[El-errata] ELSA-2012-1156 Moderate: Oracle Linux 6 kernel security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Aug 15 13:08:07 PDT 2012
Oracle Linux Security Advisory ELSA-2012-1156
https://rhn.redhat.com/errata/RHSA-2012-1156.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
kernel-2.6.32-279.5.1.el6.i686.rpm
kernel-debug-2.6.32-279.5.1.el6.i686.rpm
kernel-debug-devel-2.6.32-279.5.1.el6.i686.rpm
kernel-devel-2.6.32-279.5.1.el6.i686.rpm
kernel-doc-2.6.32-279.5.1.el6.noarch.rpm
kernel-firmware-2.6.32-279.5.1.el6.noarch.rpm
kernel-headers-2.6.32-279.5.1.el6.i686.rpm
perf-2.6.32-279.5.1.el6.i686.rpm
python-perf-2.6.32-279.5.1.el6.i686.rpm
x86_64:
kernel-2.6.32-279.5.1.el6.x86_64.rpm
kernel-debug-2.6.32-279.5.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-279.5.1.el6.x86_64.rpm
kernel-devel-2.6.32-279.5.1.el6.x86_64.rpm
kernel-doc-2.6.32-279.5.1.el6.noarch.rpm
kernel-firmware-2.6.32-279.5.1.el6.noarch.rpm
kernel-headers-2.6.32-279.5.1.el6.x86_64.rpm
perf-2.6.32-279.5.1.el6.x86_64.rpm
python-perf-2.6.32-279.5.1.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-279.5.1.el6.src.rpm
The following packages were rebuilt to be in sync with the updated
kernel version (no changes other than updating the version number):
Users with Oracle Linux Premier Support can now use Ksplice to patch
against this Security Advisory.
We recommend that all users of Oracle Linux 6 install these updates.
Users of Ksplice Uptrack can install these updates by running :
# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.
Description of changes:
* CVE-2011-1078: Information leak in Bluetooth SCO link driver.
One byte of the 'struct sco_conninfo' data structure was not
initialized before being copied to userspace, leading to a leak of
potentially sensitive kernel memory.
* CVE-2012-2384: Integer overflow in i915 execution buffer.
An integer overflow in the i915 execution buffer code could result in a
user triggering a denial-of-service attack or elevating privileges.
[2.6.32-279.5.1.el6]
- [net] 8021q/vlan: filter device events on bonds (Neil Horman) [842429
841983]
[2.6.32-279.4.1.el6]
- [fs] proc: stats: Use arch_idle_time for idle and iowait times if
available (Steve Best) [841579 841149]
- [drm] i915: fix integer overflow in i915_gem_execbuffer2() (Jacob
Tanenbaum) [824553 824555] {CVE-2012-2383}
- [usb] core: change the memory limits in usbfs URB submission (Don
Zickus) [841667 828271]
- [usb] core: unify some error pathways in usbfs (Don Zickus) [841667
828271]
- [netdrv] ixgbe: BIT_APP_UPCHG not set by ixgbe_copy_dcb_cfg() (Andy
Gospodarek) [840156 814044]
- [netdrv] ixgbe: driver fix for link flap (Andy Gospodarek) [840156 814044]
- [net] bridge: Fix enforcement of multicast hash_max limit (Thomas
Graf) [840023 832575]
- [net] bluetooth: fix sco_conninfo infoleak (Jacob Tanenbaum) [681307
681308] {CVE-2011-1078}
- [wireless] ipw2200: remove references to CFG80211_WEXT config option
(John Linville) [841406 839311]
- [netdrv] be2net: enable GRO by default (Ivan Vecera) [838821 837230]
- [virt] kvm/vmx: Fix KVM_SET_SREGS with big real mode segments (Orit
Wasserman) [841411 756044]
- [fs] writeback: merge for_kupdate and !for_kupdate cases (Eric
Sandeen) [832360 818172]
- [fs] writeback: fix queue_io() ordering (Eric Sandeen) [832360 818172]
- [fs] writeback: don't redirty tail an inode with dirty pages (Eric
Sandeen) [832360 818172]
[2.6.32-279.3.1.el6]
- [fs] ext4: properly dirty split extent nodes (David Jeffery) [840052
838640]
More information about the El-errata
mailing list