt [5.7-1] - update to latest stable version * Tue Jun 15 2004 Elliot Lee - rebuilt [5.5-1] - update to latest stable version - rename variable to avoid name clash with readahead function * Fri Feb 13 2004 Elliot Lee - rebuilt * Wed Jun 04 2003 Elliot Lee - rebuilt [5.4-2] - rebuild [5.4-1] - update - #92057 [5.3-2] - rebuild [5.3-1] - update to 5.3 - add comment to /etc/sysconfig/harddisks * Wed Jan 22 2003 Tim Powers - rebuilt [5.2-3] - rebuild on all arches * Tue Nov 19 2002 Tim Powers - rebuild on all arches * Wed Jun 26 2002 Karsten Hopp - update to 5.2 with the following fixes: - v5.2 compile fixes for 2.5.xx - v5.1 fixed segfault in "-i" on older drives - v5.0 lots of updates and new features - v4.9 fixed compile error with 2.5.xx kernels - v4.8 changed -Q to allow specifying queue depth - v4.7 added -z, -Q, -M flags; expanded parm range for -p * Fri Jun 21 2002 Tim Powers - automated rebuild * Thu May 23 2002 Tim Powers - automated rebuild * Fri Feb 22 2002 Karsten Hopp - bump version for 8.0 * Fri Feb 22 2002 Karsten Hopp - rebuild in new environment [(4.6-1)] - Update to 4.6 * Mon Oct 01 2001 Karsten Hopp - fix name of doc file (#54137) * Fri Jul 20 2001 Florian La Roche - exclude s390,s390x * Mon Jun 25 2001 Karsten Hopp - update to version 4.1 - update URL * Wed Jul 19 2000 Bernhard Rosenkr?nzer - disable readahead (#14268) - add comment in /etc/sysconfig/harddisks about possible extra parameters * Thu Jul 13 2000 Prospector - automatic rebuild * Wed Jul 12 2000 Trond Eivind Glomsr?d - disable 32 bit interfacing (#13730) * Tue Jun 27 2000 Trond Eivind Glomsr?d - use %{_tmppath} - add /etc/sysconfig/harddisks, a new file for hardisk optimization parameters * Mon Jun 19 2000 Bernhard Rosenkr?nzer - FHSify * Sun Apr 09 2000 Bernhard Rosenkr?nzer - Fix compilation with kernel 2.3.* * Thu Feb 17 2000 Bernhard Rosenkr?nzer - 3.9 - handle RPM_OPT_FLAGS * Thu Feb 17 2000 Bernhard Rosenkr?nzer - Use O_NONBLOCK when opening devices so we can manipulate CD-ROM drives with no media inserted, even when running a current kernel (Bug #6457) * Sat Feb 05 2000 Bill Nottingham - build as non-root user (#6458) * Fri Feb 04 2000 Bernhard Rosenkr?nzer - deal with RPM compressing man pages * Fri Nov 19 1999 Bernhard Rosenkraenzer - 3.6 * Thu Aug 12 1999 Cristian Gafton - version 3.5 * Wed Mar 24 1999 Cristian Gafton - added patches from UP * Sun Mar 21 1999 Cristian Gafton - auto rebuild in the new build environment (release 4) * Tue Dec 29 1998 Cristian Gafton - build for 6.0 * Fri Apr 24 1998 Prospector System - translations modified for de, fr, tr * Wed Apr 08 1998 Erik Troan - updated to 3.3 - build rooted * Fri Oct 31 1997 Donnie Barnes - fixed spelling error in summary * Mon Jun 02 1997 Erik Troan - built against glibc From el-errata at oss.oracle.com Wed Apr 29 12:29:32 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 29 Apr 2020 12:29:32 -0700 Subject: [El-errata] ELBA-2020-5659 Oracle Linux 7 hdparm bug fix update (aarch64) Message-ID: <907f9498-a245-0315-770b-49a67b46436b@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-5659 http://linux.oracle.com/errata/ELBA-2020-5659.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: hdparm-9.54-2.el7.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/hdparm-9.54-2.el7.src.rpm Description of changes: [9.54-2] - fix resource leaks * Thu Mar 15 2018 Michal Min?? miminar at redhat.com - 9.54-1 - New upstream version 9.54 [9.52-3] - Use LDFLAGS from redhat-rpm-config [9.52-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [9.52-1] - New upstream version. [9.51-4] - Cleanup spec [9.51-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [9.51-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [9.51-1] - New upstream version. [9.48-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild [9.48-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild [9.48-1] - New upstream version. [9.47-1] - New upstream version. [9.45-2] - Removing ExcludeArch for s390 & s390x (it works) [9.45-7] - New upstream version 9.45. [9.43-7] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild [9.43-6] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild From el-errata at oss.oracle.com Wed Apr 29 16:15:00 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Wed, 29 Apr 2020 16:15:00 -0700 Subject: [El-errata] ELSA-2020-1962 Important: Oracle Linux 6 python-twisted-web security update Message-ID: Oracle Linux Security Advisory ELSA-2020-1962 http://linux.oracle.com/errata/ELSA-2020-1962.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: python-twisted-web-8.2.0-6.el6_10.i686.rpm x86_64: python-twisted-web-8.2.0-6.el6_10.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/python-twisted-web-8.2.0-6.el6_10.src.rpm Description of changes: [8.2.0-7] - Fix CVE-2020-10108 HTTP request smuggling when presented with two Content-Length headers Resolves: rhbz#1813439 - Remove useless macros definitions From el-errata at oss.oracle.com Thu Apr 30 10:29:02 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 30 Apr 2020 19:29:02 +0200 Subject: [El-errata] New Ksplice updates for UEKR6 5.4.17 on OL7 and OL8 (ELSA-2020-5663) Message-ID: <20200430172902.GK9615@chrystal> Synopsis: ELSA-2020-5663 can now be patched using Ksplice CVEs: CVE-2019-19768 CVE-2020-10942 CVE-2020-11494 CVE-2020-2732 CVE-2020-8835 CVE-2020-8992 CVE-2020-9383 Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2020-5663. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2020-5663.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on OL7 and OL8 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * CVE-2020-11494: Information leak when using Serial / USB serial CAN Adaptors. A missing zeroing of on stack data when sending data over Serial / USB serial CAN Adaptors could lead to an information leak. A local attacker could use this flaw to leak information about running kernel and facilitate an attack. Orabug: 31136750 * CVE-2020-9383: Information leak in floppy disk driver. A flaw in floppy driver could lead to an out-of-bounds read causing the information leak when assigning the floppy disk controller. Orabug: 31067510 * CVE-2020-8992: Deadlock with too big journal size on ext4 filesystem. Using a too big journal size on ext4 filesystem could lead to a deadlock. A local attacker could use a specially crafted ext4 filesystem to cause a denial-of-service. Orabug: 31067112 * CVE-2020-8835: Privileges escalation in BPF verifier code. A logic error in the BPF verifier code could lead to incorrect bounds calculation. A local attacker could use this flaw to leak information about running kernel or escalate privileges. Orabug: 31127385 * CVE-2020-10942: Out-of-bounds memory access in the Virtual host driver. Invalid input validation could lead to type confusion and out-of-bounds memory accesses. A local unprivileged user could use this to cause a denial-of-service or potentially escalate privileges. Orabug: 31085989 * Improved fix for CVE-2020-2732: Privilege escalation in Intel KVM nested emulation. The original fix for CVE-2020-2732 prevented a windows guest with Hyper-V enabled from booting. Orabug: 31118688 * Use-after-free when using NFS with page cache. A logic error when using NFS with page cache could lead to a use-after-free. A local attacker could use this flaw to cause a denial- of-service. Orabug: 31044292 * CVE-2019-19768: Use-after-free when reporting an IO trace. Lack of correct synchronization between releasing a structure used to store a trace and filling that structure coud lead to a use-after-free. A local user with the ability to enable tracing on the block IO sub-system could use this flaw to cause a denial-of-service or potentially escalate privileges. Orabug: 31123573 * CVE-2020-8835: Privileges escalation in BPF verifier code. A logic error in the BPF verifier code could lead to incorrect bounds calculation. A local attacker could use this flaw to leak information about running kernel or escalate privileges. Orabug: 31127385 * Out-of-bounds memory write when reading EFI variables from sysfs. Lack of proper synchronization when reading EFI variables from sysfs could lead to an out-of-bounds memory write. A local user with the ability to read those files could use this flaw to cause a denial-of-service or potentially escalate privileges. Orabug: 31020408 SUPPORT Ksplice support is available at ksplice-support_ww at oracle.com. From el-errata at oss.oracle.com Thu Apr 30 18:03:28 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 30 Apr 2020 18:03:28 -0700 Subject: [El-errata] ELBA-2020-1982 Oracle Linux 6 tzdata enhancement update Message-ID: <7710f7ee-0da5-9b4e-d396-cef85f706d87@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1982 http://linux.oracle.com/errata/ELBA-2020-1982.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: tzdata-2020a-1.el6.noarch.rpm tzdata-java-2020a-1.el6.noarch.rpm x86_64: tzdata-2020a-1.el6.noarch.rpm tzdata-java-2020a-1.el6.noarch.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/tzdata-2020a-1.el6.src.rpm Description of changes: [2020a-1] - Rebase to tzdata-2020a - Morocco will spring forward on 2020-05-31 rather than previously predicted 2020-05-24. - Canada's Yukon region changed to year round UTC -07 effective 2020-03-08. - America/Godthab was renamed to America/Nuuk. From el-errata at oss.oracle.com Thu Apr 30 23:01:27 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 30 Apr 2020 23:01:27 -0700 Subject: [El-errata] ELBA-2020-1989 Oracle Linux 7 mesa bug fix and enhancement update Message-ID: <6bbd5f39-8175-0123-ef48-ade8031c0ef4@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1989 http://linux.oracle.com/errata/ELBA-2020-1989.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: mesa-dri-drivers-18.3.4-6.el7_7.1.i686.rpm mesa-dri-drivers-18.3.4-6.el7_7.1.x86_64.rpm mesa-filesystem-18.3.4-6.el7_7.1.i686.rpm mesa-filesystem-18.3.4-6.el7_7.1.x86_64.rpm mesa-khr-devel-18.3.4-6.el7_7.1.i686.rpm mesa-khr-devel-18.3.4-6.el7_7.1.x86_64.rpm mesa-libEGL-18.3.4-6.el7_7.1.i686.rpm mesa-libEGL-18.3.4-6.el7_7.1.x86_64.rpm mesa-libEGL-devel-18.3.4-6.el7_7.1.i686.rpm mesa-libEGL-devel-18.3.4-6.el7_7.1.x86_64.rpm mesa-libGL-18.3.4-6.el7_7.1.i686.rpm mesa-libGL-18.3.4-6.el7_7.1.x86_64.rpm mesa-libGL-devel-18.3.4-6.el7_7.1.i686.rpm mesa-libGL-devel-18.3.4-6.el7_7.1.x86_64.rpm mesa-libGLES-18.3.4-6.el7_7.1.i686.rpm mesa-libGLES-18.3.4-6.el7_7.1.x86_64.rpm mesa-libGLES-devel-18.3.4-6.el7_7.1.i686.rpm mesa-libGLES-devel-18.3.4-6.el7_7.1.x86_64.rpm mesa-libOSMesa-18.3.4-6.el7_7.1.i686.rpm mesa-libOSMesa-18.3.4-6.el7_7.1.x86_64.rpm mesa-libOSMesa-devel-18.3.4-6.el7_7.1.i686.rpm mesa-libOSMesa-devel-18.3.4-6.el7_7.1.x86_64.rpm mesa-libgbm-18.3.4-6.el7_7.1.i686.rpm mesa-libgbm-18.3.4-6.el7_7.1.x86_64.rpm mesa-libgbm-devel-18.3.4-6.el7_7.1.i686.rpm mesa-libgbm-devel-18.3.4-6.el7_7.1.x86_64.rpm mesa-libglapi-18.3.4-6.el7_7.1.i686.rpm mesa-libglapi-18.3.4-6.el7_7.1.x86_64.rpm mesa-libxatracker-18.3.4-6.el7_7.1.i686.rpm mesa-libxatracker-18.3.4-6.el7_7.1.x86_64.rpm mesa-libxatracker-devel-18.3.4-6.el7_7.1.i686.rpm mesa-libxatracker-devel-18.3.4-6.el7_7.1.x86_64.rpm mesa-vdpau-drivers-18.3.4-6.el7_7.1.i686.rpm mesa-vdpau-drivers-18.3.4-6.el7_7.1.x86_64.rpm mesa-vulkan-drivers-18.3.4-6.el7_7.1.i686.rpm mesa-vulkan-drivers-18.3.4-6.el7_7.1.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/mesa-18.3.4-6.el7_7.1.src.rpm Description of changes: [18.3.4-6.1] - Backport put/get shm fixes to EL7 (#1749699) From el-errata at oss.oracle.com Thu Apr 30 23:01:39 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 30 Apr 2020 23:01:39 -0700 Subject: [El-errata] ELBA-2020-1985 Oracle Linux 7 mutter bug fix and enhancement update Message-ID: <63536a34-189c-7b60-2e9b-ea2fc63a1803@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1985 http://linux.oracle.com/errata/ELBA-2020-1985.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: mutter-3.28.3-15.el7_7.i686.rpm mutter-3.28.3-15.el7_7.x86_64.rpm mutter-devel-3.28.3-15.el7_7.i686.rpm mutter-devel-3.28.3-15.el7_7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/mutter-3.28.3-15.el7_7.src.rpm Description of changes: [3.28.3-15] - Add PING_TIMEOUT_DELAY to mutter MetaPreferences Resolves: #1809162 From el-errata at oss.oracle.com Thu Apr 30 23:01:49 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 30 Apr 2020 23:01:49 -0700 Subject: [El-errata] ELBA-2020-1991 Oracle Linux 7 tuned bug fix and enhancement update Message-ID: <2c17bbef-a5e1-b082-4629-c3be896092f6@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1991 http://linux.oracle.com/errata/ELBA-2020-1991.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: tuned-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-gtk-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-profiles-atomic-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-profiles-compat-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-profiles-cpu-partitioning-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-profiles-mssql-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-profiles-oracle-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-utils-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-utils-systemtap-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-profiles-oci-2.11.0-5.0.2.el7_7.2.noarch.rpm tuned-profiles-oci-recommend-2.11.0-5.0.2.el7_7.2.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/tuned-2.11.0-5.0.2.el7_7.2.src.rpm Description of changes: [2.11.0-5.0.2.2] - Do not use python-dmidecode [Orabug: 30119620] - Added profiles-oci-recommend package [Orabug: 29632202] - Added iscsi plugin, and - added oci-rps-xps profile [Orabug: 28397039] - added oci-busy-polling profile [Orabug: 28748149] - added oci-cpu-power profile [2.11.0-5.2] - realtime-virtual-guest/host: enabled ktimer-lockless-check Resolves: rhbz#1817936 From el-errata at oss.oracle.com Thu Apr 30 23:02:00 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 30 Apr 2020 23:02:00 -0700 Subject: [El-errata] ELBA-2020-1988 Oracle Linux 7 libwvstreams bug fix update Message-ID: Oracle Linux Bug Fix Advisory ELBA-2020-1988 http://linux.oracle.com/errata/ELBA-2020-1988.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libwvstreams-4.6.1-12.el7_7.i686.rpm libwvstreams-4.6.1-12.el7_7.x86_64.rpm libwvstreams-devel-4.6.1-12.el7_7.i686.rpm libwvstreams-devel-4.6.1-12.el7_7.x86_64.rpm libwvstreams-static-4.6.1-12.el7_7.i686.rpm libwvstreams-static-4.6.1-12.el7_7.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/libwvstreams-4.6.1-12.el7_7.src.rpm Description of changes: [4.6.1-12] - Fixed stack size Resolves: rhbz#1551334 From el-errata at oss.oracle.com Thu Apr 30 23:02:11 2020 From: el-errata at oss.oracle.com (Errata Announcements for Oracle Linux) Date: Thu, 30 Apr 2020 23:02:11 -0700 Subject: [El-errata] ELBA-2020-1982 Oracle Linux 7 tzdata enhancement update Message-ID: <85c11c71-2be3-11ad-31de-6c746f568257@oracle.com> Oracle Linux Bug Fix Advisory ELBA-2020-1982 http://linux.oracle.com/errata/ELBA-2020-1982.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: tzdata-2020a-1.el7.noarch.rpm tzdata-java-2020a-1.el7.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/tzdata-2020a-1.el7.src.rpm Description of changes: [2020a-1] - Rebase to tzdata-2020a - Morocco will spring forward on 2020-05-31 rather than previously predicted 2020-05-24. - Canada's Yukon region changed to year round UTC -07 effective 2020-03-08. - America/Godthab was renamed to America/Nuuk.