[El-errata] ELSA-2010-0046 Important: Enterprise Linux 5 kernel security and bug fix update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Wed Jan 20 20:11:37 PST 2010


Enterprise Linux Security Advisory ELSA-2010-0046

https://rhn.redhat.com/errata/RHSA-2010-0046.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.18-164.11.1.0.1.el5.i686.rpm
kernel-PAE-2.6.18-164.11.1.0.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-164.11.1.0.1.el5.i686.rpm
kernel-debug-2.6.18-164.11.1.0.1.el5.i686.rpm
kernel-debug-devel-2.6.18-164.11.1.0.1.el5.i686.rpm
kernel-devel-2.6.18-164.11.1.0.1.el5.i686.rpm
kernel-doc-2.6.18-164.11.1.0.1.el5.noarch.rpm
kernel-headers-2.6.18-164.11.1.0.1.el5.i386.rpm
kernel-xen-2.6.18-164.11.1.0.1.el5.i686.rpm
kernel-xen-devel-2.6.18-164.11.1.0.1.el5.i686.rpm

x86_64:
kernel-2.6.18-164.11.1.0.1.el5.x86_64.rpm
kernel-debug-2.6.18-164.11.1.0.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-164.11.1.0.1.el5.x86_64.rpm
kernel-devel-2.6.18-164.11.1.0.1.el5.x86_64.rpm
kernel-doc-2.6.18-164.11.1.0.1.el5.noarch.rpm
kernel-headers-2.6.18-164.11.1.0.1.el5.x86_64.rpm
kernel-xen-2.6.18-164.11.1.0.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-164.11.1.0.1.el5.x86_64.rpm

ia64:
kernel-2.6.18-164.11.1.0.1.el5.ia64.rpm
kernel-debug-2.6.18-164.11.1.0.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-164.11.1.0.1.el5.ia64.rpm
kernel-devel-2.6.18-164.11.1.0.1.el5.ia64.rpm
kernel-doc-2.6.18-164.11.1.0.1.el5.noarch.rpm
kernel-headers-2.6.18-164.11.1.0.1.el5.ia64.rpm
kernel-xen-2.6.18-164.11.1.0.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-164.11.1.0.1.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/kernel-2.6.18-164.11.1.0.1.el5.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.18-164.11.1.0.1.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-164.11.1.0.1.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-164.11.1.0.1.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-164.11.1.0.1.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-164.11.1.0.1.el5-1.4.4-1.el5.i686.rpm
ocfs2-2.6.18-164.11.1.0.1.el5PAE-1.4.4-1.el5.i686.rpm
ocfs2-2.6.18-164.11.1.0.1.el5xen-1.4.4-1.el5.i686.rpm
ocfs2-2.6.18-164.11.1.0.1.el5debug-1.4.4-1.el5.i686.rpm
ocfs2-2.6.18-164.11.1.0.1.el5-1.4.4-1.el5.i686.rpm
ocfs2-2.6.18-164.11.1.0.1.el5PAE-1.4.4-1.el5.i686.rpm
ocfs2-2.6.18-164.11.1.0.1.el5xen-1.4.4-1.el5.i686.rpm
ocfs2-2.6.18-164.11.1.0.1.el5debug-1.4.4-1.el5.i686.rpm

x86_64:
oracleasm-2.6.18-164.11.1.0.1.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-164.11.1.0.1.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-164.11.1.0.1.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5-1.4.4-1.el5.x86_64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5xen-1.4.4-1.el5.x86_64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5debug-1.4.4-1.el5.x86_64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5-1.4.4-1.el5.x86_64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5xen-1.4.4-1.el5.x86_64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5debug-1.4.4-1.el5.x86_64.rpm

ia64:
oracleasm-2.6.18-164.11.1.0.1.el5-2.0.5-1.el5.ia64.rpm
oracleasm-2.6.18-164.11.1.0.1.el5xen-2.0.5-1.el5.ia64.rpm
oracleasm-2.6.18-164.11.1.0.1.el5debug-2.0.5-1.el5.ia64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5-1.4.4-1.el5.ia64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5xen-1.4.4-1.el5.ia64.rpm
ocfs2-2.6.18-164.11.1.0.1.el5debug-1.4.4-1.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-164.11.1.0.1.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-164.11.1.0.1.el5-1.4.4-1.el5.src.rpm

Description of changes:

[2.6.18-164.11.1.0.1.el5]
- [xen] check to see if hypervisor supports memory reservation change
  (Chuck Anderson) [orabug 7556514]
- Add entropy support to igb ( John Sobecki) [orabug 7607479]
- [nfs] convert ENETUNREACH to ENOTCONN  [orabug 7689332]
- [NET] Add xen pv/bonding  netconsole support (Tina yang) [orabug 6993043]
  [bz 7258]
- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)
  [orabug 7579314]
- FP register state is corrupted during the handling a SIGSEGV (Chuck 
Anderson)
  [orabug 7708133]

[2.6.18-164.11.1.el5]
- [firewire] ohci: handle receive packets with zero data (Jay Fenlason) 
[547241 547242] {CVE-2009-4138}
- [x86] sanity check for AMD northbridges (Andrew Jones) [549905 547518]
- [x86_64] disable vsyscall in kvm guests (Glauber Costa) [550968 542612]
- [fs] ext3: replace lock_super with explicit resize lock (Eric Sandeen) 
[549908 525100]
- [fs] respect flag in do_coredump (Danny Feng) [544188 544189] 
{CVE-2009-4036}
- [gfs2] make O_APPEND behave as expected (Steven Whitehouse) [547521 
544342]
- [fs] hfs: fix a potential buffer overflow (Amerigo Wang) [540740 
540741] {CVE-2009-4020}
- [fuse] prevent fuse_put_request on invalid pointer (Danny Feng) 
[538736 538737] {CVE-2009-4021}
- [mm] call vfs_check_frozen after unlocking the spinlock (Amerigo Wang) 
[548370 541956]
- [infiniband] init neigh->dgid.raw on bonding events (Doug Ledford) 
[543448 538067]
- [scsi] gdth: prevent negative offsets in ioctl (Amerigo Wang) [539420 
539421] {CVE-2009-3080}
- [fs] gfs2: fix glock ref count issues (Steven Whitehouse) [544978 539240]
- [net] call cond_resched in rt_run_flush (Amerigo Wang) [547530 517588]
- [scsi] megaraid: fix sas permissions in sysfs (Casey Dahlin) [537312 
537313] {CVE-2009-3889 CVE-2009-3939}
- [ia64] kdump: restore registers in the stack on init (Takao Indoh ) 
[542582 515753]
- [x86] kvm: don't ask HV for tsc khz if not using kvmclock (Glauber 
Costa ) [537027 531268]
- [net] sched: fix panic in bnx2_poll_work (John Feeney ) [539686 526481]
- [x86_64] fix 32-bit process register leak (Amerigo Wang ) [526797 526798]
- [cpufreq] add option to avoid smi while calibrating (Matthew Garrett ) 
[537343 513649]
- [kvm] use upstream kvm_get_tsc_khz (Glauber Costa ) [540896 531025]
- [net] fix unbalance rtnl locking in rt_secret_reschedule (Neil Horman 
) [549907 510067]
- [net] r8169: imporved rx length check errors (Neil Horman ) [552913 
552438]
- [scsi] lpfc: fix FC ports offlined during target controller faults 
(Rob Evers ) [549906 516541]
- [net] emergency route cache flushing fixes (Thomas Graf ) [545662 
545663] {CVE-2009-4272}
- [fs] fasync: split 'fasync_helper()' into separate add/remove 
functions (Danny Feng ) [548656 548657] {CVE-2009-4141}
- [scsi] qla2xxx: NPIV vport management pseudofiles are world writable 
(Tom Coughlan ) [537317 537318] {CVE-2009-3556}






More information about the El-errata mailing list