the release of Oracle Linux 7 Update 5
Oracle Linux 7 Update Oracle is pleased to announce the general availability of Oracle Linux 7 Update 5 for the x86_64 architecture. You can find the individual RPM packages on the Unbreakable Linux Network (ULN) and the Oracle Linux yum server. ISO installation images will soon be available for download from the Oracle Software Delivery Cloud and Docker images will soon be available via Oracle Container Registryand Docker Hub.
Oracle Linux 7 Update 5 ships with the following kernel packages:
- Unbreakable Enterprise Kernel (UEK) Release 4 (kernel-uek-4.1.12-112.16.4.el7uek) for x86-64
- Red Hat Compatible Kernel (kernel-3.10.0-862.el7) for x86-64
Oracle Linux maintains user space compatibility with Red Hat Enterprise Linux (RHEL), which is independent of the kernel version that underlies the operating system. Existing applications in user space will continue to run unmodified on Oracle Linux 7 Update 5 with the UEK Release 4 and no re-certifications are needed for applications already certified with Red Hat Enterprise Linux 7 or Oracle Linux 7.
Notable security-related features in this release:
- Support for Memory Protection Keys on recent Intel processors. This update includes support for the Memory Protection Keys hardware feature on recent Intel processors. CPUs provide this support through a new user-accessible register (PKRU) that contains two separate bits (Access Disable and Write Disable) for each key.
- Ability to unlock encrypted devices connected to a network during the boot process. Previously, block devices that were connected to a network could not be unlocked during the boot process because it was not possible to connect and decrypt these devices prior to starting any network services.
- SSLv3 disabled in mod_ssl. To improve security for SSL/TLS connections, support for SSLv3 in the default configuration for the httpd mod_ssl module has been disabled. This change also restricts the use of certain cryptographic cipher suites.
- KASLR for KVM guests added. Capability for Kernel address-space layout randomization (KASLR) for KVM guests has been added.
Btrfs continues to be fully supported in Oracle Linux 7.5 with UEK. Btrfs support is deprecated in the Red Hat Compatible Kernel