[El-errata] ELSA-2015-3055 Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update

Sat Aug 1 18:02:13 PDT 2015

Oracle Linux Security Advisory ELSA-2015-3055

http://linux.oracle.com/errata/ELSA-2015-3055.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-uek-2.6.32-400.37.9.el6uek.i686.rpm
kernel-uek-debug-2.6.32-400.37.9.el6uek.i686.rpm
kernel-uek-debug-devel-2.6.32-400.37.9.el6uek.i686.rpm
kernel-uek-devel-2.6.32-400.37.9.el6uek.i686.rpm
kernel-uek-doc-2.6.32-400.37.9.el6uek.noarch.rpm
kernel-uek-firmware-2.6.32-400.37.9.el6uek.noarch.rpm
ofa-2.6.32-400.37.9.el6uek-1.5.1-4.0.58.i686.rpm
ofa-2.6.32-400.37.9.el6uekdebug-1.5.1-4.0.58.i686.rpm
mlnx_en-2.6.32-400.37.9.el6uek-1.5.7-0.1.i686.rpm
mlnx_en-2.6.32-400.37.9.el6uekdebug-1.5.7-0.1.i686.rpm

x86_64:
kernel-uek-firmware-2.6.32-400.37.9.el6uek.noarch.rpm
kernel-uek-doc-2.6.32-400.37.9.el6uek.noarch.rpm
kernel-uek-2.6.32-400.37.9.el6uek.x86_64.rpm
kernel-uek-devel-2.6.32-400.37.9.el6uek.x86_64.rpm
kernel-uek-debug-devel-2.6.32-400.37.9.el6uek.x86_64.rpm
kernel-uek-debug-2.6.32-400.37.9.el6uek.x86_64.rpm
ofa-2.6.32-400.37.9.el6uek-1.5.1-4.0.58.x86_64.rpm
ofa-2.6.32-400.37.9.el6uekdebug-1.5.1-4.0.58.x86_64.rpm
mlnx_en-2.6.32-400.37.9.el6uek-1.5.7-0.1.x86_64.rpm
mlnx_en-2.6.32-400.37.9.el6uekdebug-1.5.7-0.1.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.32-400.37.9.el6uek.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/ofa-2.6.32-400.37.9.el6uek-1.5.1-4.0.58.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/mlnx_en-2.6.32-400.37.9.el6uek-1.5.7-0.1.src.rpm

Description of changes:

kernel-uek
[2.6.32-400.37.9.el6uek]
- x86, tls: Interpret an all-zero struct user_desc as "no segment" (Andy 
Lutomirski)  [Orabug: 21518750] - x86, tls, ldt: Stop checking lm in 
LDT_empty (Andy Lutomirski)  [Orabug: 21518750]

[2.6.32-400.37.8.el6uek]
- KVM: x86: SYSENTER emulation is broken (Nadav Amit)  [Orabug: 
21502741]  {CVE-2015-0239} {CVE-2015-0239}
- x86/tls: Validate TLS entries to protect espfix (Andy Lutomirski) 
[Orabug: 20223778]  {CVE-2014-8133}
- fs: take i_mutex during prepare_binprm for set[ug]id executables (Jann 
Horn)  [Orabug: 21502256]  {CVE-2015-3339}
- eCryptfs: Remove buggy and unnecessary write in file name decode 
routine (Michael Halcrow)  [Orabug: 21502067]  {CVE-2014-9683}