[El-errata] ELSA-2015-0674 Important: Oracle Linux 6 kernel security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Mar 11 18:54:44 PDT 2015
Oracle Linux Security Advisory ELSA-2015-0674
http://linux.oracle.com/errata/ELSA-2015-0674.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
kernel-2.6.32-504.12.2.el6.i686.rpm
kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm
kernel-debug-2.6.32-504.12.2.el6.i686.rpm
kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm
kernel-devel-2.6.32-504.12.2.el6.i686.rpm
kernel-doc-2.6.32-504.12.2.el6.noarch.rpm
kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm
kernel-headers-2.6.32-504.12.2.el6.i686.rpm
perf-2.6.32-504.12.2.el6.i686.rpm
python-perf-2.6.32-504.12.2.el6.i686.rpm
x86_64:
kernel-2.6.32-504.12.2.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm
kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm
kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm
kernel-doc-2.6.32-504.12.2.el6.noarch.rpm
kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm
kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm
perf-2.6.32-504.12.2.el6.x86_64.rpm
python-perf-2.6.32-504.12.2.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-504.12.2.el6.src.rpm
Description of changes:
[2.6.32-504.12.2.el6]
- [infiniband] core: Prevent integer overflow in ib_umem_get address
arithmetic (Doug Ledford) [1181173 1179327] {CVE-2014-8159}
[2.6.32-504.12.1.el6]
- [fs] splice: perform generic write checks (Eric Sandeen) [1163798
1155900] {CVE-2014-7822}
[2.6.32-504.11.1.el6]
- [virt] kvm: excessive pages un-pinning in kvm_iommu_map error path
(Jacob Tanenbaum) [1156520 1156521] {CVE-2014-8369}
- [x86] crypto: Add support for 192 & 256 bit keys to AESNI RFC4106
(Jarod Wilson) [1184332 1176211]
- [block] nvme: Clear QUEUE_FLAG_STACKABLE (David Milburn) [1180555 1155715]
- [net] netfilter: conntrack: disable generic tracking for known
protocols (Daniel Borkmann) [1182071 1114697] {CVE-2014-8160}
- [xen] pvhvm: Fix vcpu hotplugging hanging (Vitaly Kuznetsov) [1179343
1164278]
- [xen] pvhvm: Don't point per_cpu(xen_vpcu, 33 and larger) to
shared_info (Vitaly Kuznetsov) [1179343 1164278]
- [xen] enable PVHVM VCPU placement when using more than 32 CPUs (Vitaly
Kuznetsov) [1179343 1164278]
- [xen] support large numbers of CPUs with vcpu info placement (Vitaly
Kuznetsov) [1179343 1164278]
[2.6.32-504.10.1.el6]
- [netdrv] tg3: Change nvram command timeout value to 50ms (Ivan Vecera)
[1182903 1176230]
[2.6.32-504.9.1.el6]
- [net] ipv6: increase ip6_rt_max_size to 16384 (Hannes Frederic Sowa)
[1177581 1112946]
- [net] ipv6: don't set DST_NOCOUNT for remotely added routes (Hannes
Frederic Sowa) [1177581 1112946]
- [net] ipv6: don't count addrconf generated routes against gc limit
(Hannes Frederic Sowa) [1177581 1112946]
- [net] ipv6: Don't put artificial limit on routing table size (Hannes
Frederic Sowa) [1177581 1112946]
- [scsi] bnx2fc: fix tgt spinlock locking (Maurizio Lombardi) [1179098
1079656]
More information about the El-errata
mailing list