[El-errata] ELSA-2008-0957 Important: Enterprise Linux 5 kernel security and bug fix update

Wed Nov 5 20:49:47 PST 2008

Enterprise Linux Security Advisory ELSA-2008-0957

https://rhn.redhat.com/errata/RHSA-2008-0957.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.18-92.1.17.0.1.el5.i686.rpm
kernel-PAE-2.6.18-92.1.17.0.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-92.1.17.0.1.el5.i686.rpm
kernel-debug-2.6.18-92.1.17.0.1.el5.i686.rpm
kernel-debug-devel-2.6.18-92.1.17.0.1.el5.i686.rpm
kernel-devel-2.6.18-92.1.17.0.1.el5.i686.rpm
kernel-doc-2.6.18-92.1.17.0.1.el5.noarch.rpm
kernel-headers-2.6.18-92.1.17.0.1.el5.i386.rpm
kernel-xen-2.6.18-92.1.17.0.1.el5.i686.rpm
kernel-xen-devel-2.6.18-92.1.17.0.1.el5.i686.rpm

x86_64:
kernel-2.6.18-92.1.17.0.1.el5.x86_64.rpm
kernel-debug-2.6.18-92.1.17.0.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-92.1.17.0.1.el5.x86_64.rpm
kernel-devel-2.6.18-92.1.17.0.1.el5.x86_64.rpm
kernel-doc-2.6.18-92.1.17.0.1.el5.noarch.rpm
kernel-headers-2.6.18-92.1.17.0.1.el5.x86_64.rpm
kernel-xen-2.6.18-92.1.17.0.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-92.1.17.0.1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/kernel-2.6.18-92.1.17.0.1.el5.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.18-92.1.17.0.1.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-92.1.17.0.1.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-92.1.17.0.1.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-92.1.17.0.1.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-92.1.17.0.1.el5-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-92.1.17.0.1.el5PAE-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-92.1.17.0.1.el5xen-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-92.1.17.0.1.el5debug-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-92.1.17.0.1.el5-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-92.1.17.0.1.el5debug-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-92.1.17.0.1.el5PAE-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-92.1.17.0.1.el5xen-1.4.1-1.el5.i686.rpm

x86_64:
oracleasm-2.6.18-92.1.17.0.1.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-92.1.17.0.1.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-92.1.17.0.1.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-92.1.17.0.1.el5-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-92.1.17.0.1.el5xen-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-92.1.17.0.1.el5debug-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-92.1.17.0.1.el5-1.4.1-1.el5.x86_64.rpm
ocfs2-2.6.18-92.1.17.0.1.el5debug-1.4.1-1.el5.x86_64.rpm
ocfs2-2.6.18-92.1.17.0.1.el5xen-1.4.1-1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-92.1.17.0.1.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-92.1.17.0.1.el5-1.2.9-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-92.1.17.0.1.el5-1.4.1-1.el5.src.rpm

Description of changes:

[2.6.18-92.1.17.0.1.el5]

- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- [NFS] nfs attribute timeout fix (Trond Myklebust) [orabug 7156607] 
[RHBZ 446083]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki) [orabug 
6045759]
- [NET] fix netpoll race (Tina Yang) [orabugz 5791]

[2.6.18-92.1.17.el5]

- Revert: [nfs] pages of a memory mapped file get corrupted (Peter 
Staubach ) [450335 435291]

[2.6.18-92.1.16.el5]

- [i386] vDSO: use install_special_mapping (Peter Zijlstra ) [460275 
460276] {CVE-2008-3527}
- [scsi] aacraid: remove some quirk AAC_QUIRK_SCSI_32 bits (Tomas Henzl 
) [466885 453472]
- [fs] remove SUID when splicing into an inode (Eric Sandeen ) [464451 
464452] {CVE-2008-3833}
- [fs] open() allows setgid bit when user is not in group (Eugene Teo ) 
[463867 463687] {CVE-2008-4210}
- [xen] ia64: fix INIT injection (Tetsu Yamamoto ) [467105 464445]

[2.6.18-92.1.15.el5]

- [pci] fix problems with msi interrupt management (Neil Horman ) 
[461894 428696]
- [x86_64] revert time syscall changes (Prarit Bhargava ) [466427 461184]
- [xen] allow guests to hide the TSC from applications (Chris Lalancette 
) [378471 378481] {CVE-2007-5907}
- [scsi] qla2xxx: additional residual-count correction (Marcus Barrow ) 
[465741 462117]
- [char] add range_is_allowed check to mmap_mem (Eugene Teo ) [460858 
460857]
- [fs] binfmt_misc: avoid potential kernel stack overflow (Vitaly 
Mayatskikh ) [459464 459463]
- [misc] cpufreq: fix format string bug (Vitaly Mayatskikh ) [459461 459460]
- [dlm] user.c input validation fixes (David Teigland ) [458759 458760]
- [nfs] pages of a memory mapped file get corrupted (Peter Staubach ) 
[450335 435291]
- [x86_64] gettimeofday fixes for HPET, PMTimer, TSC (Prarit Bhargava ) 
[462860 250708]

[2.6.18-92.1.14.el5]

- [libata] ata_scsi_rbuf_get check for scatterlist usage (David Milburn 
) [460638 455445]
- [net] random32: seeding improvement (Jiri Pirko ) [458021 458019]
- [x86_64] xen: local DOS due to NT bit leakage (Eugene Teo ) [457721 
457722] {CVE-2006-5755}
- [fs] cifs: fix O_APPEND on directio mounts (Jeff Layton ) [462591 460063]
- [openib] race between QP async handler and destroy_qp (Brad Peters ) 
[458781 446109]
- [net] dccp_setsockopt_change integer overflow (Vitaly Mayatskikh ) 
[459232 459235] {CVE-2008-3276}
- [acpi] error attaching device data (peterm at redhat.com ) [460868 459670]
- [mm] optimize ZERO_PAGE in 'get_user_pages' and fix XIP (Anton Arapov 
) [452667 452668] {CVE-2008-2372}
- [xen] xennet: coordinate ARP with backend network status (Herbert Xu ) 
[461457 458934]
- [xen] event channel lock and barrier (Markus Armbruster ) [461099 457086]
- [fs] fix bad unlock_page in pip_to_file() error path (Larry Woodman ) 
[462436 439917]