[El-errata] ELSA-2008-0237 Important: Enterprise Linux 4 kernel security and bug fix update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Thu May 8 14:33:18 PDT 2008 

Enterprise Linux Security Advisory ELSA-2008-0237

https://rhn.redhat.com/errata/RHSA-2008-0237.html

The following updated rpms for Enterprise Linux 4 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.9-67.0.15.0.1.EL.i686.rpm
kernel-devel-2.6.9-67.0.15.0.1.EL.i686.rpm
kernel-doc-2.6.9-67.0.15.0.1.EL.noarch.rpm
kernel-hugemem-2.6.9-67.0.15.0.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-67.0.15.0.1.EL.i686.rpm
kernel-smp-2.6.9-67.0.15.0.1.EL.i686.rpm
kernel-smp-devel-2.6.9-67.0.15.0.1.EL.i686.rpm
kernel-xenU-2.6.9-67.0.15.0.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-67.0.15.0.1.EL.i686.rpm

x86_64:
kernel-2.6.9-67.0.15.0.1.EL.x86_64.rpm
kernel-devel-2.6.9-67.0.15.0.1.EL.x86_64.rpm
kernel-doc-2.6.9-67.0.15.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-67.0.15.0.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.0.1.EL.x86_64.rpm
kernel-smp-2.6.9-67.0.15.0.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-67.0.15.0.1.EL.x86_64.rpm
kernel-xenU-2.6.9-67.0.15.0.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-67.0.15.0.1.EL.x86_64.rpm

ia64:
kernel-2.6.9-67.0.15.0.1.EL.ia64.rpm
kernel-devel-2.6.9-67.0.15.0.1.EL.ia64.rpm
kernel-doc-2.6.9-67.0.15.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-67.0.15.0.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-67.0.15.0.1.EL.ia64.rpm


SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-67.0.15.0.1.EL.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.9-67.0.15.0.1.EL-2.0.3-2.i686.rpm
oracleasm-2.6.9-67.0.15.0.1.ELhugemem-2.0.3-2.i686.rpm
oracleasm-2.6.9-67.0.15.0.1.ELsmp-2.0.3-2.i686.rpm
oracleasm-2.6.9-67.0.15.0.1.ELxenU-2.0.3-2.i686.rpm
ocfs2-2.6.9-67.0.15.0.1.EL-1.2.8-2.el4.i686.rpm
ocfs2-2.6.9-67.0.15.0.1.ELhugemem-1.2.8-2.el4.i686.rpm
ocfs2-2.6.9-67.0.15.0.1.ELsmp-1.2.8-2.el4.i686.rpm
ocfs2-2.6.9-67.0.15.0.1.ELxenU-1.2.8-2.el4.i686.rpm

x86_64:
oracleasm-2.6.9-67.0.15.0.1.EL-2.0.3-2.x86_64.rpm
oracleasm-2.6.9-67.0.15.0.1.ELlargesmp-2.0.3-2.x86_64.rpm
oracleasm-2.6.9-67.0.15.0.1.ELsmp-2.0.3-2.x86_64.rpm
oracleasm-2.6.9-67.0.15.0.1.ELxenU-2.0.3-2.x86_64.rpm
ocfs2-2.6.9-67.0.15.0.1.EL-1.2.8-2.el4.x86_64.rpm
ocfs2-2.6.9-67.0.15.0.1.ELlargesmp-1.2.8-2.el4.x86_64.rpm
ocfs2-2.6.9-67.0.15.0.1.ELsmp-1.2.8-2.el4.x86_64.rpm
ocfs2-2.6.9-67.0.15.0.1.ELxenU-1.2.8-2.el4.x86_64.rpm

ia64:
oracleasm-2.6.9-67.0.15.0.1.EL-2.0.3-2.ia64.rpm
oracleasm-2.6.9-67.0.15.0.1.ELlargesmp-2.0.3-2.ia64.rpm
ocfs2-2.6.9-67.0.15.0.1.EL-1.2.8-2.el4.ia64.rpm
ocfs2-2.6.9-67.0.15.0.1.ELlargesmp-1.2.8-2.el4.ia64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/oracleasm-2.6.9-67.0.15.0.1.EL-2.0.3-2.src.rpm
http://oss.oracle.com/el4/SRPMS-updates/ocfs2-2.6.9-67.0.15.0.1.EL-1.2.8-2.el4.src.rpm

Description of changes:

[2.6.9-67.0.15.0.1.EL]
- fix skb alignment that was causing sendto() to fail with EFAULT (Olaf 
Kirch) [orabug 6845794]
- fix entropy flag in bnx2 driver to generate entropy pool (John 
Sobecki)  [orabug 5931647]
- fix  enomem due to larger mtu size page alloc (Zach Brown) [orabug 
5486128]
- fix per_cpu() api bug_on with rds (Zach Brown) [orabug 5760648]
- remove patch sysrq-b that queues upto keventd thread [orabug 6125546]
- allow more than 4GB hugepage for single user (Herbert van den Bergh) 
[orabug 6002738]
- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]

[2.6.9-67.0.15]
-fix kabi breakage in 67.0.14

[2.6.9-67.0.14]
-fs: serialize file access for dnotify (Alexander Viro) [443437] 
{CVE-2008-1669}
-update: fix race condition in dnotify (Alexander Viro) [439756] 
{CVE-2008-1375}

[2.6.9-67.0.13]
-Revert: Add HP DL580 G5 to bfsort whitelist (Tony Camuso) [437976]

[2.6.9-67.0.12]
-fs: fix race condition in dnotify (Alexander Viro) [439756] {CVE-2008-1375}

[2.6.9-67.0.11]
-nfs: High vm pagecache reclaim latency on systems with large highmem to 
lowmem ratio fix (Larry Woodman) [438345]
-nfs: Fix nfs read performance regression. Introduce a new tunable 
(Larry Woodman) [438477]
-Retry: check to see if agp is valid before reporting aperture size 
warnings (Brian Maly) [392771 431897]
-Ensure IV is in linear part of the skb to avoid BUG due to OOB access 
(Thomas Graf) [427245] {CVE-2007-6282}
-fix unprivileged crash on x86_64  cs corruption (Jarod Wilson) [439786] 
{CVE-2008-1615}

[2.6.9-67.0.10]
-update: do not return zero in mmap (Vitaly Mayatskikh) [400811]
-neofb: avoid overwriting fb_info fields (Vitaly Mayatskikh) [430251]
-[NET] link_watch: always schedule urgent events (Don Dutile) [436102]
-nlm: fix a client side race on blocking locks (Jeff Layton) [436129]
-nlm: cleanup for blocked locks (Jeff Layton) [436129]
-Add HP DL580 G5 to bfsort whitelist (Tony Camuso) [437976]
-nfs: Discard pagecache data for dirs on denty_iput (Jeff Layton) [437788]

[2.6.9-67.0.9]
-[NET] link_watch: handle jiffies wraparound (Vince Worthington) [436749]
-libata: un-blacklist hitachi drives to enable NCQ (David Milburn) [436499]
-libata: sata_nv may send commands with duplicate tags (David Milburn) 
[436499]

[2.6.9-67.0.8]
-Insufficient range checks in fault handlers with mremap (Vitaly 
Mayatskikh) [428968] {CVE-2008-0007}
-[MOXA] buffer overflow in moxa  driver (Vitaly Mayatskikh) [423131] 
{CVE-2005-0504}
-Fix unix stream socket recv race condition (Hideo AOKI) [435122]

More information about the El-errata mailing list