FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Enterprise Watch List

 
 
LinkBack Thread Tools
 
Old 11-29-2007, 01:49 PM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2007:0993-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0993.html
Issue date: 2007-11-29
Updated on: 2007-11-29
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-4571 CVE-2007-4997
CVE-2007-5494
- ---------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix various security issues in the Red Hat
Enterprise Linux 5 kernel are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the following security issues:

A memory leak was found in the Red Hat Content Accelerator kernel patch. A
local user could use this flaw to cause a denial of service (memory
exhaustion). (CVE-2007-5494, Important)

A flaw was found in the handling of IEEE 802.11 frames affecting several
wireless LAN modules. In certain circumstances, a remote attacker could
trigger this flaw by sending a malicious packet over a wireless network and
cause a denial of service (kernel crash). (CVE-2007-4997, Important).

A flaw was found in the Advanced Linux Sound Architecture (ALSA). A local
user who had the ability to read the /proc/driver/snd-page-alloc file could
see portions of kernel memory. (CVE-2007-4571, Moderate).

In addition to the security issues described above, several bug fixes
preventing possible memory corruption, system crashes, SCSI I/O fails,
networking drivers performance regression and journaling block device layer
issue were also included.

Red Hat Enterprise Linux 5 users are advised to upgrade to these packages,
which contain backported patches to resolve these issues.

Red Hat would like to credit Vasily Averin, Chris Evans, and Neil Kettle
for reporting the security issues corrected by this update.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

288961 - CVE-2007-4571 ALSA memory disclosure flaw
305011 - [RHEL 5.1.z]: Tick divider bugs on x86_64
315051 - CVE-2007-5494 open(O_ATOMICLOOKUP) leaks dentry
345141 - [PATCH] jbd: wait for already submitted t_sync_datalist buffer to complete (Possibility of in-place data destruction)
345151 - LSPP: audit rule causes kernel 'out of memory' condition and auditd failure
345161 - [EL5][BUG] Unexpected SIGILL on NFS/Montecito(ia64)
345171 - task->mm or slab corruption with CIFS
346341 - CVE-2007-4997 kernel ieee80211 off-by-two integer underflow
381001 - LSPP: audit enable not picking up all processes
381021 - [Broadcom 5.1.z bug] Performance regression on 5705 TG3 NICs
381101 - LTC35628-kexec/kdump kernel hung on Power5+ and Power6 based systems
381121 - LTC38135-vSCSI client reports 'Device sdX not ready' after deactive/active device on vSCSI server
381131 - forcedeth driver mishandles MSI interrupts under high load

6. RPMs required:

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-53.1.4.el5.src.rpm
f4ddc1c32090e95051a82221882f7f07 kernel-2.6.18-53.1.4.el5.src.rpm

i386:
7db3e79c57682e6ccd52808899b615df kernel-2.6.18-53.1.4.el5.i686.rpm
3c710dd56c71e05a719254eabe5bef4e kernel-PAE-2.6.18-53.1.4.el5.i686.rpm
f7abc5aa783e93096d38c54b59c090d2 kernel-PAE-debuginfo-2.6.18-53.1.4.el5.i686.rpm
dc530282b624ccba683f4b181a6f3a07 kernel-PAE-devel-2.6.18-53.1.4.el5.i686.rpm
f18ab8596f0de5f8aec9c5c06aa0772c kernel-debug-2.6.18-53.1.4.el5.i686.rpm
78fb69f9be4c5e3376ef657578bcbf3b kernel-debug-debuginfo-2.6.18-53.1.4.el5.i686.rpm
9e7dabd8afecabf2d81b7244e248d085 kernel-debug-devel-2.6.18-53.1.4.el5.i686.rpm
8ced8998555bd4ca582718aa4de6491a kernel-debuginfo-2.6.18-53.1.4.el5.i686.rpm
82cb46f9d27253be25240cdae5303f48 kernel-debuginfo-common-2.6.18-53.1.4.el5.i686.rpm
46c3986d06610e1ff1f13aea20e12a55 kernel-devel-2.6.18-53.1.4.el5.i686.rpm
03ecab2d61860ff849f17ed525f68a9b kernel-headers-2.6.18-53.1.4.el5.i386.rpm
3ac39f5fcd33e7c1e8d374cf26f23bba kernel-xen-2.6.18-53.1.4.el5.i686.rpm
866a71427e007f544ffa867f14e4ec2d kernel-xen-debuginfo-2.6.18-53.1.4.el5.i686.rpm
2d25af7fd212ed6bfe30b0fefd89e400 kernel-xen-devel-2.6.18-53.1.4.el5.i686.rpm

noarch:
ab3753a735ea61deb37182250b04c9d0 kernel-doc-2.6.18-53.1.4.el5.noarch.rpm

x86_64:
e071879c6de07723825ff525634ef14a kernel-2.6.18-53.1.4.el5.x86_64.rpm
a328b40f9eb70cf9e0a4340ffcec53c8 kernel-debug-2.6.18-53.1.4.el5.x86_64.rpm
45e5066c1c1cdfe1c920f1ace4cf7268 kernel-debug-debuginfo-2.6.18-53.1.4.el5.x86_64.rpm
98613f3375199acf9ee60b5c8c407958 kernel-debug-devel-2.6.18-53.1.4.el5.x86_64.rpm
82206cb4393732d240ac50dce71c1510 kernel-debuginfo-2.6.18-53.1.4.el5.x86_64.rpm
4d470ccb5145a0fc225f44afca2c32ae kernel-debuginfo-common-2.6.18-53.1.4.el5.x86_64.rpm
5302a54d9169a4df8a048f67d3b2e518 kernel-devel-2.6.18-53.1.4.el5.x86_64.rpm
a63da08cd0cca7cec81542537decb183 kernel-headers-2.6.18-53.1.4.el5.x86_64.rpm
5fa46572f8d861903ecf1d6d983e7153 kernel-xen-2.6.18-53.1.4.el5.x86_64.rpm
8ea07b9267a2c3265fb285a05b2ca982 kernel-xen-debuginfo-2.6.18-53.1.4.el5.x86_64.rpm
9877be5ebfd8402f5bd65d241bcf55f3 kernel-xen-devel-2.6.18-53.1.4.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-53.1.4.el5.src.rpm
f4ddc1c32090e95051a82221882f7f07 kernel-2.6.18-53.1.4.el5.src.rpm

i386:
7db3e79c57682e6ccd52808899b615df kernel-2.6.18-53.1.4.el5.i686.rpm
3c710dd56c71e05a719254eabe5bef4e kernel-PAE-2.6.18-53.1.4.el5.i686.rpm
f7abc5aa783e93096d38c54b59c090d2 kernel-PAE-debuginfo-2.6.18-53.1.4.el5.i686.rpm
dc530282b624ccba683f4b181a6f3a07 kernel-PAE-devel-2.6.18-53.1.4.el5.i686.rpm
f18ab8596f0de5f8aec9c5c06aa0772c kernel-debug-2.6.18-53.1.4.el5.i686.rpm
78fb69f9be4c5e3376ef657578bcbf3b kernel-debug-debuginfo-2.6.18-53.1.4.el5.i686.rpm
9e7dabd8afecabf2d81b7244e248d085 kernel-debug-devel-2.6.18-53.1.4.el5.i686.rpm
8ced8998555bd4ca582718aa4de6491a kernel-debuginfo-2.6.18-53.1.4.el5.i686.rpm
82cb46f9d27253be25240cdae5303f48 kernel-debuginfo-common-2.6.18-53.1.4.el5.i686.rpm
46c3986d06610e1ff1f13aea20e12a55 kernel-devel-2.6.18-53.1.4.el5.i686.rpm
03ecab2d61860ff849f17ed525f68a9b kernel-headers-2.6.18-53.1.4.el5.i386.rpm
3ac39f5fcd33e7c1e8d374cf26f23bba kernel-xen-2.6.18-53.1.4.el5.i686.rpm
866a71427e007f544ffa867f14e4ec2d kernel-xen-debuginfo-2.6.18-53.1.4.el5.i686.rpm
2d25af7fd212ed6bfe30b0fefd89e400 kernel-xen-devel-2.6.18-53.1.4.el5.i686.rpm

ia64:
c4b5c7f03fe8aa5770515d2926360589 kernel-2.6.18-53.1.4.el5.ia64.rpm
9d93070855eb35f4c9c51ba96544513b kernel-debug-2.6.18-53.1.4.el5.ia64.rpm
0724c9c99e58c2acc4190e5ed49f7a05 kernel-debug-debuginfo-2.6.18-53.1.4.el5.ia64.rpm
d920157b8a5bb9c9b908924e1fe1ca5f kernel-debug-devel-2.6.18-53.1.4.el5.ia64.rpm
8685ce4e872ab826646f1db5193480e9 kernel-debuginfo-2.6.18-53.1.4.el5.ia64.rpm
f8db66a50e12476bb86186bf9715d4cc kernel-debuginfo-common-2.6.18-53.1.4.el5.ia64.rpm
ddffbae0bc152f6863d0ee443de9048c kernel-devel-2.6.18-53.1.4.el5.ia64.rpm
20971ff3bd352465d95f9687256b15df kernel-headers-2.6.18-53.1.4.el5.ia64.rpm
d28c5d53ae4bf8f382ec428e32203e66 kernel-xen-2.6.18-53.1.4.el5.ia64.rpm
408a5a1dd9994a11a0547b8750def8a0 kernel-xen-debuginfo-2.6.18-53.1.4.el5.ia64.rpm
8f4c718a88b46be011e49c745d6ce4f2 kernel-xen-devel-2.6.18-53.1.4.el5.ia64.rpm

noarch:
ab3753a735ea61deb37182250b04c9d0 kernel-doc-2.6.18-53.1.4.el5.noarch.rpm

ppc:
bd068aebc02e617f34caee156d252841 kernel-2.6.18-53.1.4.el5.ppc64.rpm
d277953a40d21ba17dbed7fd6c6f680f kernel-debug-2.6.18-53.1.4.el5.ppc64.rpm
0c62d227991dbaee59c812d1c252df88 kernel-debug-debuginfo-2.6.18-53.1.4.el5.ppc64.rpm
5ef886d8a3eece47fd0232d229264bac kernel-debug-devel-2.6.18-53.1.4.el5.ppc64.rpm
eb49f51637a97ad6806cc19a3bc078d0 kernel-debuginfo-2.6.18-53.1.4.el5.ppc64.rpm
45131661332edcf45b864400399abb9c kernel-debuginfo-common-2.6.18-53.1.4.el5.ppc64.rpm
4164d433f794761cd04d2d455f3924e4 kernel-devel-2.6.18-53.1.4.el5.ppc64.rpm
951eee41009d6a83c90c535864f5bad7 kernel-headers-2.6.18-53.1.4.el5.ppc.rpm
3b14f2e47dde5989f2f26794b2fe012c kernel-headers-2.6.18-53.1.4.el5.ppc64.rpm
fc215987bde440bbf9890392ad349a05 kernel-kdump-2.6.18-53.1.4.el5.ppc64.rpm
444294c39857ad466ab0bb4dab2b8f71 kernel-kdump-debuginfo-2.6.18-53.1.4.el5.ppc64.rpm
fc5c6c3f402b21502ef445ac0b7feefd kernel-kdump-devel-2.6.18-53.1.4.el5.ppc64.rpm

s390x:
2c3701f34e15686807a362d304b8894f kernel-2.6.18-53.1.4.el5.s390x.rpm
d47000222a8ec41fad683f222b0594a4 kernel-debug-2.6.18-53.1.4.el5.s390x.rpm
e674b9c3f52f21850e8ebaeb68e8758b kernel-debug-debuginfo-2.6.18-53.1.4.el5.s390x.rpm
a4ce8f8b5cdd2655b69f39445de25825 kernel-debug-devel-2.6.18-53.1.4.el5.s390x.rpm
f86888ee8a26a352070cc3523c75e7c9 kernel-debuginfo-2.6.18-53.1.4.el5.s390x.rpm
abee5165caaad3c697fc4934f874090a kernel-debuginfo-common-2.6.18-53.1.4.el5.s390x.rpm
8578e33e3544a093221a9299b0b50c1b kernel-devel-2.6.18-53.1.4.el5.s390x.rpm
9d94999160c4adeea1e65b0207219628 kernel-headers-2.6.18-53.1.4.el5.s390x.rpm

x86_64:
e071879c6de07723825ff525634ef14a kernel-2.6.18-53.1.4.el5.x86_64.rpm
a328b40f9eb70cf9e0a4340ffcec53c8 kernel-debug-2.6.18-53.1.4.el5.x86_64.rpm
45e5066c1c1cdfe1c920f1ace4cf7268 kernel-debug-debuginfo-2.6.18-53.1.4.el5.x86_64.rpm
98613f3375199acf9ee60b5c8c407958 kernel-debug-devel-2.6.18-53.1.4.el5.x86_64.rpm
82206cb4393732d240ac50dce71c1510 kernel-debuginfo-2.6.18-53.1.4.el5.x86_64.rpm
4d470ccb5145a0fc225f44afca2c32ae kernel-debuginfo-common-2.6.18-53.1.4.el5.x86_64.rpm
5302a54d9169a4df8a048f67d3b2e518 kernel-devel-2.6.18-53.1.4.el5.x86_64.rpm
a63da08cd0cca7cec81542537decb183 kernel-headers-2.6.18-53.1.4.el5.x86_64.rpm
5fa46572f8d861903ecf1d6d983e7153 kernel-xen-2.6.18-53.1.4.el5.x86_64.rpm
8ea07b9267a2c3265fb285a05b2ca982 kernel-xen-debuginfo-2.6.18-53.1.4.el5.x86_64.rpm
9877be5ebfd8402f5bd65d241bcf55f3 kernel-xen-devel-2.6.18-53.1.4.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5494
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHTtFLXlSAg2UNWIIRAgoWAJsHN/PKUKAfrg+z2CKG88A8BcFnSgCgtLOp
90k6eLxwtAXrJpXPKfYbmbs=
=6rbk
-----END PGP SIGNATURE-----



--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 02-12-2008, 03:54 PM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2008:0129-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0129.html
Issue date: 2008-02-12
CVE Names: CVE-2008-0600
================================================== ===================

1. Summary:

Updated kernel packages that fix a security issue are now available for Red
Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

A flaw was found in vmsplice. An unprivileged local user could use this
flaw to gain root privileges. (CVE-2008-0600)

Red Hat is aware that a public exploit for this issue is available. This
issue did not affect the Linux kernels distributed with Red Hat Enterprise
Linux 2.1, 3, or 4.

Red Hat Enterprise Linux 5 users are advised to upgrade to these updated
packages, which contain a backported patch to resolve this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

432251 - CVE-2008-0600 kernel vmsplice_to_pipe flaw

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-53.1.13.el5.src.rpm

i386:
kernel-2.6.18-53.1.13.el5.i686.rpm
kernel-PAE-2.6.18-53.1.13.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-53.1.13.el5.i686.rpm
kernel-PAE-devel-2.6.18-53.1.13.el5.i686.rpm
kernel-debug-2.6.18-53.1.13.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-53.1.13.el5.i686.rpm
kernel-debug-devel-2.6.18-53.1.13.el5.i686.rpm
kernel-debuginfo-2.6.18-53.1.13.el5.i686.rpm
kernel-debuginfo-common-2.6.18-53.1.13.el5.i686.rpm
kernel-devel-2.6.18-53.1.13.el5.i686.rpm
kernel-headers-2.6.18-53.1.13.el5.i386.rpm
kernel-xen-2.6.18-53.1.13.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-53.1.13.el5.i686.rpm
kernel-xen-devel-2.6.18-53.1.13.el5.i686.rpm

noarch:
kernel-doc-2.6.18-53.1.13.el5.noarch.rpm

x86_64:
kernel-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debug-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debug-devel-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debuginfo-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-53.1.13.el5.x86_64.rpm
kernel-devel-2.6.18-53.1.13.el5.x86_64.rpm
kernel-headers-2.6.18-53.1.13.el5.x86_64.rpm
kernel-xen-2.6.18-53.1.13.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-53.1.13.el5.x86_64.rpm
kernel-xen-devel-2.6.18-53.1.13.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-53.1.13.el5.src.rpm

i386:
kernel-2.6.18-53.1.13.el5.i686.rpm
kernel-PAE-2.6.18-53.1.13.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-53.1.13.el5.i686.rpm
kernel-PAE-devel-2.6.18-53.1.13.el5.i686.rpm
kernel-debug-2.6.18-53.1.13.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-53.1.13.el5.i686.rpm
kernel-debug-devel-2.6.18-53.1.13.el5.i686.rpm
kernel-debuginfo-2.6.18-53.1.13.el5.i686.rpm
kernel-debuginfo-common-2.6.18-53.1.13.el5.i686.rpm
kernel-devel-2.6.18-53.1.13.el5.i686.rpm
kernel-headers-2.6.18-53.1.13.el5.i386.rpm
kernel-xen-2.6.18-53.1.13.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-53.1.13.el5.i686.rpm
kernel-xen-devel-2.6.18-53.1.13.el5.i686.rpm

ia64:
kernel-2.6.18-53.1.13.el5.ia64.rpm
kernel-debug-2.6.18-53.1.13.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-53.1.13.el5.ia64.rpm
kernel-debug-devel-2.6.18-53.1.13.el5.ia64.rpm
kernel-debuginfo-2.6.18-53.1.13.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-53.1.13.el5.ia64.rpm
kernel-devel-2.6.18-53.1.13.el5.ia64.rpm
kernel-headers-2.6.18-53.1.13.el5.ia64.rpm
kernel-xen-2.6.18-53.1.13.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-53.1.13.el5.ia64.rpm
kernel-xen-devel-2.6.18-53.1.13.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-53.1.13.el5.noarch.rpm

ppc:
kernel-2.6.18-53.1.13.el5.ppc64.rpm
kernel-debug-2.6.18-53.1.13.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-53.1.13.el5.ppc64.rpm
kernel-debug-devel-2.6.18-53.1.13.el5.ppc64.rpm
kernel-debuginfo-2.6.18-53.1.13.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-53.1.13.el5.ppc64.rpm
kernel-devel-2.6.18-53.1.13.el5.ppc64.rpm
kernel-headers-2.6.18-53.1.13.el5.ppc.rpm
kernel-headers-2.6.18-53.1.13.el5.ppc64.rpm
kernel-kdump-2.6.18-53.1.13.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-53.1.13.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-53.1.13.el5.ppc64.rpm

s390x:
kernel-2.6.18-53.1.13.el5.s390x.rpm
kernel-debug-2.6.18-53.1.13.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-53.1.13.el5.s390x.rpm
kernel-debug-devel-2.6.18-53.1.13.el5.s390x.rpm
kernel-debuginfo-2.6.18-53.1.13.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-53.1.13.el5.s390x.rpm
kernel-devel-2.6.18-53.1.13.el5.s390x.rpm
kernel-headers-2.6.18-53.1.13.el5.s390x.rpm

x86_64:
kernel-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debug-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debug-devel-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debuginfo-2.6.18-53.1.13.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-53.1.13.el5.x86_64.rpm
kernel-devel-2.6.18-53.1.13.el5.x86_64.rpm
kernel-headers-2.6.18-53.1.13.el5.x86_64.rpm
kernel-xen-2.6.18-53.1.13.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-53.1.13.el5.x86_64.rpm
kernel-xen-devel-2.6.18-53.1.13.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2008 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHsc9OXlSAg2UNWIIRAuWNAJ0YlHdfbriXZB+KGjWCgi cLT7wK7ACeNPvl
QL+4M4FsPFc12XcLomhIqdg=
=E28c
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 01-05-2009, 06:13 AM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2008:0787-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0787.html
Issue date: 2009-01-05
CVE Names: CVE-2007-3848 CVE-2006-4538 CVE-2006-4814
CVE-2007-4308 CVE-2007-2172 CVE-2007-6063
CVE-2007-6206 CVE-2007-6151 CVE-2008-0007
CVE-2008-2136 CVE-2008-3275 CVE-2008-3525
CVE-2008-4210
================================================== ===================

1. Summary:

Updated kernel packages that fix a number of security issues are now
available for Red Hat Enterprise Linux 2.1 running on 64-bit architectures.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - ia64
Red Hat Linux Advanced Workstation 2.1 - ia64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* a flaw was found in the IPv4 forwarding base that allowed a local,
unprivileged user to cause an out-of-bounds access. (CVE-2007-2172,
Important)

* a flaw was found in the handling of process death signals. This allowed a
local, unprivileged user to send arbitrary signals to the suid-process
executed by that user. Successful exploitation of this flaw depended on the
structure of the suid-program and its signal handling. (CVE-2007-3848,
Important)

* when accessing kernel memory locations, certain Linux kernel drivers
registering a fault handler did not perform required range checks. A local,
unprivileged user could use this flaw to gain read or write access to
arbitrary kernel memory, or possibly cause a kernel crash. (CVE-2008-0007,
Important)

* a possible kernel memory leak was found in the Linux kernel Simple
Internet Transition (SIT) INET6 implementation. This could allow a local,
unprivileged user to cause a denial of service. (CVE-2008-2136, Important)

* missing capability checks were found in the SBNI WAN driver which could
allow a local, unprivileged user to bypass intended capability
restrictions. (CVE-2008-3525, Important)

* a flaw was found in the way files were written using truncate() or
ftruncate(). This could allow a local, unprivileged user to acquire the
privileges of a different group and obtain access to sensitive information.
(CVE-2008-4210, Important)

* a flaw was found in the ELF handling on Itanium-based systems. This
triggered a cross-region memory-mapping and allowed a local, unprivileged
user to cause a local denial of service. (CVE-2006-4538, Moderate)

* a race condition in the mincore system core allowed a local, unprivileged
user to cause a local denial of service (system hang). (CVE-2006-4814,
Moderate)

* a flaw was found in the aacraid SCSI driver. This allowed a local,
unprivileged user to make ioctl calls to the driver which should otherwise
be restricted to privileged users. (CVE-2007-4308, Moderate)

* two buffer overflow flaws were found in the Integrated Services Digital
Network (ISDN) subsystem. A local, unprivileged user could use these flaws
to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)

* a flaw was found in the way core dump files were created. If a local,
unprivileged user could make a root-owned process dump a core file into a
user-writable directory, the user could gain read access to that core file,
potentially compromising sensitive information. (CVE-2007-6206, Moderate)

* a deficiency was found in the Linux kernel virtual file system (VFS)
implementation. This could allow a local, unprivileged user to attempt file
creation within deleted directories, possibly causing a local denial of
service. (CVE-2008-3275, Moderate)

All users of Red Hat Enterprise Linux 2.1 on 64-bit architectures should
upgrade to these updated packages, which contain backported patches to
resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

250429 - CVE-2007-2172 fib_semantics.c out of bounds access vulnerability
250972 - CVE-2007-3848 Privilege escalation via PR_SET_PDEATHSIG
252309 - CVE-2007-4308 kernel: Missing ioctl() permission checks in aacraid driver
289151 - CVE-2006-4538 kernel: Local DoS with corrupted ELF
306971 - CVE-2006-4814 kernel Race condition in mincore can cause "ps -ef" to hang
392101 - CVE-2007-6063 Linux Kernel isdn_net_setcfg buffer overflow
396861 - CVE-2007-6206 Issue with core dump owner
425111 - CVE-2007-6151 I4L: fix isdn_ioctl memory issue
428961 - CVE-2008-0007 kernel: insufficient range checks in fault handlers with mremap
446031 - CVE-2008-2136 kernel: sit memory leak
457858 - CVE-2008-3275 Linux kernel local filesystem DoS
460401 - CVE-2008-3525 kernel: missing capability checks in sbni_ioctl()

6. Package List:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 :

Source:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.18-e.67.src.rpm

ia64:
kernel-2.4.18-e.67.ia64.rpm
kernel-doc-2.4.18-e.67.ia64.rpm
kernel-smp-2.4.18-e.67.ia64.rpm
kernel-source-2.4.18-e.67.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

Source:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/kernel-2.4.18-e.67.src.rpm

ia64:
kernel-2.4.18-e.67.ia64.rpm
kernel-doc-2.4.18-e.67.ia64.rpm
kernel-smp-2.4.18-e.67.ia64.rpm
kernel-source-2.4.18-e.67.ia64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4210
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFJYbLEXlSAg2UNWIIRAgW2AKCr0WfvpkQp1GyF5MKaee wcVvo/ZQCgo5d0
U2oeQEBzmo04YPI0BUGQTw0=
=KB/Z
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 01-08-2009, 02:50 PM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2009:0001-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-0001.html
Issue date: 2009-01-08
CVE Names: CVE-2006-4814 CVE-2007-2172 CVE-2007-3848
CVE-2007-4308 CVE-2007-6063 CVE-2007-6151
CVE-2007-6206 CVE-2008-0007 CVE-2008-2136
CVE-2008-3275 CVE-2008-3525 CVE-2008-4210
================================================== ===================

1. Summary:

Updated kernel packages that fix a number of security issues are now
available for Red Hat Enterprise Linux 2.1 running on 32-bit architectures.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* a flaw was found in the IPv4 forwarding base. This could allow a local,
unprivileged user to cause a denial of service. (CVE-2007-2172,
Important)

* a flaw was found in the handling of process death signals. This allowed a
local, unprivileged user to send arbitrary signals to the suid-process
executed by that user. Successful exploitation of this flaw depends on the
structure of the suid-program and its signal handling. (CVE-2007-3848,
Important)

* when accessing kernel memory locations, certain Linux kernel drivers
registering a fault handler did not perform required range checks. A local,
unprivileged user could use this flaw to gain read or write access to
arbitrary kernel memory, or possibly cause a denial of service.
(CVE-2008-0007, Important)

* a possible kernel memory leak was found in the Linux kernel Simple
Internet Transition (SIT) INET6 implementation. This could allow a local,
unprivileged user to cause a denial of service. (CVE-2008-2136, Important)

* missing capability checks were found in the SBNI WAN driver which could
allow a local, unprivileged user to bypass intended capability
restrictions. (CVE-2008-3525, Important)

* a flaw was found in the way files were written using truncate() or
ftruncate(). This could allow a local, unprivileged user to acquire the
privileges of a different group and obtain access to sensitive information.
(CVE-2008-4210, Important)

* a race condition in the mincore system core allowed a local, unprivileged
user to cause a denial of service. (CVE-2006-4814, Moderate)

* a flaw was found in the aacraid SCSI driver. This allowed a local,
unprivileged user to make ioctl calls to the driver which should otherwise
be restricted to privileged users. (CVE-2007-4308, Moderate)

* two buffer overflow flaws were found in the Integrated Services Digital
Network (ISDN) subsystem. A local, unprivileged user could use these flaws
to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)

* a flaw was found in the way core dump files were created. If a local,
unprivileged user could make a root-owned process dump a core file into a
user-writable directory, the user could gain read access to that core file,
potentially compromising sensitive information. (CVE-2007-6206, Moderate)

* a deficiency was found in the Linux kernel virtual file system (VFS)
implementation. This could allow a local, unprivileged user to attempt file
creation within deleted directories, possibly causing a denial of service.
(CVE-2008-3275, Moderate)

All users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should
upgrade to these updated packages which address these vulnerabilities. For
this update to take effect, the system must be rebooted.

4. Solution:

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

250429 - CVE-2007-2172 fib_semantics.c out of bounds access vulnerability
250972 - CVE-2007-3848 Privilege escalation via PR_SET_PDEATHSIG
252309 - CVE-2007-4308 kernel: Missing ioctl() permission checks in aacraid driver
306971 - CVE-2006-4814 kernel Race condition in mincore can cause "ps -ef" to hang
392101 - CVE-2007-6063 Linux Kernel isdn_net_setcfg buffer overflow
396861 - CVE-2007-6206 Issue with core dump owner
425111 - CVE-2007-6151 I4L: fix isdn_ioctl memory issue
428961 - CVE-2008-0007 kernel: insufficient range checks in fault handlers with mremap
446031 - CVE-2008-2136 kernel: sit memory leak
457858 - CVE-2008-3275 Linux kernel local filesystem DoS
460401 - CVE-2008-3525 kernel: missing capability checks in sbni_ioctl()
463661 - CVE-2008-4210 kernel: open() call allows setgid bit when user is not in new file's group

6. Package List:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 :

Source:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.9-e.74.src.rpm

i386:
kernel-2.4.9-e.74.athlon.rpm
kernel-2.4.9-e.74.i686.rpm
kernel-BOOT-2.4.9-e.74.i386.rpm
kernel-debug-2.4.9-e.74.i686.rpm
kernel-doc-2.4.9-e.74.i386.rpm
kernel-enterprise-2.4.9-e.74.i686.rpm
kernel-headers-2.4.9-e.74.i386.rpm
kernel-smp-2.4.9-e.74.athlon.rpm
kernel-smp-2.4.9-e.74.i686.rpm
kernel-source-2.4.9-e.74.i386.rpm
kernel-summit-2.4.9-e.74.i686.rpm

Red Hat Enterprise Linux ES version 2.1:

Source:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kernel-2.4.9-e.74.src.rpm

i386:
kernel-2.4.9-e.74.athlon.rpm
kernel-2.4.9-e.74.i686.rpm
kernel-BOOT-2.4.9-e.74.i386.rpm
kernel-debug-2.4.9-e.74.i686.rpm
kernel-doc-2.4.9-e.74.i386.rpm
kernel-headers-2.4.9-e.74.i386.rpm
kernel-smp-2.4.9-e.74.athlon.rpm
kernel-smp-2.4.9-e.74.i686.rpm
kernel-source-2.4.9-e.74.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

Source:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kernel-2.4.9-e.74.src.rpm

i386:
kernel-2.4.9-e.74.athlon.rpm
kernel-2.4.9-e.74.i686.rpm
kernel-BOOT-2.4.9-e.74.i386.rpm
kernel-debug-2.4.9-e.74.i686.rpm
kernel-doc-2.4.9-e.74.i386.rpm
kernel-enterprise-2.4.9-e.74.i686.rpm
kernel-headers-2.4.9-e.74.i386.rpm
kernel-smp-2.4.9-e.74.athlon.rpm
kernel-smp-2.4.9-e.74.i686.rpm
kernel-source-2.4.9-e.74.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4210
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFJZiCbXlSAg2UNWIIRApECAJ9zy9HfqPMpLxDRbDJHh1 GCua0BLwCffkPy
wjmlQKExcGKC6U2zBth2RGQ=
=Gv8v
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 02-10-2009, 02:53 PM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2009:0264-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-0264.html
Issue date: 2009-02-10
CVE Names: CVE-2008-4933 CVE-2008-4934 CVE-2008-5025
CVE-2008-5713 CVE-2009-0031 CVE-2009-0065
================================================== ===================

1. Summary:

Updated kernel packages that resolve several security issues are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update addresses the following security issues:

* a memory leak in keyctl handling. A local user could use this flaw to
deplete kernel memory, eventually leading to a denial of service.
(CVE-2009-0031, Important)

* a buffer overflow in the Linux kernel Partial Reliable Stream Control
Transmission Protocol (PR-SCTP) implementation. This could, potentially,
lead to a denial of service if a Forward-TSN chunk is received with a large
stream ID. (CVE-2009-0065, Important)

* a flaw when handling heavy network traffic on an SMP system with many
cores. An attacker who could send a large amount of network traffic could
create a denial of service. (CVE-2008-5713, Important)

* the code for the HFS and HFS Plus (HFS+) file systems failed to properly
handle corrupted data structures. This could, potentially, lead to a local
denial of service. (CVE-2008-4933, CVE-2008-5025, Low)

* a flaw was found in the HFS Plus (HFS+) file system implementation. This
could, potentially, lead to a local denial of service when write operations
are performed. (CVE-2008-4934, Low)

In addition, these updated packages fix the following bugs:

* when using the nfsd daemon in a clustered setup, kernel panics appeared
seemingly at random. These panics were caused by a race condition in
the device-mapper mirror target.

* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a smaller
timespec value than the result of previous clock_gettime() function
execution, which resulted in a negative, and nonsensical, elapsed time value.

* nfs_create_rpc_client was called with a "flavor" parameter which was
usually ignored and ended up unconditionally creating the RPC client with
an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when the
credentials needed to be refreshed. The credops did not match the
authorization type, which resulted in the credops dereferencing an
incorrect part of the AUTH_UNIX rpc_auth struct.

* when copy_user_c terminated prematurely due to reading beyond the end of
the user buffer and the kernel jumped to the exception table entry, the rsi
register was not cleared. This resulted in exiting back to user code with
garbage in the rsi register.

* the hexdump data in s390dbf traces was incomplete. The length of the data
traced was incorrect and the SAN payload was read from a different place
then it was written to.

* when using connected mode (CM) in IPoIB on ehca2 hardware, it was not
possible to transmit any data.

* when an application called fork() and pthread_create() many times and, at
some point, a thread forked a child and then attempted to call the
setpgid() function, then this function failed and returned and ESRCH error
value.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. Note: for this update to take effect, the
system must be rebooted.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

469631 - CVE-2008-4933 kernel: hfsplus: fix Buffer overflow with a corrupted image
469640 - CVE-2008-4934 kernel: hfsplus: check read_mapping_page() return value
470769 - CVE-2008-5025 kernel: hfs: fix namelength memory corruption
477744 - CVE-2008-5713 kernel: soft lockup occurs when network load is very high
478800 - CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID
479812 - IB/ipoib: data transmission fails in connected mode on any HCA
480576 - RHEL5.2/3 - setpgid() returns ESRCH in some situations
480592 - CVE-2009-0031 kernel: local denial of service in keyctl_join_session_keyring
480996 - zfcp: fix hexdump data in s390dbf traces
481117 - RHSA-2008:0508 linux-2.6.9-x86_64-copy_user-zero-tail.patch broken
481119 - Kernel panic in auth_rpcgss:__gss_find_upcall
481120 - oops in mirror_map (dm-raid1.c)
481122 - [5.3] clock_gettime() syscall returns a smaller timespec value than previous.

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-128.1.1.el5.src.rpm

i386:
kernel-2.6.18-128.1.1.el5.i686.rpm
kernel-PAE-2.6.18-128.1.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-128.1.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-debug-2.6.18-128.1.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-128.1.1.el5.i686.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-debuginfo-2.6.18-128.1.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-128.1.1.el5.i686.rpm
kernel-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-headers-2.6.18-128.1.1.el5.i386.rpm
kernel-xen-2.6.18-128.1.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-128.1.1.el5.i686.rpm
kernel-xen-devel-2.6.18-128.1.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-128.1.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debug-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-128.1.1.el5.x86_64.rpm
kernel-devel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-headers-2.6.18-128.1.1.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-128.1.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-128.1.1.el5.src.rpm

i386:
kernel-2.6.18-128.1.1.el5.i686.rpm
kernel-PAE-2.6.18-128.1.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-128.1.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-debug-2.6.18-128.1.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-128.1.1.el5.i686.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-debuginfo-2.6.18-128.1.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-128.1.1.el5.i686.rpm
kernel-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-headers-2.6.18-128.1.1.el5.i386.rpm
kernel-xen-2.6.18-128.1.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-128.1.1.el5.i686.rpm
kernel-xen-devel-2.6.18-128.1.1.el5.i686.rpm

ia64:
kernel-2.6.18-128.1.1.el5.ia64.rpm
kernel-debug-2.6.18-128.1.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-128.1.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-128.1.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-128.1.1.el5.ia64.rpm
kernel-devel-2.6.18-128.1.1.el5.ia64.rpm
kernel-headers-2.6.18-128.1.1.el5.ia64.rpm
kernel-xen-2.6.18-128.1.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-128.1.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-128.1.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-128.1.1.el5.noarch.rpm

ppc:
kernel-2.6.18-128.1.1.el5.ppc64.rpm
kernel-debug-2.6.18-128.1.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-128.1.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-128.1.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-128.1.1.el5.ppc64.rpm
kernel-devel-2.6.18-128.1.1.el5.ppc64.rpm
kernel-headers-2.6.18-128.1.1.el5.ppc.rpm
kernel-headers-2.6.18-128.1.1.el5.ppc64.rpm
kernel-kdump-2.6.18-128.1.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-128.1.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-128.1.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-128.1.1.el5.s390x.rpm
kernel-debug-2.6.18-128.1.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-128.1.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-128.1.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-128.1.1.el5.s390x.rpm
kernel-devel-2.6.18-128.1.1.el5.s390x.rpm
kernel-headers-2.6.18-128.1.1.el5.s390x.rpm
kernel-kdump-2.6.18-128.1.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-128.1.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-128.1.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debug-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-128.1.1.el5.x86_64.rpm
kernel-devel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-headers-2.6.18-128.1.1.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-128.1.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4933
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0065
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFJkaKzXlSAg2UNWIIRAjf6AJ96KXJlQnOtRNWzmMJU2v sYRbLUyQCgh/a7
zz0VbnVGmhjzWxNtwvGsGqg=
=GBOZ
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 02-25-2009, 12:12 AM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2009:0021-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-0021.html
Issue date: 2009-02-24
CVE Names: CVE-2008-5029 CVE-2008-5079 CVE-2008-5182
CVE-2008-5300
================================================== ===================

1. Summary:

Updated kernel packages that resolve several security issues are now
available for Red Hat Enterprise Linux 5.2 Extended Update Support.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5.2.z server) - i386, ia64, noarch, ppc, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update includes backported fixes for four security issues. These
issues only affected users of Red Hat Enterprise Linux 5.2 Extended Update
Support as they have already been addressed for users of Red Hat Enterprise
Linux 5 in the 5.3 update, RHSA-2009:0225.

In accordance with the support policy, future security updates to Red Hat
Enterprise Linux 5.2 Extended Update Support will only include issues of
critical security impact.

* when fput() was called to close a socket, the __scm_destroy() function
in the Linux kernel could make indirect recursive calls to itself. This
could, potentially, lead to a denial of service issue. (CVE-2008-5029,
Important)

* the sendmsg() function in the Linux kernel did not block during UNIX
socket garbage collection. This could, potentially, lead to a local denial
of service. (CVE-2008-5300, Important)

* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem. A
local, unprivileged user could use the flaw to listen on the same socket
more than once, possibly causing a denial of service. (CVE-2008-5079,
Important)

* a race condition was found in the Linux kernel "inotify" watch removal
and umount implementation. This could allow a local, unprivileged user
to cause a privilege escalation or a denial of service. (CVE-2008-5182,
Important)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. Note: for this update to take effect, the
system must be rebooted.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

470201 - CVE-2008-5029 kernel: Unix sockets kernel panic
472325 - CVE-2008-5182 kernel: fix inotify watch removal/umount races
473259 - CVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket garbage collector
473696 - CVE-2008-5079 Linux Kernel 'atm module' Local Denial of Service

6. Package List:

Red Hat Enterprise Linux (v. 5.2.z server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-92.1.24.el5.src.rpm

i386:
kernel-2.6.18-92.1.24.el5.i686.rpm
kernel-PAE-2.6.18-92.1.24.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-92.1.24.el5.i686.rpm
kernel-PAE-devel-2.6.18-92.1.24.el5.i686.rpm
kernel-debug-2.6.18-92.1.24.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-92.1.24.el5.i686.rpm
kernel-debug-devel-2.6.18-92.1.24.el5.i686.rpm
kernel-debuginfo-2.6.18-92.1.24.el5.i686.rpm
kernel-debuginfo-common-2.6.18-92.1.24.el5.i686.rpm
kernel-devel-2.6.18-92.1.24.el5.i686.rpm
kernel-headers-2.6.18-92.1.24.el5.i386.rpm
kernel-xen-2.6.18-92.1.24.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-92.1.24.el5.i686.rpm
kernel-xen-devel-2.6.18-92.1.24.el5.i686.rpm

ia64:
kernel-2.6.18-92.1.24.el5.ia64.rpm
kernel-debug-2.6.18-92.1.24.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-92.1.24.el5.ia64.rpm
kernel-debug-devel-2.6.18-92.1.24.el5.ia64.rpm
kernel-debuginfo-2.6.18-92.1.24.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-92.1.24.el5.ia64.rpm
kernel-devel-2.6.18-92.1.24.el5.ia64.rpm
kernel-headers-2.6.18-92.1.24.el5.ia64.rpm
kernel-xen-2.6.18-92.1.24.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-92.1.24.el5.ia64.rpm
kernel-xen-devel-2.6.18-92.1.24.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-92.1.24.el5.noarch.rpm

ppc:
kernel-2.6.18-92.1.24.el5.ppc64.rpm
kernel-debug-2.6.18-92.1.24.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-92.1.24.el5.ppc64.rpm
kernel-debug-devel-2.6.18-92.1.24.el5.ppc64.rpm
kernel-debuginfo-2.6.18-92.1.24.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-92.1.24.el5.ppc64.rpm
kernel-devel-2.6.18-92.1.24.el5.ppc64.rpm
kernel-headers-2.6.18-92.1.24.el5.ppc.rpm
kernel-headers-2.6.18-92.1.24.el5.ppc64.rpm
kernel-kdump-2.6.18-92.1.24.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-92.1.24.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-92.1.24.el5.ppc64.rpm

s390x:
kernel-2.6.18-92.1.24.el5.s390x.rpm
kernel-debug-2.6.18-92.1.24.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-92.1.24.el5.s390x.rpm
kernel-debug-devel-2.6.18-92.1.24.el5.s390x.rpm
kernel-debuginfo-2.6.18-92.1.24.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-92.1.24.el5.s390x.rpm
kernel-devel-2.6.18-92.1.24.el5.s390x.rpm
kernel-headers-2.6.18-92.1.24.el5.s390x.rpm
kernel-kdump-2.6.18-92.1.24.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-92.1.24.el5.s390x.rpm
kernel-kdump-devel-2.6.18-92.1.24.el5.s390x.rpm

x86_64:
kernel-2.6.18-92.1.24.el5.x86_64.rpm
kernel-debug-2.6.18-92.1.24.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-92.1.24.el5.x86_64.rpm
kernel-debug-devel-2.6.18-92.1.24.el5.x86_64.rpm
kernel-debuginfo-2.6.18-92.1.24.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-92.1.24.el5.x86_64.rpm
kernel-devel-2.6.18-92.1.24.el5.x86_64.rpm
kernel-headers-2.6.18-92.1.24.el5.x86_64.rpm
kernel-xen-2.6.18-92.1.24.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-92.1.24.el5.x86_64.rpm
kernel-xen-devel-2.6.18-92.1.24.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5300
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFJpJsDXlSAg2UNWIIRAh0UAJ99/pGumbq971RYOA7DVVs70is6JgCfem3M
fzxViHJKMqTwbOQDyjKgchk=
=fNTP
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 11-03-2009, 06:19 PM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2009:1541-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1541.html
Issue date: 2009-11-03
CVE Names: CVE-2009-3547
================================================== ===================

1. Summary:

Updated kernel packages that fix security issues are now available for Red
Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* a NULL pointer dereference flaw was found in each of the following
functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and
pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could
be released by other processes before it is used to update the pipe's
reader and writer counters. This could lead to a local denial of service or
privilege escalation. (CVE-2009-3547, Important)

Users should upgrade to these updated packages, which contain a backported
patch to correct these issues. The system must be rebooted for this update
to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

530490 - CVE-2009-3547 kernel: fs: pipe.c null pointer dereference

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.0.16.EL.src.rpm

i386:
kernel-2.6.9-89.0.16.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.i686.rpm
kernel-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.16.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.ia64.rpm
kernel-devel-2.6.9-89.0.16.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.16.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.16.EL.noarch.rpm

ppc:
kernel-2.6.9-89.0.16.EL.ppc64.rpm
kernel-2.6.9-89.0.16.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.ppc64.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.ppc64iseries.rpm
kernel-devel-2.6.9-89.0.16.EL.ppc64.rpm
kernel-devel-2.6.9-89.0.16.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-89.0.16.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.ppc64.rpm

s390:
kernel-2.6.9-89.0.16.EL.s390.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.s390.rpm
kernel-devel-2.6.9-89.0.16.EL.s390.rpm

s390x:
kernel-2.6.9-89.0.16.EL.s390x.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.s390x.rpm
kernel-devel-2.6.9-89.0.16.EL.s390x.rpm

x86_64:
kernel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.0.16.EL.src.rpm

i386:
kernel-2.6.9-89.0.16.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.i686.rpm
kernel-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm

noarch:
kernel-doc-2.6.9-89.0.16.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.0.16.EL.src.rpm

i386:
kernel-2.6.9-89.0.16.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.i686.rpm
kernel-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.16.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.ia64.rpm
kernel-devel-2.6.9-89.0.16.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.16.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.16.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.0.16.EL.src.rpm

i386:
kernel-2.6.9-89.0.16.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.i686.rpm
kernel-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.16.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.ia64.rpm
kernel-devel-2.6.9-89.0.16.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.16.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.16.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.16.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFK8IIWXlSAg2UNWIIRAhnTAKDAIW2wY9rsrTf5AZ5W/yfcrRkXpACfZ1z/
6Pjd/8SmOp+hrl6LG/cxpjw=
=u4kB
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 11-17-2009, 02:31 PM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2009:1588-02
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1588.html
Issue date: 2009-11-17
CVE Names: CVE-2009-3547
================================================== ===================

1. Summary:

Updated kernel packages that fix security issues are now available for Red
Hat Enterprise Linux 4.7 Extended Update Support.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* a NULL pointer dereference flaw was found in each of the following
functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and
pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could
be released by other processes before it is used to update the pipe's
reader and writer counters. This could lead to a local denial of service or
privilege escalation. (CVE-2009-3547, Important)

Users should upgrade to these updated packages, which contain a backported
patch to correct these issues. The system must be rebooted for this update
to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

530490 - CVE-2009-3547 kernel: fs: pipe.c null pointer dereference

6. Package List:

Red Hat Enterprise Linux AS version 4.7.z:

Source:
kernel-2.6.9-78.0.28.EL.src.rpm

i386:
kernel-2.6.9-78.0.28.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.i686.rpm
kernel-devel-2.6.9-78.0.28.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.28.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.28.EL.i686.rpm
kernel-smp-2.6.9-78.0.28.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.28.EL.i686.rpm
kernel-xenU-2.6.9-78.0.28.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.28.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.28.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.ia64.rpm
kernel-devel-2.6.9-78.0.28.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.28.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.28.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.28.EL.noarch.rpm

ppc:
kernel-2.6.9-78.0.28.EL.ppc64.rpm
kernel-2.6.9-78.0.28.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.ppc64.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.ppc64iseries.rpm
kernel-devel-2.6.9-78.0.28.EL.ppc64.rpm
kernel-devel-2.6.9-78.0.28.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-78.0.28.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-78.0.28.EL.ppc64.rpm

s390:
kernel-2.6.9-78.0.28.EL.s390.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.s390.rpm
kernel-devel-2.6.9-78.0.28.EL.s390.rpm

s390x:
kernel-2.6.9-78.0.28.EL.s390x.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.s390x.rpm
kernel-devel-2.6.9-78.0.28.EL.s390x.rpm

x86_64:
kernel-2.6.9-78.0.28.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.28.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.28.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.28.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.28.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.28.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.28.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.28.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4.7.z:

Source:
kernel-2.6.9-78.0.28.EL.src.rpm

i386:
kernel-2.6.9-78.0.28.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.i686.rpm
kernel-devel-2.6.9-78.0.28.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.28.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.28.EL.i686.rpm
kernel-smp-2.6.9-78.0.28.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.28.EL.i686.rpm
kernel-xenU-2.6.9-78.0.28.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.28.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.28.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.ia64.rpm
kernel-devel-2.6.9-78.0.28.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.28.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.28.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.28.EL.noarch.rpm

x86_64:
kernel-2.6.9-78.0.28.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.28.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.28.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.28.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.28.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.28.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.28.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.28.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.28.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547
http://www.redhat.com/security/updates/classification/#important
http://kbase.redhat.com/faq/docs/DOC-20481

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFLAsHPXlSAg2UNWIIRAnrUAJ4kZabgvSp+lrl8C90AgZ pxkYp25gCgo4KI
DDCDA11FNUHQsUDt6VPn4Bg=
=yPx5
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 01-07-2010, 11:47 PM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2010:0019-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0019.html
Issue date: 2010-01-07
CVE Names: CVE-2007-4567 CVE-2009-4536 CVE-2009-4537
CVE-2009-4538
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* a flaw was found in the IPv6 Extension Header (EH) handling
implementation in the Linux kernel. The skb->dst data structure was not
properly validated in the ipv6_hop_jumbo() function. This could possibly
lead to a remote denial of service. (CVE-2007-4567, Important)

* a flaw was found in each of the following Intel PRO/1000 Linux drivers in
the Linux kernel: e1000 and e1000e. A remote attacker using packets larger
than the MTU could bypass the existing fragment check, resulting in
partial, invalid frames being passed to the network stack. These flaws
could also possibly be used to trigger a remote denial of service.
(CVE-2009-4536, CVE-2009-4538, Important)

* a flaw was found in the Realtek r8169 Ethernet driver in the Linux
kernel. Receiving overly-long frames with network cards supported by this
driver could possibly result in a remote denial of service. (CVE-2009-4537,
Important)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

548641 - CVE-2007-4567 kernel: ipv6_hop_jumbo remote system crash
550907 - CVE-2009-4537 kernel: r8169 issue reported at 26c3
551214 - CVE-2009-4538 kernel: e1000e frame fragment issue
552126 - CVE-2009-4536 kernel: e1000 issue reported at 26c3

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-164.10.1.el5.src.rpm

i386:
kernel-2.6.18-164.10.1.el5.i686.rpm
kernel-PAE-2.6.18-164.10.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-164.10.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-164.10.1.el5.i686.rpm
kernel-debug-2.6.18-164.10.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-164.10.1.el5.i686.rpm
kernel-debug-devel-2.6.18-164.10.1.el5.i686.rpm
kernel-debuginfo-2.6.18-164.10.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-164.10.1.el5.i686.rpm
kernel-devel-2.6.18-164.10.1.el5.i686.rpm
kernel-headers-2.6.18-164.10.1.el5.i386.rpm
kernel-xen-2.6.18-164.10.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-164.10.1.el5.i686.rpm
kernel-xen-devel-2.6.18-164.10.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debug-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-164.10.1.el5.x86_64.rpm
kernel-devel-2.6.18-164.10.1.el5.x86_64.rpm
kernel-headers-2.6.18-164.10.1.el5.x86_64.rpm
kernel-xen-2.6.18-164.10.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-164.10.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-164.10.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-164.10.1.el5.src.rpm

i386:
kernel-2.6.18-164.10.1.el5.i686.rpm
kernel-PAE-2.6.18-164.10.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-164.10.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-164.10.1.el5.i686.rpm
kernel-debug-2.6.18-164.10.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-164.10.1.el5.i686.rpm
kernel-debug-devel-2.6.18-164.10.1.el5.i686.rpm
kernel-debuginfo-2.6.18-164.10.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-164.10.1.el5.i686.rpm
kernel-devel-2.6.18-164.10.1.el5.i686.rpm
kernel-headers-2.6.18-164.10.1.el5.i386.rpm
kernel-xen-2.6.18-164.10.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-164.10.1.el5.i686.rpm
kernel-xen-devel-2.6.18-164.10.1.el5.i686.rpm

ia64:
kernel-2.6.18-164.10.1.el5.ia64.rpm
kernel-debug-2.6.18-164.10.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-164.10.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-164.10.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-164.10.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-164.10.1.el5.ia64.rpm
kernel-devel-2.6.18-164.10.1.el5.ia64.rpm
kernel-headers-2.6.18-164.10.1.el5.ia64.rpm
kernel-xen-2.6.18-164.10.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-164.10.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-164.10.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm

ppc:
kernel-2.6.18-164.10.1.el5.ppc64.rpm
kernel-debug-2.6.18-164.10.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-164.10.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-164.10.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-164.10.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-164.10.1.el5.ppc64.rpm
kernel-devel-2.6.18-164.10.1.el5.ppc64.rpm
kernel-headers-2.6.18-164.10.1.el5.ppc.rpm
kernel-headers-2.6.18-164.10.1.el5.ppc64.rpm
kernel-kdump-2.6.18-164.10.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-164.10.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-164.10.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-164.10.1.el5.s390x.rpm
kernel-debug-2.6.18-164.10.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-164.10.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-164.10.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-164.10.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-164.10.1.el5.s390x.rpm
kernel-devel-2.6.18-164.10.1.el5.s390x.rpm
kernel-headers-2.6.18-164.10.1.el5.s390x.rpm
kernel-kdump-2.6.18-164.10.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-164.10.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-164.10.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debug-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-164.10.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-164.10.1.el5.x86_64.rpm
kernel-devel-2.6.18-164.10.1.el5.x86_64.rpm
kernel-headers-2.6.18-164.10.1.el5.x86_64.rpm
kernel-xen-2.6.18-164.10.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-164.10.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-164.10.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2007-4567.html
https://www.redhat.com/security/data/cve/CVE-2009-4536.html
https://www.redhat.com/security/data/cve/CVE-2009-4537.html
https://www.redhat.com/security/data/cve/CVE-2009-4538.html
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFLRoBoXlSAg2UNWIIRAqugAKCDjq+kI4XxC8qMr79ck0 oW98cQOgCeI27J
CrYPDUVWrzg5gcZVTP2ZUak=
=QBd3
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 01-07-2010, 11:47 PM
 
Default Important: kernel security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2010:0020-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0020.html
Issue date: 2010-01-07
CVE Names: CVE-2009-4536 CVE-2009-4537 CVE-2009-4538
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* a flaw was found in each of the following Intel PRO/1000 Linux drivers in
the Linux kernel: e1000 and e1000e. A remote attacker using packets larger
than the MTU could bypass the existing fragment check, resulting in
partial, invalid frames being passed to the network stack. These flaws
could also possibly be used to trigger a remote denial of service.
(CVE-2009-4536, CVE-2009-4538, Important)

* a flaw was found in the Realtek r8169 Ethernet driver in the Linux
kernel. Receiving overly-long frames with network cards supported by this
driver could possibly result in a remote denial of service. (CVE-2009-4537,
Important)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

550907 - CVE-2009-4537 kernel: r8169 issue reported at 26c3
551214 - CVE-2009-4538 kernel: e1000e frame fragment issue
552126 - CVE-2009-4536 kernel: e1000 issue reported at 26c3

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.0.19.EL.src.rpm

i386:
kernel-2.6.9-89.0.19.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.i686.rpm
kernel-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.19.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-smp-2.6.9-89.0.19.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-xenU-2.6.9-89.0.19.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.19.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.19.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.ia64.rpm
kernel-devel-2.6.9-89.0.19.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.19.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.19.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.19.EL.noarch.rpm

ppc:
kernel-2.6.9-89.0.19.EL.ppc64.rpm
kernel-2.6.9-89.0.19.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.ppc64.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.ppc64iseries.rpm
kernel-devel-2.6.9-89.0.19.EL.ppc64.rpm
kernel-devel-2.6.9-89.0.19.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-89.0.19.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-89.0.19.EL.ppc64.rpm

s390:
kernel-2.6.9-89.0.19.EL.s390.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.s390.rpm
kernel-devel-2.6.9-89.0.19.EL.s390.rpm

s390x:
kernel-2.6.9-89.0.19.EL.s390x.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.s390x.rpm
kernel-devel-2.6.9-89.0.19.EL.s390x.rpm

x86_64:
kernel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.19.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.19.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.19.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.19.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.0.19.EL.src.rpm

i386:
kernel-2.6.9-89.0.19.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.i686.rpm
kernel-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.19.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-smp-2.6.9-89.0.19.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-xenU-2.6.9-89.0.19.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.19.EL.i686.rpm

noarch:
kernel-doc-2.6.9-89.0.19.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.19.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.19.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.19.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.19.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.0.19.EL.src.rpm

i386:
kernel-2.6.9-89.0.19.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.i686.rpm
kernel-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.19.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-smp-2.6.9-89.0.19.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-xenU-2.6.9-89.0.19.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.19.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.19.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.ia64.rpm
kernel-devel-2.6.9-89.0.19.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.19.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.19.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.19.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.19.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.19.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.19.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.19.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.0.19.EL.src.rpm

i386:
kernel-2.6.9-89.0.19.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.i686.rpm
kernel-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.19.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-smp-2.6.9-89.0.19.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.19.EL.i686.rpm
kernel-xenU-2.6.9-89.0.19.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.19.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.19.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.ia64.rpm
kernel-devel-2.6.9-89.0.19.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.19.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.19.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.19.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.19.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.19.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.19.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.19.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.19.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.19.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2009-4536.html
https://www.redhat.com/security/data/cve/CVE-2009-4537.html
https://www.redhat.com/security/data/cve/CVE-2009-4538.html
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFLRoCKXlSAg2UNWIIRAhvGAJ9wrANx8ZDH7Nhwaf0c9X Xy5LE+ZACePrLS
7c15bp3NUIV7bQWoYqy9UzY=
=h06e
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 

Thread Tools




All times are GMT. The time now is 12:01 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org