[El-errata] ELSA-2020-2933 Moderate: Oracle Linux 6 kernel security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jul 17 15:10:49 PDT 2020


Oracle Linux Security Advisory ELSA-2020-2933

http://linux.oracle.com/errata/ELSA-2020-2933.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-2.6.32-754.31.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-754.31.1.el6.noarch.rpm
kernel-debug-2.6.32-754.31.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.31.1.el6.i686.rpm
kernel-devel-2.6.32-754.31.1.el6.i686.rpm
kernel-doc-2.6.32-754.31.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.31.1.el6.noarch.rpm
kernel-headers-2.6.32-754.31.1.el6.i686.rpm
perf-2.6.32-754.31.1.el6.i686.rpm
python-perf-2.6.32-754.31.1.el6.i686.rpm

x86_64:
kernel-2.6.32-754.31.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-754.31.1.el6.noarch.rpm
kernel-debug-2.6.32-754.31.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.31.1.el6.i686.rpm
kernel-debug-devel-2.6.32-754.31.1.el6.x86_64.rpm
kernel-devel-2.6.32-754.31.1.el6.x86_64.rpm
kernel-doc-2.6.32-754.31.1.el6.noarch.rpm
kernel-firmware-2.6.32-754.31.1.el6.noarch.rpm
kernel-headers-2.6.32-754.31.1.el6.x86_64.rpm
perf-2.6.32-754.31.1.el6.x86_64.rpm
python-perf-2.6.32-754.31.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-754.31.1.el6.src.rpm



Description of changes:

[2.6.32-754.31.1.el6.OL6]
- Update genkey [bug 25599697]

[2.6.32-754.31.1.el6]
- [x86] x86/speculation: Provide SRBDS late microcode loading support 
(Waiman Long) [1827185] {CVE-2020-0543}
- [documentation] x86/speculation: Add Ivy Bridge to affected list 
(Waiman Long) [1827185] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and 
mitigation documentation (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling 
(SRBDS) mitigation (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Waiman Long) 
[1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Waiman 
Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu/bugs: Convert to new matching macros (Waiman Long) 
[1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add consistent CPU match macros (Waiman Long) [1827185] 
{CVE-2020-0543}
- [x86] x86/devicetable: Move x86 specific macro out of generic code 
(Waiman Long) [1827185] {CVE-2020-0543}
- [netdrv] bonding/802.3ad: fix link_failure_count tracking (Patrick 
Talbert) [1841819]
- [mm] mm: migration: add migrate_entry_wait_huge() (Waiman Long) [1839653]
- [powerpc] powerpc/book3s64: Fix link stack flush on context switch 
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: support nospectre_v2 cmdline option (Gustavo 
Duarte) [1796810]
- [powerpc] powerpc/security: Fix spectre_v2 reporting (Gustavo Duarte) 
[1796810]
- [powerpc] powerpc/fsl: Update Spectre v2 reporting (Gustavo Duarte) 
[1796810]
- [powerpc] powerpc/fsl: Add nospectre_v2 command line argument (Gustavo 
Duarte) [1796810]
- [powerpc] powerpc/fsl: Fix spectre_v2 mitigations reporting (Gustavo 
Duarte) [1796810]
- [powerpc] powerpc/pseries: Query hypervisor for count cache flush 
settings (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add support for software count cache flush 
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add new security feature flags for count cache 
flush (Gustavo Duarte) [1796810]
- [powerpc] powerpc/asm: Add a patch_site macro & helpers for patching 
instructions (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Make meltdown reporting Book3S 64 specific 
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Call setup_barrier_nospec() from setup_arch() 
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (Gustavo Duarte) 
[1796810]
- [powerpc] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (Gustavo 
Duarte) [1796810]
- [powerpc] powerpc/64: Disable the speculation barrier from the command 
line (Gustavo Duarte) [1796810]
- [powerpc] powerpc64s: Show ori31 availability in spectre_v1 sysfs file 
not v2 (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Enhance the information in 
cpu_show_spectre_v1() (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Use barrier_nospec in syscall entry (Gustavo 
Duarte) [1796810]
- [powerpc] powerpc/64s: Enable barrier_nospec based on firmware 
settings (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Patch barrier_nospec in modules (Gustavo 
Duarte) [1796810]
- [powerpc] powerpc/64s: Add support for ori barrier_nospec patching 
(Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add barrier_nospec (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Add helper to check if offset is within relative 
branch range (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Have patch_instruction detect faults (Gustavo 
Duarte) [1796810]
- [powerpc] powerpc: Introduce asm-prototypes.h (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Move local setup.h declarations to arch includes 
(Gustavo Duarte) [1796810]





More information about the El-errata mailing list