kernel security and bug fix update

[3.10.0-123.9.2]

• Oracle Linux certificates (Alexey Petrenko)
  [3.10.0-123.9.2]
• [virt] kvm: fix PIT timer race condition (Petr Matousek) [1144879 1144880] {CVE-2014-3611}
• [virt] kvm/vmx: handle invept and invvpid vm exits gracefully (Petr Matousek) [1145449 1116936] [1144828 1144829] {CVE-2014-3645 CVE-2014-3646}
  [3.10.0-123.9.1]
• [md] raid6: avoid data corruption during recovery of double-degraded RAID6 (Jes Sorensen) [1143850 1130905]
• [fs] ext4: fix type declaration of ext4_validate_block_bitmap (Lukas Czerner) [1140978 1091055]
• [fs] ext4: error out if verifying the block bitmap fails (Lukas Czerner) [1140978 1091055]
• [powerpc] sched: stop updating inside arch_update_cpu_topology() when nothing to be update (Gustavo Duarte) [1140300 1098372]
• [powerpc] 64bit sendfile is capped at 2GB (Gustavo Duarte) [1139126 1107774]
• [s390] fix restore of invalid floating-point-control (Hendrik Brueckner) [1138733 1121965]
• [kernel] sched/fair: Rework sched_fair time accounting (Rik van Riel) [1134717 1123731]
• [kernel] math64: Add mul_u64_u32_shr() (Rik van Riel) [1134717 1123731]
• [kernel] workqueue: zero cpumask of wq_numa_possible_cpumask on init (Motohiro Kosaki) [1134715 1117184]
• [cpufreq] acpi-cpufreq: skip loading acpi_cpufreq after intel_pstate (Motohiro Kosaki) [1134716 1123250]
• [security] selinux: Increase ebitmap_node size for 64-bit configuration (Paul Moore) [1132076 922752]
• [security] selinux: Reduce overhead of mls_level_isvalid() function call (Paul Moore) [1132076 922752]
• [ethernet] cxgb4: allow large buffer size to have page size (Gustavo Duarte) [1130548 1078977]
• [kernel] sched/autogroup: Fix race with task_groups list (Gustavo Duarte) [1129990 1081406]
• [net] sctp: inherit auth_capable on INIT collisions (Daniel Borkmann) [1124337 1123763] {CVE-2014-5077}
• [sound] alsa/control: Don’t access controls outside of protected regions (Radomir Vrbovsky) [1117330 1117331] {CVE-2014-4653}