Another Exim's Crititcal Vulnerability to be Found

Luckily, the fix is already rolled out and everyone should update
30 September 2019   438

In Exim, the fourth critical vulnerability in a year discovered was discovered. The developers have already published an emergency release of Exim 4.92.3 with fixes. The fix works for Ubuntu, Arch Linux, FreeBSD, Debian, and Fedora.

The vulnerability potentially allows malicious code to be executed on the server. An attacker only needs to pass a string of several kilobytes in the EHLO command. The buffer of the string_vformat () function overflows, this causes a crash. In theory, buffer overflows can also be caused through other commands.

Oracle to Release Unbreakable Kernel R5U3

The update for the kernel, that can be used as alternative for Red Hat Enterprise Linux used in the Oracle Linux is based on the Linux 4.14 
25 March 2020   197

Oracle has released the third functional update for the Unbreakable Enterprise Kernel R5 kernel, positioned for use in the Oracle Linux distribution as an alternative to the regular kernel package from Red Hat Enterprise Linux. The kernel is available for x86_64 and ARM64 architectures (aarch64). Kernel sources, including breakdowns into individual patches, are published in the public Oracle Git repository.

The Unbreakable Enterprise Kernel 5 package is based on the Linux 4.14 kernel (UEK R4 was based on the 4.1 kernel), which is supplemented with new features, optimizations and fixes, as well as tested for compatibility with most applications running in RHEL and specially optimized for working with industrial software and Oracle hardware. Installation and src packages with the UEK R5U1 kernel are prepared for Oracle Linux 7 (there are no obstacles to using this kernel in similar versions of RHEL, CentOS and Scientific Linux).

Key improvements:

  • Improved support for 64-bit systems based on the ARM architecture. Updated drivers for ARM.
  • InfiniBand includes on-demand paging support, which allows you to reflect memory through a processor for accessing unallocated pages of memory (page faults), i.e. consume memory when it is actually being used.
  • In XFS, a deadlock was eliminated, which caused the locks to freeze and not free.
  • CIFS resolved an issue that could lead to POSIX lock leaks and crashes.
  • Bug fixes resolving issues with incompatibility of certain equipment with QEMU / KVM.
  • Device drivers are synchronized with the Linux kernel 4.14.35. The driver for Broadcom Emulex LightPulse Fiber Channel SCSI has been updated to version 12.2.0.13.

Get more at the official blog