Important: kernel security and bug fix update

2007-06-26T00:00:00
ID ELSA-2007-0347
Type oraclelinux
Reporter Oracle
Modified 2007-06-26T00:00:00

Description

[2.6.18-8.1.4.0.1.el5] -Fix bonding primary=ethX so it picks correct network (Bert Barbe) [IT 101532] [ORA 5136660] -Add entropy module option to e1000 (John Sobecki) [ORA 6045759] -Add entropy module option to bnx2 (John Sobecki) [ORA 6045759]

[2.6.18.8.1.4.el5] - [ipv6] Fix routing regression. (David S. Miller ) [238046] - [mm] Gdb does not accurately output the backtrace. (Dave Anderson ) [235511] - [NMI] change watchdog timeout to 30 seconds (Larry Woodman ) [237655] - [dlm] fix mode munging (David Teigland ) [238731] - [net] kernel-headers: missing include of types.h (Neil Horman ) [238749] - [net] fib_semantics.c out of bounds check (Thomas Graf ) [238948] {CVE-2007-2172} - [net] disallow RH0 by default (Thomas Graf ) [238949] {CVE-2007-2242} - [net] Fix user OOPS'able bug in FIB netlink (David S. Miller ) [238960] {CVE-2007-1861} - [net] IPv6 fragments bypass in nf_conntrack netfilter code (Thomas Graf ) [238947] {CVE-2007-1497} - [net] ipv6_fl_socklist is inadvertently shared (David S. Miller ) [238944] {CVE-2007-1592} - [net] Various NULL pointer dereferences in netfilter code (Thomas Graf ) [238946] {CVE-2007-1496}

[2.6.18-8.1.3.el5] - [s390] page_mkclean causes data corruption on s390 (Jan Glauber ) [236605]

[2.6.18-8.1.2.el5] - [utrace] exploit and unkillable cpu fixes (Roland McGrath ) [228816] (CVE-2007-0771) - [net] IPV6 security holes in ipv6_sockglue.c - 2 (David S. Miller ) [232257] {CVE-2007-1000} - [net] IPV6 security holes in ipv6_sockglue.c (David S. Miller ) [232255] {CVE-2007-1388} - [audit] GFP_KERNEL allocations in non-blocking context fix (Alexander Viro ) [233157]

[2.6.18-8.1.1.el5] - [cpufreq] Remove __initdata from tscsync (Prarit Bhargava ) [229887] - [security] Fix key serial number collision problem (David Howells ) [229883] {CVE-2007-0006} - [fs] Don't core dump read-only binarys (Don Howard ) [229885] {CVE-2007-0958} - [xen] Enable booting on machines with > 64G (Chris Lalancette) [230117] - Fix potential buffer overflow in cardman 4040 cmx driver (Don Howard) [229884] {CVE-2007-0005}