kernel security and bug fix update


[2.6.9-] - fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch) [orabug 6845794] fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128] - backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane) [orabug 6125546] - netrx/netpoll race avoidance (Tina Yang) [orabug 6143381] - [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928] - use lfence instead of cpuid instruction to implement memory barriers (Herbert van den Bergh) [orabug 7452412] - add netpoll support to xen netfront (Tina Yang) [orabz 7261] - [xen] execshield: fix endless GPF fault loop (Stephen Tweedie) [orabug 7175395] - [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit dom0 [orabug 7452107] xenstore - [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki, Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839] - [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki) [orabug 6110605] - [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson) - port EL5U3 patch to adjust totalhigh_pages in the balloon driver [orabug 8300888] - check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug7556514] - [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329] - [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526] - fix oops in show_partition using RCU (Wen gang Wang) [orabug 8423936] [2.6.9-89.0.3] -agp: zero pages before sending to userspace (Jiri Olsa) [497023 497024] {CVE-2009-1192} -agp: fix boot issue with agp zero pages patch (Jiri Olsa) [497023 497024] {CVE-2009-1192} -e1000: fix skb_over_panic (Neil Horman) [502982 502983] {CVE-2009-1385} -kernel: proc: avoid information leaks to non privileged processes (Amerigo Wang) [499549 499548] -netpoll: bust poll_lock when doing netdump (Neil Horman) [504565 494688] [2.6.9-89.0.2] -xen: local denial of service [500948 500949] {CVE-2009-1758} -nfs: fix client handling of MAY_EXEC in nfs_permission [500299 500300] {CVE-2009-1630} [2.6.9-89.0.1] -Reapply: fix race condition in input.c (Vivek Goyal) [501804 501064] -nfs: inode of the overwritten file will remain in the icache (Flavio Leitner) [501802 494015] -fix timespec off by one errors (Jason Baron) [501800 496201] -add some long missing capabilities to cap_fs_mask (Eric Paris) [499073 499074] [497269 497270] {CVE-2009-1072} -net: tcp: clear probes_out more aggressively in tcp_ack (Jiri Pirko) [501754 494428]