[El-errata] ELSA-2012-0721 Important: Oracle Linux 5 kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jun 15 18:06:55 PDT 2012


Oracle Linux Security Advisory ELSA-2012-0721

https://rhn.redhat.com/errata/RHSA-2012-0721.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-2.6.18-308.8.2.el5.i686.rpm
kernel-PAE-2.6.18-308.8.2.el5.i686.rpm
kernel-PAE-devel-2.6.18-308.8.2.el5.i686.rpm
kernel-debug-2.6.18-308.8.2.el5.i686.rpm
kernel-debug-devel-2.6.18-308.8.2.el5.i686.rpm
kernel-devel-2.6.18-308.8.2.el5.i686.rpm
kernel-doc-2.6.18-308.8.2.el5.noarch.rpm
kernel-headers-2.6.18-308.8.2.el5.i386.rpm
kernel-xen-2.6.18-308.8.2.el5.i686.rpm
kernel-xen-devel-2.6.18-308.8.2.el5.i686.rpm

x86_64:
kernel-2.6.18-308.8.2.el5.x86_64.rpm
kernel-debug-2.6.18-308.8.2.el5.x86_64.rpm
kernel-debug-devel-2.6.18-308.8.2.el5.x86_64.rpm
kernel-devel-2.6.18-308.8.2.el5.x86_64.rpm
kernel-doc-2.6.18-308.8.2.el5.noarch.rpm
kernel-headers-2.6.18-308.8.2.el5.x86_64.rpm
kernel-xen-2.6.18-308.8.2.el5.x86_64.rpm
kernel-xen-devel-2.6.18-308.8.2.el5.x86_64.rpm

ia64:
kernel-2.6.18-308.8.2.el5.ia64.rpm
kernel-debug-2.6.18-308.8.2.el5.ia64.rpm
kernel-debug-devel-2.6.18-308.8.2.el5.ia64.rpm
kernel-devel-2.6.18-308.8.2.el5.ia64.rpm
kernel-doc-2.6.18-308.8.2.el5.noarch.rpm
kernel-headers-2.6.18-308.8.2.el5.ia64.rpm
kernel-xen-2.6.18-308.8.2.el5.ia64.rpm
kernel-xen-devel-2.6.18-308.8.2.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/kernel-2.6.18-308.8.2.el5.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.18-308.8.2.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-308.8.2.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-308.8.2.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-308.8.2.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-308.8.2.el5-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-308.8.2.el5PAE-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-308.8.2.el5xen-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-308.8.2.el5debug-1.4.10-1.el5.i686.rpm

x86_64:
oracleasm-2.6.18-308.8.2.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-308.8.2.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-308.8.2.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-308.8.2.el5-1.4.10-1.el5.x86_64.rpm
ocfs2-2.6.18-308.8.2.el5xen-1.4.10-1.el5.x86_64.rpm
ocfs2-2.6.18-308.8.2.el5debug-1.4.10-1.el5.x86_64.rpm

ia64:
oracleasm-2.6.18-308.8.2.el5-2.0.5-1.el5.ia64.rpm
oracleasm-2.6.18-308.8.2.el5xen-2.0.5-1.el5.ia64.rpm
oracleasm-2.6.18-308.8.2.el5debug-2.0.5-1.el5.ia64.rpm
ocfs2-2.6.18-308.8.2.el5-1.4.10-1.el5.ia64.rpm
ocfs2-2.6.18-308.8.2.el5xen-1.4.10-1.el5.ia64.rpm
ocfs2-2.6.18-308.8.2.el5debug-1.4.10-1.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-308.8.2.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-308.8.2.el5-1.4.10-1.el5.src.rpm

Users with Oracle Linux Premier Support can now use Ksplice to patch
against this Security Advisory.

We recommend that all users of Oracle Linux 5 install these updates.

Users of Ksplice Uptrack can install these updates by running :

# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.

Description of changes:

This Security Advisory, does not make any changes to the Linux kernel.
This errata update only updates the Xen Hypervisor, which is not part
of the Linux kernel.

Customers running Xen hosts will need to reboot to get the latest
hypervisor updates.

kernel:

[2.6.18-308.8.2.el5]
- [xen] x86_64: check address on trap handlers or guest callbacks (Paolo 
Bonzini) [813430 813431] {CVE-2012-0217}
- [xen] x86_64: Do not execute sysret with a non-canonical return 
address (Paolo Bonzini) [813430 813431] {CVE-2012-0217}
- [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) 
[824969 824970]

ocfs2:

[1.4.10]
- ocfs2/dlm: Cleanup mlogs in dlmthread.c dlmast.c and dlmdomain.c
- ocfs2/dlm: make existing convertion precedent over new lock
- ocfs2/dlm: Cleanup dlmdebug.c
- ocfs2/dlm: Minor cleanup
- ocfs2/dlm: Hard code the values for enums
- ocfs2: Wakeup down convert thread just after clearing OCFS2 LOCK 
UPCONVERT FINISHING
- ocfs2/dlm: Take inflight reference count for remotely mastered 
resources too
- ocfs2/dlm: dlmlock remote needs to account for remastery
- ocfs2: Add some trace log for orphan scan
- ocfs2: Remove unused old id in ocfs2_commit_cache
- ocfs2: Remove obsolete comments before ocfs2_start_trans
- ocfs2: Initialize the bktcnt variable properly and call it bucket_count
- ocfs2: Use cpu to le16 for e leaf clusters in 
ocfs2_bg_discontig_add_extent
- ocfs2: validate bg free bits count after update
- ocfs2: cluster Pin the remote node item in configfs
- ocfs2: Release buffer head in case of error in ocfs2_double_lock
- ocfs2: optimize ocfs2 check dir entry with unlikely() annotations
- ocfs2: Little refactoring against ocfs2 iget
- ocfs2: Initialize data ac might be used uninitializ
- ocfs2 Skip mount recovery for hard ro mounts
- ocfs2: make direntry invalid when deleting it
- ocfs2: commit trans in error
- ocfs2: Fix deadlock when allocating page
- ocfs2: Avoid livelock in ocfs2 readpage





More information about the El-errata mailing list