[El-errata] ELSA-2007:0014 Important: kernel security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Wed Jan 31 08:04:26 PST 2007



Enterprise Linux Security Advisory ELSA-2007:0014

https://rhn.redhat.com/errata/RHSA-2007-0014.html

The following updated rpms for Enterprise Linux 4 have been uploaded to
the Unbreakable Linux Network:

i386:
kernel-2.6.9-42.0.8.0.1.EL.i686.rpm
kernel-devel-2.6.9-42.0.8.0.1.EL.i686.rpm
kernel-doc-2.6.9-42.0.8.0.1.EL.noarch.rpm
kernel-hugemem-2.6.9-42.0.8.0.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-42.0.8.0.1.EL.i686.rpm
kernel-smp-2.6.9-42.0.8.0.1.EL.i686.rpm
kernel-smp-devel-2.6.9-42.0.8.0.1.EL.i686.rpm

x86_64:

kernel-2.6.9-42.0.8.0.1.EL.x86_64.rpm
kernel-devel-2.6.9-42.0.8.0.1.EL.x86_64.rpm
kernel-doc-2.6.9-42.0.8.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-42.0.8.0.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-42.0.8.0.1.EL.x86_64.rpm
kernel-smp-2.6.9-42.0.8.0.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-42.0.8.0.1.EL.x86_64.rpm

SRPMS:


http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-42.0.8.0.1.EL.src.rpm 



The following packages were rebuilt to be in sync with the updated kernel
version (no changes other than updating the version number):

i386:
ocfs2-2.6.9-42.0.8.0.1.EL-1.2.3-2.i686.rpm
ocfs2-2.6.9-42.0.8.0.1.ELhugemem-1.2.3-2.i686.rpm
ocfs2-2.6.9-42.0.8.0.1.ELsmp-1.2.3-2.i686.rpm
oracleasm-2.6.9-42.0.8.0.1.EL-2.0.3-2.i686.rpm
oracleasm-2.6.9-42.0.8.0.1.ELhugemem-2.0.3-2.i686.rpm
oracleasm-2.6.9-42.0.8.0.1.ELsmp-2.0.3-2.i686.rpm

x86_64:
ocfs2-2.6.9-42.0.8.0.1.EL-1.2.3-2.x86_64.rpm
ocfs2-2.6.9-42.0.8.0.1.ELlargesmp-1.2.3-2.x86_64.rpm
ocfs2-2.6.9-42.0.8.0.1.ELsmp-1.2.3-2.x86_64.rpm
oracleasm-2.6.9-42.0.8.0.1.EL-2.0.3-2.x86_64.rpm
oracleasm-2.6.9-42.0.8.0.1.ELlargesmp-2.0.3-2.x86_64.rpm
oracleasm-2.6.9-42.0.8.0.1.ELsmp-2.0.3-2.x86_64.rpm

SRPMS:

http://oss.oracle.com/el4/SRPMS-updates/ocfs2-2.6.9-42.0.8.0.1.EL-1.2.3-2.src.rpm
http://oss.oracle.com/el4/SRPMS-updates/oracleasm-2.6.9-42.0.8.0.1.EL-2.0.3-2.src.rpm


Description of changes:

[2.6.0-42.0.8.0.1]

-Fix bonding primary=ethX so it picks correct network [IT 101532] [ORA 
5136660]

[2.6.0-42.0.8]

-fix ext2 readdir f_pos revalidation logic (David Milburn) [193877]

[2.6.9-42.0.7]

-re-spin
[2.6.9-42.0.6]

-x86_64: increase nmi watchdog timeout from 5 to 30 seconds (Larry 
Woodman) [205
722]

[2.6.9-42.0.5]

-fix race condition in sys_mincore() (Doug Chapman) [180663] {CVE-2006-4814}
-ext3: READA failures cause "directory hole" (Chip Coldwell, Stephen 
Tweedie) [213921]
-aio: fix kernel panic in aio_free_ring (Jeff Moyer) [220971] 
{CVE-2006-5754}
-fix ext2_check_page denial of service (Eric Sandeen) [217021] 
{CVE-2006-6054}
-fix listxattr syscall can corrupt user space programs (Eric Sandeen) 
[220677] {CVE-2006-5753}

[2.6.9-42.0.4]

-ia64: fix local DoS with corrupted ELF (Dave Anderson) [205335] 
{CVE-2006-4538}
-fix information leak in __block_prepare_write() (Eric Sandeen) [207463] 
{CVE-2006-4813}
-tg3: fix init failure - unable to obtain MAC address (Andy Gospodarek) 
[208922]
-s390: fix information leak (Jan Glauber) [209435] {CVE-2006-5174}
-catch blocks beyond pagecache limit in __getblk_slow() (Eric Sandeen) 
[214288 206328] {CVE-2006-5757}
-net: fix dev_queue_xmit to not call local_bh_enable in out_kfree_skb 
error path(Neil Horman) [212144] {CVE-2006-6535}
-audit: close memory leak (Sachin Prabhu) [216667]
-fix ext3fs_dirhash denial of service (Eric Sandeen) [217030] 
{CVE-2006-6053}
-fix zlib_inflate oops due to corrupted cramfs image (Eric Sandeen) 
[216958] {CVE-2006-5823}
-fix get_fdb_entries() integer overflow (Thomas Graf) [216452] 
{CVE-2006-5751}
-fix lockup via /proc/net/ip6_flowlabel (Thomas Graf) [213214] 
{CVE-2006-5619}
-hfs: return error code in case of error (Eric Paris) [217011] 
{CVE-2006-6056}
-Add packet size checks for CAPI messages (Marcel Holtmann) [218602] 
{CVE-2006-6106}





More information about the El-errata mailing list