[El-errata] ELSA-2015-0674 Important: Oracle Linux 6 kernel security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Mar 11 18:54:44 PDT 2015


Oracle Linux Security Advisory ELSA-2015-0674

http://linux.oracle.com/errata/ELSA-2015-0674.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-2.6.32-504.12.2.el6.i686.rpm
kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm
kernel-debug-2.6.32-504.12.2.el6.i686.rpm
kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm
kernel-devel-2.6.32-504.12.2.el6.i686.rpm
kernel-doc-2.6.32-504.12.2.el6.noarch.rpm
kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm
kernel-headers-2.6.32-504.12.2.el6.i686.rpm
perf-2.6.32-504.12.2.el6.i686.rpm
python-perf-2.6.32-504.12.2.el6.i686.rpm

x86_64:
kernel-2.6.32-504.12.2.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm
kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm
kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm
kernel-doc-2.6.32-504.12.2.el6.noarch.rpm
kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm
kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm
perf-2.6.32-504.12.2.el6.x86_64.rpm
python-perf-2.6.32-504.12.2.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-504.12.2.el6.src.rpm


Description of changes:

[2.6.32-504.12.2.el6]
- [infiniband] core: Prevent integer overflow in ib_umem_get address 
arithmetic (Doug Ledford) [1181173 1179327] {CVE-2014-8159}

[2.6.32-504.12.1.el6]
- [fs] splice: perform generic write checks (Eric Sandeen) [1163798 
1155900] {CVE-2014-7822}

[2.6.32-504.11.1.el6]
- [virt] kvm: excessive pages un-pinning in kvm_iommu_map error path 
(Jacob Tanenbaum) [1156520 1156521] {CVE-2014-8369}
- [x86] crypto: Add support for 192 & 256 bit keys to AESNI RFC4106 
(Jarod Wilson) [1184332 1176211]
- [block] nvme: Clear QUEUE_FLAG_STACKABLE (David Milburn) [1180555 1155715]
- [net] netfilter: conntrack: disable generic tracking for known 
protocols (Daniel Borkmann) [1182071 1114697] {CVE-2014-8160}
- [xen] pvhvm: Fix vcpu hotplugging hanging (Vitaly Kuznetsov) [1179343 
1164278]
- [xen] pvhvm: Don't point per_cpu(xen_vpcu, 33 and larger) to 
shared_info (Vitaly Kuznetsov) [1179343 1164278]
- [xen] enable PVHVM VCPU placement when using more than 32 CPUs (Vitaly 
Kuznetsov) [1179343 1164278]
- [xen] support large numbers of CPUs with vcpu info placement (Vitaly 
Kuznetsov) [1179343 1164278]

[2.6.32-504.10.1.el6]
- [netdrv] tg3: Change nvram command timeout value to 50ms (Ivan Vecera) 
[1182903 1176230]

[2.6.32-504.9.1.el6]
- [net] ipv6: increase ip6_rt_max_size to 16384 (Hannes Frederic Sowa) 
[1177581 1112946]
- [net] ipv6: don't set DST_NOCOUNT for remotely added routes (Hannes 
Frederic Sowa) [1177581 1112946]
- [net] ipv6: don't count addrconf generated routes against gc limit 
(Hannes Frederic Sowa) [1177581 1112946]
- [net] ipv6: Don't put artificial limit on routing table size (Hannes 
Frederic Sowa) [1177581 1112946]
- [scsi] bnx2fc: fix tgt spinlock locking (Maurizio Lombardi) [1179098 
1079656]





More information about the El-errata mailing list