[El-errata] ELSA-2009-0473 Important: Enterprise Linux 5 kernel security and bug fix update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Fri May 8 09:46:46 PDT 2009 

Enterprise Linux Security Advisory ELSA-2009-0473

https://rhn.redhat.com/errata/RHSA-2009-0473.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.18-128.1.10.0.1.el5.i686.rpm
kernel-PAE-2.6.18-128.1.10.0.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-128.1.10.0.1.el5.i686.rpm
kernel-debug-2.6.18-128.1.10.0.1.el5.i686.rpm
kernel-debug-devel-2.6.18-128.1.10.0.1.el5.i686.rpm
kernel-devel-2.6.18-128.1.10.0.1.el5.i686.rpm
kernel-doc-2.6.18-128.1.10.0.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.10.0.1.el5.i386.rpm
kernel-xen-2.6.18-128.1.10.0.1.el5.i686.rpm
kernel-xen-devel-2.6.18-128.1.10.0.1.el5.i686.rpm

x86_64:
kernel-2.6.18-128.1.10.0.1.el5.x86_64.rpm
kernel-debug-2.6.18-128.1.10.0.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-128.1.10.0.1.el5.x86_64.rpm
kernel-devel-2.6.18-128.1.10.0.1.el5.x86_64.rpm
kernel-doc-2.6.18-128.1.10.0.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.10.0.1.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.10.0.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.10.0.1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/kernel-2.6.18-128.1.10.0.1.el5.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.18-128.1.10.0.1.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.10.0.1.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.10.0.1.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.10.0.1.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-128.1.10.0.1.el5-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.10.0.1.el5PAE-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.10.0.1.el5xen-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.10.0.1.el5debug-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.10.0.1.el5-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.10.0.1.el5PAE-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.10.0.1.el5xen-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.10.0.1.el5debug-1.4.1-1.el5.i686.rpm

x86_64:
oracleasm-2.6.18-128.1.10.0.1.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-128.1.10.0.1.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-128.1.10.0.1.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.10.0.1.el5-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.10.0.1.el5xen-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.10.0.1.el5debug-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.10.0.1.el5-1.4.1-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.10.0.1.el5xen-1.4.1-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.10.0.1.el5debug-1.4.1-1.el5.x86_64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-128.1.10.0.1.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-128.1.10.0.1.el5-1.2.9-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-128.1.10.0.1.el5-1.4.1-1.el5.src.rpm

Description of changes:

[2.6.18-128.1.10.0.1.el5]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru 
Anbalagane) [orabug 6045759]
- [MM]  shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- [NET] Add xen pv/bonding  netconsole support (Tina yang) [orabug 
6993043] [bz 7258]
- [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332]
- [xen] check to see if hypervisor supports memory reservation change 
(Chuck Anderson) [orabug 7556514]
- [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson)  
[orabug 8300888]

[2.6.18-128.1.10.el5]
- [fs] fix softlockup in posix_locks_deadlock (Josef Bacik ) [496842 476659]

[2.6.18-128.1.9.el5]
- [net] ipv4: remove uneeded bh_lock/unlock from udp_rcv (Neil Horman ) 
[496044 484590]

[2.6.18-128.1.8.el5]
- [misc] exit_notify: kill the wrong capable check [494270 494271] 
{CVE-2009-1337}
- [misc] fork: CLONE_PARENT && parent_exec_id interaction (Don Howard ) 
[479963 479964] {CVE-2009-0028}
- [scsi] qla2xxx: reduce DID_BUS_BUSY failover errors (Marcus Barrow ) 
[495635 244967]
- [nfs] v4: client crash on file lookup with long names (Sachin S. 
Prabhu ) [494078 493942] {CVE-2009-1336}
- [net] ixgbe: stop double counting frames and bytes (Andy Gospodarek ) 
[489459 487213]
- [xen] x86: update the earlier APERF/MPERF patch (Chris Lalancette ) 
[495929 493557]
- [xen] x86: fix dom0 panic when using dom0_max_vcpus (Chris Lalancette 
) [495931 485119]
- [net] fix oops when using openswan (Neil Horman ) [496044 484590]

[2.6.18-128.1.7.el5]
- [nfs] remove bogus lock-if-signalled case (Bryn M. Reeves ) [456287 
456288] {CVE-2008-4307}
- [x86] NONSTOP_TSC in tsc clocksource (Luming Yu ) [493356 474091]
- [ppc] keyboard not recognized on bare metal (Justin Payne ) [494293 
455232]
- [fs] ecryptfs: fix memory leak into crypto headers (Eric Sandeen ) 
[491255 491256] {CVE-2009-0787}
- [xen] x86: silence WRMSR warnings (Chris Lalancette ) [488928 470035]
- [ptrace] audit_syscall_entry to use right syscall number (Jiri Pirko ) 
[488001 488002] {CVE-2009-0834}
- [dlm] fix length calculation in compat code (David Teigland ) [491677 
487672]
- [nfs] fix hung clients from deadlock in flush_workqueue (David Jeffery 
) [488929 483627]
- [ia64] use current_kernel_time/xtime in hrtimer_start() (Prarit 
Bhargava ) [490434 485323]
- [net] bonding: fix arp_validate=3 slaves behaviour (Jiri Pirko ) 
[488064 484304]
- [net] enic: return notify intr credits (Andy Gospodarek ) [472474 484824]
- [input] wacom: 12x12 problem while using lens cursor (Aristeu Rozanski 
) [489460 484959]
- [net] ehea: improve behaviour in low mem conditions (AMEET M. 
PARANJAPE ) [487035 483148]

More information about the El-errata mailing list