[El-errata] ELSA-2011-0162 Important: Oracle Linux 4 kernel security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Jan 19 06:46:25 PST 2011
Oracle Linux Security Advisory ELSA-2011-0162
https://rhn.redhat.com/errata/RHSA-2011-0162.html
The following updated rpms for Oracle Linux 4 have been uploaded to the
Unbreakable Linux Network:
i386:
kernel-2.6.9-89.35.1.0.1.EL.i686.rpm
kernel-devel-2.6.9-89.35.1.0.1.EL.i686.rpm
kernel-doc-2.6.9-89.35.1.0.1.EL.noarch.rpm
kernel-hugemem-2.6.9-89.35.1.0.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.35.1.0.1.EL.i686.rpm
kernel-smp-2.6.9-89.35.1.0.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.35.1.0.1.EL.i686.rpm
kernel-xenU-2.6.9-89.35.1.0.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.35.1.0.1.EL.i686.rpm
x86_64:
kernel-2.6.9-89.35.1.0.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.35.1.0.1.EL.x86_64.rpm
kernel-doc-2.6.9-89.35.1.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-89.35.1.0.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.35.1.0.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.35.1.0.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.35.1.0.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.35.1.0.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.35.1.0.1.EL.x86_64.rpm
ia64:
kernel-2.6.9-89.35.1.0.1.EL.ia64.rpm
kernel-devel-2.6.9-89.35.1.0.1.EL.ia64.rpm
kernel-doc-2.6.9-89.35.1.0.1.EL.noarch.rpm
kernel-largesmp-2.6.9-89.35.1.0.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.35.1.0.1.EL.ia64.rpm
SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/kernel-2.6.9-89.35.1.0.1.EL.src.rpm
The following packages were rebuilt to be in sync with the updated
kernel version (no changes other than updating the version number):
i386:
oracleasm-2.6.9-89.35.1.0.1.EL-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.35.1.0.1.ELhugemem-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.35.1.0.1.ELsmp-2.0.5-1.el4.i686.rpm
oracleasm-2.6.9-89.35.1.0.1.ELxenU-2.0.5-1.el4.i686.rpm
ocfs2-2.6.9-89.35.1.0.1.EL-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.35.1.0.1.ELhugemem-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.35.1.0.1.ELsmp-1.2.9-1.el4.i686.rpm
ocfs2-2.6.9-89.35.1.0.1.ELxenU-1.2.9-1.el4.i686.rpm
x86_64:
oracleasm-2.6.9-89.35.1.0.1.EL-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.35.1.0.1.ELlargesmp-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.35.1.0.1.ELsmp-2.0.5-1.el4.x86_64.rpm
oracleasm-2.6.9-89.35.1.0.1.ELxenU-2.0.5-1.el4.x86_64.rpm
ocfs2-2.6.9-89.35.1.0.1.EL-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.35.1.0.1.ELlargesmp-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.35.1.0.1.ELsmp-1.2.9-1.el4.x86_64.rpm
ocfs2-2.6.9-89.35.1.0.1.ELxenU-1.2.9-1.el4.x86_64.rpm
ia64:
oracleasm-2.6.9-89.35.1.0.1.EL-2.0.5-1.el4.ia64.rpm
oracleasm-2.6.9-89.35.1.0.1.ELlargesmp-2.0.5-1.el4.ia64.rpm
ocfs2-2.6.9-89.35.1.0.1.EL-1.2.9-1.el4.ia64.rpm
ocfs2-2.6.9-89.35.1.0.1.ELlargesmp-1.2.9-1.el4.ia64.rpm
SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/oracleasm-2.6.9-89.35.1.0.1.EL-2.0.5-1.el4.src.rpm
http://oss.oracle.com/el4/SRPMS-updates/ocfs2-2.6.9-89.35.1.0.1.EL-1.2.9-1.el4.src.rpm
Description of changes:
[2.6.9-89.35.1.0.1.EL]
- [XEN] fix cpu hotplug crash (Joe Jin) [orabug 7521308]
- [XEN] Bring up vcpus before khelper init (Joe Jin) [orabug 7521308]
- [XEN] flush the tlb cache immediately (Dave McCracken, Scott Shi)
[orabug 9138767]
- fix skb alignment that was causing sendto() to fail with EFAULT
(Olaf Kirch) [orabug 6845794] - fix enomem due to larger mtu size page
alloc (Zach Brown) [orabug 5486128]
- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)
[orabug 6125546]
- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]
- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]
- use lfence instead of cpuid instruction to implement memory barriers
(Herbert van den Bergh) [orabug 7452412]
- add netpoll support to xen netfront (Tina Yang) [orabz 7261]
- [xen] execshield: fix endless GPF fault loop (Stephen Tweedie)
[orabug 7175395]
- [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit
dom0 [orabug 7452107] xenstore
- [mm] update shrink_zone patch to allow 100% swap utilization (John
Sobecki,
Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]
- [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki)
[orabug 6110605]
- [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)
- port EL5U3 patch to adjust totalhigh_pages in the balloon driver
[orabug 8300888]
- check to see if hypervisor supports memory reservation change (Chuck
Anderson) [orabug7556514]
- [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]
- fix oops in nlmclnt_mark_reclaim (Trond Myklebust) [orabug 8568878]
- [x86_64] Allowed machine_reboot running on boot_cpu (Joe Jin) [orabug
8425237]
- FP register state is corrupted during the handling a SIGSEGV (Chuck
Anderson)
[orabug 7708133]
- [x86_64]: fix x86_64 largesmp kernel reboot hang (Joe Jin) [orabug
bug9126592]
- [nfs]: fix file attribute caching (Chuck Lever, Herbert van den Bergh)
[orabug 8449921]
- [mm] revert patch #2042 (John Sobecki) [orabug 8895251]
- [x86_64] Add compat32 support for readahead and fadvise64 (John Haxby)
[orabug 9458826]
- [XEN] free pte on hugetlb_prefault to avoid the clear_page race
(Dave McCracken, Joe Jin) [orabug 9493665]
- [XEN] Flush tlb cache immediately to avoid clear_page race (Dave
McCracken,
Joe Jin) [orabug 9488844]
- [aio] remove limit on number of retries (Srinivas Eeda) [orabug 10044782]
[2.6.9-89.35.1]
-unix: fix local socket dos (Neil Horman) [656757 656758] {CVE-2010-4249}
-serial: clean data before filling it (Mauro Carvalho Chehab) [648808
648809]
-net: fix reception of completely page backed sk_buffs (Andy Gospodarek)
[664667 500921]
-net: filter: make sure filters dont read uninitialized memory (Jiri
Pirko) [651700 651701] {CVE-2010-4158}
[2.6.9-89.34.1]
-alsa: rme9652: prevent reading uninitialized stack memory (Stanislaw
Gruszka) [648806 648807] {CVE-2010-4080}
-bluetooth: fix missing null check (Jarod Wilson) [655662 655663]
{CVE-2010-4242}
-ipc: initialize structure memory to zero for compat functions (Xiaotian
Feng) [648810 648811] {CVE-2010-4073}
-ipc: shm: fix information leak to userland (Xiaotian Feng) [648816
648817] {CVE-2010-4072}
-kernel: failure to revert address limit override in oops error path
(Dave Anderson) [659568 659569] {CVE-2010-4258}
-net: limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri
Pirko) [656871 651924] {CVE-2010-3859}
-net: packet: fix information leak to userland (Jiri Pirko) [649895
649896] {CVE-2010-3876}
-scsi: gdth: integer overflow in ioc_general (Frantisek Hrbata) [651173
651174] {CVE-2010-4157}
-sys_semctl: semctl fix kernel stack leakage (Xiaotian Feng) [648793
648794] {CVE-2010-4083}
More information about the El-errata
mailing list