[El-errata] ELSA-2009-1671 Important: Enterprise Linux 4 kernel security and bug fix update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Thu Dec 17 06:56:26 PST 2009 

Enterprise Linux Security Advisory ELSA-2009-1671

https://rhn.redhat.com/errata/RHSA-2009-1671.html

The following updated rpms for Enterprise Linux 4 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.9-89.0.18.0.1.EL.i686.rpm
kernel-devel-2.6.9-89.0.18.0.1.EL.i686.rpm
kernel-doc-2.6.9-89.0.18.0.1.EL.noarch.rpm
kernel-hugemem-2.6.9-89.0.18.0.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.18.0.1.EL.i686.rpm
kernel-smp-2.6.9-89.0.18.0.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.18.0.1.EL.i686.rpm
kernel-xenU-2.6.9-89.0.18.0.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.18.0.1.EL.i686.rpm

x86_64:
kernel-2.6.9-89.0.18.0.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.18.0.1.EL.x86_64.rpm
kernel-doc-2.6.9-89.0.18.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.18.0.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.18.0.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.18.0.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.18.0.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.18.0.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.18.0.1.EL.x86_64.rpm

ia64:
kernel-2.6.9-89.0.18.0.1.EL.ia64.rpm
kernel-devel-2.6.9-89.0.18.0.1.EL.ia64.rpm
kernel-doc-2.6.9-89.0.18.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.18.0.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.18.0.1.EL.ia64.rpm


SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-89.0.18.0.1.EL.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.9-89.0.18.0.1.EL-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.18.0.1.ELhugemem-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.18.0.1.ELsmp-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.18.0.1.ELxenU-2.0.5-1.el4.i686.rpm
ocfs2-2.6.9-89.0.18.0.1.EL-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.18.0.1.ELhugemem-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.18.0.1.ELsmp-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.18.0.1.ELxenU-1.2.9-1.el4.i686.rpm

x86_64:
oracleasm-2.6.9-89.0.18.0.1.EL-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.18.0.1.ELlargesmp-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.18.0.1.ELsmp-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.18.0.1.ELxenU-2.0.5-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.18.0.1.EL-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.18.0.1.ELlargesmp-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.18.0.1.ELsmp-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.18.0.1.ELxenU-1.2.9-1.el4.x86_64.rpm

ia64:
oracleasm-2.6.9-89.0.18.0.1.EL-2.0.5-1.el4.ia64.rpm
oracleasm-2.6.9-89.0.18.0.1.ELlargesmp-2.0.5-1.el4.ia64.rpm
ocfs2-2.6.9-89.0.18.0.1.EL-1.2.9-1.el4.ia64.rpm
ocfs2-2.6.9-89.0.18.0.1.ELlargesmp-1.2.9-1.el4.ia64.rpm


SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/oracleasm-2.6.9-89.0.18.0.1.EL-2.0.5-1.el4.src.rpm
http://oss.oracle.com/el4/SRPMS-updates/ocfs2-2.6.9-89.0.18.0.1.EL-1.2.9-1.el4.src.rpm

Description of changes:

[2.6.9-89.0.18.0.1.EL]
- fix skb alignment that was causing sendto() to fail with EFAULT
  (Olaf Kirch) [orabug 6845794]
- fix  enomem due to larger mtu size page alloc (Zach Brown) [orabug 
5486128]
- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)
  [orabug 6125546]
- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]
- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]
- use lfence instead of cpuid instruction to implement memory barriers
  (Herbert van den Bergh) [orabug 7452412]
- add netpoll support to xen netfront (Tina Yang) [orabz 7261]
- [xen] execshield: fix endless GPF fault loop (Stephen Tweedie)
  [orabug 7175395]
- [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit
  dom0 [orabug 7452107] xenstore
- [mm] update shrink_zone patch to allow 100% swap utilization (John 
Sobecki,
  Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]
- [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki) 
[orabug 6110605]
- [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)
- port EL5U3 patch to adjust totalhigh_pages in the balloon driver 
[orabug 8300888]
- check to see if hypervisor supports memory reservation change (Chuck 
Anderson)  [orabug7556514]
- [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]
- [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526]
- fix oops in nlmclnt_mark_reclaim (Trond Myklebust) [orabug 8568878]
- [x86_64] Allowed machine_reboot running on boot_cpu (Joe Jin) [orabug 
8425237]

[2.6.9-89.0.18]
-i8042: regression fix: disable and enable aux port at close (Mauro 
Carvalho Chehab) [537344 531192]
-r8169: balance pci_map/unmap pair, use hw padding (Ivan Vecera) [529141 
529142] {CVE-2009-3613}
-forcedeth: add phy_power_down parameter, leave phy powered up by 
default (Ivan Vecera) [534112 532593]
-fusion: mptctl module dereferences a userspace address, triggering a 
crash (Rob Evers) [533798 528066]
-net: ipv4: make ip_append_data handle null routing table (Jiri Pirko) 
[537016 520299]
-bnx2x: fix bnx2x failing when iptables is on (Stanislaw Gruszka) 
[537013 527656]
-nlm: don't try to reclaim locks on -o nolock mounts (Jeff Layton) 
[537017 176848]

[2.6.9-89.0.17]
-fix x86_64 32bit process register leak (Amerigo Wang) [526795 526796] 
{CVE-2009-2910}
-drm r128: add test for initialisation to all ioctls that require it 
(Danny Feng) [529600 529601] {CVE-2009-3620}
-net: af_unix: fix deadlock on connecting to shutdown socket (Jiri 
Pirko) [529628 529629] {CVE-2009-3621}
-hid-input: fix divide by zero in hid-input.c (Pete Zaitcev) [532027 483783]
-igb: add link check function to verify that link is present (Stefan 
Assmann) [534105 529037]
-ipt_recent: do not accept a rule if hit count is great than 
ip_pkt_list_tot (Amerigo Wang) [529306 523983]
-cciss: add bus attribute to support device mapper multipath target 
(Tomas Henzl) [529309 484415]

More information about the El-errata mailing list