[El-errata] ELSA-2009-0264 Important: Enterprise Linux 5 kernel security update

Wed Feb 11 16:31:43 PST 2009

Enterprise Linux Security Advisory ELSA-2009-0264

https://rhn.redhat.com/errata/RHSA-2009-0264.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
kernel-2.6.18-128.1.1.0.1.el5.i686.rpm
kernel-PAE-2.6.18-128.1.1.0.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-128.1.1.0.1.el5.i686.rpm
kernel-debug-2.6.18-128.1.1.0.1.el5.i686.rpm
kernel-debug-devel-2.6.18-128.1.1.0.1.el5.i686.rpm
kernel-devel-2.6.18-128.1.1.0.1.el5.i686.rpm
kernel-doc-2.6.18-128.1.1.0.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.1.0.1.el5.i386.rpm
kernel-xen-2.6.18-128.1.1.0.1.el5.i686.rpm
kernel-xen-devel-2.6.18-128.1.1.0.1.el5.i686.rpm

x86_64:
kernel-2.6.18-128.1.1.0.1.el5.x86_64.rpm
kernel-debug-2.6.18-128.1.1.0.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-128.1.1.0.1.el5.x86_64.rpm
kernel-devel-2.6.18-128.1.1.0.1.el5.x86_64.rpm
kernel-doc-2.6.18-128.1.1.0.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.1.0.1.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.1.0.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.1.0.1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/kernel-2.6.18-128.1.1.0.1.el5.src.rpm

The following packages were rebuilt to be in sync with the updated 
kernel version (no changes other than updating the version number):

i386:
oracleasm-2.6.18-128.1.1.0.1.el5-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.1.0.1.el5PAE-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.1.0.1.el5xen-2.0.5-1.el5.i686.rpm
oracleasm-2.6.18-128.1.1.0.1.el5debug-2.0.5-1.el5.i686.rpm
ocfs2-2.6.18-128.1.1.0.1.el5-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.1.0.1.el5PAE-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.1.0.1.el5xen-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.1.0.1.el5debug-1.2.9-1.el5.i686.rpm
ocfs2-2.6.18-128.1.1.0.1.el5-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.1.0.1.el5PAE-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.1.0.1.el5xen-1.4.1-1.el5.i686.rpm
ocfs2-2.6.18-128.1.1.0.1.el5debug-1.4.1-1.el5.i686.rpm

x86_64:
oracleasm-2.6.18-128.1.1.0.1.el5-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-128.1.1.0.1.el5xen-2.0.5-1.el5.x86_64.rpm
oracleasm-2.6.18-128.1.1.0.1.el5debug-2.0.5-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.1.0.1.el5-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.1.0.1.el5xen-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.1.0.1.el5debug-1.2.9-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.1.0.1.el5-1.4.1-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.1.0.1.el5xen-1.4.1-1.el5.x86_64.rpm
ocfs2-2.6.18-128.1.1.0.1.el5debug-1.4.1-1.el5.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-128.1.1.0.1.el5-2.0.5-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-128.1.1.0.1.el5-1.2.9-1.el5.src.rpm
http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-128.1.1.0.1.el5-1.4.1-1.el5.src.rpm

Description of changes:

[2.6.18-128.1.1.0.1.el5]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru 
Anbalagane) [orabug 6045759]
- [MM]  shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- [NET] Add xen pv/bonding  netconsole support (Tina yang) [orabug 
6993043] [bz 7258]
- [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332]

[2.6.18-128.1.1.el5]
- [security] introduce missing kfree (Jiri Pirko ) [480597 480598] 
{CVE-2009-0031}
- [sched] fix clock_gettime monotonicity (Peter Zijlstra ) [481122 477763]
- [nfs] create rpc clients with proper auth flavor (Jeff Layton ) 
[481119 465456]
- [net] sctp: overflow with bad stream ID in FWD-TSN chunk (Eugene Teo ) 
[478804 478805] {CVE-2009-0065}
- [md] fix oops with device-mapper mirror target (Heinz Mauelshagen ) 
[481120 472558]
- [openib] restore traffic in connected mode on HCA (AMEET M. PARANJAPE 
) [479812 477000]
- [net] add preemption point in qdisc_run (Jiri Pirko ) [477746 471398] 
{CVE-2008-5713}
- [x86_64] copy_user_c assembler can leave garbage in rsi (Larry Woodman 
) [481117 456682]
- [misc] setpgid returns ESRCH in some situations (Oleg Nesterov ) 
[480576 472433]
- [s390] zfcp: fix hexdump data in s390dbf traces (Hans-Joachim Picht ) 
[480996 470618]
- [fs] hfsplus: fix buffer overflow with a corrupted image (Anton Arapov 
) [469637 469638] {CVE-2008-4933}
- [fs] hfsplus: check read_mapping_page return value (Anton Arapov ) 
[469644 469645] {CVE-2008-4934}
- [fs] hfs: fix namelength memory corruption (Anton Arapov ) [470772 
470773] {CVE-2008-5025}