The linuxptp package now supports active-backup bonding for clock synchronization
With this update, you can now specify a bond interface in the active-backup mode to be used by the
ptp4l application. As a result,
ptp4l uses the clock of the active interface from the bond as the
Precision Time Protocol (PTP) clock and can switch to another interface of the bond in case of a failover. Additionally, the
phc2sys utility in the automatic mode (the
-a option) can synchronize the system clock to the
PTP clock of the active interface when operating as a
PTP slave and the
PTP clock to the system clock when operating as a
PTP master. (BZ#1002657)
parted can now resize partitions using the
The ability to resize disk partitions using the
resizepart NUMBER END command is now backported to the
parted disk partitioning utility distributed with Red Hat Enterprise Linux 7. See the
parted(8) man page for information.
Note that this command only resizes partitions, not file systems residing on them. Use file system utilities such as
to grow or shrink file systems. (BZ#1423357
binutils rebased to version 2.27
The binutils package has been rebased to upstream version 2.27. This version brings the following changes:
Support for compressed debug sections
Improved handling of orphan sections during linking
Support for the LLVM plugin
Ability to insert new symbols into an object file with the
Support for the IBM POWER9 architecture
Support for the ARMv8.1 and ARMv8.2 instruction set extensions
Additionally, this update fixes the following bugs:
pcp rebased to version 3.12.2
The Performance Co-Pilot (PCP) application has been rebased to version 3.12.2, which includes many enhancements and bug fixes.
Collector systems updates:
The following Performance Metric Domain Agents (PMDAs) have been updated:
perfevent, containers and CGroups, MySQL slave metrics, Linux per-process metrics, and Linux kernel metrics for entropy,
slabinfo, IPv6 sockets, and NFSD worker threads.
New PMDAs are now available: Prometheus endpoint and HAProxy.
Device Mapper statistics now expose an API.
Monitor systems updates:
The derived metrics language has been extended for all monitors.
pmchart charting utility includes fixes for timezone and display bugs.
pmlogconf configuration utility automatically enables the
hotproc metric logging and adds
atop metrics. Performance is now more optimized.
pcp-atop monitoring utility recognizes the new
--hotproc option. Several bugs have been fixed.
pcp-mpstat monitoring utilities recognize several new output options.
reporting utility now supports Comma-separated Values (CSV) output compatible with the
tool. New utilities for exporting PCP metrics to various formats have also been added:
Improved DWARF 5 support in various tools
Support for the DWARF debugging format version 5 has been extended in the following tools:
systemtap rebased to version 3.2
SystemTap utility has been updated to upstream version 3.2. Notable enhancements include:
Support for extraction of matched regular expression has been added.
Probe aliases for accepting input from the standard input have been added.
Translator diagnostics have been improved.
Support for the new
statx system call has been added.
A new string function
strpos() for detecting substring position has been added to the stap language.
Additionally, this update fixes the following bugs:
Previously, the statistics extractor functions
@max() returned incorrect values. As a consequence, scripts relying on these functions did not work properly. The
@max() functions have been fixed to return the correct maximum and minimum values. As a result, the affected scripts now work as expected.
Previously, some kernel tracepoints were inconsistently listed with the
stap -L command, even when they could not be probed.
SystemTap has been fixed so that the listed and probe-able tracepoint sets match again.
netdev.receive probe has been fixed and can collect data again.
The example script
nettop.stp affected by the broken
netdev.receive probe again works as expected.
Note that the kernel version in Red Hat Enterprise Linux does not support extended Berkeley Packet Filter (eBPF), and consequently the related upstream
features are not available. (BZ#1473722
, BZ#1490862, BZ#1506230
, BZ#1485228, BZ#1518462)
valgrind rebased to version 3.13.0
The valgrind package has been upgraded to version 3.13.0, which provides a number of bug fixes and enhancements over the previous version. Notable changes are:
Valgrind has been extended in several ways to run large programs. The amount of memory usable by
Valgrind has been increased to 128 GB. As a consequence, the
Memcheck tool supports running applications that allocate up to approximately 60 GB. Additionally,
Valgrind can now load executable files up to 1200 MB in size.
Massif can now use a new execution tree (xtree) representation to report heap consumption of the analyzed applications.
The symbol demangler has been updated to support the C++11 standard and the Rust programming language.
Failures with long blocks of code using AVX2 instructions on the Intel and AMD 64-bit architecture have been fixed.
timebase register of the PowerPC architecture is no longer modeled by
Valgrind as only 32-bit.
Support for the IBM Power Systems architecture has been extended to include the ISA 3.0B specification.
An alternative implementation of Load-Linked and Store-Conditional instructions for the 64-bit ARM architecture has been added. The alternative implementation is enabled automatically when required. To enable it manually, use the
ncat rebased to version 7.50
ncat utility, which is provided by the nmap-ncat package, has been rebased to upstream version 7.50. This provides a number of bug fixes and new features over the previous version. Notable changes include:
SOCKS5 authentication has been added.
-z option for quickly checking the status of a port has been added.
--no-shutdown option now also works in connect mode, not only in listen mode. (BZ#1460249)
rsync rebased to version 3.1.2
The rsync packages have been upgraded to upstream version 3.1.2, which provides a number of bug fixes and enhancements over the previous version.
This update introduces the following output changes:
The default output format of numbers has been changed to 3-digit groups, for example,
The output of the
--progress option has been changed; the following strings have been shortened:
Notable enhancements in this version include:
I/O handling has been improved, which results in faster data transfers.
--debug options have been added for more fine-grained output.
The ability to synchronize nano-second modified times has been added.
--chown, have been added for manipulating file ownership during the copy operation.
option has been added. (BZ#1432899
tcpdump can now analyze
utility now supports the
communication device. This makes it possible for
to filter and analyze virtio communication between a hypervisor and a guest virtual machine. (BZ#1464390
Vim now supports C++11 syntax highlighting
Syntax highlighting for C++ in the
Vim text editor has been enhanced to support the C++11 standard. (BZ#1267826)
Vim now supports the
blowfish2 encryption method
Support for the
blowfish2 encryption method has been added to the
Vim text editor. This method provides stronger encryption than
blowfish. To set the
blowfish2 encryption method, use the
:setlocal cm=blowfish2 command. Note that files encrypted with
blowfish2 are compatible between Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6. (BZ#1319760)
IO::Socket::SSL Perl module now uses the system-wide CA certificate store by default
Previously, if a TLS application based on the
Perl module did not provide an explicit path to a certificate authority (CA) certificate, no authority was known, and the peer's identity could not be verified. With this update, the module uses the system-wide CA certificate store by default. However, it is possible to disable any certificate store by passing the
value to the
option of the
perl-DateTime-TimeZone rebased to version 1.70
The perl-DateTime-TimeZone package has been upgraded to upstream version 1.70, which provides a number of bug fixes and enhancements over the previous version. Notably:
With this update, it is possible to install Bugzilla version 5, which requires a more recent version of perl-DateTime-TimeZone than the system provided previously.
The Olson time zone database has been updated to version 2017b. Previously, applications written in the
Perl language that use the
DateTime::TimeZone module mishandled time zones that changed their specifications since version 2013h due to the outdated database.
Using a local time zone from a tainted time zone identifier has been fixed. (BZ#1241818
system-config-kdump now support selecting of either automated or manual kdump memory settings when fadump is performed
This update adds fadump memory reservation support into the system-config-kdump packages. As a result, users can now select either
Automated kdump memory settings or
Manual settings when
Firmware assisted dump is selected. (BZ#1384943)
conman rebased to version 0.2.8
The conman packages have been upgraded to upstream version 0.2.8, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
Scalability has been improved.
Coverity Scan and
Clang warnings have been fixed to improve stability.
Arbitrary limit on the number of Intelligent Platform Management Interface (IPMI) Serial Over LAN (SOL) consoles has been fixed.
The default value of the
setting has been changed to
Support for the TFTP
windowsize option has been implemented
With this update, support for the
option according to RFC 7440 has been implemented in the Trivial File Transfer Protocol (TFTP) server and client. When the
option is used, data blocks are sent in batches, which significantly improves throughput. (BZ#1328827
curl now supports disabling GSSAPI with SOCKS5
--socks5-gssapi options for the
curl utility and a corresponding option
CURLOPT_SOCKS5_AUTH for the libcurl library have been introduced to control the authentication methods for SOCKS5 proxies. (BZ#1409208)
rsync utility now copies files with their original nanosecond part of the time stamp
utility ignored the nanosecond part of the time stamp of files. As a consequence, the nanosecond time stamp of newly created files was always zero. With this update, the
utility recognizes the nanosecond part. As a result, the newly copied files keep their original nanosecond time stamp on systems that support it. (BZ#1393543
tcpdump rebased to version 4.9.2
The tcpdump package has been upgraded to upstream version 4.9.2, which provides a number of bug fixes (for almost 100 CVEs) and enhancements over the previous version. Notable changes include:
A segmentation fault with OpenSSL 1.1 has been fixed and OpenSSL usage has been improved.
The buffer overflow vulnerabilities have been fixed.
The infinite loop vulnerabilities have been fixed.
Many buffer over-read vulnerabilities have been fixed. (BZ#1490842)
OProfile support for Intel Xeon processor family extended
OProfile has been extended to support the Intel Xeon Phi™ Processor x200 and x205 Product Families. (BZ#1465354)
Support for Intel Xeon v4 uncore performance events in
This update adds support for Intel Xeon v4 uncore performance events to the
performance monitoring library, the
tool, and the
Memory copying performance improved on IBM POWER architectures
memcpy() function from the GNU C Library (
glibc ) used unaligned vector load and store instructions on 64-bit IBM POWER systems. Consequently, when
memcpy() was used to access device memory on POWER9 systems, performance would suffer. The
memcpy() function has been enhanced to use aligned memory access instructions, to provide better performance for applications regardless of the memory involved on POWER9, without affecting the performance on previous generations of the POWER architecture. (BZ#1498925)
TAI clock macro available
Previously, the kernel provided the
clock, but the
macro to access it was missing in the
. The macro definition has been added to the header file. As a result, applications can now access the
kernel clock. (BZ#1448822
Support for selective use of 4 KiB page tables on IBM z Systems
This update adds the option
linker from the binutils
package to mark applications for the IBM z Systems architecture that require 4 KiB memory page tables on the lowest level. As a result, use of this feature can be restricted only to applications that need it, allowing optimal use of space by all applications on the system. Note that the
backend no longer forces 4 KiB lowest level page tables on all running applications. Make sure to specify the new option if your applications require them. (BZ#1485398
glibc functions on IBM z Systems
Support for additional instructions of the IBM z Systems architecture has been added to the
glibc library. As a result, programs compiled for this architecture can benefit from the increased performance of the
glibc functions. (BZ#1375235)
ld linker no longer incorrectly combines position-dependent and independent code
ld linker combined object files on the IBM z Systems platform without considering whether they have been built for Position Independent Executable (PIE). Because PIE and non-PIE code cannot be combined, it was possible to create executable files that could not run. The linker has been extended to detect mixing of PIE and non-PIE code and produce an error message in this case. As a result, broken executable files can no longer be created this way. (BZ#1406430)
python-virtualenv rebased to 15.1.0
The python-virtualenv package has been upgraded to version 15.1.0, which provides a number of bug fixes and enhancements over the previous version. With this update, the following bundled packages have been upgraded: setuptools to version 28.0.0 and pip to version 9.0.1. (BZ#1461154)
python-urllib3 supports IP addresses in
package, a Python HTTP module with connection pooling and file POST abilities, now supports IP addresses in the
(SAN) fields. (BZ#1434114
Support for retpolines added to GCC
This update adds support for retpolines to GCC. Retpolines are a technique used by the kernel to reduce overhead of mitigating Spectre Variant 2 attacks described in CVE-2017-5715. (BZ#1535655)
Shenandoah garbage collector is now fully supported
The low pause time
garbage collector for
, previously available as a Technology Preview, is now fully supported on the Intel 64, AMD64, and 64-bit ARM architectures.
performs concurrent evacuation which allows users to run with large heaps without long pause times. For more information, see https://wiki.openjdk.java.net/display/shenandoah/Main