| |||||||||||||||||||
Oracle alert ELSA-2012-0690 (kernel)
Oracle Linux Security Advisory ELSA-2012-0690 https://rhn.redhat.com/errata/RHSA-2012-0690.html The following updated rpms for Oracle Linux 5 have been uploaded to the Unbreakable Linux Network: i386: kernel-2.6.18-308.8.1.el5.i686.rpm kernel-PAE-2.6.18-308.8.1.el5.i686.rpm kernel-PAE-devel-2.6.18-308.8.1.el5.i686.rpm kernel-debug-2.6.18-308.8.1.el5.i686.rpm kernel-debug-devel-2.6.18-308.8.1.el5.i686.rpm kernel-devel-2.6.18-308.8.1.el5.i686.rpm kernel-doc-2.6.18-308.8.1.el5.noarch.rpm kernel-headers-2.6.18-308.8.1.el5.i386.rpm kernel-xen-2.6.18-308.8.1.el5.i686.rpm kernel-xen-devel-2.6.18-308.8.1.el5.i686.rpm x86_64: kernel-2.6.18-308.8.1.el5.x86_64.rpm kernel-debug-2.6.18-308.8.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-308.8.1.el5.x86_64.rpm kernel-devel-2.6.18-308.8.1.el5.x86_64.rpm kernel-doc-2.6.18-308.8.1.el5.noarch.rpm kernel-headers-2.6.18-308.8.1.el5.x86_64.rpm kernel-xen-2.6.18-308.8.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-308.8.1.el5.x86_64.rpm ia64: kernel-2.6.18-308.8.1.el5.ia64.rpm kernel-debug-2.6.18-308.8.1.el5.ia64.rpm kernel-debug-devel-2.6.18-308.8.1.el5.ia64.rpm kernel-devel-2.6.18-308.8.1.el5.ia64.rpm kernel-doc-2.6.18-308.8.1.el5.noarch.rpm kernel-headers-2.6.18-308.8.1.el5.ia64.rpm kernel-xen-2.6.18-308.8.1.el5.ia64.rpm kernel-xen-devel-2.6.18-308.8.1.el5.ia64.rpm SRPMS: http://oss.oracle.com/ol5/SRPMS-updates/kernel-2.6.18-308... The following packages were rebuilt to be in sync with the updated kernel version (no changes other than updating the version number): i386: oracleasm-2.6.18-308.8.1.el5-2.0.5-1.el5.i686.rpm oracleasm-2.6.18-308.8.1.el5PAE-2.0.5-1.el5.i686.rpm oracleasm-2.6.18-308.8.1.el5xen-2.0.5-1.el5.i686.rpm oracleasm-2.6.18-308.8.1.el5debug-2.0.5-1.el5.i686.rpm ocfs2-2.6.18-308.8.1.el5-1.4.9-1.el5.i686.rpm ocfs2-2.6.18-308.8.1.el5PAE-1.4.9-1.el5.i686.rpm ocfs2-2.6.18-308.8.1.el5xen-1.4.9-1.el5.i686.rpm ocfs2-2.6.18-308.8.1.el5debug-1.4.9-1.el5.i686.rpm x86_64: oracleasm-2.6.18-308.8.1.el5-2.0.5-1.el5.x86_64.rpm oracleasm-2.6.18-308.8.1.el5xen-2.0.5-1.el5.x86_64.rpm oracleasm-2.6.18-308.8.1.el5debug-2.0.5-1.el5.x86_64.rpm ocfs2-2.6.18-308.8.1.el5-1.4.9-1.el5.x86_64.rpm ocfs2-2.6.18-308.8.1.el5xen-1.4.9-1.el5.x86_64.rpm ocfs2-2.6.18-308.8.1.el5debug-1.4.9-1.el5.x86_64.rpm ia64: oracleasm-2.6.18-308.8.1.el5-2.0.5-1.el5.ia64.rpm oracleasm-2.6.18-308.8.1.el5xen-2.0.5-1.el5.ia64.rpm oracleasm-2.6.18-308.8.1.el5debug-2.0.5-1.el5.ia64.rpm ocfs2-2.6.18-308.8.1.el5-1.4.9-1.el5.ia64.rpm ocfs2-2.6.18-308.8.1.el5xen-1.4.9-1.el5.ia64.rpm ocfs2-2.6.18-308.8.1.el5debug-1.4.9-1.el5.ia64.rpm SRPMS: http://oss.oracle.com/el5/SRPMS-updates/oracleasm-2.6.18-... http://oss.oracle.com/el5/SRPMS-updates/ocfs2-2.6.18-308.... Users with Oracle Linux Premier Support can now use Ksplice to patch against this Security Advisory. We recommend that all users of Oracle Linux 5 install these updates. Users of Ksplice Uptrack can install these updates by running : # /usr/sbin/uptrack-upgrade -y On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any additional action. Description of changes: * CVE-2012-2136: Privilege escalation in TUN/TAP virtual device. The length of packet fragments to be sent wasn't validated before use, leading to heap overflow. A user having access to TUN/TAP virtual device could use this flaw to crash the system or to potentially escalate their privileges. [2.6.18-308.8.1.el5] - [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [816290 816106] {CVE-2012-2136} - [net] tg3: Fix VLAN tagging assignments (John Feeney) [817691 797011] - [net] ixgbe: do not stop stripping VLAN tags in promiscuous mode (Andy Gospodarek) [809791 804800] - [s390] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [810123 808489] - [x86] unwind information fix for the vsyscall DSO (Prarit Bhargava) [807930 805799] [2.6.18-308.7.1.el5] - [fs] epoll: Don't limit non-nested epoll paths (Jason Baron) [809380 804778] [2.6.18-308.6.1.el5] - [scsi] fc class: fix scanning when devs are offline (Mike Christie) [816684 799530] - [md] dm-multipath: delay retry of bypassed pg (Mike Christie) [816684 799530] - [net] bonding: properly unset current_arp_slave on slave link up (Veaceslav Falico) [811927 800575] - [net] bonding: remove {master,vlan}_ip and query devices instead (Andy Gospodarek) [810321 772216] [2.6.18-308.5.1.el5] - [scsi] skip sense logging for some ATA PASS-THROUGH cdbs (David Milburn) [807265 788777] _______________________________________________ El-errata mailing list El-errata@oss.oracle.com http://oss.oracle.com/mailman/listinfo/el-errata (Log in to post comments)
|
|||||||||||||||||||