[El-errata] ELSA-2013-1051 Moderate: Oracle Linux 6 kernel security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jul 16 18:16:50 PDT 2013 

Oracle Linux Security Advisory ELSA-2013-1051

https://rhn.redhat.com/errata/RHSA-2013-1051.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-2.6.32-358.14.1.el6.i686.rpm
kernel-debug-2.6.32-358.14.1.el6.i686.rpm
kernel-debug-devel-2.6.32-358.14.1.el6.i686.rpm
kernel-devel-2.6.32-358.14.1.el6.i686.rpm
kernel-doc-2.6.32-358.14.1.el6.noarch.rpm
kernel-firmware-2.6.32-358.14.1.el6.noarch.rpm
kernel-headers-2.6.32-358.14.1.el6.i686.rpm
perf-2.6.32-358.14.1.el6.i686.rpm
python-perf-2.6.32-358.14.1.el6.i686.rpm

x86_64:
kernel-2.6.32-358.14.1.el6.x86_64.rpm
kernel-debug-2.6.32-358.14.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-358.14.1.el6.x86_64.rpm
kernel-devel-2.6.32-358.14.1.el6.x86_64.rpm
kernel-doc-2.6.32-358.14.1.el6.noarch.rpm
kernel-firmware-2.6.32-358.14.1.el6.noarch.rpm
kernel-headers-2.6.32-358.14.1.el6.x86_64.rpm
perf-2.6.32-358.14.1.el6.x86_64.rpm
python-perf-2.6.32-358.14.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-358.14.1.el6.src.rpm


Description of changes:

[2.6.32-358.14.1.el6]
- [x86] apic: Add probe() for apic_flat (Prarit Bhargava) [975086 953342]

[2.6.32-358.13.1.el6]
- [wireless] b43: stop format string leaking into error msgs (John 
Linville) [971387 971389] {CVE-2013-2852}
- [pci] make sriov work with hotplug remove (Takahiro MUNEDA) [973555 
965002]
- [net] rtnl: fix info leak on RTM_GETLINK request for VF devices 
(Flavio Leitner) [923657 923659] {CVE-2013-2634 CVE-2013-2635}
- [net] dcbnl: fix various netlink info leaks (Flavio Leitner) [923657 
923659] {CVE-2013-2634 CVE-2013-2635}
- [net] bonding: fix enslaving in alb mode when link down (Veaceslav 
Falico) [969306 965132]
- [net] tcp: Fix oops from tcp_collapse() when using splice() (Nikola 
Pajkovsky) [968871 863512] {CVE-2013-2128}
- [usb] uhci: fix IRQ race during initialization (Dave Young) [968557 
915834]
- [netdrv] e1000e: enable VLAN RX/TX in PROMISC mode (Stefan Assmann) 
[963564 886420]
- [netdrv] bnx2x: strip VLAN header in PROMISC mode (Stefan Assmann) 
[963564 886420]
- [net] vlan: handle packets with empty vlan_group via VLAN code (Stefan 
Assmann) [963564 886420]
- [fs] namei.c: Dont allow to create hardlink for deleted file (Brian 
Foster) [956296 908158]
- [fs] gfs2: Reinstate withdraw ack system (Robert S Peterson) [927308 
908093]
- [fs] nfs: open a file descriptor for fsync in nfs4 recovery (J. Bruce 
Fields) [964046 915479]
- [net] macvlan: remove bogus check in macvlan_handle_frame() (Jiri 
Pirko) [962370 952785]
- [net] macvlan: fix passthru mode race between dev removal and rx path 
(Jiri Pirko) [962370 952785]
- [kernel] rcu: Replace list_first_entry_rcu() with 
list_first_or_null_rcu() (Jiri Pirko) [962370 952785]
- [net] bluetooth/rfcomm: Fix missing msg_namelen update in 
rfcomm_sock_recvmsg() (Weiping Pan) [955653 955654] {CVE-2013-3225}
- [net] bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir 
Vrbovsky) [955603 955604] {CVE-2013-3224}
- [fs] gfs2: Issue discards in 512b sectors (Robert S Peterson) [927317 
922779]
- [fs] udf: avoid info leak on export (Nikola Pajkovsky) [922354 922355] 
{CVE-2012-6548}
- [scsi] lpfc: Fixed deadlock between hbalock and nlp_lock use (Rob 
Evers) [962368 960717]
- [kernel] tracing: Fix possible NULL pointer dereferences (Weiping Pan) 
[952212 952213] {CVE-2013-3301}
- [kernel] tracing: Fix panic when lseek() called on "trace" opened for 
writing (Weiping Pan) [952212 952213] {CVE-2013-3301}
- [net] atm: update msg_namelen in vcc_recvmsg() (Nikola Pajkovsky) 
[955224 955225] {CVE-2013-3222}
- [x86] apic: Work around boot failure on HP ProLiant DL980 G7 Server 
systems (Prarit Bhargava) [969326 912963]
- [x86] apic: Use probe routines to simplify apic selection (Prarit 
Bhargava) [969326 912963]
- [x86] x2apic: Simplify apic init in SMP and UP builds (Prarit 
Bhargava) [969326 912963]
- [kvm] vmx: provide the vmclear function and a bitmap to support 
VMCLEAR in kdump (Andrew Jones) [962372 908608]
- [x86] kexec: VMCLEAR VMCSs loaded on all cpus if necessary (Andrew 
Jones) [962372 908608]
- [fs] ext3: Fix format string issues (Nikola Pajkovsky) [920784 920785] 
{CVE-2013-1848}
- [kernel] signal: always clear sa_restorer on execve (Nikola Pajkovsky) 
[920505 920506] {CVE-2013-0914}

[2.6.32-358.12.1.el6]
- [fs] Panic in gfs2_inplace_reserve after fix from BZ#875753 (Robert S 
Peterson) [924847 922999]
- [nfs] sunrpc: Prevent an rpc_task wakeup race (Dave Wysochanski) 
[956979 840860]
- [nfs] sunrpc: clarify comments on rpc_make_runnable (Dave Wysochanski) 
[956979 840860]
- [x86] acpi: Avoid SRAT table checks for Fujitsu Primequest systems 
(Prarit Bhargava) [973198 966853]
- [x86] oprofile: Fix crash when unloading module in nmi timer mode (Don 
Zickus) [972586 828936]
- [block] propagate proper return codes from blk_get_request callers 
(Jeff Moyer) [958684 927918]
- [block] Check the return value from blk_get_request (Jeff Moyer) 
[958684 927918]
- [virt] kvm/mmu: fix hashing for TDP and non-paging modes (Marcelo 
Tosatti) [966432 908751]
- [virt] kvm/mmu: Fix free memory accounting race in mmu_alloc_roots() 
(Marcelo Tosatti) [966432 908751]
- [virt] kvm/mmu: Don't flush shadow when enabling dirty tracking 
(Marcelo Tosatti) [966432 908751]

More information about the El-errata mailing list