Lucene search

HistoryJul 01, 2009 - 12:00 a.m.

kernel security and bug fix update


0.966 High





  • fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch)
    [orabug 6845794]
    fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]
  • backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)
    [orabug 6125546]
  • netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]
  • [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]
  • use lfence instead of cpuid instruction to implement memory barriers
    (Herbert van den Bergh) [orabug 7452412]
  • add netpoll support to xen netfront (Tina Yang) [orabz 7261]
  • [xen] execshield: fix endless GPF fault loop (Stephen Tweedie) [orabug 7175395]
  • [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit
    dom0 [orabug 7452107] xenstore
  • [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki,
    Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]
  • [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki)
    [orabug 6110605]
  • [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)
  • port EL5U3 patch to adjust totalhigh_pages in the balloon driver [orabug 8300888]
  • check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug7556514]
  • [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]
  • [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526]
  • fix oops in show_partition using RCU (Wen gang Wang) [orabug 8423936]
    -agp: zero pages before sending to userspace (Jiri Olsa) [497023 497024] {CVE-2009-1192}
    -agp: fix boot issue with agp zero pages patch (Jiri Olsa) [497023 497024] {CVE-2009-1192}
    -e1000: fix skb_over_panic (Neil Horman) [502982 502983] {CVE-2009-1385}
    -kernel: proc: avoid information leaks to non privileged processes (Amerigo Wang) [499549 499548]
    -netpoll: bust poll_lock when doing netdump (Neil Horman) [504565 494688]
    -xen: local denial of service [500948 500949] {CVE-2009-1758}
    -nfs: fix client handling of MAY_EXEC in nfs_permission [500299 500300] {CVE-2009-1630}
    -Reapply: fix race condition in input.c (Vivek Goyal) [501804 501064]
    -nfs: inode of the overwritten file will remain in the icache (Flavio Leitner) [501802 494015]
    -fix timespec off by one errors (Jason Baron) [501800 496201]
    -add some long missing capabilities to cap_fs_mask (Eric Paris) [499073 499074] [497269 497270] {CVE-2009-1072}
    -net: tcp: clear probes_out more aggressively in tcp_ack (Jiri Pirko) [501754 494428]