[El-errata] ELSA-2014-3081 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Fri Oct 17 21:15:38 PDT 2014
Oracle Linux Security Advisory ELSA-2014-3081
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-firmware-3.8.13-44.1.3.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-44.1.3.el7uek.noarch.rpm
kernel-uek-3.8.13-44.1.3.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-44.1.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-44.1.3.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-44.1.3.el7uek.x86_64.rpm
dtrace-modules-3.8.13-44.1.3.el7uek-0.4.3-4.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-44.1.3.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-44.1.3.el7uek-0.4.3-4.el7.src.rpm
Description of changes:
kernel-uek
[3.8.13-44.1.3.el7uek]
- ALSA: control: Don't access controls outside of protected regions
(Lars-Peter Clausen) [Orabug: 19817785] {CVE-2014-4653}
{CVE-2014-4654} {CVE-2014-4655}
- ALSA: control: Fix replacing user controls (Lars-Peter Clausen)
[Orabug: 19817747] {CVE-2014-4653} {CVE-2014-4654} {CVE-2014-4655}
- kvm: iommu: fix the third parameter of kvm_iommu_put_pages
(CVE-2014-3601) (Michael S. Tsirkin) [Orabug: 19817646] {CVE-2014-3601}
- net: sctp: inherit auth_capable on INIT collisions (Daniel Borkmann)
[Orabug: 19816067] {CVE-2014-5077}
[3.8.13-44.1.2.el7uek]
- CVE-2014-3535: NULL pointer dereference in VxLAN packet logging.
(Sasha Levin) [Orabug: 19613139]
More information about the El-errata
mailing list