Oracle alert ELSA-2013-1213 (gdm, initscripts)

From:
    	     
 
Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 
To:
    	     
 
el-errata@oss.oracle.com 
Subject:
    	     
 
[El-errata] ELSA-2013-1213 Important: Oracle Linux 5 gdm security update 
Date:
    	     
 
Thu, 05 Sep 2013 23:17:12 -0700
Message-ID:
    	     
 
<52297368.9050702@oracle.com>
Archive-link:
    	     
 
Article, Thread
              
Oracle Linux Security Advisory ELSA-2013-1213

https://rhn.redhat.com/errata/RHSA-2013-1213.html


The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
gdm-2.16.0-59.0.1.el5_9.1.i386.rpm
gdm-docs-2.16.0-59.0.1.el5_9.1.i386.rpm
initscripts-8.45.42-2.0.1.el5_9.1.i386.rpm

x86_64:
gdm-2.16.0-59.0.1.el5_9.1.x86_64.rpm
gdm-docs-2.16.0-59.0.1.el5_9.1.x86_64.rpm
initscripts-8.45.42-2.0.1.el5_9.1.x86_64.rpm

ia64:
gdm-2.16.0-59.0.1.el5_9.1.ia64.rpm
gdm-docs-2.16.0-59.0.1.el5_9.1.ia64.rpm
initscripts-8.45.42-2.0.1.el5_9.1.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/gdm-2.16.0-59.0.1...
http://oss.oracle.com/ol5/SRPMS-updates/initscripts-8.45....



Description of changes:

gdm
[2.16.0-59.0.1.el5_9.1]
- Fix gdmconfig memory leaks [orabug 12734629]

[2.16.0-59.1]
- Don't try to pre-create directories that are internal
   implementation details of X.
   Resolves: #997619 CVE-2013-4169

initscripts
[8.45.42-2.0.1.el5_9.1]
- Do not rename eth devices. Orabug 14266688.
   Apply upstream patches:
   0001-Remove-reference-to-rename_device.patch
   0002-rename_device-dequote-DEVICE-eth0.patch
   0003-dont_try_to_rename_devices.patch
- change the ifup-eth and ifdown-eth script to use default leases file 
of dhclient. [Orabug 12434590]
- Update oracle-enterprise.patch to do detection on /etc/oracle-release
   and /etc/enterprise-release
- Patch x86_64 sysctl.conf as well as default sysctl.conf
- Patch sysctl.conf to default rp_filter to loose reverse path
   filtering (has no effect for pre-2.6.32 kernels) [orabug 10286227]
- Move hwclock into udev rules
- Update oracle-enterprise.patch to fix RedHat references in arch specific
   sysctl.conf files in source tarball
- Add oracle-enterprise.patch and update specfile
- Don't attempt to re-enslave already-enslaved devices (#455537) 
(pknirsch@redhat.com)

[8.45.42-2.1]
- create /tmp/.X11-unix in rc.sysinit (#997622, CVE-2013-4169)

[8.45.42-2]
- added missing "-p p" for kpartx in netfs (#844671)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata