[El-errata] ELSA-2009-1106 Important: Enterprise Linux 5 kernel security and bug fix update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Wed Jun 17 15:32:56 PDT 2009


Enterprise Linux Security Advisory ELSA-2009-1106

https://rhn.redhat.com/errata/RHSA-2009-1106.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.18-128.1.14.0.1.el5.i686.rpm
kernel-PAE-2.6.18-128.1.14.0.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-128.1.14.0.1.el5.i686.rpm
kernel-debug-2.6.18-128.1.14.0.1.el5.i686.rpm
kernel-debug-devel-2.6.18-128.1.14.0.1.el5.i686.rpm
kernel-devel-2.6.18-128.1.14.0.1.el5.i686.rpm
kernel-doc-2.6.18-128.1.14.0.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.14.0.1.el5.i386.rpm
kernel-xen-2.6.18-128.1.14.0.1.el5.i686.rpm
kernel-xen-devel-2.6.18-128.1.14.0.1.el5.i686.rpm

x86_64:
kernel-2.6.18-128.1.14.0.1.el5.x86_64.rpm
kernel-debug-2.6.18-128.1.14.0.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-128.1.14.0.1.el5.x86_64.rpm
kernel-devel-2.6.18-128.1.14.0.1.el5.x86_64.rpm
kernel-doc-2.6.18-128.1.14.0.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.14.0.1.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.14.0.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.14.0.1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/kernel-2.6.18-128.1.14.0.1.el5.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.18-128.1.14.0.1.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.14.0.1.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.14.0.1.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.14.0.1.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-128.1.14.0.1.el5-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.14.0.1.el5PAE-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.14.0.1.el5xen-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.14.0.1.el5debug-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.14.0.1.el5-1.4.2-1.el5.i686.rpm
ocfs2-2.6.18-128.1.14.0.1.el5PAE-1.4.2-1.el5.i686.rpm
ocfs2-2.6.18-128.1.14.0.1.el5xen-1.4.2-1.el5.i686.rpm
ocfs2-2.6.18-128.1.14.0.1.el5debug-1.4.2-1.el5.i686.rpm

x86_64:
oracleasm-2.6.18-128.1.14.0.1.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-128.1.14.0.1.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-128.1.14.0.1.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.14.0.1.el5-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.14.0.1.el5xen-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.14.0.1.el5debug-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.14.0.1.el5-1.4.2-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.14.0.1.el5xen-1.4.2-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.14.0.1.el5debug-1.4.2-1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-128.1.14.0.1.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-128.1.14.0.1.el5-1.2.9-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-128.1.14.0.1.el5-1.4.2-1.el5.src.rpm

Description of changes:

[2.6.18-128.1.14.0.1.el5]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru 
Anbalagane) [orabug 6045759]
- [MM]  shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- [NET] Add xen pv/bonding  netconsole support (Tina yang) [orabug 
6993043] [bz 7258]
- [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332]
- [xen] check to see if hypervisor supports memory reservation change 
(Chuck Anderson) [orabug 7556514]
- [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson)  
[orabug 8300888]

[2.6.18-128.1.14.el5]
- [nfs] v4: client handling of MAY_EXEC in nfs_permission (Peter 
Staubach ) [500301 500302] {CVE-2009-1630}
- [fs] proc: avoid info leaks to non-privileged processes (Amerigo Wang 
) [499546 499541]
- [net] tg3: Fix firmware event timeouts (Jiri Pirko ) [502837 481715]
- [scsi] libiscsi: fix nop response/reply and session cleanup race (Jiri 
Pirko ) [502916 497411]
- [fs] cifs: fix pointer and checks in cifs_follow_symlink (Jeff Layton 
) [496576 496577] {CVE-2009-1633}
- [fs] cifs: fix error handling in parse_DFS_referrals (Jeff Layton ) 
[496576 496577] {CVE-2009-1633}
- [fs] cifs: buffer overruns when converting strings (Jeff Layton ) 
[496576 496577] {CVE-2009-1633}
- [fs] cifs: unicode alignment and buffer sizing problems (Jeff Layton ) 
[494279 494280] {CVE-2009-1439}
- [x86] xen: fix local denial of service (Chris Lalancette ) [500950 
500951] {CVE-2009-1758}
- [misc] compile: add -fwrapv to gcc CFLAGS (Don Zickus ) [501751 491266]
- [misc] random: make get_random_int more random (Amerigo Wang ) [499783 
499776]
- [gfs2] fix uninterruptible quotad sleeping (Steven Whitehouse ) 
[501742 492943]
- [mm] cow vs gup race fix (Andrea Arcangeli ) [486921 471613]
- [mm] fork vs gup race fix (Andrea Arcangeli ) [486921 471613]
- [nfs] fix hangs during heavy write workloads (Peter Staubach ) [486926 
469848]

[2.6.18-128.1.13.el5]
- [misc] add some long-missing capabilities to CAP_FS_MASK (Eric Paris ) 
[499075 497271 499076 497272] {CVE-2009-1072}
- [agp] zero pages before sending to userspace (Jiri Olsa ) [497025 
497026] {CVE-2009-1192}
- [fs] keep eventpoll from locking up the box (Josef Bacik ) [497322 487585]
- [misc] waitpid reports stopped process more than once (Vitaly 
Mayatskikh ) [486945 481199]
- [ata] libata: ahci enclosure management bios workaround (David Milburn 
) [500120 488471]

[2.6.18-128.1.12.el5]
- [ia64] fix regression in nanosleep syscall (Prarit Bhargava ) [500349 
499289]

[2.6.18-128.1.11.el5]
- [nfs] race with nfs_access_cache_shrinker() and umount (Peter Staubach 
) [498653 469225]






More information about the El-errata mailing list