[Oraclevm-errata] OVMSA-2017-0052 Moderate: Oracle VM 3.4 coreutils security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed Mar 29 13:03:17 PDT 2017


Oracle VM Security Advisory OVMSA-2017-0052

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
coreutils-8.4-46.0.1.el6.x86_64.rpm
coreutils-libs-8.4-46.0.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/coreutils-8.4-46.0.1.el6.src.rpm



Description of changes:

[8.4-46.0.1]
- clean up empty file if cp is failed [Orabug 15973168]

[8.4-46]
- pure rebuild to bring back support for acl_extended_file_nofollow() on 
x86_64

[8.4-45]
- su: deny killing other processes with root privileges (CVE-2017-2616)

[8.4-44]
- fix the functionality of 'sort -h -k ...' in multi-byte locales (#1357979)
- use correct path to grep(1) in colorls.sh (#1376892)
- make colorls.sh compatible with ksh (#1321643)

[8.4-43]
- sed should actually be /bin/sed (related #1222140)

[8.4-41]
- colorls.sh,colorls.csh - call utilities with complete path (#1222140)
- mkdir, mkfifo, mknod - respect default umask/acls when
   COREUTILS_CHILD_DEFAULT_ACLS envvar is set (to match rhel 7 behaviour,

[8.4-40]
- ls: improve efficiency on filesystems without support for ACLs,
   xattrs or SELinux (#1248141)
- su: suppress PAM info messages for -c or non-login sessions (#1267588)
- tail, stat: recognize several new filesystems - up2date by Jan 1st 
2016 (#1280333)

[8.4-39]
- du: improve du error message of coreutils commands in a chrooted 
environment
   (patch by Boris Ranto) (#1086916)

[8.4-38]
- su: fix incorrect message printing when su is killed (#1147532)




More information about the Oraclevm-errata mailing list