[El-errata] ELSA-2012-1061-1 Moderate: Oracle Linux 5 kernel security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Jul 11 15:41:41 PDT 2012


Oracle Linux Security Advisory ELSA-2012-1061-1

https://rhn.redhat.com/errata/RHSA-2012-1061.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-2.6.18-308.11.1.0.1.el5.i686.rpm
kernel-PAE-2.6.18-308.11.1.0.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-308.11.1.0.1.el5.i686.rpm
kernel-debug-2.6.18-308.11.1.0.1.el5.i686.rpm
kernel-debug-devel-2.6.18-308.11.1.0.1.el5.i686.rpm
kernel-devel-2.6.18-308.11.1.0.1.el5.i686.rpm
kernel-doc-2.6.18-308.11.1.0.1.el5.noarch.rpm
kernel-headers-2.6.18-308.11.1.0.1.el5.i386.rpm
kernel-xen-2.6.18-308.11.1.0.1.el5.i686.rpm
kernel-xen-devel-2.6.18-308.11.1.0.1.el5.i686.rpm

x86_64:
kernel-2.6.18-308.11.1.0.1.el5.x86_64.rpm
kernel-debug-2.6.18-308.11.1.0.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-308.11.1.0.1.el5.x86_64.rpm
kernel-devel-2.6.18-308.11.1.0.1.el5.x86_64.rpm
kernel-doc-2.6.18-308.11.1.0.1.el5.noarch.rpm
kernel-headers-2.6.18-308.11.1.0.1.el5.x86_64.rpm
kernel-xen-2.6.18-308.11.1.0.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-308.11.1.0.1.el5.x86_64.rpm

ia64:
kernel-2.6.18-308.11.1.0.1.el5.ia64.rpm
kernel-debug-2.6.18-308.11.1.0.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-308.11.1.0.1.el5.ia64.rpm
kernel-devel-2.6.18-308.11.1.0.1.el5.ia64.rpm
kernel-doc-2.6.18-308.11.1.0.1.el5.noarch.rpm
kernel-headers-2.6.18-308.11.1.0.1.el5.ia64.rpm
kernel-xen-2.6.18-308.11.1.0.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-308.11.1.0.1.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/kernel-2.6.18-308.11.1.0.1.el5.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.18-308.11.1.0.1.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-308.11.1.0.1.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-308.11.1.0.1.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-308.11.1.0.1.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-308.11.1.0.1.el5-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-308.11.1.0.1.el5PAE-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-308.11.1.0.1.el5xen-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-308.11.1.0.1.el5debug-1.4.10-1.el5.i686.rpm

x86_64:
oracleasm-2.6.18-308.11.1.0.1.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-308.11.1.0.1.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-308.11.1.0.1.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-308.11.1.0.1.el5-1.4.10-1.el5.x86_64.rpm
ocfs2-2.6.18-308.11.1.0.1.el5xen-1.4.10-1.el5.x86_64.rpm
ocfs2-2.6.18-308.11.1.0.1.el5debug-1.4.10-1.el5.x86_64.rpm

ia64:
oracleasm-2.6.18-308.11.1.0.1.el5-2.0.5-1.el5.ia64.rpm
oracleasm-2.6.18-308.11.1.0.1.el5xen-2.0.5-1.el5.ia64.rpm
oracleasm-2.6.18-308.11.1.0.1.el5debug-2.0.5-1.el5.ia64.rpm
ocfs2-2.6.18-308.11.1.0.1.el5-1.4.10-1.el5.ia64.rpm
ocfs2-2.6.18-308.11.1.0.1.el5xen-1.4.10-1.el5.ia64.rpm
ocfs2-2.6.18-308.11.1.0.1.el5debug-1.4.10-1.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-308.11.1.0.1.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-308.11.1.0.1.el5-1.4.10-1.el5.src.rpm

Users with Oracle Linux Premier Support can now use Ksplice to patch
against this Security Advisory.

We recommend that all users of  Oracle Linux 5 install these updates.

Users of Ksplice Uptrack can install these updates by running :

# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.

Description of changes:

* CVE-2012-3375: Denial of service due to epoll resource leak in error path.

The upstream fix for CVE-2011-1083 introduced a flaw in the way
the Linux kernel's Event Poll (epoll) subsystem handled resource clean up
when an ELOOP error code was returned. A local, unprivileged user could use
this flaw to cause a denial of service.


* Arithmetic overflow in clock source calculations.

An insufficiently designed calculation in the CPU accelerator in the
previous kernel caused an arithmetic overflow in the sched_clock()
function when system uptime exceeded 208.5 days. This overflow led to
a kernel panic on the systems using the Time Stamp Counter (TSC) or
Virtual Machine Interface (VMI) clock source. This update corrects the
aforementioned calculation so that this arithmetic overflow and kernel
panic can no longer occur under these circumstances.


[2.6.18-308.11.1.0.1.el5]
- [net] bonding: fix carrier detect when bond is down [orabug 12377284]
- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]
- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong 
Duan)
- [x86] use dynamic vcpu_info remap to support more than 32 vcpus 
(Zhenzhong Duan)
- [x86] Fix lvt0 reset when hvm boot up with noapic param
- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, 
Chris Mason)
   [orabug 12342275]
- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 
12561346]
- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]
- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) 
[orabug 12740042]
- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) 
[orabug 12687646]
- [scsi] fix scsi hotplug and rescan race [orabug 10260172]
- fix filp_close() race (Joe Jin) [orabug 10335998]
- make xenkbd.abs_pointer=1 by default [orabug 67188919]
- [xen] check to see if hypervisor supports memory reservation change
   (Chuck Anderson) [orabug 7556514]
- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf 
(John Sobecki)
   [orabug 10315433]
- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]
- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105]
   RDS: Fix BUG_ONs to not fire when in a tasklet
   ipoib: Fix lockup of the tx queue
   RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)
   RDS: Properly unmap when getting a remote access error (Tina Yang)
   RDS: Fix locking in rds_send_drop_to()
- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)
   [orabug 9107465]
+- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)
   [orabug 9764220]
- Support 256GB+ memory  for pv guest (Mukesh Rathor) [orabug 9450615]
- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,
   Guru Anbalagane) [orabug 6124033]
- [ipmi] make  configurable timeouts for kcs of ipmi [orabug 9752208]
- [ib] fix memory corruption (Andy Grover) [orabug 9972346]

[2.6.18-308.11.1.el5]
- [net] ixgbe: remove flow director stats (Andy Gospodarek) [832169 830226]
- [net] ixgbe: fix default return value for ixgbe_cache_ring_fdir (Andy 
Gospodarek) [832169 830226]
- [net] ixgbe: reverting setup redirection table for multiple packet 
buffers (Andy Gospodarek) [832169 830226]

[2.6.18-308.10.1.el5]
- [xen] x86_64: check address on trap handlers or guest callbacks (Paolo 
Bonzini) [813430 813431] {CVE-2012-0217}
- [xen] x86_64: Do not execute sysret with a non-canonical return 
address (Paolo Bonzini) [813430 813431] {CVE-2012-0217}
- [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) 
[824969 824970] {CVE-2012-2934}
- [scsi] qla2xxx: Use ha->pdev->revision in 4Gbps MSI-X check. (Chad 
Dupuis) [816373 800653]
- [fs] sunrpc: do array overrun check in svc_recv before page alloc (J. 
Bruce Fields) [820358 814626]
- [fs] knfsd: fix an NFSD bug with full size non-page-aligned reads (J. 
Bruce Fields) [820358 814626]
- [fs] sunrpc: fix oops due to overrunning server's page array (J. Bruce 
Fields) [820358 814626]
- [fs] epoll: clear the tfile_check_list on -ELOOP (Jason Baron) [829670 
817131]
- [x86_64] sched: Avoid unnecessary overflow in sched_clock (Prarit 
Bhargava) [824654 818787]
- [net] sunrpc: Don't use list_for_each_entry_safe in rpc_wake_up (Steve 
Dickson) [817571 809937]
- [s390] qeth: add missing wake_up call (Hendrik Brueckner) [829059 790900]

[2.6.18-308.9.1.el5]
- [fs] jbd: clear b_modified before moving the jh to a different 
transaction (Josef Bacik) [827205 563247]





More information about the El-errata mailing list