[El-errata] ELSA-2017-3200 Important: Oracle Linux 6 kernel security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Nov 15 21:01:46 PST 2017
Oracle Linux Security Advisory ELSA-2017-3200
http://linux.oracle.com/errata/ELSA-2017-3200.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
kernel-2.6.32-696.16.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-696.16.1.el6.noarch.rpm
kernel-debug-2.6.32-696.16.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.16.1.el6.i686.rpm
kernel-devel-2.6.32-696.16.1.el6.i686.rpm
kernel-doc-2.6.32-696.16.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.16.1.el6.noarch.rpm
kernel-headers-2.6.32-696.16.1.el6.i686.rpm
perf-2.6.32-696.16.1.el6.i686.rpm
python-perf-2.6.32-696.16.1.el6.i686.rpm
x86_64:
kernel-2.6.32-696.16.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-696.16.1.el6.noarch.rpm
kernel-debug-2.6.32-696.16.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-696.16.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.16.1.el6.x86_64.rpm
kernel-devel-2.6.32-696.16.1.el6.x86_64.rpm
kernel-doc-2.6.32-696.16.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.16.1.el6.noarch.rpm
kernel-headers-2.6.32-696.16.1.el6.x86_64.rpm
perf-2.6.32-696.16.1.el6.x86_64.rpm
python-perf-2.6.32-696.16.1.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-696.16.1.el6.src.rpm
Description of changes:
[2.6.32-696.16.1.el6.OL6]
- Update genkey [bug 25599697]
[2.6.32-696.16.1.el6]
- [net] packet: fix tp_reserve race in packet_set_ring (Stefano Brivio)
[1481941 1481943] {CVE-2017-1000111}
- [net] packet: fix overflow in check for tp_frame_nr (Stefano Brivio)
[1481941 1481943] {CVE-2017-1000111}
- [net] packet: fix overflow in check for tp_reserve (Stefano Brivio)
[1481941 1481943] {CVE-2017-1000111}
- [netdrv] sfc: tx ring can only have 2048 entries for all EF10 NICs
(Jarod Wilson) [1498019 1441773]
- [fs] sunrpc: always treat the invalid cache as unexpired (Thiago
Becker) [1497976 1477288]
- [fs] sunrpc: xpt_auth_cache should be ignored when expired (Thiago
Becker) [1497976 1477288]
- [net] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Davide
Caratti) [1488344 1488340] {CVE-2017-14106}
- [net] tcp: fix 0 divide in __tcp_select_window() (Davide Caratti)
[1488344 1488340] {CVE-2017-14106}
- [scsi] lpfc: fix "integer constant too large" error on 32bit archs
(Maurizio Lombardi) [1487220 1441169]
- [scsi] lpfc: version 11.0.1.6 is 11.0.0.6 with no_hba_reset patches
(Maurizio Lombardi) [1487220 1441169]
- [scsi] lpfc: Vport creation is failing with "Link Down" error
(Maurizio Lombardi) [1487220 1441169]
- [scsi] lpfc: Fix panic on BFS configuration (Maurizio Lombardi)
[1487220 1441169]
- [scsi] lpfc: Fix eh_deadline setting for sli3 adapters (Maurizio
Lombardi) [1487220 1441169]
- [scsi] lpfc: Correct panics with eh_timeout and eh_deadline (Maurizio
Lombardi) [1487220 1441169]
- [net] udp: consistently apply ufo or fragmentation (Davide Caratti)
[1481532 1481529] {CVE-2017-1000112}
- [net] ipv6: Should use consistent conditional judgement for ip6
fragment between __ip6_append_data and ip6_finish_output (Davide
Caratti) [1481532 1481529] {CVE-2017-1000112}
- [net] ipv4: Should use consistent conditional judgement for ip
fragment in __ip_append_data and ip_finish_output (Davide Caratti)
[1481532 1481529] {CVE-2017-1000112}
[2.6.32-696.15.1.el6]
- [fs] binfmt_elf.c:load_elf_binary(): return -EINVAL on zero-length
mappings (Petr Matousek) [1492959 1492961] {CVE-2017-1000253}
- [fs] binfmt_elf.c: fix bug in loading of PIE binaries (Petr Matousek)
[1492959 1492961] {CVE-2017-1000253}
[2.6.32-696.14.1.el6]
- [fs] nfs: don't disconnect open-owner on NFS4ERR_BAD_SEQID (Dave
Wysochanski) [1491123 1459636]
- [net] l2cap: prevent stack overflow on incoming bluetooth packet (Neil
Horman) [1490060 1490062] {CVE-2017-1000251}
More information about the El-errata
mailing list