[El-errata] ELSA-2006:0617, ELSA-2006:0689 Important kernel security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Thu Nov 30 18:34:22 PST 2006


Enterprise Linux Security Advisory 2006:0617, 2006:0689

https://rhn.redhat.com/errata/RHSA-2006-0617.html
https://rhn.redhat.com/errata/RHSA-2006-0689.html

The following updated rpms for Enterprise Linux 4 have been uploaded to
the Unbreakable Linux Network:

i386:
kernel-2.6.9-42.0.3.0.2.EL.i686.rpm
kernel-devel-2.6.9-42.0.3.0.2.EL.i686.rpm
kernel-doc-2.6.9-42.0.3.0.2.EL.noarch.rpm
kernel-hugemem-2.6.9-42.0.3.0.2.EL.i686.rpm
kernel-hugemem-devel-2.6.9-42.0.3.0.2.EL.i686.rpm
kernel-smp-2.6.9-42.0.3.0.2.EL.i686.rpm
kernel-smp-devel-2.6.9-42.0.3.0.2.EL.i686.rpm
kernel-sourcecode-2.6.9-42.0.3.0.2.EL.i686.rpm

x86_64:
kernel-2.6.9-42.0.3.0.2.EL.x86_64.rpm
kernel-devel-2.6.9-42.0.3.0.2.EL.x86_64.rpm
kernel-doc-2.6.9-42.0.3.0.2.EL.noarch.rpm
kernel-largesmp-2.6.9-42.0.3.0.2.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-42.0.3.0.2.EL.x86_64.rpm
kernel-smp-2.6.9-42.0.3.0.2.EL.x86_64.rpm
kernel-smp-devel-2.6.9-42.0.3.0.2.EL.x86_64.rpm
kernel-sourcecode-2.6.9-42.0.3.0.2.EL.x86_64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-42.0.3.0.2.EL.src.rpm


The following packages were rebuilt to be in sync with the updated kernel
version (no changes other than updating the version number):

i386:
ocfs2-2.6.9-42.0.3.0.2.EL-1.2.3-2.i686.rpm
ocfs2-2.6.9-42.0.3.0.2.ELhugemem-1.2.3-2.i686.rpm
ocfs2-2.6.9-42.0.3.0.2.ELsmp-1.2.3-2.i686.rpm
oracleasm-2.6.9-42.0.3.0.2.EL-2.0.3-2.i686.rpm
oracleasm-2.6.9-42.0.3.0.2.ELhugemem-2.0.3-2.i686.rpm
oracleasm-2.6.9-42.0.3.0.2.ELsmp-2.0.3-2.i686.rpm

x86_64:
ocfs2-2.6.9-42.0.3.0.2.EL-1.2.3-2.x86_64.rpm
ocfs2-2.6.9-42.0.3.0.2.ELlargesmp-1.2.3-2.x86_64.rpm
ocfs2-2.6.9-42.0.3.0.2.ELsmp-1.2.3-2.x86_64.rpm
oracleasm-2.6.9-42.0.3.0.2.EL-2.0.3-2.x86_64.rpm
oracleasm-2.6.9-42.0.3.0.2.ELlargesmp-2.0.3-2.x86_64.rpm
oracleasm-2.6.9-42.0.3.0.2.ELsmp-2.0.3-2.x86_64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/ocfs2-2.6.9-42.0.3.0.2.EL-1.2.3-2.src.rpm
http://oss.oracle.com/el4/SRPMS-updates/oracleasm-2.6.9-42.0.3.0.2.EL-2.0.3-2.src.rpm


Description of changes:
[2.6.9-42.0.3.0.2]
-rebuilt for EL

[2.6.9-42.0.3.0.1]
-Fix bonding primary=ethX so it picks correct network [IT 101532] [ORA 5136660]

[2.6.9-42.0.3]
-fix mprotect to not allow permission subversion (Jason Baron) [190073] {CVE-2006-2071}
-fix sys_perfmonctl() file descriptor reference count issue (Anil Keshavamurthy) [204360] {CVE-2006-3741}
-Fix hugepage crash on failing mmap (Larry Woodman) [165345] {CVE-2005-4811}
-sctp: create abort messages properly (Neil Horman) [204460] {CVE-2006-4535}
-fix oops occuring from malformed ULE packet (Neil Horman) [204912] {CVE-2006-4623}
-ipw2[12]00: restore get_wireless_stats pointer (John Linville) [198820]
-ipw2200: accept broadcast MAC traffic (John Linville) [203421]
-fix netfilter do_add_counters race (Thomas Graf) [191698] {CVE-2006-0039}
-fix ip over atm clip_mkip may dereference freed pointer (Thomas Graf) [206265]
-ppc64: Clear EN_ATTN bit in PPC970 HID0 (David Woodhouse) [201684] {CVE-2006-4093}

[2.6.9-42.0.2]
-sctp: Fix data overflow in iovec computation (Neil Horman) [202122]

[2.6.9-42.0.1]
-fix O_DIRECT writes to memory holes can leak a page reference (Jeff Moyer) [191736] {CVE-2004-2660}
-fix sctp chunk length overflow (Neil Horman) [192636] {CVE-2006-1858}
-fix possible DoS in write routine of ftdi_sio driver (Pete Zaitcev) [197610] {CVE-2006-2936}
-fix typo in drivers/cdrom/cdrom.c (Chip Coldwell) [197670] {CVE-2006-2935}
-Fix reboot on IBM Pizzaro machines (Bastien Nocera) [200111]
-don't shut down on bogus filehandles from nfs clients (Eric Sandeen) [199172] {CVE-2006-3468}
-fix for prevention of setuid/gid on /proc/<pid> files (Ernie Petrides) [198973] {CVE-2006-3626}
-fix SNMP NAT netfilter memory corruption (Thomas Graf) [192632] {CVE-2006-2444}
-fix for non-hugemem x86 DoS w/bogus %ds/%es values (Ernie Petrides) [196280] {CVE-2006-2932]






More information about the El-errata mailing list