[El-errata] ELSA-2010-0146 Important: Enterprise Linux 4 kernel security and bug fix update

Thu Mar 18 06:58:21 PDT 2010

Enterprise Linux Security Advisory ELSA-2010-0146

https://rhn.redhat.com/errata/RHSA-2010-0146.html

The following updated rpms for Enterprise Linux 4 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.9-89.0.23.0.1.EL.i686.rpm
kernel-devel-2.6.9-89.0.23.0.1.EL.i686.rpm
kernel-doc-2.6.9-89.0.23.0.1.EL.noarch.rpm
kernel-hugemem-2.6.9-89.0.23.0.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.23.0.1.EL.i686.rpm
kernel-smp-2.6.9-89.0.23.0.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.23.0.1.EL.i686.rpm
kernel-xenU-2.6.9-89.0.23.0.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.23.0.1.EL.i686.rpm

x86_64:
kernel-2.6.9-89.0.23.0.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.23.0.1.EL.x86_64.rpm
kernel-doc-2.6.9-89.0.23.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.23.0.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.23.0.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.23.0.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.23.0.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.23.0.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.23.0.1.EL.x86_64.rpm

ia64:
kernel-2.6.9-89.0.23.0.1.EL.ia64.rpm
kernel-devel-2.6.9-89.0.23.0.1.EL.ia64.rpm
kernel-doc-2.6.9-89.0.23.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.23.0.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.23.0.1.EL.ia64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-89.0.23.0.1.EL.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.9-89.0.23.0.1.EL-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.23.0.1.ELhugemem-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.23.0.1.ELsmp-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.0.23.0.1.ELxenU-2.0.5-1.el4.i686.rpm
ocfs2-2.6.9-89.0.23.0.1.EL-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.23.0.1.ELhugemem-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.23.0.1.ELsmp-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.0.23.0.1.ELxenU-1.2.9-1.el4.i686.rpm

x86_64:
oracleasm-2.6.9-89.0.23.0.1.EL-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.23.0.1.ELlargesmp-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.23.0.1.ELsmp-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.0.23.0.1.ELxenU-2.0.5-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.23.0.1.EL-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.23.0.1.ELlargesmp-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.23.0.1.ELsmp-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.0.23.0.1.ELxenU-1.2.9-1.el4.x86_64.rpm

ia64:
oracleasm-2.6.9-89.0.23.0.1.EL-2.0.5-1.el4.ia64.rpm
oracleasm-2.6.9-89.0.23.0.1.ELlargesmp-2.0.5-1.el4.ia64.rpm
ocfs2-2.6.9-89.0.23.0.1.EL-1.2.9-1.el4.ia64.rpm
ocfs2-2.6.9-89.0.23.0.1.ELlargesmp-1.2.9-1.el4.ia64.rpm

SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/oracleasm-2.6.9-89.0.23.0.1.EL-2.0.5-1.el4.src.rpm
http://oss.oracle.com/el4/SRPMS-updates/ocfs2-2.6.9-89.0.23.0.1.EL-1.2.9-1.el4.src.rpm

Description of changes:

[2.6.9-89.0.23.0.1]
- [XEN] fix cpu hotplug crash (Joe Jin) [orabug 7521308]
- [XEN] Bring up vcpus before khelper init (Joe Jin) [orabug 7521308]
- [XEN] flush the tlb cache immediately (Dave McCracken, Scott Shi) 
[orabug 9138767]
- fix skb alignment that was causing sendto() to fail with EFAULT
  (Olaf Kirch) [orabug 6845794]
- fix  enomem due to larger mtu size page alloc (Zach Brown) [orabug 
5486128]
- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)
  [orabug 6125546]
- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]
- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]
- use lfence instead of cpuid instruction to implement memory barriers
  (Herbert van den Bergh) [orabug 7452412]
- add netpoll support to xen netfront (Tina Yang) [orabz 7261]
- [xen] execshield: fix endless GPF fault loop (Stephen Tweedie)
  [orabug 7175395]
- [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit
  dom0 [orabug 7452107] xenstore
- [mm] update shrink_zone patch to allow 100% swap utilization (John 
Sobecki,
  Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]
- [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki)
  [orabug 6110605]
- [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)
- port EL5U3 patch to adjust totalhigh_pages in the balloon driver
  [orabug 8300888]
- check to see if hypervisor supports memory reservation change (Chuck 
Anderson)
  [orabug7556514]
- [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]
- [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526]
- fix oops in nlmclnt_mark_reclaim (Trond Myklebust) [orabug 8568878]
- [x86_64] Allowed machine_reboot running on boot_cpu (Joe Jin) [orabug 
8425237]
- FP register state is corrupted during the handling a SIGSEGV (Chuck 
Anderson)
  [orabug 7708133]
- [x86_64]: fix x86_64 largesmp kernel reboot hang (Joe Jin) [orabug 
bug9126592]
- [nfs]: fix file attribute caching (Chuck Lever, Herbert van den Bergh)
  [orabug 8449921]
- [mm] revert patch #2042 (John Sobecki) [orabug 8895251]

[2.6.9-89.0.23]
-e1000e: fix broken wake up on LAN functionality due to other e1000e 
patch (Andy Gospodarek) [565496 558607]

[2.6.9-89.0.22]
-net: fix sctp ootb packet deinal of service (Neil Horman) [555662 
555663] {CVE-2010-0008}
-e1000e: fix broken wake up on LAN functionality due to other e1000e 
patch (Andy Gospodarek) [565496 558607]
-signal: fix kernel information leak with print-fatal-signals=1 (Danny 
Feng) [554581 554582] {CVE-2010-0003}
-netfilter: ebtables: enforce CAP_NET_ADMIN for modifications to 
ebtables (Danny Feng) [555240 555241] {CVE-2010-0007}
-lpfc: lpfc driver doesn t acquire lock when searching hba for target 
(Rob Evers) [561453 548496]
-ext3: replace lock/unlock_super() with an explicit lock for resizing 
(Lachlan McIlroy) [553135 547213]
-kernel: fix DOS on x86_64, load_elf_binary() (Danny Feng) [560550 
560551] {CVE-2010-0307}
-scsi: make sure to enable ordered mode on scsi drives with write cache 
enabled (Josef Bacik) [560563 537475]

[2.6.9-89.0.21]
-ia32: fix kernel panic when coredump VDSO page for 32bit process 
(Amerigo Wang) [549230 549231] {CVE-2009-4271}