Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Enterprise Watch List (http://www.linux-archive.org/enterprise-watch-list/)
-   -   Moderate: kernel security and bug fix update (http://www.linux-archive.org/enterprise-watch-list/441815-moderate-kernel-security-bug-fix-update.html)

10-19-2010 07:04 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2010:0779-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0779.html
Issue date: 2010-10-19
CVE Names: CVE-2010-2942 CVE-2010-3067 CVE-2010-3477
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Information leak flaws were found in the Linux kernel Traffic Control
Unit implementation. A local attacker could use these flaws to cause the
kernel to leak kernel memory to user-space, possibly leading to the
disclosure of sensitive information. (CVE-2010-2942, Moderate)

* A flaw was found in the tcf_act_police_dump() function in the Linux
kernel network traffic policing implementation. A data structure in
tcf_act_police_dump() was not initialized properly before being copied to
user-space. A local, unprivileged user could use this flaw to cause an
information leak. (CVE-2010-3477, Moderate)

* A missing upper bound integer check was found in the sys_io_submit()
function in the Linux kernel asynchronous I/O implementation. A local,
unprivileged user could use this flaw to cause an information leak.
(CVE-2010-3067, Low)

Red Hat would like to thank Tavis Ormandy for reporting CVE-2010-3067.

This update also fixes the following bugs:

* When two systems using bonding devices in the adaptive load balancing
(ALB) mode communicated with each other, an endless loop of ARP replies
started between these two systems due to a faulty MAC address update. With
this update, the MAC address update no longer creates unneeded ARP replies.
(BZ#629239)

* When running the Connectathon NFS Testsuite with certain clients and Red
Hat Enterprise Linux 4.8 as the server, nfsvers4, lock, and test2 failed
the Connectathon test. (BZ#625535)

* For UDP/UNIX domain sockets, due to insufficient memory barriers in the
network code, a process sleeping in select() may have missed notifications
about new data. In rare cases, this bug may have caused a process to sleep
forever. (BZ#640117)

* In certain situations, a bug found in either the HTB or TBF network
packet schedulers in the Linux kernel could have caused a kernel panic when
using Broadcom network cards with the bnx2 driver. (BZ#624363)

* Previously, allocating fallback cqr for DASD reserve/release IOCTLs
failed because it used the memory pool of the respective device. This
update preallocates sufficient memory for a single reserve/release request.
(BZ#626828)

* In some situations a bug prevented "force online" succeeding for a DASD
device. (BZ#626827)

* Using the "fsstress" utility may have caused a kernel panic. (BZ#633968)

* This update introduces additional stack guard patches. (BZ#632515)

* A bug was found in the way the megaraid_sas driver handled physical disks
and management IOCTLs. All physical disks were exported to the disk layer,
allowing an oops in megasas_complete_cmd_dpc() when completing the IOCTL
command if a timeout occurred. (BZ#631903)

* Previously, a warning message was returned when a large amount of
messages was passed through netconsole and a considerable amount of network
load was added. With this update, the warning message is no longer
displayed. (BZ#637729)

* Executing a large "dd" command (1 to 5GB) on an iSCSI device with the
qla3xxx driver caused a system crash due to the incorrect storing of a
private data structure. With this update, the size of the stored data
structure is checked and the system crashes no longer occur. (BZ#624364)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

624363 - bnx2: panic in bnx2_poll_work() [rhel-4.8.z]
624364 - system crashes due to corrupt net_device_wrapper structure [rhel-4.8.z]
624903 - CVE-2010-2942 kernel: net sched: fix some kernel memory leaks
625535 - [Kernel] cthon nfsvers4, lock, test2 failing with rhel6 client vs. rhel4 server [rhel-4.8.z]
626827 - dasd: force online does not work. [rhel-4.8.z]
626828 - dasd: allocate fallback cqr for reserve/release [rhel-4.8.z]
629239 - [4u8] Bonding in ALB mode sends ARP in loop [rhel-4.8.z]
629441 - CVE-2010-3067 kernel: do_io_submit() infoleak
631903 - megaraid_sas: fix physical disk handling [rhel-4.8.z]
632515 - kernel: additional stack guard patches [rhel-4.9] [rhel-4.8.z]
633968 - kernel BUG at fs/mpage.c:417! [rhel-4.8.z]
636386 - CVE-2010-3477 kernel: net/sched/act_police.c infoleak
637729 - netconsole on e1000 cause "Badness in local_bh_enable at kernel/softirq.c:141" [rhel-4.8.z]
640117 - [RHEL4.5] select() cannot return in UDP/UNIX domain socket [rhel-4.8.z]

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.31.1.EL.src.rpm

i386:
kernel-2.6.9-89.31.1.EL.i686.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.i686.rpm
kernel-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-hugemem-2.6.9-89.31.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-smp-2.6.9-89.31.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-xenU-2.6.9-89.31.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.31.1.EL.i686.rpm

ia64:
kernel-2.6.9-89.31.1.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.ia64.rpm
kernel-devel-2.6.9-89.31.1.EL.ia64.rpm
kernel-largesmp-2.6.9-89.31.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.31.1.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.31.1.EL.noarch.rpm

ppc:
kernel-2.6.9-89.31.1.EL.ppc64.rpm
kernel-2.6.9-89.31.1.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.ppc64.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.ppc64iseries.rpm
kernel-devel-2.6.9-89.31.1.EL.ppc64.rpm
kernel-devel-2.6.9-89.31.1.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-89.31.1.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-89.31.1.EL.ppc64.rpm

s390:
kernel-2.6.9-89.31.1.EL.s390.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.s390.rpm
kernel-devel-2.6.9-89.31.1.EL.s390.rpm

s390x:
kernel-2.6.9-89.31.1.EL.s390x.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.s390x.rpm
kernel-devel-2.6.9-89.31.1.EL.s390x.rpm

x86_64:
kernel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.31.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.31.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.31.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.31.1.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.31.1.EL.src.rpm

i386:
kernel-2.6.9-89.31.1.EL.i686.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.i686.rpm
kernel-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-hugemem-2.6.9-89.31.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-smp-2.6.9-89.31.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-xenU-2.6.9-89.31.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.31.1.EL.i686.rpm

noarch:
kernel-doc-2.6.9-89.31.1.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.31.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.31.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.31.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.31.1.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.31.1.EL.src.rpm

i386:
kernel-2.6.9-89.31.1.EL.i686.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.i686.rpm
kernel-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-hugemem-2.6.9-89.31.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-smp-2.6.9-89.31.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-xenU-2.6.9-89.31.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.31.1.EL.i686.rpm

ia64:
kernel-2.6.9-89.31.1.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.ia64.rpm
kernel-devel-2.6.9-89.31.1.EL.ia64.rpm
kernel-largesmp-2.6.9-89.31.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.31.1.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.31.1.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.31.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.31.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.31.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.31.1.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.31.1.EL.src.rpm

i386:
kernel-2.6.9-89.31.1.EL.i686.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.i686.rpm
kernel-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-hugemem-2.6.9-89.31.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-smp-2.6.9-89.31.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.31.1.EL.i686.rpm
kernel-xenU-2.6.9-89.31.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.31.1.EL.i686.rpm

ia64:
kernel-2.6.9-89.31.1.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.ia64.rpm
kernel-devel-2.6.9-89.31.1.EL.ia64.rpm
kernel-largesmp-2.6.9-89.31.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.31.1.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.31.1.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.31.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.31.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.31.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.31.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.31.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.31.1.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-2942.html
https://www.redhat.com/security/data/cve/CVE-2010-3067.html
https://www.redhat.com/security/data/cve/CVE-2010-3477.html
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFMvesoXlSAg2UNWIIRAnzVAKC7XGzFKtYbNoPaQ2i26h cM48Iq5wCfewaW
6q9Yrvvd5v3MSK6utOEmrh0=
=Y4e3
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

11-09-2010 05:11 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2010:0839-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0839.html
Issue date: 2010-11-09
CVE Names: CVE-2010-3066 CVE-2010-3067 CVE-2010-3078
CVE-2010-3086 CVE-2010-3477
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* A NULL pointer dereference flaw was found in the io_submit_one() function
in the Linux kernel asynchronous I/O implementation. A local, unprivileged
user could use this flaw to cause a denial of service. (CVE-2010-3066,
Moderate)

* A flaw was found in the xfs_ioc_fsgetxattr() function in the Linux kernel
XFS file system implementation. A data structure in xfs_ioc_fsgetxattr()
was not initialized properly before being copied to user-space. A local,
unprivileged user could use this flaw to cause an information leak.
(CVE-2010-3078, Moderate)

* The exception fixup code for the __futex_atomic_op1, __futex_atomic_op2,
and futex_atomic_cmpxchg_inatomic() macros replaced the LOCK prefix with a
NOP instruction. A local, unprivileged user could use this flaw to cause a
denial of service. (CVE-2010-3086, Moderate)

* A flaw was found in the tcf_act_police_dump() function in the Linux
kernel network traffic policing implementation. A data structure in
tcf_act_police_dump() was not initialized properly before being copied to
user-space. A local, unprivileged user could use this flaw to cause an
information leak. (CVE-2010-3477, Moderate)

* A missing upper bound integer check was found in the sys_io_submit()
function in the Linux kernel asynchronous I/O implementation. A local,
unprivileged user could use this flaw to cause an information leak.
(CVE-2010-3067, Low)

Red Hat would like to thank Tavis Ormandy for reporting CVE-2010-3066,
CVE-2010-3086, and CVE-2010-3067, and Dan Rosenberg for reporting
CVE-2010-3078.

This update also fixes several bugs. Documentation for these bug fixes will
be available shortly from the Technical Notes document linked to in the
References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

619365 - [LSI 5.6 feat] update megaraid_sas to version 4.31 [rhel-5.5.z]
628889 - [NetApp 5.6 bug] RHEL NFS clients disconnected from NetApp NFSv4 shares with: v4 server returned a bad sequence-id error! [rhel-5.5.z]
629241 - kernel: thinkpad-acpi: lock down video output state access [rhel-5.5.z]
629441 - CVE-2010-3067 kernel: do_io_submit() infoleak
629861 - Reserve PNP enumerated system board iomem resources [rhel-5.5.z]
630540 - [RHEL5.5] soft lockup on vlan with bonding in balance-alb mode [rhel-5.5.z]
630804 - CVE-2010-3078 kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak
630989 - HVM guest w/ UP and PV driver hangs after live migration or suspend/resume [rhel-5.5.z]
631716 - CVE-2010-3066 kernel: io_submit_one() NULL ptr deref
632255 - RHEVH - Vdsm - Storage: lvextend fails during VMs intensive power up [rhel-5.5.z]
633170 - CVE-2010-3086 kernel panic via futex
634976 - icmpmsg_put() in kernel writes beyond array bounds, leading to junk in /proc/net/snmp and memory corruption [rhel-5.5.z]
634977 - Spinning up disk for device on standby path causing long boot up [rhel-5.5.z]
636386 - CVE-2010-3477 kernel: net/sched/act_police.c infoleak
637069 - time drift with VXTIME_PMTMR mode in case of early / short real ticks [rhel-5.5.z]
637206 - system crashes due to corrupt net_device_wrapper structure [rhel-5.5.z]
637220 - [RHEL5 IA64 XEN] netfront driver: alloc_dev: Private data too big. [rhel-5.5.z]
637727 - lpfc ioctl crash in lpfc_nlp_put() [rhel-5.5.z]
638579 - dasd: fix race between tasklet and dasd_sleep_on [rhel-5.5.z]
638866 - [5.5] a race in pid generation that causes pids to be reused immediately. [rhel-5.5.z]
639073 - GFS1 vs GFS2 performance issue [rhel-5.5.z]
640973 - Bonded interface doesn't issue IGMP report (join) on slave interface during failover [rhel-5.5.z]
641915 - backward time drift in RHEL4, 5, and 6 Xen HVM guests that use PM timer / bug in hypervisor routine pmt_update_time() [rhel-5.5.z]
642465 - CVE-2010-2963 kernel: v4l: VIDIOCSMICROCODE arbitrary write
642470 - CVE-2010-2963 kernel: v4l: VIDIOCSMICROCODE arbitrary write [rhel-5.5.z]
642628 - [5.6 FEAT] NFSv4 remove does not wait for close. Silly rename [rhel-5.5.z]
643135 - [NetApp/QLogic 5.5.z bug] Kernel panic hit on RHEL 5.5 QLogic FC host at qla2x00_abort_fcport_cmds [rhel-5.5.z]
643571 - [EMC 5.6 bug] severe fragmentation with xfs file system [rhel-5.5.z]
643806 - Add OFED-1.5.2 patch to increase log_mtts_per_seg for 5.5z-stream [rhel-5.5.z]
644822 - 802.3ad link aggregation won't work with newer (2.6.194-8.1.el5) kernel and ixgbe driver [rhel-5.5.z]
647601 - Direct IO write to a file on an nfs mount does not work [rhel-5.5.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-194.26.1.el5.src.rpm

i386:
kernel-2.6.18-194.26.1.el5.i686.rpm
kernel-PAE-2.6.18-194.26.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-194.26.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-194.26.1.el5.i686.rpm
kernel-debug-2.6.18-194.26.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-194.26.1.el5.i686.rpm
kernel-debug-devel-2.6.18-194.26.1.el5.i686.rpm
kernel-debuginfo-2.6.18-194.26.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-194.26.1.el5.i686.rpm
kernel-devel-2.6.18-194.26.1.el5.i686.rpm
kernel-headers-2.6.18-194.26.1.el5.i386.rpm
kernel-xen-2.6.18-194.26.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-194.26.1.el5.i686.rpm
kernel-xen-devel-2.6.18-194.26.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-194.26.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debug-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-194.26.1.el5.x86_64.rpm
kernel-devel-2.6.18-194.26.1.el5.x86_64.rpm
kernel-headers-2.6.18-194.26.1.el5.x86_64.rpm
kernel-xen-2.6.18-194.26.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-194.26.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-194.26.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-194.26.1.el5.src.rpm

i386:
kernel-2.6.18-194.26.1.el5.i686.rpm
kernel-PAE-2.6.18-194.26.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-194.26.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-194.26.1.el5.i686.rpm
kernel-debug-2.6.18-194.26.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-194.26.1.el5.i686.rpm
kernel-debug-devel-2.6.18-194.26.1.el5.i686.rpm
kernel-debuginfo-2.6.18-194.26.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-194.26.1.el5.i686.rpm
kernel-devel-2.6.18-194.26.1.el5.i686.rpm
kernel-headers-2.6.18-194.26.1.el5.i386.rpm
kernel-xen-2.6.18-194.26.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-194.26.1.el5.i686.rpm
kernel-xen-devel-2.6.18-194.26.1.el5.i686.rpm

ia64:
kernel-2.6.18-194.26.1.el5.ia64.rpm
kernel-debug-2.6.18-194.26.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-194.26.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-194.26.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-194.26.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-194.26.1.el5.ia64.rpm
kernel-devel-2.6.18-194.26.1.el5.ia64.rpm
kernel-headers-2.6.18-194.26.1.el5.ia64.rpm
kernel-xen-2.6.18-194.26.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-194.26.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-194.26.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-194.26.1.el5.noarch.rpm

ppc:
kernel-2.6.18-194.26.1.el5.ppc64.rpm
kernel-debug-2.6.18-194.26.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-194.26.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-194.26.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-194.26.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-194.26.1.el5.ppc64.rpm
kernel-devel-2.6.18-194.26.1.el5.ppc64.rpm
kernel-headers-2.6.18-194.26.1.el5.ppc.rpm
kernel-headers-2.6.18-194.26.1.el5.ppc64.rpm
kernel-kdump-2.6.18-194.26.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-194.26.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-194.26.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-194.26.1.el5.s390x.rpm
kernel-debug-2.6.18-194.26.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-194.26.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-194.26.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-194.26.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-194.26.1.el5.s390x.rpm
kernel-devel-2.6.18-194.26.1.el5.s390x.rpm
kernel-headers-2.6.18-194.26.1.el5.s390x.rpm
kernel-kdump-2.6.18-194.26.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-194.26.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-194.26.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debug-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-194.26.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-194.26.1.el5.x86_64.rpm
kernel-devel-2.6.18-194.26.1.el5.x86_64.rpm
kernel-headers-2.6.18-194.26.1.el5.x86_64.rpm
kernel-xen-2.6.18-194.26.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-194.26.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-194.26.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-3066.html
https://www.redhat.com/security/data/cve/CVE-2010-3067.html
https://www.redhat.com/security/data/cve/CVE-2010-3078.html
https://www.redhat.com/security/data/cve/CVE-2010-3086.html
https://www.redhat.com/security/data/cve/CVE-2010-3477.html
http://www.redhat.com/security/updates/classification/#moderate
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html-single/5.5_Technical_Notes/index.html#RHSA-2010:0839

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFM2Y6OXlSAg2UNWIIRArUOAKC1b5yoEKRSAt6iPkbE/sevLkRJ1QCeJnrr
DpXDZvrvM3t6++9CGG9Hs4E=
=LEoq
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

03-01-2011 09:46 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2011:0303-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0303.html
Issue date: 2011-03-01
CVE Names: CVE-2010-4249 CVE-2010-4251 CVE-2010-4655
================================================== ===================

1. Summary:

Updated kernel packages that fix three security issues and several bugs are
now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* A flaw was found in the Linux kernel's garbage collector for AF_UNIX
sockets. A local, unprivileged user could use this flaw to trigger a
denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)

* A flaw was found in the Linux kernel's networking subsystem. If the
number of packets received exceeded the receiver's buffer limit, they were
queued in a backlog, consuming memory, instead of being discarded. A remote
attacker could abuse this flaw to cause a denial of service (out-of-memory
condition). (CVE-2010-4251, Moderate)

* A missing initialization flaw was found in the ethtool_get_regs()
function in the Linux kernel's ethtool IOCTL handler. A local user who has
the CAP_NET_ADMIN capability could use this flaw to cause an information
leak. (CVE-2010-4655, Low)

Red Hat would like to thank Vegard Nossum for reporting CVE-2010-4249, and
Kees Cook for reporting CVE-2010-4655.

This update also fixes several bugs. Documentation for these bug fixes will
be available shortly from the Technical Notes document linked to in the
References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

656756 - CVE-2010-4249 kernel: unix socket local dos
657303 - CVE-2010-4251 kernel: multicast IPv4 traffic on hipersockets device DoS
668976 - a test unit ready causes a panic on 5.6 (CCISS driver) [rhel-5.6.z]
669300 - Fix shrinking windows with window scaling [rhel-5.6.z]
670797 - panic in kfree() due to race condition in acpi_bus_receive_event() [rhel-5.6.z]
670807 - e1000 driver tracebacks when running under VMware ESX4 [rhel-5.6.z]
672428 - CVE-2010-4655 kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl
673983 - virtio_console driver never returns from selecting for write when the queue is full [rhel-5.6.z]
674273 - Flapping errors (and panic) with bonding and arp_interval while using be2net included in 2.6.18-238 [rhel-5.6.z]
678613 - vdso gettimeofday causes a segmentation fault [rhel-5.6.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-238.5.1.el5.src.rpm

i386:
kernel-2.6.18-238.5.1.el5.i686.rpm
kernel-PAE-2.6.18-238.5.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-238.5.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-238.5.1.el5.i686.rpm
kernel-debug-2.6.18-238.5.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-238.5.1.el5.i686.rpm
kernel-debug-devel-2.6.18-238.5.1.el5.i686.rpm
kernel-debuginfo-2.6.18-238.5.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-238.5.1.el5.i686.rpm
kernel-devel-2.6.18-238.5.1.el5.i686.rpm
kernel-headers-2.6.18-238.5.1.el5.i386.rpm
kernel-xen-2.6.18-238.5.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-238.5.1.el5.i686.rpm
kernel-xen-devel-2.6.18-238.5.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-238.5.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debug-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-238.5.1.el5.x86_64.rpm
kernel-devel-2.6.18-238.5.1.el5.x86_64.rpm
kernel-headers-2.6.18-238.5.1.el5.x86_64.rpm
kernel-xen-2.6.18-238.5.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-238.5.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-238.5.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-238.5.1.el5.src.rpm

i386:
kernel-2.6.18-238.5.1.el5.i686.rpm
kernel-PAE-2.6.18-238.5.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-238.5.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-238.5.1.el5.i686.rpm
kernel-debug-2.6.18-238.5.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-238.5.1.el5.i686.rpm
kernel-debug-devel-2.6.18-238.5.1.el5.i686.rpm
kernel-debuginfo-2.6.18-238.5.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-238.5.1.el5.i686.rpm
kernel-devel-2.6.18-238.5.1.el5.i686.rpm
kernel-headers-2.6.18-238.5.1.el5.i386.rpm
kernel-xen-2.6.18-238.5.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-238.5.1.el5.i686.rpm
kernel-xen-devel-2.6.18-238.5.1.el5.i686.rpm

ia64:
kernel-2.6.18-238.5.1.el5.ia64.rpm
kernel-debug-2.6.18-238.5.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-238.5.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-238.5.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-238.5.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-238.5.1.el5.ia64.rpm
kernel-devel-2.6.18-238.5.1.el5.ia64.rpm
kernel-headers-2.6.18-238.5.1.el5.ia64.rpm
kernel-xen-2.6.18-238.5.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-238.5.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-238.5.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-238.5.1.el5.noarch.rpm

ppc:
kernel-2.6.18-238.5.1.el5.ppc64.rpm
kernel-debug-2.6.18-238.5.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-238.5.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-238.5.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-238.5.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-238.5.1.el5.ppc64.rpm
kernel-devel-2.6.18-238.5.1.el5.ppc64.rpm
kernel-headers-2.6.18-238.5.1.el5.ppc.rpm
kernel-headers-2.6.18-238.5.1.el5.ppc64.rpm
kernel-kdump-2.6.18-238.5.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-238.5.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-238.5.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-238.5.1.el5.s390x.rpm
kernel-debug-2.6.18-238.5.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-238.5.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-238.5.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-238.5.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-238.5.1.el5.s390x.rpm
kernel-devel-2.6.18-238.5.1.el5.s390x.rpm
kernel-headers-2.6.18-238.5.1.el5.s390x.rpm
kernel-kdump-2.6.18-238.5.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-238.5.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-238.5.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debug-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-238.5.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-238.5.1.el5.x86_64.rpm
kernel-devel-2.6.18-238.5.1.el5.x86_64.rpm
kernel-headers-2.6.18-238.5.1.el5.x86_64.rpm
kernel-xen-2.6.18-238.5.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-238.5.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-238.5.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-4249.html
https://www.redhat.com/security/data/cve/CVE-2010-4251.html
https://www.redhat.com/security/data/cve/CVE-2010-4655.html
https://access.redhat.com/security/updates/classification/#moderate
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.6_Technical_Notes/kernel.html#RHSA-2011-0303

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFNbXcgXlSAg2UNWIIRAr0uAJwKZvZJ4Z6mPXHZNE73+v uJEZtqoQCfR6eq
yLEklAnT8uIk2AmSg8uYVEQ=
=srAl
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

07-12-2011 09:38 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2011:0928-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0928.html
Issue date: 2011-07-12
CVE Names: CVE-2011-1767 CVE-2011-1768 CVE-2011-2479
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues and various bugs
are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* It was found that the receive hook in the ipip_init() function in the
ipip module, and in the ipgre_init() function in the ip_gre module, could
be called before network namespaces setup is complete. If packets were
received at the time the ipip or ip_gre module was still being loaded into
the kernel, it could cause a denial of service. (CVE-2011-1767,
CVE-2011-1768, Moderate)

* It was found that an mmap() call with the MAP_PRIVATE flag on "/dev/zero"
would create transparent hugepages and trigger a certain robustness check.
A local, unprivileged user could use this flaw to cause a denial of
service. (CVE-2011-2479, Moderate)

This update also fixes various bugs. Documentation for these bug fixes will
be available shortly from the Technical Notes document linked to in the
References section.

Users should upgrade to these updated packages, which contain backported
patches to resolve these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

702303 - CVE-2011-1767 CVE-2011-1768 kernel: netns vs proto registration ordering
711546 - RHEL6.1 x86_64 HVM guest crashes on AMD host when guest memory size is larger than 8G
712413 - Cannot find the extended attribute of #11 inode after remount
712414 - [RHEL6.1] [Kernel] Panic while running testing
713135 - MLS - cgconfigparser cannot search on /cgroup/ dirs
713458 - intel-iommu: missing flush prior to removing domains + avoid broken vm/si domain unlinking
714190 - System Hang when there is smart error on IBM platform
714761 - CVE-2011-2479 kernel: thp: madvise on top of /dev/zero private mapping can lead to panic

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-131.6.1.el6.src.rpm

i386:
kernel-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.6.1.el6.i686.rpm
kernel-devel-2.6.32-131.6.1.el6.i686.rpm
kernel-headers-2.6.32-131.6.1.el6.i686.rpm
perf-2.6.32-131.6.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.6.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.6.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.6.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.6.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.6.1.el6.x86_64.rpm
perf-2.6.32-131.6.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-131.6.1.el6.src.rpm

noarch:
kernel-doc-2.6.32-131.6.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.6.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.6.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.6.1.el6.x86_64.rpm
perf-2.6.32-131.6.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-131.6.1.el6.src.rpm

i386:
kernel-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.6.1.el6.i686.rpm
kernel-devel-2.6.32-131.6.1.el6.i686.rpm
kernel-headers-2.6.32-131.6.1.el6.i686.rpm
perf-2.6.32-131.6.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.6.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.6.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.6.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-131.6.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-131.6.1.el6.ppc64.rpm
kernel-debug-2.6.32-131.6.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-131.6.1.el6.ppc64.rpm
kernel-devel-2.6.32-131.6.1.el6.ppc64.rpm
kernel-headers-2.6.32-131.6.1.el6.ppc64.rpm
perf-2.6.32-131.6.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-131.6.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-131.6.1.el6.s390x.rpm
kernel-debug-2.6.32-131.6.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-131.6.1.el6.s390x.rpm
kernel-devel-2.6.32-131.6.1.el6.s390x.rpm
kernel-headers-2.6.32-131.6.1.el6.s390x.rpm
kernel-kdump-2.6.32-131.6.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-131.6.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-131.6.1.el6.s390x.rpm
perf-2.6.32-131.6.1.el6.s390x.rpm
perf-debuginfo-2.6.32-131.6.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.6.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.6.1.el6.x86_64.rpm
perf-2.6.32-131.6.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-131.6.1.el6.src.rpm

i386:
kernel-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.6.1.el6.i686.rpm
kernel-devel-2.6.32-131.6.1.el6.i686.rpm
kernel-headers-2.6.32-131.6.1.el6.i686.rpm
perf-2.6.32-131.6.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.6.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.6.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.6.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.6.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.6.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.6.1.el6.x86_64.rpm
perf-2.6.32-131.6.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.6.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-1767.html
https://www.redhat.com/security/data/cve/CVE-2011-1768.html
https://www.redhat.com/security/data/cve/CVE-2011-2479.html
https://access.redhat.com/security/updates/classification/#moderate
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/kernel.html#RHSA-2011-0928

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOHL6kXlSAg2UNWIIRAnzmAJ9ZkgaQb5w8IW0/drAXkmjx4LUHdwCfQmMI
S9T6sjLD1cXTCG63cOtD8XI=
=QNbC
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

09-20-2011 05:55 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2011:1321-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1321.html
Issue date: 2011-09-20
CVE Names: CVE-2011-2723
================================================== ===================

1. Summary:

Updated kernel packages that fix one security issue and several bugs are
now available for Red Hat Enterprise Linux 5.6 Extended Update Support.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel.

Security fix:

* A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO
(Generic Receive Offload) fields being left in an inconsistent state. An
attacker on the local network could use this flaw to trigger a denial of
service. (CVE-2011-2723, Moderate)

Red Hat would like to thank Brent Meshier for reporting this issue.

Bug fixes:

* When reading a file from a subdirectory in /proc/bus/pci/ while
hot-unplugging the device related to that file, the system will crash. Now,
the kernel correctly handles the simultaneous removal of a device and
access to the representation of that device in the proc file system.
(BZ#713454)

* RHSA-2011:0017 introduced a regression: Non-disk SCSI devices (except for
tape drives) such as enclosure or CD-ROM devices were hidden when attached
to a SAS based RAID controller that uses the megaraid_sas driver. With this
update, such devices are accessible, as expected. (BZ#726487)

* The fix for CVE-2010-3432 provided in RHSA-2011:0004 introduced a
regression: Information in sctp_packet_config(), which was called before
appending data chunks to a packet, was not reset, causing considerably poor
SCTP (Stream Control Transmission Protocol) performance. With this update,
the packet information is reset after transmission. (BZ#727591)

* Certain systems do not correctly set the ACPI FADT APIC mode bit. They
set the bit to "cluster" mode instead of "physical" mode which caused these
systems to boot without the TSC (Time Stamp Counter). With this update, the
ACPI FADT check has been removed due to its unreliability. (BZ#728162)

* Performance when invalidating and rereading cached data as a glock moves
around the cluster with GFS2 is improved. (BZ#729082)

* Performance issues occurred when multiple nodes attempted to call mmap()
on the same inode at the same time on a GFS2 file system, as it was using
an exclusive glock. With this update, a shared lock is used when "noatime"
is set on the mount, allowing mmap() operations to occur in parallel,
fixing this bug. Note that this issue only refers to mmap() system calls,
and not to subsequent page faults. (BZ#729090)

* Some of the functions in the GFS2 file system were not reserving enough
space for the resource group header in a transaction and for resource
groups bit blocks that get added when a memory allocation is performed.
That resulted in failed write and allocation operations. With this update,
GFS2 makes sure to reserve space in the described scenario, using the new
gfs2_rg_blocks() inline function. (BZ#729092)

* When GFS2 grew the file system, it never reread the rindex file during
the grow. This is necessary for large grows when the file system is almost
full, and GFS2 needs to use some of the space allocated earlier in the grow
to complete it. Now, if GFS2 fails to reserve the necessary space and the
rindex data is not up-to-date, it rereads it. (BZ#729094)

* Previously, when the Xen hypervisor split a 2 MB page into 4 KB pages, it
linked the new page from PDE (Page Directory Entry) before it filled
entries of the page with appropriate data. Consequently, when doing a live
migration with EPT (Extended Page Tables) enabled on a non-idle guest
running with more than two virtual CPUs, the guest often terminated
unexpectedly. With this update, the Xen hypervisor prepares the page table
entry first, and then links it in. (BZ#730684)

* Changes made to TSC as a clock source for IRQs caused virtual machines
running under the VMware ESX or ESXi hypervisors to become unresponsive
during the initial kernel boot process. With this update, the
enable_tsc_timer flag enables the do_timer_tsc_timekeeping() function to be
called in the do_timer_interrupt_hook() function, preventing a deadlock in
the timer interrupt handler. (BZ#730688)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

726552 - CVE-2011-2723 kernel: gro: only reset frag0 when skb can be pulled
729090 - mmapping a read only file on a gfs2 filesystem incorrectly acquires an exclusive glock
729092 - GFS2: Not enough space reserved in gfs2_write_begin and possibly elsewhere.
729094 - GFS2: Kernel changes necessary to allow growing completely full filesystems.

6. Package List:

Red Hat Enterprise Linux (v. 5 server):

Source:
kernel-2.6.18-238.27.1.el5.src.rpm

i386:
kernel-2.6.18-238.27.1.el5.i686.rpm
kernel-PAE-2.6.18-238.27.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-238.27.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-238.27.1.el5.i686.rpm
kernel-debug-2.6.18-238.27.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-238.27.1.el5.i686.rpm
kernel-debug-devel-2.6.18-238.27.1.el5.i686.rpm
kernel-debuginfo-2.6.18-238.27.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-238.27.1.el5.i686.rpm
kernel-devel-2.6.18-238.27.1.el5.i686.rpm
kernel-headers-2.6.18-238.27.1.el5.i386.rpm
kernel-xen-2.6.18-238.27.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-238.27.1.el5.i686.rpm
kernel-xen-devel-2.6.18-238.27.1.el5.i686.rpm

ia64:
kernel-2.6.18-238.27.1.el5.ia64.rpm
kernel-debug-2.6.18-238.27.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-238.27.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-238.27.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-238.27.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-238.27.1.el5.ia64.rpm
kernel-devel-2.6.18-238.27.1.el5.ia64.rpm
kernel-headers-2.6.18-238.27.1.el5.ia64.rpm
kernel-xen-2.6.18-238.27.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-238.27.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-238.27.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-238.27.1.el5.noarch.rpm

ppc:
kernel-2.6.18-238.27.1.el5.ppc64.rpm
kernel-debug-2.6.18-238.27.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-238.27.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-238.27.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-238.27.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-238.27.1.el5.ppc64.rpm
kernel-devel-2.6.18-238.27.1.el5.ppc64.rpm
kernel-headers-2.6.18-238.27.1.el5.ppc.rpm
kernel-headers-2.6.18-238.27.1.el5.ppc64.rpm
kernel-kdump-2.6.18-238.27.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-238.27.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-238.27.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-238.27.1.el5.s390x.rpm
kernel-debug-2.6.18-238.27.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-238.27.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-238.27.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-238.27.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-238.27.1.el5.s390x.rpm
kernel-devel-2.6.18-238.27.1.el5.s390x.rpm
kernel-headers-2.6.18-238.27.1.el5.s390x.rpm
kernel-kdump-2.6.18-238.27.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-238.27.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-238.27.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-238.27.1.el5.x86_64.rpm
kernel-debug-2.6.18-238.27.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-238.27.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-238.27.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-238.27.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-238.27.1.el5.x86_64.rpm
kernel-devel-2.6.18-238.27.1.el5.x86_64.rpm
kernel-headers-2.6.18-238.27.1.el5.x86_64.rpm
kernel-xen-2.6.18-238.27.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-238.27.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-238.27.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-2723.html
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOeNOfXlSAg2UNWIIRAuD/AKCPLlBb/lR2p2PKXQGw04z92cTe1QCfTy/R
CvpPf99efqe7jE5kA3+wqXk=
=kMLb
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

11-01-2011 04:21 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2011:1419-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1419.html
Issue date: 2011-11-01
CVE Names: CVE-2011-3188 CVE-2011-3209
================================================== ===================

1. Summary:

Updated kernel packages that fix two security issues and four bugs are now
available for Red Hat Enterprise Linux 5.6 Extended Update Support.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5.6.z server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* The way IPv4 and IPv6 protocol sequence numbers and fragment IDs were
generated could allow a man-in-the-middle attacker to inject packets and
possibly hijack connections. Protocol sequence numbers and fragment IDs are
now more random. (CVE-2011-3188, Moderate)

* A flaw was found in the Linux kernel's clock implementation on 32-bit,
SMP (symmetric multiprocessing) systems. A local, unprivileged user could
use this flaw to cause a divide error fault, resulting in a denial of
service. (CVE-2011-3209, Moderate)

Red Hat would like to thank Dan Kaminsky for reporting CVE-2011-3188, and
Yasuaki Ishimatsu for reporting CVE-2011-3209.

In addition, this update fixes the following bugs:

* When the Global File System 2 (GFS2) file system is suspended, its delete
work queue is also suspended, along with any pending work on the queue.
Prior to this update, if GFS2's transaction lock was demoted while the
delete work queue was suspended, a deadlock could occur on the file system
because the file system tried to flush the work queue in the lock demotion
code. With this update, the delete work queue is no longer flushed by the
lock demotion code, and a deadlock no longer occurs. Instead, the work
queue is flushed by the unmount operation, so that pending work is properly
completed. (BZ#733678)

* A previously applied patch introduced a regression for third-party file
systems that do not set the FS_HAS_IODONE2 flag, specifically, Oracle
Cluster File System 2 (OCFS2). The patch removed a call to the aio_complete
function, resulting in no completion events being processed, causing
user-space applications to become unresponsive. This update reintroduces
the aio_complete function call, fixing this issue. (BZ#734156)

* Certain devices support multiple operation modes. For example, EMC
CLARiiON disk arrays support ALUA mode and their own vendor specific mode
for failover. In Red Hat Enterprise Linux 5.5, a bug was discovered that
prevented tools such as multipath from being able to select the
device/hardware handler plug-in to use. This resulted in the application
(for example, multipath) not working properly. With this update, the kernel
has been modified to allow applications to select the device/hardware
handler to use, thus resolving this issue. (BZ#739900)

* This update improves the performance of delete/unlink operations in a
GFS2 file system with large files by adding a layer of metadata read-ahead
for indirect blocks. (BZ#743805)

Users should upgrade to these updated packages, which contain backported
patches to resolve these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

732658 - CVE-2011-3188 kernel: net: improve sequence number generation
732878 - CVE-2011-3209 kernel: panic occurs when clock_gettime() is called
733678 - GFS2: recovery stuck on transaction lock [rhel-5.6.z]
739900 - scsi_dh_emc gives "error attaching hardware handler" for EMC active-active SANs [rhel-5.6.z]

6. Package List:

Red Hat Enterprise Linux (v. 5.6.z server):

Source:
kernel-2.6.18-238.28.1.el5.src.rpm

i386:
kernel-2.6.18-238.28.1.el5.i686.rpm
kernel-PAE-2.6.18-238.28.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-238.28.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-238.28.1.el5.i686.rpm
kernel-debug-2.6.18-238.28.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-238.28.1.el5.i686.rpm
kernel-debug-devel-2.6.18-238.28.1.el5.i686.rpm
kernel-debuginfo-2.6.18-238.28.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-238.28.1.el5.i686.rpm
kernel-devel-2.6.18-238.28.1.el5.i686.rpm
kernel-headers-2.6.18-238.28.1.el5.i386.rpm
kernel-xen-2.6.18-238.28.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-238.28.1.el5.i686.rpm
kernel-xen-devel-2.6.18-238.28.1.el5.i686.rpm

ia64:
kernel-2.6.18-238.28.1.el5.ia64.rpm
kernel-debug-2.6.18-238.28.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-238.28.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-238.28.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-238.28.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-238.28.1.el5.ia64.rpm
kernel-devel-2.6.18-238.28.1.el5.ia64.rpm
kernel-headers-2.6.18-238.28.1.el5.ia64.rpm
kernel-xen-2.6.18-238.28.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-238.28.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-238.28.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-238.28.1.el5.noarch.rpm

ppc:
kernel-2.6.18-238.28.1.el5.ppc64.rpm
kernel-debug-2.6.18-238.28.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-238.28.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-238.28.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-238.28.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-238.28.1.el5.ppc64.rpm
kernel-devel-2.6.18-238.28.1.el5.ppc64.rpm
kernel-headers-2.6.18-238.28.1.el5.ppc.rpm
kernel-headers-2.6.18-238.28.1.el5.ppc64.rpm
kernel-kdump-2.6.18-238.28.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-238.28.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-238.28.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-238.28.1.el5.s390x.rpm
kernel-debug-2.6.18-238.28.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-238.28.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-238.28.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-238.28.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-238.28.1.el5.s390x.rpm
kernel-devel-2.6.18-238.28.1.el5.s390x.rpm
kernel-headers-2.6.18-238.28.1.el5.s390x.rpm
kernel-kdump-2.6.18-238.28.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-238.28.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-238.28.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-238.28.1.el5.x86_64.rpm
kernel-debug-2.6.18-238.28.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-238.28.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-238.28.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-238.28.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-238.28.1.el5.x86_64.rpm
kernel-devel-2.6.18-238.28.1.el5.x86_64.rpm
kernel-headers-2.6.18-238.28.1.el5.x86_64.rpm
kernel-xen-2.6.18-238.28.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-238.28.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-238.28.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-3188.html
https://www.redhat.com/security/data/cve/CVE-2011-3209.html
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOsCp6XlSAg2UNWIIRAqjtAKC+6itwqo7i/nD2TiB5jAoly0MGowCfU9EU
LGpVFEpzls46GkvOInRcpSo=
=qH8Q
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

02-14-2012 11:49 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2012:0116-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0116.html
Issue date: 2012-02-14
CVE Names: CVE-2011-1020 CVE-2011-3347 CVE-2011-3637
CVE-2011-3638 CVE-2011-4110
================================================== ===================

1. Summary:

Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 6.1 Extended Update Support.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server EUS (v. 6.1) - i386, noarch, ppc64, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* The proc file system could allow a local, unprivileged user to obtain
sensitive information or possibly cause integrity issues. (CVE-2011-1020,
Moderate)

* Non-member VLAN (virtual LAN) packet handling for interfaces in
promiscuous mode and also using the be2net driver could allow an attacker
on the local network to cause a denial of service. (CVE-2011-3347,
Moderate)

* A missing validation flaw was found in the Linux kernel's m_stop()
implementation. A local, unprivileged user could use this flaw to trigger
a denial of service. (CVE-2011-3637, Moderate)

* A flaw was found in the Linux kernel in the way splitting two extents in
ext4_ext_convert_to_initialized() worked. A local, unprivileged user with
the ability to mount and unmount ext4 file systems could use this flaw to
cause a denial of service. (CVE-2011-3638, Moderate)

* A NULL pointer dereference flaw was found in the way the Linux kernel's
key management facility handled user-defined key types. A local,
unprivileged user could use the keyctl utility to cause a denial of
service. (CVE-2011-4110, Moderate)

Red Hat would like to thank Kees Cook for reporting CVE-2011-1020; Somnath
Kotur for reporting CVE-2011-3347; and Zheng Liu for reporting
CVE-2011-3638.

This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

680358 - CVE-2011-1020 kernel: no access restrictions of /proc/pid/* after setuid program exec
736425 - CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS
747848 - CVE-2011-3637 kernel: proc: fix oops on invalid /proc/<pid>/maps access
747942 - CVE-2011-3638 kernel: ext4: ext4_ext_insert_extent() kernel oops
751297 - CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type

6. Package List:

Red Hat Enterprise Linux Server EUS (v. 6.1):

Source:
kernel-2.6.32-131.25.1.el6.src.rpm

i386:
kernel-2.6.32-131.25.1.el6.i686.rpm
kernel-debug-2.6.32-131.25.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.25.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.25.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.25.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.25.1.el6.i686.rpm
kernel-devel-2.6.32-131.25.1.el6.i686.rpm
kernel-headers-2.6.32-131.25.1.el6.i686.rpm
perf-2.6.32-131.25.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.25.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.25.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.25.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-131.25.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-131.25.1.el6.ppc64.rpm
kernel-debug-2.6.32-131.25.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-131.25.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-131.25.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-131.25.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-131.25.1.el6.ppc64.rpm
kernel-devel-2.6.32-131.25.1.el6.ppc64.rpm
kernel-headers-2.6.32-131.25.1.el6.ppc64.rpm
perf-2.6.32-131.25.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-131.25.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-131.25.1.el6.s390x.rpm
kernel-debug-2.6.32-131.25.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-131.25.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-131.25.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-131.25.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-131.25.1.el6.s390x.rpm
kernel-devel-2.6.32-131.25.1.el6.s390x.rpm
kernel-headers-2.6.32-131.25.1.el6.s390x.rpm
kernel-kdump-2.6.32-131.25.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-131.25.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-131.25.1.el6.s390x.rpm
perf-2.6.32-131.25.1.el6.s390x.rpm
perf-debuginfo-2.6.32-131.25.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-131.25.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.25.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.25.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.25.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.25.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.25.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.25.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.25.1.el6.x86_64.rpm
perf-2.6.32-131.25.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.25.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-1020.html
https://www.redhat.com/security/data/cve/CVE-2011-3347.html
https://www.redhat.com/security/data/cve/CVE-2011-3637.html
https://www.redhat.com/security/data/cve/CVE-2011-3638.html
https://www.redhat.com/security/data/cve/CVE-2011-4110.html
https://access.redhat.com/security/updates/classification/#moderate
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/kernel.html#RHSA-2012-0116

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPOwDxXlSAg2UNWIIRApPLAKCtwFsAQX7Xl6xvhILWx8 bT9quG5wCfTKqK
H8P+nqksU3gf3Yw/DN/q15k=
=NhH2
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

03-06-2012 05:48 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2012:0350-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0350.html
Issue date: 2012-03-06
CVE Names: CVE-2011-4077 CVE-2011-4081 CVE-2011-4132
CVE-2011-4347 CVE-2011-4594 CVE-2011-4611
CVE-2011-4622 CVE-2012-0038 CVE-2012-0045
CVE-2012-0207
================================================== ===================

1. Summary:

Updated kernel packages that fix various security issues and several bugs
are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* A buffer overflow flaw was found in the way the Linux kernel's XFS file
system implementation handled links with overly long path names. A local,
unprivileged user could use this flaw to cause a denial of service or
escalate their privileges by mounting a specially-crafted disk.
(CVE-2011-4077, Moderate)

* Flaws in ghash_update() and ghash_final() could allow a local,
unprivileged user to cause a denial of service. (CVE-2011-4081, Moderate)

* A flaw was found in the Linux kernel's Journaling Block Device (JBD). A
local, unprivileged user could use this flaw to crash the system by
mounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)

* It was found that the kvm_vm_ioctl_assign_device() function in the KVM
(Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if
the user requesting device assignment was privileged or not. A local,
unprivileged user on the host could assign unused PCI devices, or even
devices that were in use and whose resources were not properly claimed by
the respective drivers, which could result in the host crashing.
(CVE-2011-4347, Moderate)

* Two flaws were found in the way the Linux kernel's __sys_sendmsg()
function, when invoked via the sendmmsg() system call, accessed user-space
memory. A local, unprivileged user could use these flaws to cause a denial
of service. (CVE-2011-4594, Moderate)

* The RHSA-2011:1530 kernel update introduced an integer overflow flaw in
the Linux kernel. On PowerPC systems, a local, unprivileged user could use
this flaw to cause a denial of service. (CVE-2011-4611, Moderate)

* A flaw was found in the way the KVM subsystem of a Linux kernel handled
PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was
no virtual interrupt controller set up. A local, unprivileged user on the
host could force this situation to occur, resulting in the host crashing.
(CVE-2011-4622, Moderate)

* A flaw was found in the way the Linux kernel's XFS file system
implementation handled on-disk Access Control Lists (ACLs). A local,
unprivileged user could use this flaw to cause a denial of service or
escalate their privileges by mounting a specially-crafted disk.
(CVE-2012-0038, Moderate)

* A flaw was found in the way the Linux kernel's KVM hypervisor
implementation emulated the syscall instruction for 32-bit guests. An
unprivileged guest user could trigger this flaw to crash the guest.
(CVE-2012-0045, Moderate)

* A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query()
function. An attacker able to send certain IGMP (Internet Group Management
Protocol) packets to a target system could use this flaw to cause a denial
of service. (CVE-2012-0207, Moderate)

Red Hat would like to thank Nick Bowler for reporting CVE-2011-4081; Sasha
Levin for reporting CVE-2011-4347; Tetsuo Handa for reporting
CVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi for
reporting CVE-2012-0038; Stephan Bärwolf for reporting CVE-2012-0045; and
Simon McVittie for reporting CVE-2012-0207. Upstream acknowledges Mathieu
Desnoyers as the original reporter of CVE-2011-4594.

This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

749156 - CVE-2011-4077 kernel: xfs: potential buffer overflow in xfs_readlink()
749475 - CVE-2011-4081 kernel: crypto: ghash: null pointer deref if no key is set
753341 - CVE-2011-4132 kernel: jbd/jbd2: invalid value of first log block leads to oops
756084 - CVE-2011-4347 kernel: kvm: device assignment DoS
761646 - CVE-2011-4594 kernel: send(m)msg: user pointer dereferences
767914 - CVE-2011-4611 kernel: perf, powerpc: Handle events that raise an exception without overflowing
769721 - CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system
772867 - CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
773280 - CVE-2012-0038 kernel: xfs heap overflow
773370 - CVE-2012-0045 kernel: kvm: syscall instruction induced guest panic
789058 - cifs: i/o error on copying file > 102336 bytes [rhel-6.2.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.7.1.el6.src.rpm

i386:
kernel-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.7.1.el6.i686.rpm
kernel-devel-2.6.32-220.7.1.el6.i686.rpm
kernel-headers-2.6.32-220.7.1.el6.i686.rpm
perf-2.6.32-220.7.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.7.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-220.7.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.7.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.7.1.el6.x86_64.rpm
perf-2.6.32-220.7.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.7.1.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.7.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.7.1.el6.i686.rpm
python-perf-2.6.32-220.7.1.el6.i686.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
python-perf-2.6.32-220.7.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.7.1.el6.src.rpm

noarch:
kernel-doc-2.6.32-220.7.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.7.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.7.1.el6.x86_64.rpm
perf-2.6.32-220.7.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.7.1.el6.src.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
python-perf-2.6.32-220.7.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.7.1.el6.src.rpm

i386:
kernel-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.7.1.el6.i686.rpm
kernel-devel-2.6.32-220.7.1.el6.i686.rpm
kernel-headers-2.6.32-220.7.1.el6.i686.rpm
perf-2.6.32-220.7.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.7.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-220.7.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.7.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-220.7.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-220.7.1.el6.ppc64.rpm
kernel-debug-2.6.32-220.7.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-220.7.1.el6.ppc64.rpm
kernel-devel-2.6.32-220.7.1.el6.ppc64.rpm
kernel-headers-2.6.32-220.7.1.el6.ppc64.rpm
perf-2.6.32-220.7.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-220.7.1.el6.s390x.rpm
kernel-debug-2.6.32-220.7.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-220.7.1.el6.s390x.rpm
kernel-devel-2.6.32-220.7.1.el6.s390x.rpm
kernel-headers-2.6.32-220.7.1.el6.s390x.rpm
kernel-kdump-2.6.32-220.7.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-220.7.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-220.7.1.el6.s390x.rpm
perf-2.6.32-220.7.1.el6.s390x.rpm
perf-debuginfo-2.6.32-220.7.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.7.1.el6.x86_64.rpm
perf-2.6.32-220.7.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.7.1.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.7.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.7.1.el6.i686.rpm
python-perf-2.6.32-220.7.1.el6.i686.rpm

ppc64:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-220.7.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.ppc64.rpm
python-perf-2.6.32-220.7.1.el6.ppc64.rpm

s390x:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-220.7.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-220.7.1.el6.s390x.rpm
perf-debuginfo-2.6.32-220.7.1.el6.s390x.rpm
python-perf-2.6.32-220.7.1.el6.s390x.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
python-perf-2.6.32-220.7.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.7.1.el6.src.rpm

i386:
kernel-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.7.1.el6.i686.rpm
kernel-devel-2.6.32-220.7.1.el6.i686.rpm
kernel-headers-2.6.32-220.7.1.el6.i686.rpm
perf-2.6.32-220.7.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.7.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-220.7.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.7.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.7.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.7.1.el6.x86_64.rpm
perf-2.6.32-220.7.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.7.1.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.7.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.7.1.el6.i686.rpm
python-perf-2.6.32-220.7.1.el6.i686.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.7.1.el6.x86_64.rpm
python-perf-2.6.32-220.7.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-4077.html
https://www.redhat.com/security/data/cve/CVE-2011-4081.html
https://www.redhat.com/security/data/cve/CVE-2011-4132.html
https://www.redhat.com/security/data/cve/CVE-2011-4347.html
https://www.redhat.com/security/data/cve/CVE-2011-4594.html
https://www.redhat.com/security/data/cve/CVE-2011-4611.html
https://www.redhat.com/security/data/cve/CVE-2011-4622.html
https://www.redhat.com/security/data/cve/CVE-2012-0038.html
https://www.redhat.com/security/data/cve/CVE-2012-0045.html
https://www.redhat.com/security/data/cve/CVE-2012-0207.html
https://access.redhat.com/security/updates/classification/#moderate
https://rhn.redhat.com/errata/RHSA-2011-1530.html
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.2_Technical_Notes/kernel.html#RHSA-2012-0350

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPVlvgXlSAg2UNWIIRAs+VAKDAOxZ7M5s2GTOoHpYSCb +8O6S7xgCgr64c
78iO5Dc5O0zDpxGyRUZiSvI=
=OcxS
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

04-24-2012 08:37 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2012:0517-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0517.html
Issue date: 2012-04-24
CVE Names: CVE-2011-3638
================================================== ===================

1. Summary:

Updated kernel packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 5.6 Extended Update Support.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux EUS (v. 5.6 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* A flaw was found in the Linux kernel in the way splitting two extents in
ext4_ext_convert_to_initialized() worked. A local, unprivileged user with
the ability to mount and unmount ext4 file systems could use this flaw to
cause a denial of service. (CVE-2011-3638, Moderate)

Red Hat would like to thank Zheng Liu for reporting this issue.

This update also fixes the following bug:

* Starting with Red Hat Enterprise Linux 5.6, all devices that used the
ixgbe driver would stop stripping VLAN tags when the device entered
promiscuous mode. Placing a device in a bridge group causes the device to
enter promiscuous mode. This caused various issues under certain
configurations of bridging and VLANs. A patch has been provided to address
this issue and the devices now properly strip VLAN tags in the driver
whether in promiscuous mode or not. (BZ#809790)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

747942 - CVE-2011-3638 kernel: ext4: ext4_ext_insert_extent() kernel oops

6. Package List:

Red Hat Enterprise Linux EUS (v. 5.6 server):

Source:
kernel-2.6.18-238.37.1.el5.src.rpm

i386:
kernel-2.6.18-238.37.1.el5.i686.rpm
kernel-PAE-2.6.18-238.37.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-238.37.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-238.37.1.el5.i686.rpm
kernel-debug-2.6.18-238.37.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-238.37.1.el5.i686.rpm
kernel-debug-devel-2.6.18-238.37.1.el5.i686.rpm
kernel-debuginfo-2.6.18-238.37.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-238.37.1.el5.i686.rpm
kernel-devel-2.6.18-238.37.1.el5.i686.rpm
kernel-headers-2.6.18-238.37.1.el5.i386.rpm
kernel-xen-2.6.18-238.37.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-238.37.1.el5.i686.rpm
kernel-xen-devel-2.6.18-238.37.1.el5.i686.rpm

ia64:
kernel-2.6.18-238.37.1.el5.ia64.rpm
kernel-debug-2.6.18-238.37.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-238.37.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-238.37.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-238.37.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-238.37.1.el5.ia64.rpm
kernel-devel-2.6.18-238.37.1.el5.ia64.rpm
kernel-headers-2.6.18-238.37.1.el5.ia64.rpm
kernel-xen-2.6.18-238.37.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-238.37.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-238.37.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-238.37.1.el5.noarch.rpm

ppc:
kernel-2.6.18-238.37.1.el5.ppc64.rpm
kernel-debug-2.6.18-238.37.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-238.37.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-238.37.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-238.37.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-238.37.1.el5.ppc64.rpm
kernel-devel-2.6.18-238.37.1.el5.ppc64.rpm
kernel-headers-2.6.18-238.37.1.el5.ppc.rpm
kernel-headers-2.6.18-238.37.1.el5.ppc64.rpm
kernel-kdump-2.6.18-238.37.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-238.37.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-238.37.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-238.37.1.el5.s390x.rpm
kernel-debug-2.6.18-238.37.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-238.37.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-238.37.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-238.37.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-238.37.1.el5.s390x.rpm
kernel-devel-2.6.18-238.37.1.el5.s390x.rpm
kernel-headers-2.6.18-238.37.1.el5.s390x.rpm
kernel-kdump-2.6.18-238.37.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-238.37.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-238.37.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-238.37.1.el5.x86_64.rpm
kernel-debug-2.6.18-238.37.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-238.37.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-238.37.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-238.37.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-238.37.1.el5.x86_64.rpm
kernel-devel-2.6.18-238.37.1.el5.x86_64.rpm
kernel-headers-2.6.18-238.37.1.el5.x86_64.rpm
kernel-xen-2.6.18-238.37.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-238.37.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-238.37.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-3638.html
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPlw8SXlSAg2UNWIIRAgl2AJ0aMbX3iOZKxi84P4UDZO S89fXWngCcDI9+
dJTMUD5d7I7lbnUtLGVnBNI=
=212w
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

05-15-2012 09:09 PM

Moderate: kernel security and bug fix update
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Moderate: kernel security and bug fix update
Advisory ID: RHSA-2012:0571-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0571.html
Issue date: 2012-05-15
CVE Names: CVE-2011-4086 CVE-2012-1601
================================================== ===================

1. Summary:

Updated kernel packages that fix two security issues and several bugs are
now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* A flaw was found in the way the Linux kernel's journal_unmap_buffer()
function handled buffer head states. On systems that have an ext4 file
system with a journal mounted, a local, unprivileged user could use this
flaw to cause a denial of service. (CVE-2011-4086, Moderate)

* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled.
Calling this ioctl when at least one virtual CPU (VCPU) already existed
could lead to a NULL pointer dereference later when the VCPU is scheduled
to run. A local, unprivileged user on a KVM host could use this flaw to
crash the host. (CVE-2012-1601, Moderate)

This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs noted in the Technical
Notes. The system must be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

749143 - CVE-2011-4086 kernel: jbd2: unmapped buffer with _Unwritten or _Delay flags set can lead to DoS
808199 - CVE-2012-1601 kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
809374 - AMD IOMMU driver hands out dma handles that are in the MSI address range [rhel-6.2.z]
811135 - readdir64_r calls fail with ELOOP [rhel-6.2.z]
811299 - Fix RPC priority queue wake up all tasks processing [rhel-6.2.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.17.1.el6.src.rpm

i386:
kernel-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.17.1.el6.i686.rpm
kernel-devel-2.6.32-220.17.1.el6.i686.rpm
kernel-headers-2.6.32-220.17.1.el6.i686.rpm
perf-2.6.32-220.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-220.17.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.17.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.17.1.el6.x86_64.rpm
perf-2.6.32-220.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-220.17.1.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm
python-perf-2.6.32-220.17.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.17.1.el6.src.rpm

noarch:
kernel-doc-2.6.32-220.17.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.17.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.17.1.el6.x86_64.rpm
perf-2.6.32-220.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-220.17.1.el6.src.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.17.1.el6.src.rpm

i386:
kernel-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.17.1.el6.i686.rpm
kernel-devel-2.6.32-220.17.1.el6.i686.rpm
kernel-headers-2.6.32-220.17.1.el6.i686.rpm
perf-2.6.32-220.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-220.17.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.17.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-220.17.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-220.17.1.el6.ppc64.rpm
kernel-debug-2.6.32-220.17.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-220.17.1.el6.ppc64.rpm
kernel-devel-2.6.32-220.17.1.el6.ppc64.rpm
kernel-headers-2.6.32-220.17.1.el6.ppc64.rpm
perf-2.6.32-220.17.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-220.17.1.el6.s390x.rpm
kernel-debug-2.6.32-220.17.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-220.17.1.el6.s390x.rpm
kernel-devel-2.6.32-220.17.1.el6.s390x.rpm
kernel-headers-2.6.32-220.17.1.el6.s390x.rpm
kernel-kdump-2.6.32-220.17.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-220.17.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-220.17.1.el6.s390x.rpm
perf-2.6.32-220.17.1.el6.s390x.rpm
perf-debuginfo-2.6.32-220.17.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.17.1.el6.x86_64.rpm
perf-2.6.32-220.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.17.1.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm
python-perf-2.6.32-220.17.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm

ppc64:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-220.17.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm
python-perf-2.6.32-220.17.1.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.ppc64.rpm

s390x:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-220.17.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-220.17.1.el6.s390x.rpm
perf-debuginfo-2.6.32-220.17.1.el6.s390x.rpm
python-perf-2.6.32-220.17.1.el6.s390x.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.s390x.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.17.1.el6.src.rpm

i386:
kernel-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.17.1.el6.i686.rpm
kernel-devel-2.6.32-220.17.1.el6.i686.rpm
kernel-headers-2.6.32-220.17.1.el6.i686.rpm
perf-2.6.32-220.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-220.17.1.el6.noarch.rpm
kernel-firmware-2.6.32-220.17.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
kernel-devel-2.6.32-220.17.1.el6.x86_64.rpm
kernel-headers-2.6.32-220.17.1.el6.x86_64.rpm
perf-2.6.32-220.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-220.17.1.el6.src.rpm

i386:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-220.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm
python-perf-2.6.32-220.17.1.el6.i686.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm

x86_64:
kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-2.6.32-220.17.1.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-4086.html
https://www.redhat.com/security/data/cve/CVE-2012-1601.html
https://access.redhat.com/security/updates/classification/#moderate
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.2_Technical_Notes/kernel.html#RHSA-2012-0571

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPssXyXlSAg2UNWIIRAtMzAJ4l3D5Jt2JDg5v1gzX6tX RGmD0o3ACgqqwa
YZ6i4ojq6GPIsliqSlQtIyE=
=ZGRq
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list


All times are GMT. The time now is 11:10 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.