[El-errata] ELSA-2014-0285 Important: Oracle Linux 5 kernel security, bug fix, and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Mar 13 13:33:24 PDT 2014
Oracle Linux Security Advisory ELSA-2014-0285
https://rhn.redhat.com/errata/RHSA-2014-0285.html
The following updated rpms for Oracle Linux 5 have been uploaded to the
Unbreakable Linux Network:
i386:
kernel-2.6.18-371.6.1.el5.i686.rpm
kernel-PAE-2.6.18-371.6.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-debug-2.6.18-371.6.1.el5.i686.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-doc-2.6.18-371.6.1.el5.noarch.rpm
kernel-headers-2.6.18-371.6.1.el5.i386.rpm
kernel-xen-2.6.18-371.6.1.el5.i686.rpm
kernel-xen-devel-2.6.18-371.6.1.el5.i686.rpm
x86_64:
kernel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debug-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-devel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-doc-2.6.18-371.6.1.el5.noarch.rpm
kernel-headers-2.6.18-371.6.1.el5.x86_64.rpm
kernel-xen-2.6.18-371.6.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-371.6.1.el5.x86_64.rpm
ia64:
kernel-2.6.18-371.6.1.el5.ia64.rpm
kernel-debug-2.6.18-371.6.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.ia64.rpm
kernel-devel-2.6.18-371.6.1.el5.ia64.rpm
kernel-doc-2.6.18-371.6.1.el5.noarch.rpm
kernel-headers-2.6.18-371.6.1.el5.ia64.rpm
kernel-xen-2.6.18-371.6.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-371.6.1.el5.ia64.rpm
SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/kernel-2.6.18-371.6.1.el5.src.rpm
The following packages were rebuilt to be in sync with the updated
kernel version (no changes other than updating the version number):
i386:
oracleasm-2.6.18-371.6.1.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-371.6.1.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-371.6.1.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-371.6.1.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-371.6.1.el5-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-371.6.1.el5PAE-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-371.6.1.el5xen-1.4.10-1.el5.i686.rpm
ocfs2-2.6.18-371.6.1.el5debug-1.4.10-1.el5.i686.rpm
x86_64:
oracleasm-2.6.18-371.6.1.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-371.6.1.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-371.6.1.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-371.6.1.el5-1.4.10-1.el5.x86_64.rpm
ocfs2-2.6.18-371.6.1.el5xen-1.4.10-1.el5.x86_64.rpm
ocfs2-2.6.18-371.6.1.el5debug-1.4.10-1.el5.x86_64.rpm
ia64:
oracleasm-2.6.18-371.6.1.el5-2.0.5-1.el5.ia64.rpm
oracleasm-2.6.18-371.6.1.el5xen-2.0.5-1.el5.ia64.rpm
oracleasm-2.6.18-371.6.1.el5debug-2.0.5-1.el5.ia64.rpm
ocfs2-2.6.18-371.6.1.el5-1.4.10-1.el5.ia64.rpm
ocfs2-2.6.18-371.6.1.el5xen-1.4.10-1.el5.ia64.rpm
ocfs2-2.6.18-371.6.1.el5debug-1.4.10-1.el5.ia64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-371.6.1.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-371.6.1.el5-1.4.10-1.el5.src.rpm
Description of changes:
kernel
[2.6.18-371.6.1.el5]
- [net] be2net: don't use skb_get_queue_mapping() (Ivan Vecera) [1066302
1063955]
- [ipc] change refcount to atomic_t (Phillip Lougher) [1024866 1024868]
{CVE-2013-4483}
- [s390] qeth: buffer overflow in snmp ioctl (Jacob Tanenbaum) [1034402
1034404] {CVE-2013-6381}
- [scsi] AACRAID Driver compat IOCTL missing capability check (Jacob
Tanenbaum) [1033531 1033532] {CVE-2013-6383}
- [xen] x86/AMD: work around erratum 793 (Radim Krcmar) [1035834
1035836] {CVE-2013-6885}
- [xen] do not expose hypercalls to rings 1 and 2 of HVM guests (Andrew
Jones) [1029112 1029113] {CVE-2013-4554}
- [redhat] kabi: Adding symbol print_hex_dump (Jiri Olsa) [1054055 662558]
- [scsi] Add 'eh_deadline' to limit SCSI EH runtime (Ewan Milne)
[1050097 956132]
- [scsi] remove check for 'resetting' (Ewan Milne) [1050097 956132]
- [scsi] dc395: Move 'last_reset' into internal host structure (Ewan
Milne) [1050097 956132]
- [scsi] tmscsim: Move 'last_reset' into host structure (Ewan Milne)
[1050097 956132]
- [scsi] advansys: Remove 'last_reset' references (Ewan Milne) [1050097
956132]
- [scsi] dpt_i2o: return SCSI_MLQUEUE_HOST_BUSY when in reset (Ewan
Milne) [1050097 956132]
- [scsi] dpt_i2o: Remove DPTI_STATE_IOCTL (Ewan Milne) [1050097 956132]
- [net] ipv6: fix leaking uninit port number of offender sockaddr
(Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265
CVE-2013-7281 CVE-2013-7263}
- [net] fix addr_len/msg->msg_namelen assign in recv_error funcs
(Florian Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265
CVE-2013-7281 CVE-2013-7263}
- [net] prevent leakage of uninitialized memory to user in recv (Florian
Westphal) [1035880 1035881] {CVE-2013-7264 CVE-2013-7265 CVE-2013-7281
CVE-2013-7263}
- [net] be2net: prevent Tx stall on SH-R when packet size < 32 (Ivan
Vecera) [1051535 1007995]
- [net] be2net: Trim padded packets for Lancer (Ivan Vecera) [1051535
1007995]
- [net] be2net: Pad skb to meet min Tx pkt size in lancer (Ivan Vecera)
[1051535 1007995]
- [net] be2net: refactor HW workarounds in be_xmit() (Ivan Vecera)
[1051535 1007995]
- [fs] exec/ptrace: fix get_dumpable() incorrect tests (Petr Oros)
[1039483 1039484] {CVE-2013-2929}
[2.6.18-371.5.1.el5]
- [fs] cifs: stop trying to use virtual circuits (Sachin Prabhu)
[1044328 1013469]
More information about the El-errata
mailing list