[El-errata] ELSA-2009-0326 Important: Enterprise Linux 5 kernel security and bug fix update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Thu Apr 2 15:28:03 PDT 2009 

Enterprise Linux Security Advisory ELSA-2009-0326

https://rhn.redhat.com/errata/RHSA-2009-0326.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.18-128.1.6.0.1.el5.i686.rpm
kernel-PAE-2.6.18-128.1.6.0.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-128.1.6.0.1.el5.i686.rpm
kernel-debug-2.6.18-128.1.6.0.1.el5.i686.rpm
kernel-debug-devel-2.6.18-128.1.6.0.1.el5.i686.rpm
kernel-devel-2.6.18-128.1.6.0.1.el5.i686.rpm
kernel-doc-2.6.18-128.1.6.0.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.6.0.1.el5.i386.rpm
kernel-xen-2.6.18-128.1.6.0.1.el5.i686.rpm
kernel-xen-devel-2.6.18-128.1.6.0.1.el5.i686.rpm

x86_64:
kernel-2.6.18-128.1.6.0.1.el5.x86_64.rpm
kernel-debug-2.6.18-128.1.6.0.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-128.1.6.0.1.el5.x86_64.rpm
kernel-devel-2.6.18-128.1.6.0.1.el5.x86_64.rpm
kernel-doc-2.6.18-128.1.6.0.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.6.0.1.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.6.0.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.6.0.1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/kernel-2.6.18-128.1.6.0.1.el5.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.18-128.1.6.0.1.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.6.0.1.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.6.0.1.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.6.0.1.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-128.1.6.0.1.el5-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.6.0.1.el5PAE-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.6.0.1.el5xen-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.6.0.1.el5debug-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.6.0.1.el5-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.6.0.1.el5PAE-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.6.0.1.el5xen-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.6.0.1.el5debug-1.4.1-1.el5.i686.rpm

x86_64:
oracleasm-2.6.18-128.1.6.0.1.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-128.1.6.0.1.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-128.1.6.0.1.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.6.0.1.el5-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.6.0.1.el5xen-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.6.0.1.el5debug-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.6.0.1.el5-1.4.1-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.6.0.1.el5xen-1.4.1-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.6.0.1.el5debug-1.4.1-1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-128.1.6.0.1.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-128.1.6.0.1.el5-1.2.9-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-128.1.6.0.1.el5-1.4.1-1.el5.src.rpm

Description of changes:

[2.6.18-128.1.6.0.1.el5]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru 
Anbalagane) [orabug 6045759]
- [MM]  shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- [NET] Add xen pv/bonding  netconsole support (Tina yang) [orabug 
6993043] [bz 7258]
- [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332]
- [xen] check to see if hypervisor supports memory reservation change 
(Chuck Anderson) [orabug 7556514]
- [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson)  
[orabug 8300888]

[2.6.18-128.1.6.el5]
- [x86] add nonstop_tsc flag in /proc/cpuinfo (Luming Yu ) [489310 474091]

[2.6.18-128.1.5.el5]
1 Revert: [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) 
[489847 467942]

[2.6.18-128.1.4.el5]
- [x86_64] mce: do not clear an unrecoverable error status (Aristeu 
Rozanski ) [490433 489692]
- [wireless] iwlwifi: booting with RF-kill switch enabled (John W. 
Linville ) [489846 482990]
- [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [489847 
467942]
- [misc] signal: modify locking to handle large loads (AMEET M. 
PARANJAPE ) [489457 487376]
- [x86] TSC keeps running in C3+ (Luming Yu ) [489310 474091]
- [net] fix icmp_send and icmpv6_send host re-lookup code (Jiri Pirko ) 
[489253 439670] {CVE-2009-0778}

[2.6.18-128.1.3.el5]
- [net] skfp_ioctl inverted logic flaw (Eugene Teo ) [486539 486540] 
{CVE-2009-0675}
- [net] memory disclosure in SO_BSDCOMPAT gsopt (Eugene Teo ) [486517 
486518] {CVE-2009-0676}
- [x86] limit max_cstate to use TSC on some platforms (Tony Camuso ) 
[488239 470572]
- [ptrace] correctly handle ptrace_update return value (Jerome Marchand 
) [487394 483814]
- [misc] minor signal handling vulnerability (Oleg Nesterov ) [479963 
479964] {CVE-2009-0028}
- [firmware] dell_rbu: prevent oops (Don Howard ) [482941 482942]
- [gfs2] panic in debugfs_remove when unmounting (Abhijith Das ) [485910 
483617]

[2.6.18-128.1.2.el5]
- [scsi] libata: sas_ata fixup sas_sata_ops (David Milburn ) [485909 483171]
- [fs] ecryptfs: readlink flaw (Eric Sandeen ) [481606 481607] 
{CVE-2009-0269}
- [qla2xxx] correct endianness during flash manipulation (Marcus Barrow 
) [485908 481691]
- [net] ixgbe: frame reception and ring parameter issues (Andy 
Gospodarek ) [483210 475625]
- [misc] fix memory leak during pipe failure (Benjamin Marzinski ) 
[481576 478643]
- [block] enforce a minimum SG_IO timeout (Eugene Teo ) [475405 475406] 
{CVE-2008-5700}
- [nfs] handle attribute timeout and u32 jiffies wrap (Jeff Layton ) 
[483201 460133]
-  [fs] ext[234]: directory corruption DoS (Eugene Teo ) [459601 459604] 
{CVE-2008-3528}
- [net] deadlock in Hierarchical token bucket scheduler (Neil Horman ) 
[481746 474797]
- [wireless] iwl: fix BUG_ON in driver (Neil Horman ) [483206 477671]

More information about the El-errata mailing list