From oraclevm-errata at oss.oracle.com Thu Sep 21 15:34:48 2017 From: oraclevm-errata at oss.oracle.com (Errata Announcements for Oracle VM) Date: Thu, 21 Sep 2017 15:34:48 -0700 Subject: [Oraclevm-errata] OVMSA-2017-0151 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update Message-ID: <22e87242-9d7f-9446-ea90-9a9003aa4edc@oracle.com> Oracle VM Security Advisory OVMSA-2017-0151 The following updated rpms for Oracle VM 3.4 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-4.1.12-103.3.8.1.el6uek.x86_64.rpm kernel-uek-firmware-4.1.12-103.3.8.1.el6uek.noarch.rpm SRPMS: http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/kernel-uek-4.1.12-103.3.8.1.el6uek.src.rpm Description of changes: [4.1.12-103.3.8.1.el6uek] - Bluetooth: Properly check L2CAP config option output buffer length (Ben Seri) [Orabug: 26796363] {CVE-2017-1000251} From oraclevm-errata at oss.oracle.com Thu Sep 21 15:37:29 2017 From: oraclevm-errata at oss.oracle.com (Errata Announcements for Oracle VM) Date: Thu, 21 Sep 2017 15:37:29 -0700 Subject: [Oraclevm-errata] OVMSA-2017-0152 Important: Oracle VM 3.3 Unbreakable Enterprise kernel security update Message-ID: <0b6dc121-58dd-8793-ad9f-ce7f0bee6067@oracle.com> Oracle VM Security Advisory OVMSA-2017-0152 The following updated rpms for Oracle VM 3.3 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-3.8.13-118.19.7.el6uek.x86_64.rpm kernel-uek-firmware-3.8.13-118.19.7.el6uek.noarch.rpm SRPMS: http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/kernel-uek-3.8.13-118.19.7.el6uek.src.rpm Description of changes: [3.8.13-118.19.7.el6uek] - Bluetooth: Properly check L2CAP config option output buffer length (Ben Seri) [Orabug: 26796364] {CVE-2017-1000251} [3.8.13-118.19.6.el6uek] - xen: fix bio vec merging (Roger Pau Monne) [Orabug: 26645550] {CVE-2017-12134} [3.8.13-118.19.5.el6uek] - fs/exec.c: account for argv/envp pointers (Kees Cook) [Orabug: 26638921] {CVE-2017-1000365} {CVE-2017-1000365} From oraclevm-errata at oss.oracle.com Fri Sep 29 08:08:25 2017 From: oraclevm-errata at oss.oracle.com (Errata Announcements for Oracle VM) Date: Fri, 29 Sep 2017 08:08:25 -0700 Subject: [Oraclevm-errata] OVMSA-2017-0154 Important: Oracle VM 3.4 nss security update Message-ID: <908a41ca-32a1-14a5-5ad3-8dd3abcd0fc8@oracle.com> Oracle VM Security Advisory OVMSA-2017-0154 The following updated rpms for Oracle VM 3.4 have been uploaded to the Unbreakable Linux Network: x86_64: nss-3.28.4-4.0.1.el6_9.x86_64.rpm nss-sysinit-3.28.4-4.0.1.el6_9.x86_64.rpm nss-tools-3.28.4-4.0.1.el6_9.x86_64.rpm SRPMS: http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/nss-3.28.4-4.0.1.el6_9.src.rpm Description of changes: [3.28.4-4.0.1] - Added nss-vendor.patch to change vendor - Temporarily disable some tests until expired PayPalEE.cert is renewed [3.28.4-4] - Backport patch to simplify transcript calculation for CertificateVerify From oraclevm-errata at oss.oracle.com Fri Sep 29 08:09:07 2017 From: oraclevm-errata at oss.oracle.com (Errata Announcements for Oracle VM) Date: Fri, 29 Sep 2017 08:09:07 -0700 Subject: [Oraclevm-errata] OVMSA-2017-0156 Important: Oracle VM 3.3 nss security update Message-ID: Oracle VM Security Advisory OVMSA-2017-0156 The following updated rpms for Oracle VM 3.3 have been uploaded to the Unbreakable Linux Network: x86_64: nss-3.28.4-4.0.1.el6_9.x86_64.rpm nss-sysinit-3.28.4-4.0.1.el6_9.x86_64.rpm nss-tools-3.28.4-4.0.1.el6_9.x86_64.rpm SRPMS: http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/nss-3.28.4-4.0.1.el6_9.src.rpm Description of changes: [3.28.4-4.0.1] - Added nss-vendor.patch to change vendor - Temporarily disable some tests until expired PayPalEE.cert is renewed [3.28.4-4] - Backport patch to simplify transcript calculation for CertificateVerify