Oracle Errata System Oracle Linux 5.3 2009-12-16T00:00:00 Oracle Linux 5 [3.0.3-64.el5_2.9] - More fixes for Xenstore unsafe data access (CVE-2008-4405, rhbz #464817) - Fix block-detach regression due to (CVE-2008-4405, rhbz #473882) [3.0.3-64.el5_2.8] - Remove unneccessary patch & rebuild [3.0.3-64.el5_2.7] - Fix reboots after CVE-2008-4405 changes (rhbz #471588) [3.0.3-64.el5_2.6] - Remove qemu-dm.debug wrapper script (CVE-2008-4993, rhbz #470795) [3.0.3-64.el5_2.5] - Fix unsafe use of xenstore data (CVE-2008-4405, rhbz #464817) [3.0.3-64.el5_2.4] - Don't clobber wallclock on restore (rhbz #464455) MODERATE Copyright 2009 Oracle, Inc. CVE-2008-4405 CVE-2008-4993 Oracle Linux 5 openssl: [0.9.8b-10.1] - fix CVE-2008-5077 - incorrect checks for malformed signatures (#476671) openssl097a: [0.9.7a-9.1] - CVE-2008-5077 - incorrect checks for malformed signatures (#476671) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2008-5077 Oracle Linux 5 [1.0.0-7.el5_2.1] - CVE-2008-3834 - Resolves: #466226 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-3834 Oracle Linux 5 [1.4.8-5.0.1.el5_2.2] - Remove Redhat splash screen images [1.4.8-5.2] - Resolves: CVE-2008-2379 - fix XSS issue caused by an insufficient html mail sanitation [1.4.8-5.1] - don't transmit cookies under non-SSL connections if the session is started under an SSL (https) connection - Resolves: CVE-2008-3663, #468398 - fix release number with respect to Z-stream nvr policy MODERATE Copyright 2009 Oracle, Inc. CVE-2008-2379 CVE-2008-3663 Oracle Linux 5 [1.15-1.2.2.el5_2.2] - Fix Requires to ensure subpackages match the parent package [1.15-1.2.2.el5_2.1] - Fix insufficient input validation in ReadEmbeddedTextTag - Fix unsigned -> signed integer cast issue in cmsAllocGamma - Resolves: #473469 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-5316 CVE-2008-5317 Oracle Linux 5 [10.35-6.1.el5_3.1] - fix NVR to be greater than previous release in the main branch Related: #472947 [10.35-6.el5_3.1] - fix CVE-2007-2721 and CVE-2008-3520 libjasper issues (#472947) Resolves: #472947 MODERATE Copyright 2009 Oracle, Inc. CVE-2007-2721 CVE-2008-3520 Oracle Linux 5 [0.6.16-1.el5.1] - Resolves: CVE-2008-5081 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-5081 Oracle Linux 5 [215-5.el5_2.2] - Fix CVE-2008-2383 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2008-2383 Oracle Linux 5 [9.3.4-6.0.3.P1] - check DSA_do_verify return value correctly MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0025 Oracle Linux 5 [4.2.2p1-9.el5_3.1] - fix check for malformed signatures (#479698, CVE-2009-0021) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0021 Oracle Linux 5 [1.4.8-5.0.1.el5_2.3] - Remove Redhat splash screen images [1.4.8-5.3] - Update patch for CVE-2008-3663 to fix a session handling regression (#480224) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0030 CVE-2009-1580 Oracle Linux 5 [1.0.7-7] - permissions of deliver and dovecot.conf from 1.0.7-5 reverted - password can be stored in different file readable only for root now - Resolves: #436287, CVE-2008-4870 [1.0.7-6] - added missing directory in file list - Resolves: #436287 [1.0.7-5] - change permissions of deliver and dovecot.conf to prevent possible password ex posure - Resolves: #436287 [1.0.7-4] - fix handling of negative rights in the ACL plugin - Resolves: #469015, CVE-2008-4577 [1.0.7-3] - fix package ownership for /etc/pki/dovecot/private (#448089) - update init script (#238016) - ask for SSL cert password during start-up (#436287) - fix for illegal characters in passwd (#439369) - Resolves: #448089, #238016, #436287, #439369 LOW Copyright 2009 Oracle, Inc. CVE-2008-4577 CVE-2008-4870 Oracle Linux 5 [2.6.18-128.el5] - [cifs] cifs_writepages may skip unwritten pages (Jeff Layton ) [470267] [2.6.18-127.el5] - Revert: [i386]: check for dmi_data in powernow_k8 driver (Prarit Bhargava ) [476184] - [xen] re-enable using xenpv in boot path for FV guests (Don Dutile ) [473899] - [xen] pv_hvm: guest hang on FV save/restore (Don Dutile ) [475778] - [openib] fix ipoib oops in unicast_arp_send (Doug Ledford ) [476005] - [scsi] fnic: remove link down count processing (mchristi@redhat.com ) [474935] - Revert: [x86] disable hpet on machine_crash_shutdown (Neil Horman ) [475652] - [scsi] ibmvscsi: EH fails due to insufficient resources (AMEET M. PARANJAPE ) [475618] - [x86_64] proc: export GART region through /proc/iomem (Neil Horman ) [475507] - [acpi] add xw8600 and xw6600 to GPE0 block blacklist (Prarit Bhargava ) [475418] - [net] cxgb3: fixup embedded firmware problems take 2 (Andy Gospodarek ) [469774] [2.6.18-126.el5] - [scsi] mpt fusion: disable msi by default (Tomas Henzl ) [474465] - [scsi] fcoe: update drivers (mchristi@redhat.com ) [474089] - [scsi] fix error handler to call scsi_decide_disposition (Tom Coughlan ) [474345] - [scsi] lpfc: fix cancel_retry_delay (Tom Coughlan ) [470610] - [x86] disable hpet on machine_crash_shutdown (Neil Horman ) [473038] - Revert [mm] keep pagefault from happening under pagelock (Don Zickus ) [473150] - [net] enic: update to version 1.0.0.648 (Andy Gospodarek ) [473871] - [scsi] qla4xxx: increase iscsi session check to 3-tuple (Marcus Barrow ) [474736] - [agp] update the names of some graphics drivers (John Villalovos ) [472438] - [net] atm: prevent local denial of service (Eugene Teo ) [473701] {CVE-2008-5079} - [scsi] remove scsi_dh_alua (mchristi@redhat.com ) [471920] - [scsi] qla2xx/qla84xx: occasional panic on loading (Marcus Barrow ) [472382] - [net] cxgb3: eeh and eeprom fixups (Andy Gospodarek ) [441959] - [net] cxgb3: fixup embedded firmware problems (Andy Gospodarek ) [469774] - [wireless] iwlwifi/mac80211: various small fixes (John W. Linville ) [468967] - [x86_64] fix AMD IOMMU boot issue (Joachim Deguara ) [473464] - [x86_64] limit num of mce sysfs files removed on suspend (Prarit Bhargava ) [467725] - [xen] console: make LUKS passphrase readable (Bill Burns ) [466240] - [x86_64] Calgary IOMMU sysdata fixes (Prarit Bhargava ) [474047] - [alsa] select 3stack-dig model for SC CELSIUS R670 (Jaroslav Kysela ) [470449] - [ata] libata: lba_28_ok sector off by one (David Milburn ) [464868] - [ppc64] fix system calls on Cell entered with XER.SO=1 (Jesse Larrew ) [474196] - [block] fix max_segment_size, seg_boundary mask setting (Milan Broz ) [471639] - [fs] jbd: alter EIO test to avoid spurious jbd aborts (Eric Sandeen ) [472276] - [acpi] acpi_cpufreq: fix panic when removing module (Prarit Bhargava ) [472844] - [openib] ehca: fix generating flush work completions (AMEET M. PARANJAPE ) [472812] - [ata] libata: sata_nv hard reset mcp55 (David Milburn ) [473152] - [misc] fix add return signal to ptrace_report_exec (AMEET M. PARANJAPE ) [471112] - [misc] utrace: prevent ptrace_induce_signal() crash (Oleg Nesterov ) [469754] - [misc] utrace: make ptrace_state refcountable (Oleg Nesterov ) [469754] - [net] virtio_net: mergeable receive buffers (Mark McLoughlin ) [473120] - [net] virtio_net: jumbo frame support (Mark McLoughlin ) [473114] - [net] tun: jumbo frame support (Mark McLoughlin ) [473110] - [net] fix unix sockets kernel panic (Neil Horman ) [470436] {CVE-2008-5029} - [xen] x86: emulate movzwl with negative segment offsets (Chris Lalancette ) [471801] [2.6.18-125.el5] - [net] cxgb3: embed firmware in driver (Andy Gospodarek ) [469774] - [net] cxgb3: eeh, lro, and multiqueue fixes (Andy Gospodarek ) [441959] - [misc] support for Intels Ibex Peak (peterm@redhat.com ) [472961] - [audit] race between inotify watch removal and unmount (Josef Bacik ) [472329] {CVE-2008-5182} - [net] mlx4: panic when inducing pci bus error (AMEET M. PARANJAPE ) [472769] - [s390] cio: DASD device driver times out (Hans-Joachim Picht ) [459803] - [misc] hugepages: ia64 stack overflow and corrupt memory (Larry Woodman ) [472802] - [net] niu: fix obscure 64-bit read issue (Andy Gospodarek ) [472849] - [x86] nmi_watchdog: call do_nmi_callback from traps-xen (Aristeu Rozanski ) [471111] - [GFS2] recovery stuck (Abhijith Das ) [465856] - [misc] fix check_dead_utrace vs do_wait() race (Oleg Nesterov ) [466774] - [scsi] cciss: add two new PCI IDs (Tom Coughlan ) [471679] - [x86] fix memory-less NUMA node booting (Prarit Bhargava ) [471424] - [pci] generic fix for EEH restore all registers (Jesse Larrew ) [470580] - [net] e1000e: remove fix for EEH restore all registers (Jesse Larrew ) [470580] - [agp] use contiguous memory to support xen (Rik van Riel ) [412691] - [edac] i5000_edac: fix misc/thermal error messages (Aristeu Rozanski ) [471933] - [alsa] fix PCM write blocking (Jaroslav Kysela ) [468202] - [xen] build xen-platform-pci as a module (Don Dutile ) [472504] - [scsi] qla2xx/qla84xx: failure to establish link (Marcus Barrow ) [472382] - [acpi] add systems to GPE register blacklist (Prarit Bhargava ) [471341] - [ia64] replace printk with mprintk in MCA/INIT context (Kei Tokunaga ) [471970] - [usb] add support for dell keyboard 431c:2003 (Mauro Carvalho Chehab ) [471469] - [net] e1000e: enable ECC correction on 82571 silicon (Andy Gospodarek ) [472095] - [dlm] fix up memory allocation flags (David Teigland ) [471871] - [xen] x86: fix highmem-xen.c BUG() (Chris Lalancette ) [452175] - [xen] guest crashes if RTL8139 NIC is only one specified (Don Dutile ) [471110] - [net] bnx2: fix oops on call to poll_controller (Neil Horman ) [470625] - [scsi] update fcoe drivers (mchristi@redhat.com ) [436051] - [net] bnx2: add support for 5716s (Andy Gospodarek ) [471903] - [openib] IPoIB: fix oops on fabric events (Doug Ledford ) [471890] - [libata] force sb600/700 ide mode into ahci on resume (David Milburn ) [466422] - [xen] increase maximum DMA buffer size (Rik van Riel ) [412691] - [xen] fix physical memory address overflow (Rik van Riel ) [412691] [2.6.18-124.el5] - [s390] qeth: EDDP for large TSO skb fragment list (Hans-Joachim Picht ) [468068] - [s390] missing bits for audit-fork (Alexander Viro ) [461831] - [net] ixgbe: add support for 82598AT (Andy Gospodarek ) [454910] - [libata] avoid overflow in ata_tf_read_block (David Milburn ) [471576] - [md] dm-mpath: NULL ptr access in path activation code (Milan Broz ) [471393] - [scsi] qla2xxx: no NPIV for loop connections (Marcus Barrow ) [471269] - [ppc64] spufs: clean up page fault error checking (AMEET M. PARANJAPE ) [470301] - [fs] cifs: corrupt data due to interleaved write calls (Jeff Layton ) [470267] - [misc] lots of interrupts with /proc/.../hz_timer=0 (Hans-Joachim Picht ) [470289] - [selinux] recognize addrlabel netlink messages (Thomas Graf ) [446063] - [acpi] thinkpad: fix autoloading (Matthew Garrett ) [466816] - [net] bnx2x: eeh, unload, probe, and endian fixes (Andy Gospodarek ) [468922] - [firewire] various bug and module unload hang fixes (Jay Fenlason ) [469710 469711] [2.6.18-123.el5] - [s390] cio: reduce cpu utilization during device scan (Hans-Joachim Picht ) [459793] - [s390] cio: fix double unregistering of subchannels (Hans-Joachim Picht ) [456087] - [video] uvc: buf overflow in format descriptor parsing (Jay Fenlason ) [470427] {CVE-2008-3496} - [usb] add HID_QUIRK_RESET_LEDS to some keyboards (mchehab@infradead.org ) [434538] - [acpi] always use 32 bit value for GPE0 on HP xw boxes (Prarit Bhargava ) [456638] - [wireless] iwlagn/mac80211 IBSS fixes (John W. Linville ) [438388] - [ppc64] cell: fix page fault error checking in spufs (AMEET M. PARANJAPE ) [470301] - [input] atkbd: cancel delayed work before freeing struct (Jiri Pirko ) [461233] - [openib] ehca: deadlock race when creating small queues (Jesse Larrew ) [470137] - [openib] mthca: fix dma mapping leak (AMEET M. PARANJAPE ) [469902] - [openib] ib_core: use weak ordering for user memory (AMEET M. PARANJAPE ) [469902] - [ppc64] dma-mapping: provide attributes on cell platform (AMEET M. PARANJAPE ) [469902] - [net] bnx2: prevent ethtool -r EEH event (AMEET M. PARANJAPE ) [469962] - [net] bonding: update docs for arp_ip_target behavior (Andy Gospodarek ) [468870] - [xen] uninitialized watch structure can lead to crashes (Don Dutile ) [465849] - [openib] ehca: remove ref to QP if port activation fails (AMEET M. PARANJAPE ) [469941] - [usb] fix locking for input devices (James Paradis ) [468915] - [nfs] oops in direct I/O error handling (Steve Dickson ) [466164] - [md] crash in device mapper if the user removes snapshot (Mikulas Patocka ) [468473] - [openib] config update: enable some debugging (Doug Ledford ) [469410] - [sata] libata is broken with large disks (David Milburn ) [469715] - [md] dm-raid1: support extended status output (Jonathan Brassow ) [437177] - [s390] qdio: repair timeout handling for qdio_shutdown (Hans-Joachim Picht ) [463164] - [openib] race in ipoib_cm_post_receive_nonsrq (AMEET M. PARANJAPE ) [463485] - [xen] remove contiguous_bitmap (Chris Lalancette ) [463500] - [xen] ia64: backport check_pages_physically_contiguous (Chris Lalancette ) [463500] - [ppc64] cell: corrupt SPU coredump notes (AMEET M. PARANJAPE ) [431881] - [ppc64] spufs: missing context switch notification log-2 (AMEET M. PARANJAPE ) [462622] - [ppc64] spufs: missing context switch notification log-1 (AMEET M. PARANJAPE ) [462622] - [misc] spec: add generic Obsoletes for 3rd party drivers (Jon Masters ) [460047] - [x86] vDSO: use install_special_mapping (Peter Zijlstra ) [460276] {CVE-2008-3527} - [xen] limit node poking to available nodes (Joachim Deguara ) [449803] - [xen] live migration of PV guest fails (Don Dutile ) [469230] [2.6.18-122.el5] - [acpi] check common dmi tables on systems with acpi (Andy Gospodarek ) [469444] - [scsi] qla3xxx, qla4xxx: update/use new version format (Marcus Barrow ) [469414] - [md] dm-stripe.c: RAID0 event handling (Heinz Mauelshagen ) [437173] - [md] dm-raid45.c: add target to makefile (Heinz Mauelshagen ) [437180] - [md] dm-raid45.c: revert to RHEL5 dm-io kabi (Heinz Mauelshagen ) [437180] - [wireless] iwlwifi: avoid sleep in softirq context (John W. Linville ) [467831] - [net] bonding: allow downed interface before mod remove (Andy Gospodarek ) [467244] - [acpi] fix boot hang on old systems without _CST methods (Matthew Garrett ) [467927] - [scsi] qla2xxx: fix entries in class_device_attributes (Marcus Barrow ) [468873] - [ppc64] clock_gettime is not incrementing nanoseconds (AMEET M. PARANJAPE ) [469073] - [scsi] add fnic driver (mchristi@redhat.com ) [462385] - [scsi] add libfc and software fcoe driver (mchristi@redhat.com ) [436051] - [openib] ppc64: fix using SDP on 64K page systems (AMEET M. PARANJAPE ) [468872] - [fs] ext4: delay capable checks to avoid avc denials (Eric Sandeen ) [467216] - [fs] ext3: fix accessing freed memory in ext3_abort (Eric Sandeen ) [468547] - [fs] autofs4: correct offset mount expire check (Ian Kent ) [468187] - [fs] autofs4: cleanup autofs mount type usage (Ian Kent ) [468187] - [openib] ehca: queue and completion pair setup problem (AMEET M. PARANJAPE ) [468237] - [xen] PV: dom0 hang when device re-attached to in guest (Don Dutile ) [467773] - [scsi] qla2xxx: correct Atmel flash-part handling (Marcus Barrow ) [468573] - [scsi] qla2xxx: 84xx show FW VER and netlink code fixes (Marcus Barrow ) [464681] - [scsi] qla2xxx: restore disable by default of MSI, MSI-X (Marcus Barrow ) [468555] - [scsi] lpfc: Emulex RHEL-5.3 bugfixes (Tom Coughlan ) [461795] - [s390] qdio: speedup multicast on full HiperSocket queue (Hans-Joachim Picht ) [463162] - [ppc64] kexec/kdump: disable ptcal on QS21 (AMEET M. PARANJAPE ) [462744] - [ppc64] ptcal has to be disabled to use kexec on QS21 (AMEET M. PARANJAPE ) [462744] - [net] ixgbe: bring up device without crashing fix (AMEET M. PARANJAPE ) [467777] - [fs] ecryptfs: storing crypto info in xattr corrupts mem (Eric Sandeen ) [468192] - [misc] rtc: disable SIGIO notification on close (Vitaly Mayatskikh ) [465747] - [net] allow rcv on inactive slaves if listener exists (Andy Gospodarek ) [448144] - [net] e1000e: update driver to support recovery (AMEET M. PARANJAPE ) [445299] - [xen] virtio_net: some relatively minor fixes (Mark McLoughlin ) [468034] - [kabi] add dlm_posix_set_fsid (Jon Masters ) [468538] - [wireless] iwlwifi: fix busted tkip encryption _again_ (John W. Linville ) [467831] - [x86] make halt -f command work correctly (Ivan Vecera ) [413921] - [ppc64] EEH PCI-E: recovery fails E1000; support MSI (AMEET M. PARANJAPE ) [445299] - [x86_64] create a fallback for IBM Calgary (Pete Zaitcev ) [453680] - [drm] i915 driver arbitrary ioremap (Eugene Teo ) [464509] {CVE-2008-3831} - [xen] x86: allow the kernel to boot on pre-64 bit hw (Chris Lalancette ) [468083] [2.6.18-121.el5] - [net] tun: fix printk warning (Mark McLoughlin ) [468536] - [xen] FV: fix lockdep warnings when running debug kernel (Don Dutile ) [459876] - [xen] fix crash on IRQ exhaustion (Bill Burns ) [442736] - [net] ipv4: fix byte value boundary check (Jiri Pirko ) [468148] - [ia64] fix ptrace hangs when following threads (Denys Vlasenko ) [461456] - [net] tcp: let skbs grow over a page on fast peers (Mark McLoughlin ) [467845] - [md] random memory corruption in snapshots (Mikulas Patocka ) [465825] - [misc] ptrace: fix exec report (Jerome Marchand ) [455060] - [gfs2] set gfp for data mappings to GFP_NOFS (Steven Whitehouse ) [467689] - [nfs] remove recoverable BUG_ON (Steve Dickson ) [458774] - [openib] ehca: attempt to free srq when none exists (AMEET M. PARANJAPE ) [463487] - [fs] dont allow splice to files opened with O_APPEND (Eugene Teo ) [466710] {CVE-2008-4554} - [fs] ext4: add missing aops (Eric Sandeen ) [466246] - [ppc64] add missing symbols to vmcoreinfo (Neil Horman ) [465396] - [net] sctp: INIT-ACK indicates no AUTH peer support oops (Eugene Teo ) [466082] {CVE-2008-4576} - [ppc64] fix race for a free SPU (AMEET M. PARANJAPE ) [465581] - [ppc64] SPUs hang when run with affinity-2 (AMEET M. PARANJAPE ) [464686] - [ppc64] SPUs hang when run with affinity-1 (AMEET M. PARANJAPE ) [464686] - [openib] ehca: add flush CQE generation (AMEET M. PARANJAPE ) [462619] - [x86] PAE: limit RAM to 64GB/PAE36 (Larry Woodman ) [465373] - [nfs] portmap client race (Steve Dickson ) [462332] - [input] atkbd: delay executing of LED switching request (Jiri Pirko ) [461233] - [x86] powernow_k8: depend on newer version of cpuspeed (Brian Maly ) [468764] - [fs] ext4: fix warning on x86_64 build (Eric Sandeen ) [463277] - [crypto] fix ipsec crash with MAC longer than 16 bytes (Neil Horman ) [459812] - [fs] ecryptfs: depend on newer version of ecryptfs-utils (Eric Sandeen ) [468772] - [ppc64] support O_NONBLOCK in /proc/ppc64/rtas/error_log (Vitaly Mayatskikh ) [376831] - [xen] ia64: make viosapic SMP-safe by adding lock/unlock (Tetsu Yamamoto ) [466552] - [xen] ia64: VT-i2 performance restoration (Bill Burns ) [467487] [2.6.18-120.el5] - [misc] futex: fixup futex compat for private futexes (Peter Zijlstra ) [467459] - [pci] set domain/node to 0 in PCI BIOS enum code path (Prarit Bhargava ) [463418] - [scsi] qla2xxx: prevent NPIV conf for older hbas (Marcus Barrow ) [467153] - [scsi] fix oops after trying to removing rport twice (Marcus Barrow ) [465945] - [agp] re-introduce 82G965 graphics support (Prarit Bhargava ) [466307] - [agp] correct bug in stolen size calculations (Dave Airlie ) [463853] - [scsi] qla2xxx: merge errors caused initialize failures (Marcus Barrow ) [442946] - [dm] mpath: moving path activation to workqueue panics (Milan Broz ) [465570] - [scsi] aacraid: remove some quirk AAC_QUIRK_SCSI_32 bits (Tomas Henzl ) [453472] - Revert: [ppc64] compile and include the addnote binary (Don Zickus ) [462663] - [scsi] cciss: the output of LUN size and type wrong (Tomas Henzl ) [466030] - [misc] posix-timers: event vs dequeue_signal() race (Mark McLoughlin ) [466167] - [ata] libata: ahci enclosure management support (David Milburn ) [437190] - [gfs2] fix jdata page invalidation (Steven Whitehouse ) [437803] - [net] sky2: fix hang resulting from link flap (Neil Horman ) [461681] - [ata] libata: ata_piix sata/ide combined mode fix (David Milburn ) [463716] - [gfs2] fix for noatime support (Steven Whitehouse ) [462579] - [fs] remove SUID when splicing into an inode (Eric Sandeen ) [464452] - [fs] open() allows setgid bit when user is not in group (Eugene Teo ) [463687] {CVE-2008-4210} - [dlm] add old plock interface (David Teigland ) [462354] - [audit] fix NUL handling in TTY input auditing (Miloslav Trmac ) [462441] - [xen] ia64: fix INIT injection (Tetsu Yamamoto ) [464445] [2.6.18-119.el5] - [ppc64] compile and include the addnote binary (Don Zickus ) [462663] - [scsi] qla2xxx: new version string defintion (Marcus Barrow ) [465023] - [acpi] configs update for acpi-cpufreq driver (Matthew Garrett ) [449787] [2.6.18-118.el5] - [scsi] fix QUEUE_FULL retry handling (mchristi@redhat.com ) [463709] - [drm] support for Intel Cantiga and Eaglelake (Dave Airlie ) [438400] - [agp] add support for Intel Cantiga and Eaglelake (Dave Airlie ) [463853] - Revert: [mm] fix support for fast get user pages (Dave Airlie ) [447649] - [ppc64] netboot image too large (Ameet Paranjape ) [462663] - [scsi] scsi_error: retry cmd handling of transport error (mchristi@redhat.com ) [463206] - [net] correct mode setting for extended sysctl interface (Neil Horman ) [463659] - [net] e1000e: protect ICHx NVM from malicious write/erase (Andy Gospodarek ) [463503] - [s390] qdio: fix module ref counting in qdio_free (Hans-Joachim Picht ) [458074] - [scsi] qla2xxx: use the NPIV table to instantiate port (Marcus Barrow ) [459015] - [scsi] qla2xxx: use the Flash Layout Table (Marcus Barrow ) [459015] - [scsi] qla2xxx: use the Flash Descriptor Table (Marcus Barrow ) [459015] - [net] enic: add new 10GbE device (Andy Gospodarek ) [462386] - [net] ipt_CLUSTERIP: fix imbalanced ref count (Neil Horman ) [382491] - [scsi] qla2xxx: update 24xx,25xx firmware for RHEL-5.3 (Marcus Barrow ) [442946] - [net] bnx2: fix problems with multiqueue receive (Andy Gospodarek ) [441964] - [net] e1000: add module param to set tx descriptor power (Andy Gospodarek ) [436966] - [misc] preempt-notifier fixes (Eduardo Habkost ) [459838] - [tty] termiox support missing mutex lock (aris ) [445211] - [fs] ecryptfs: off-by-one writing null to end of string (Eric Sandeen ) [463478] - [misc] add tracepoints to activate/deactivate_task (Jason Baron ) [461966] - [scsi] qla2xxx: use rport dev loss timeout consistently (Marcus Barrow ) [462109] - [ata] libata: rmmod pata_sil680 hangs (David Milburn ) [462743] - [scsi] qla2xxx: support PCI Enhanced Error Recovery (Marcus Barrow ) [462416] - [ppc64] subpage protection for pAVE (Brad Peters ) [439489] - [ppc64] edac: enable for cell platform (Brad Peters ) [439507] [2.6.18-117.el5] - [mm] filemap: fix iov_base data corruption (Josef Bacik ) [463134] - Revert: [misc] create a kernel checksum file per FIPS140-2 (Don Zickus ) [444632] - [x86_64] NMI wd: clear perf counter registers on P4 (Aristeu Rozanski ) [461671] - [scsi] failfast bit setting in dm-multipath/multipath (mchristi@redhat.com ) [463470] - [scsi] fix hang introduced by failfast changes (Mark McLoughlin ) [463416] - [x86_64] revert time syscall changes (Prarit Bhargava ) [461184] [2.6.18-116.el5] - [x86] mm: fix endless page faults in mount_block_root (Larry Woodman ) [455491] - [mm] check physical address range in ioremap (Larry Woodman ) [455478] - [scsi] modify failfast so it does not always fail fast (mchristi@redhat.com ) [447586] - Revert: [mm] NUMA: system is slow when over-committing memory (Larry Woodman ) [457264] - [docs] update kernel-parameters with tick-divider (Chris Lalancette ) [454792] - [openib] add an enum for future RDS support (Doug Ledford ) [462551] - [pci] allow multiple calls to pcim_enable_device (John Feeney ) [462500] - [xen] virtio: include headers in kernel-headers package (Eduardo Pereira Habkost ) [446214] - [scsi] libiscsi: data corruption when resending packets (mchristi@redhat.com ) [460158] - [gfs2] glock deadlock in page fault path (Bob Peterson ) [458684] - [gfs2] panic if you misspell any mount options (Abhijith Das ) [231369] - [xen] allow guests to hide the TSC from applications (Chris Lalancette ) [378481] {CVE-2007-5907} [2.6.18-115.el5] - [scsi] qla2xxx: additional residual-count correction (Marcus Barrow ) [462117] - [audit] audit-fork patch (Alexander Viro ) [461831] - [net] ipv6: extra sysctls for additional TAHI tests (Neil Horman ) [458270] - [nfs] disable the fsc mount option (Steve Dickson ) [447474] - [acpi] correctly allow WoL from S4 state (Neil Horman ) [445890] - [ia64] procfs: show the size of page table cache (Takao Indoh ) [458410] - [ia64] procfs: reduce the size of page table cache (Takao Indoh ) [458410] - [fs] ecryptfs: disallow mounts on nfs, cifs, ecryptfs (Eric Sandeen ) [435115] - [md] add device-mapper message parser interface (heinzm@redhat.com ) [437180] - [md] add device-mapper RAID4/5 stripe locking interface (heinzm@redhat.com ) [437180] - [md] add device-mapper dirty region hash file (heinzm@redhat.com ) [437180] - [md] add device-mapper object memory cache interface (heinzm@redhat.com ) [437180] - [md] add device-mapper object memory cache (heinzm@redhat.com ) [437180] - [md] export dm_disk and dm_put (heinzm@redhat.com ) [437180] - [md] add device-mapper RAID4/5 target (heinzm@redhat.com ) [437180] - [md] add device-mapper message parser (heinzm@redhat.com ) [437180] - [md] add device mapper dirty region hash (heinzm@redhat.com ) [437180] - [md] add config option for dm RAID4/5 target (heinzm@redhat.com ) [437180] - [scsi] qla2xxx: update 8.02.00-k5 to 8.02.00-k6 (Marcus Barrow ) [459722] - [kabi] add vscnprintf, down_write_trylock to whitelist (Jon Masters ) [425341] - [kabi] add dlm_posix_get/lock/unlock to whitelist (Jon Masters ) [456169] - [kabi] add mtrr_add and mtrr_del to whitelist (Jon Masters ) [437129] - [kabi] add iounmap to whitelist (Jon Masters ) [435144] - [x86] make powernow_k8 a module (Brian Maly ) [438835] - [fs] ecryptfs: delay lower file opens until needed (Eric Sandeen ) [429142] - [fs] ecryptfs: unaligned access helpers (Eric Sandeen ) [457143] - [fs] ecryptfs: string copy cleanup (Eric Sandeen ) [457143] - [fs] ecryptfs: discard ecryptfsd registration messages (Eric Sandeen ) [457143] - [fs] ecryptfs: privileged kthread for lower file opens (Eric Sandeen ) [457143] - [fs] ecryptfs: propagate key errors up at mount time (Eric Sandeen ) [440413] - [fs] ecryptfs: update to 2.6.26 codebase (Eric Sandeen ) [449668] - Revert [misc] fix wrong test in wait_task_stopped (Anton Arapov ) [382211] [2.6.18-114.el5] - [xen] cpufreq: fix Nehalem/Supermicro systems (Rik van Riel ) [458894] - [net] enable TSO if supported by at least one device (Herbert Xu ) [461866] - [crypto] fix panic in hmac self test (Neil Horman ) [461537] - [scsi] qla2xxx/qla84xx: update to upstream for RHEL-5.3 (Marcus Barrow ) [461414] - [misc] hpilo: cleanup device_create for RHEL-5.3 (tcamuso@redhat.com ) [437212] - [misc] hpilo: update driver to 0.5 (tcamuso@redhat.com ) [437212] - [misc] hpilo: update to upstream 2.6.27 (tcamuso@redhat.com ) [437212] - [misc] futex: private futexes (Peter Zijlstra ) [460593] - [misc] preempt-notifiers implementation (Eduardo Habkost ) [459838] - [scsi] fusion: update to version 3.04.07 (Tomas Henzl ) [442025] - [fs] ext4/vfs/mm: core delalloc support (Eric Sandeen ) [455452] - [net] r8169: add support and fixes (Ivan Vecera ) [251252 441626 442635 443623 452761 453563 457892] - [md] LVM raid-1 performance fixes (Mikulas Patocka ) [438153] - [md] LVM raid-1 performance fixes (Mikulas Patocka ) [438153] - [xen] kdump: ability to use makedumpfile with vmcoreinfo (Neil Horman ) [454498] - [scsi] aic79xx: reset HBA on kdump kernel boot (Neil Horman ) [458620] - [fs] implement fallocate syscall (Eric Sandeen ) [450566] - [misc] better clarify package descriptions (Don Zickus ) [249726] - [audit] audit TTY input (Miloslav Trmac ) [244135] - [scsi] qla2xxx - mgmt. API for FCoE, NetLink (Marcus Barrow ) [456900] - [scsi] qla2xxx - mgmt. API, CT pass thru (Marcus Barrow ) [455900] - [misc] hrtimer optimize softirq (George Beshers ) [442148] - [misc] holdoffs in hrtimer_run_queues (George Beshers ) [442148] - [xen] netfront xenbus race (Markus Armbruster ) [453574] - [gfs2] NFSv4 delegations fix for cluster systems (Brad Peters ) [433256] - [scsi] qla2xxx: update 8.02.00-k1 to 8.02.00.k4 (Marcus Barrow ) [455264] - [scsi] qla2xxx: upstream changes from 8.01.07-k7 (Marcus Barrow ) [453685] - [scsi] qla2xxx: add more statistics (Marcus Barrow ) [453441] - [scsi] qla2xxx: add ISP84XX support (Marcus Barrow ) [442083] - [ia64] set default max_purges=1 regardless of PAL return (Luming Yu ) [451593] - [ia64] param for max num of concurrent global TLB purges (Luming Yu ) [451593] - [ia64] multiple outstanding ptc.g instruction support (Luming Yu ) [451593] - [scsi] ST: buffer size doesnt match block size panics (Ivan Vecera ) [443645] - [scsi] fix medium error handling with bad devices (Mike Christie ) [431365] - [xen] ia64: VT-i2 performance addendum (Bill Burns ) [437096] - [xen] HV: ability to use makedumpfile with vmcoreinfo (Neil Horman ) [454498] - [xen] ia64: vps save restore patch (Bill Burns ) [437096] [2.6.18-113.el5] - [xen] remove /proc/xen*/* from bare-metal and FV guests (Don Dutile ) [461532] [2.6.18-112.el5] - [fs] jbd: test BH_write_EIO to detect errors on metadata (Hideo AOKI ) [439581] - [wireless] rt2x00: avoid NULL-ptr deref when probe fails (John W. Linville ) [448763] - [x86_64] suspend to disk fails with >4GB of RAM (Matthew Garrett ) [459980] - [char] add range_is_allowed check to mmap_mem (Eugene Teo ) [460857] - [acpi] add 3.0 _TSD _TPC _TSS _PTC throttling support (Brian Maly ) [440099] - [scsi] add scsi device handlers config options (Mike Christie ) [438761] - [scsi] scsi_dh: add ALUA handler (mchristi@redhat.com ) [438761] - [scsi] scsi_dh: add rdac handler (mchristi@redhat.com ) [438761] - [md] dm-mpath: use SCSI device handler (mchristi@redhat.com ) [438761] - [scsi] add infrastructure for SCSI Device Handlers (mchristi@redhat.com ) [438761] - [misc] driver core: port bus notifiers (mchristi@redhat.com ) [438761] - [fs] binfmt_misc: avoid potential kernel stack overflow (Vitaly Mayatskikh ) [459463] - [CRYPTO] tcrypt: Change the XTEA test vectors (Herbert Xu ) [446522] - [CRYPTO] skcipher: Use RNG instead of get_random_bytes (Herbert Xu ) [446526] - [CRYPTO] rng: RNG interface and implementation (Herbert Xu ) [446526] - [CRYPTO] api: Add fips_enable flag (Herbert Xu ) [444634] - [CRYPTO] cryptomgr - Test ciphers using ECB (Herbert Xu ) [446522] - [CRYPTO] api - Use test infrastructure (Herbert Xu ) [446522] - [CRYPTO] cryptomgr - Add test infrastructure (Herbert Xu ) [446522] - [CRYPTO] tcrypt - Add alg_test interface (Herbert Xu ) [446522] - [CRYPTO] tcrypt: self test for des3_ebe cipher (Herbert Xu ) [446522] - [CRYPTO] api: missing accessors for new crypto_alg field (Herbert Xu ) [446522] - [CRYPTO] tcrypt: Abort and only log if there is an error (Herbert Xu ) [446522] - [CRYPTO] tcrypt: Avoid using contiguous pages (Herbert Xu ) [446522] - [CRYPTO] tcrpyt: Remove unnecessary kmap/kunmap calls (Herbert Xu ) [446522] - [CRYPTO] tcrypt: Catch cipher destination mem corruption (Herbert Xu ) [446522] - [CRYPTO] tcrypt: Shrink the tcrypt module (Herbert Xu ) [446522] - [CRYPTO] tcrypt: AES CBC test vector from NIST SP800-38A (Herbert Xu ) [446522] - [CRYPTO] tcrypt: Change the usage of the test vectors (Herbert Xu ) [446522] - [CRYPTO] tcrypt: Shrink speed templates (Herbert Xu ) [446522] - [CRYPTO] tcrypt: Group common speed templates (Herbert Xu ) [446522] - [fs] jdb: fix error handling for checkpoint I/O (Hideo AOKI ) [439581] - [fs] ext3: add checks for errors from jbd (Hideo AOKI ) [439581] - [fs] jbd: fix commit code to properly abort journal (Hideo AOKI ) [439581] - [fs] jbd: dont dirty original metadata buffer on abort (Hideo AOKI ) [439581] - [fs] jdb: abort when failed to log metadata buffers (Hideo AOKI ) [439581] - [fs] ext3: dont read inode block if buf has write error (Hideo AOKI ) [439581] - [fs] jdb: add missing error checks for file data writes (Hideo AOKI ) [439581] - [net] tun: add IFF_VNET_HDR, TUNGETFEATURES, TUNGETIFF (Herbert Xu ) [459719] - [acpi] increase deep idle state residency on platforms-2 (Matthew Garrett ) [455449] - [acpi] increase deep idle state residency on platforms (Matthew Garrett ) [455447] - [acpi] cpufreq: update to upstream for RHEL-5.3 (Matthew Garrett ) [449787] - [acpi] thinkpad_acpi: update to upstream for RHEL-5.3 (Matthew Garrett ) [457101] - [xen] fix crash on IRQ exhaustion and increase NR_IRQS (Bill Burns ) [442736] - [ide] enable DRAC4 (John Feeney ) [459197] - [md] move include files to include/linux for exposure (Jonathan Brassow ) [429337] - [md] expose dm.h macros (Jonathan Brassow ) [429337] - [md] remove internal mod refs fields from interface (Jonathan Brassow ) [429337] - [md] dm-log: move register functions (Jonathan Brassow ) [429337] - [md] dm-log: clean interface (Jonathan Brassow ) [429337] - [md] clean up the dm-io interface (Jonathan Brassow ) [429337] - [md] dm-log: move dirty log into separate module (Jonathan Brassow ) [429337] - [md] device-mapper interface exposure (Jonathan Brassow ) [429337] - [cifs] enable SPNEGO and DFS upcalls in config-generic (Jeff Layton ) [453462] - [fs] cifs: latest upstream for RHEL-5.3 (Jeff Layton ) [453462 431868 443395 445522 446142 447400] - [fs] introduce a function to register iget failure (Jeff Layton ) [453462] - [fs] proc: fix ->openless usage due to ->proc_fops flip (Jeff Layton ) [453462] - [security] key: fix lockdep warning when revoking auth (Jeff Layton ) [453462] - [security] key: increase payload size when instantiating (Jeff Layton ) [453462] - [fs] call flush_disk after detecting an online resize (Jeff Moyer ) [444964] - [fs] add flush_disk to flush out common buffer cache (Jeff Moyer ) [444964] - [fs] check for device resize when rescanning partitions (Jeff Moyer ) [444964] - [fs] adjust block device size after an online resize (Jeff Moyer ) [444964] - [fs] wrapper for lower-level revalidate_disk routines (Jeff Moyer ) [444964] - [scsi] sd: revalidate_disk wrapper (Jeff Moyer ) [444964] - [xen] virtio: add PV network and block drivers for KVM (Mark McLoughlin ) [446214] - [misc] remove MAX_ARG_PAGES limit: var length argument (Jerome Marchand ) [443659] - [misc] remove MAX_ARG_PAGES limit: rework execve audit (Jerome Marchand ) [443659] - [misc] remove MAX_ARG_PAGES limit: independent stack top (Jerome Marchand ) [443659] - [ia64] kprobes: support kprobe-booster (Masami Hiramatsu ) [438733] - [audit] fix compile when CONFIG_AUDITSYSCALL is disabled (Prarit Bhargava ) [452577] - [nfs] v4: handle old format exports gracefully (Brad Peters ) [427424] - [xen] x86: fix building with max_phys_cpus=128 (Bill Burns ) [447958] - [xen] Intel EPT 2MB patch (Bill Burns ) [426679] - [xen] Intel EPT Migration patch (Bill Burns ) [426679] - [xen] Intel EPT Patch (Bill Burns ) [426679] - [xen] Intel pre EPT Patch (Bill Burns ) [426679] - [xen] AMD 2MB backing pages support (Bhavna Sarathy ) [251980] [2.6.18-111.el5] - [ia64] kabi: remove sn symbols from whitelist (Jon Masters ) [455308] - [net] bnx2x: update to upstream version 1.45.21 (Andy Gospodarek ) [442026] - [net] cxgb3: updates and lro fixes (Andy Gospodarek ) [441959] - [net] niu: enable support for Sun Neptune cards (Andy Gospodarek ) [441416] - [scsi] scsi_host_lookup: error returns and NULL pointers (Tom Coughlan ) [460195] - [scsi] scsi_netlink: transport/LLD receive/event support (Tom Coughlan ) [460195] - [misc] install correct kernel chksum file for FIPS140-2 (Chris Lalancette ) [444632] - [net] ixgbe: update to version 1.3.18-k4 (Andy Gospodarek ) [436044] - [dlm] fix address compare (David Teigland ) [459585] - [net] bonding: fix locking in 802.3ad mode (Andy Gospodarek ) [457300] - [openib] OFED-1.3.2-pre update (Doug Ledford ) [439565 443476 453110 458886 459052 458375 459052 230035 460623] - [md] dm snapshot: use per device mempools (Mikulas Patocka ) [460846] - [md] dm kcopyd: private mempool (Mikulas Patocka ) [460845] - [md] deadlock with nested LVMs (Mikulas Patocka ) [460845] - [net] skge: dont clear MC state on link down (Andy Gospodarek ) [406051] - [net] sky2: re-enable 88E8056 for most motherboards (Andy Gospodarek ) [420961] - [net] update myri10ge 10Gbs ethernet driver (Flavio Leitner ) [357191] - [net] bnx2: update to upstream version 1.7.9 (Andy Gospodarek ) [441964] - [net] e1000e: update to upstream version 0.3.3.3-k2 (Andy Gospodarek ) [436045] - [net] tg3: update to upstream version 3.93 (Andy Gospodarek ) [441975 440958 436686] - [net] igb: update to upstream version 1.2.45-k2 (Andy Gospodarek ) [436040] - [misc] intel: new SATA, USB, HD Audio and I2C(SMBUS) ids (John Villalovos ) [433538] - [net] bnx2x: update to upstream version 1.45.20 (Andy Gospodarek ) [442026] - [net] ixgb: hardware support and other upstream fixes (Andy Gospodarek ) [441609] - [x86] amd oprofile: support instruction based sampling (Bhavna Sarathy ) [438385] - [scsi] cciss: support for sg_ioctl (Tomas Henzl ) [250483] - [scsi] cciss: support for new controllers (Tomas Henzl ) [437497 447427] - [net] pppoe: check packet length on all receive paths (Jiri Pirko ) [457013] - [scsi] iscsi: fix nop timeout detection (mchristi@redhat.com ) [453969] - [scsi] lpfc: update to version 8.2.0.30 (Tom Coughlan ) [441746] - [md] fix handling of sense buffer in eh commands (Doug Ledford ) [441640] - [md] fix error propogation in raid arrays (Doug Ledford ) [430984] - [md] dm: reject barrier requests (Milan Broz ) [458936] - [scsi] 3w-9xxx: update to version 2.26.08.003 (Tomas Henzl ) [451946] - [scsi] 3w-xxxx: update to version 1.26.03.000 (Tomas Henzl ) [451945] - [scsi] megaraid_sas: update to version 4.01-rh1 (Tomas Henzl ) [442913] - [md] dm snapshot: fix race during exception creation (Mikulas Patocka ) [459337] - [md] dm-snapshots: race condition and data corruption (Mikulas Patocka ) [459337] - [md] dm crypt: use cond_resched (Milan Broz ) [459095] - [md] dm mpath: fix bugs in error paths (Milan Broz ) [459092] - [mm] fix support for fast get user pages (Ed Pollard ) [447649] - [xen] ia64 PV: config file changes to add support (Don Dutile ) [442991] - [xen] ia64 PV: Kconfig additions (Don Dutile ) [442991] - [xen] ia64 PV: Makefile changes (Don Dutile ) [442991] - [xen] ia64 PV: shared used header file changes (Don Dutile ) [442991] - [IA64] Correct pernodesize calculation (George Beshers ) [455308] - [IA64] Fix large MCA bootmem allocation (George Beshers ) [455308] - [IA64] Disable/re-enable CPE interrupts on Altix (George Beshers ) [455308] - [IA64] Dont set psr.ic and psr.i simultaneously (George Beshers ) [455308] - [IA64] Support multiple CPUs going through OS_MCA (George Beshers ) [455308] - [IA64] Remove needless delay in MCA rendezvous (George Beshers ) [455308] - [IA64] Clean up CPE handler registration (George Beshers ) [455308] - [IA64] CMC/CPE: Reverse fetching log and checking poll (George Beshers ) [455308] - [IA64] Force error to surface in nofault code (George Beshers ) [455308] - [IA64] Fix Altix BTE error return status (George Beshers ) [455308] - [IA64] BTE error timer fix (George Beshers ) [455308] - [IA64] Update processor_info features (George Beshers ) [455308] - [IA64] More Itanium PAL spec updates (George Beshers ) [455308] - [IA64] Add se bit to Processor State Parameter structure (George Beshers ) [455308] - [IA64] Add dp bit to cache and bus check structs (George Beshers ) [455308] - [IA64] PAL calls need physical mode, stacked (George Beshers ) [455308] - [IA64] Cache error recovery (George Beshers ) [455308] - [IA64] handle TLB errors from duplicate itr.d dropins (George Beshers ) [455308] - [IA64] MCA recovery: Montecito support (George Beshers ) [455308] [2.6.18-110.el5] - [x86_64] use strncmp for memmap=exactmap boot argument (Prarit Bhargava ) [450244] - [wireless] compiler warning fixes for mac80211 update (John W. Linville ) [438391] - [serial] 8250: support for DTR/DSR hardware flow control (Aristeu Rozanski ) [445215] - [tty] add termiox support (Aristeu Rozanski ) [445211] - [vt] add shutdown method (Aristeu Rozanski ) [239604] - [tty] add shutdown method (Aristeu Rozanski ) [239604] - [tty] cleanup release_mem (Aristeu Rozanski ) [239604] - [mm] keep pagefault from happening under page lock (Josef Bacik ) [445433] - [wireless] iwlwifi: post-2.6.27-rc3 to support iwl5x00 (John W. Linville ) [438388] - [net] random32: seeding improvement (Jiri Pirko ) [458019] - [usb] work around ISO transfers in SB700 (Pete Zaitcev ) [457723] - [x86_64] AMD 8-socket APICID patches (Prarit Bhargava ) [459813] - [misc] make printk more robust against kexec shutdowns (Neil Horman ) [458368] - [fs] ext4: backport to rhel5.3 interfaces (Eric Sandeen ) [458718] - [fs] ext4: Kconfig/Makefile/config glue (Eric Sandeen ) [458718] - [fs] ext4: fixes from upstream pending patch queue (Eric Sandeen ) [458718] - [fs] ext4: revert delalloc upstream mods (Eric Sandeen ) [458718] - [fs] ext4: 2.6.27-rc3 upstream codebase (Eric Sandeen ) [458718] - [fs] ext4: new s390 bitops (Eric Sandeen ) [459436] - [usb] wacom: add support for Cintiq 20WSX (Aristeu Rozanski ) [248903] - [usb] wacom: add support for Intuos3 4x6 (Aristeu Rozanski ) [370471] - [usb] wacom: fix maximum distance values (Aristeu Rozanski ) [248903] - [x86] hpet: consolidate assignment of hpet_period (Brian Maly ) [435726] - [openib] lost interrupt after LPAR to LPAR communication (Brad Peters ) [457838] - [firmware] fix ibft offset calculation (mchristi@redhat.com ) [444776] - [block] performance fix for too many physical devices (Mikulas Patocka ) [459527] - [ide] Fix issue when appending data on an existing DVD (Mauro Carvalho Chehab ) [457025] - [misc] fix kernel builds on modern userland (Matthew Garrett ) [461540] - [x86_64] AMD IOMMU driver support (Bhavna Sarathy ) [251970] - [x86_64] GART iommu alignment fixes (Prarit Bhargava ) [455813] - [firewire] latest upstream snapshot for RHEL-5.3 (Jay Fenlason ) [449520 430300 429950 429951] - [net] ipv6: configurable address selection policy table (Neil Horman ) [446063] - [fs] relayfs: support larger on-memory buffer (Masami Hiramatsu ) [439269] - [xen] ia64: speed up hypercall for guest domain creation (Tetsu Yamamoto ) [456171] - [xen] make last processed event channel a per-cpu var (Tetsu Yamamoto ) [456171] - [xen] process event channel notifications in round-robin (Tetsu Yamamoto ) [456171] - [xen] use unlocked_ioctl in evtchn, gntdev and privcmd (Tetsu Yamamoto ) [456171] - [xen] disallow nested event delivery (Tetsu Yamamoto ) [456171] - [ppc64] spu: add cpufreq governor (Ed Pollard ) [442410] - [misc] cleanup header warnings and enable header check (Don Zickus ) [458360] - [mm] NUMA: over-committing memory compiler warnings (Larry Woodman ) [457264] - [misc] mmtimer: fixes for high resolution timers (George Beshers ) [442186] - [x86_64] xen: local DOS due to NT bit leakage (Eugene Teo ) [457722] {CVE-2006-5755} - [xen] ia64: mark resource list functions __devinit (Tetsu Yamamoto ) [430219] - [xen] ia64: issue ioremap HC in pci_acpi_scan_root (Tetsu Yamamoto ) [430219] - [xen] ia64: revert paravirt to ioremap /proc/pci (Tetsu Yamamoto ) [430219] - [xen] ia64: disable paravirt to remap /dev/mem (Tetsu Yamamoto ) [430219] - [x86_64] kprobe: kprobe-booster and return probe-booster (Masami Hiramatsu ) [438725] - [xen] NUMA: extend physinfo sysctl to export topo info (Tetsu Yamamoto ) [454711] - [xen] ia64: kludge for XEN_GUEST_HANDLE_64 (Tetsu Yamamoto ) [454711] - [xen] ia64: NUMA support (Tetsu Yamamoto ) [454711] - [misc] pipe support to /proc/sys/net/core_pattern (Neil Horman ) [410871] - [xen] ia64: fix and cleanup move to psr (Tetsu Yamamoto ) [447453] - [xen] ia64: turn off psr.i after PAL_HALT_LIGHT (Tetsu Yamamoto ) [447453] - [xen] ia64: fix ia64_leave_kernel (Tetsu Yamamoto ) [447453] - [xen] page scrub: serialise softirq with a new lock (Tetsu Yamamoto ) [456171] - [xen] serialize scrubbing pages (Tetsu Yamamoto ) [456171] - [xen] ia64: dont warn for EOI-ing edge triggered intr (Tetsu Yamamoto ) [430219] - [xen] ia64: remove regNaT fault message (Tetsu Yamamoto ) [430219] - [xen] ia64: suppress warning of __assign_domain_page (Tetsu Yamamoto ) [430219] - [xen] ia64: remove annoying log message (Tetsu Yamamoto ) [430219] - [xen] ia64: quieter Xen boot (Tetsu Yamamoto ) [430219] - [xen] ia64: quiet lookup_domain_mpa when domain is dying (Tetsu Yamamoto ) [430219] - [xen] ia64: fix XEN_SYSCTL_physinfo to handle NUMA info (Tetsu Yamamoto ) [454711] - [xen] ia64: fixup physinfo (Tetsu Yamamoto ) [454711] [2.6.18-109.el5] - [misc] cpufreq: fix format string bug (Vitaly Mayatskikh ) [459460] - [x86_64] perfctr: dont use CCCR_OVF_PMI1 on Pentium 4 Ds (Aristeu Rozanski ) [447618] - [wireless] iwlwifi: fix busted tkip encryption (John W. Linville ) [438388] - [wireless] ath5k: fixup Kconfig mess from update (John W. Linville ) [445578] - [fs] cifs: fix O_APPEND on directio mounts (Jeff Layton ) [460063] - [ia64] oprofile: recognize Montvale cpu as Itanium2 (Dave Anderson ) [452588] - [block] aoe: use use bio->bi_idx to avoid panic (Tom Coughlan ) [440506] - [x86] make bare-metal oprofile recognize other platforms (Markus Armbruster ) [458441] - [scsi] areca: update for RHEL-5.3 (Tomas Henzl ) [436068] - [sata] prep work for rhel5.3 (David Milburn ) [439247 445727 450962 451586 455445] - [sata] update driver to 2.6.26-rc5 (David Milburn ) [439247 442906 445727 450962 451586 455445 459197] - [openib] race between QP async handler and destroy_qp (Brad Peters ) [446109] - [mm] dont use large pages to map the first 2/4MB of mem (Larry Woodman ) [455504] - [mm] holdoffs in refresh_cpu_vm_stats using latency test (George Beshers ) [447654] - [ppc64] cell spufs: fix HugeTLB (Brad Peters ) [439483] - [ppc64] cell spufs: update with post 2.6.25 patches (Brad Peters ) [439483] - [xen] ia64 oprofile: recognize Montvale cpu as Itanium2 (Dave Anderson ) [452588] - [xen] x86: make xenoprof recognize other platforms (Markus Armbruster ) [458441] [2.6.18-108.el5] - [net] NetXen: remove performance optimization fix (Tony Camuso ) [457958] - [net] NetXen: update to upstream 2.6.27 (tcamuso@redhat.com ) [457958] - [net] NetXen: fixes from upstream 2.6.27 (tcamuso@redhat.com ) [457958] - [net] NetXen: cleanups from upstream 2.6.27 (tcamuso@redhat.com ) [457958] - [fs] anon_inodes implementation (Eduardo Habkost ) [459835] - [x86] PCI domain support (Jeff Garzik ) [228290] - [net] udp: possible recursive locking (Hideo AOKI ) [458909] - [gfs2] multiple writer performance issue (Abhijith Das ) [459738] - [alsa] asoc: double free and mem leak in i2c codec (Jaroslav Kysela ) [460103] - [net] ibmveth: cluster membership problems (Brad Peters ) [460379] - [net] ipv6: drop outside of box loopback address packets (Neil Horman ) [459556] - [net] dccp_setsockopt_change integer overflow (Vitaly Mayatskikh ) [459235] {CVE-2008-3276} - [x86] execute stack overflow warning on interrupt stack (Michal Schmidt ) [459810] - [ppc] export LPAR CPU utilization stats for use by hv (Brad Peters ) [439516] - [acpi] error attaching device data (peterm@redhat.com ) [459670] - [md] fix crashes in iterate_rdev (Doug Ledford ) [455471] - [utrace] signal interception breaks systemtap uprobes (Roland McGrath ) [459786] - [misc] markers and tracepoints: config patch (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: kabi fix-up patch (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: probes (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: sched patch (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: irq patch (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: create Module.markers (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: markers docs (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: markers samples (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: markers (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: tracepoint samples (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: tracepoints (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: samples patch (jbaron@redhat.com ) [329821] - [misc] markers and tracepoints: rcu-read patch (jbaron@redhat.com ) [329821] - [x86] nmi: fix disable and enable _timer_nmi_watchdog (Aristeu Rozanski ) [447618] - [x86] nmi: disable LAPIC/IO APIC on unknown_nmi_panic (Aristeu Rozanski ) [447618] - [x86] nmi: use lapic_adjust_nmi_hz (Aristeu Rozanski ) [447618] - [x86] nmi: update check_nmi_watchdog (Aristeu Rozanski ) [447618] - [x86] nmi: update reserve_lapic_nmi (Aristeu Rozanski ) [447618] - [x86] nmi: use setup/stop routines in suspend/resume (Aristeu Rozanski ) [447618] - [x86] nmi: change nmi_active usage (Aristeu Rozanski ) [447618] - [x86] nmi: update nmi_watchdog_tick (Aristeu Rozanski ) [447618] - [x86] nmi: introduce do_nmi_callback (Aristeu Rozanski ) [447618] - [x86] nmi: introduce per-cpu wd_enabled (Aristeu Rozanski ) [447618] - [x86] nmi: add perfctr infrastructure (Aristeu Rozanski ) [447618] - [x86_64] nmi: add missing prototypes in xen headers (Aristeu Rozanski ) [447618] - [x86_64] nmi: kill disable_irq calls (Aristeu Rozanski ) [447618] - [x86_64] nmi: disable LAPIC/IO APIC on unknown_nmi_panic (Aristeu Rozanski ) [447618] - [x86_64] nmi: use perfctr functions for probing (Aristeu Rozanski ) [447618] - [x86_64] nmi: update check_nmi_watchdog (Aristeu Rozanski ) [447618] - [x86_64] nmi: update reserve_lapic_nmi (Aristeu Rozanski ) [447618] - [x86_64] nmi: use new setup/stop routines in suspend/resume (Aristeu Rozanski ) [447618] - [x86_64] nmi: change nmi_active usage (Aristeu Rozanski ) [447618] - [x86_64] nmi: update nmi_watchdog_tick (Aristeu Rozanski ) [447618] - [x86_64] nmi: setup apic to handle both IO APIC and LAPIC (Aristeu Rozanski ) [447618] - [x86_64] nmi: introduce do_nmi_callback (Aristeu Rozanski ) [447618] - [x86_64] nmi: introduce per-cpu wd_enabled (Aristeu Rozanski ) [447618] - [x86_64] nmi: add perfctr infrastructure (Aristeu Rozanski ) [447618] - [mm] drain_node_page: drain pages in batch units (George Beshers ) [442179] - [mm] optimize ZERO_PAGE in 'get_user_pages' and fix XIP (Anton Arapov ) [452668] {CVE-2008-2372} - [x86_64] UEFI code support (Brian Maly ) [253295] [2.6.18-107.el5] - [scsi] mptscsi: check for null device in error handler (Doug Ledford ) [441832] - [openib] ehca: local CA ACK delay has an invalid value (Brad Peters ) [458378] - [gfs2] fix metafs (Abhijith Das ) [457798] - [sound] HDMI Audio: new PCI device ID (Bhavna Sarathy ) [459221] - [s390] cio: memory leak when ccw devices are discarded (Hans-Joachim Picht ) [459495] - [openib] ehca: handle two completions for one work req (Brad Peters ) [459142] - [scsi] cciss: possible race condition during init (Ivan Vecera ) [455663] - [wireless] rtl818x: add driver from 2.6.26 (John W. Linville ) [448764] - [wireless] rt2x00: add driver from 2.6.26 (John W. Linville ) [448763] - [wireless] ath5k: add driver from 2.6.26 (John W. Linville ) [445578] - [wireless] iwlwifi update to version from 2.6.26 (John W. Linville ) [438395] - [wireless] mac80211 update to version from 2.6.26 (John W. Linville ) [438391 438464 446076] - [wireless] infrastructure changes for mac80211 update (John W. Linville ) [438391] - [xen] xennet: coordinate ARP with backend network status (Herbert Xu ) [458934] - [x86] oprofile: enable additional perf counters (Markus Armbruster ) [426096] - [wireless] update zd1211rw to last non-mac80211 version (John W. Linville ) [448762] - [wireless] update bcm43xx driver to 2.6.25 (John W. Linville ) [448762] - [wireless] update ipw2x00 driver to 2.6.25 (John W. Linville ) [448762] - [wireless] update ieee80211 to 2.6.25 (John W. Linville ) [448762] - [xen] hv: support up to 128 cpus (Bill Burns ) [447958] - [gfs2] rm on multiple nodes causes panic (Bob Peterson ) [458289] - [gfs2] d_rwdirectempty fails with short read (Benjamin Marzinski ) [456453] - [sound] snd_seq_oss_synth_make_info info leak (Eugene Teo ) [458001] {CVE-2008-3272} - Revert: [mm] add support for fast get user pages (Ed Pollard ) [447649] - [xen] fix GDT allocation for 128 CPUs (Bill Burns ) [447958] - [xen] fix building with max_phys_cpus=128 (Bill Burns ) [447958] - [xen] limit dom0 to 32GB by default (Rik van Riel ) [453467] - [xen] automatically make heap larger on large mem system (Rik van Riel ) [453467] [2.6.18-106.el5] - [x86_64] resume from s3 in text mode with >4GB of mem (Matthew Garrett ) [452961] - [x86] kdump: calgary iommu: use boot kernels TCE tables (Tom Coughlan ) [239272] - [net] neigh_destroy: call destructor before unloading (Brad Peters ) [449161] - [usb] removing bus with an open file causes an oops (Pete Zaitcev ) [450786] - [nfs] missing nfs_fattr_init in nfsv3 acl functions (Jeff Layton ) [453711] - [xen] x86: fix endless loop when GPF (Chris Lalancette ) [457093] - [dlm] user.c input validation fixes (David Teigland ) [458760] - [serial] support for Digi PCI-E 4-8port Async IO adapter (Brad Peters ) [439443] - [cpufreq] acpi: boot crash due to _PSD return-by-ref (John Villalovos ) [428909] - [x86] io_apic: check timer with irq off (Brian Maly ) [432407] - [nfs] v4: dont reuse expired nfs4_state_owner structs (Jeff Layton ) [441884] - [nfs] v4: credential ref leak in nfs4_get_state_owner (Jeff Layton ) [441884] - [xen] PVFB probe & suspend fixes fix (Markus Armbruster ) [459107] - [x86] acpi: prevent resources from corrupting memory (Prarit Bhargava ) [458988] - [mm] add support for fast get user pages (Ed Pollard ) [447649] - [ipmi] control BMC device ordering (peterm@redhat.com ) [430157] - [net] pppoe: fix skb_unshare_check call position (Jiri Pirko ) [459062] - [net] ipv6: use timer pending to fix bridge ref count (Jiri Pirko ) [457006] - [nfs] v4: Poll aggressively when handling NFS4ERR_DELAY (Jeff Layton ) [441884] - [net] ixgbe: fix EEH recovery time (Brad Peters ) [457466] - [net] pppoe: unshare skb before anything else (Jiri Pirko ) [457018] - [ppc64] EEH: facilitate vendor driver recovery (Brad Peters ) [457253] - [ia64] fix to check module_free parameter (Masami Hiramatsu ) [457961] - [video] make V4L2 less verbose (Mauro Carvalho Chehab ) [455230] - [autofs4] remove unused ioctls (Ian Kent ) [452139] - [autofs4] reorganize expire pending wait function calls (Ian Kent ) [452139] - [autofs4] fix direct mount pending expire race (Ian Kent ) [452139] - [autofs4] fix indirect mount pending expire race (Ian Kent ) [452139] - [autofs4] fix pending checks (Ian Kent ) [452139] - [autofs4] cleanup redundant readdir code (Ian Kent ) [452139] - [autofs4] keep most direct and indirect dentrys positive (Ian Kent ) [452139] - [autofs4] fix waitq memory leak (Ian Kent ) [452139] - [autofs4] check communication pipe is valid for write (Ian Kent ) [452139] - [autofs4] fix waitq locking (Ian Kent ) [452139] - [autofs4] fix pending mount race (Ian Kent ) [452139] - [autofs4] use struct qstr in waitq.c (Ian Kent ) [452139] - [autofs4] use lookup intent flags to trigger mounts (Ian Kent ) [448869] - [autofs4] hold directory mutex if called in oz_mode (Ian Kent ) [458749] - [autofs4] use rehash list for lookups (Ian Kent ) [458749] - [autofs4] dont make expiring dentry negative (Ian Kent ) [458749] - [autofs4] fix mntput, dput order bug (Ian Kent ) [452139] - [autofs4] bad return from root.c:try_to_fill_dentry (Ian Kent ) [452139] - [autofs4] sparse warn in waitq.c:autofs4_expire_indirect (Ian Kent ) [452139] - [autofs4] check for invalid dentry in getpath (Ian Kent ) [452139] - [misc] create a kernel checksum file per FIPS140-2 (Don Zickus ) [444632] - [net] h323: Fix panic in conntrack module (Thomas Graf ) [433661] - [misc] NULL pointer dereference in kobject_get_path (Jiri Pirko ) [455460] - [audit] new filter type, AUDIT_FILETYPE (Alexander Viro ) [446707] - [ppc64] missed hw breakpoints across multiple threads (Brad Peters ) [444076] - [net] race between neigh_timer_handler and neigh_update (Brad Peters ) [440555] - [security] NULL ptr dereference in __vm_enough_memory (Jerome Marchand ) [443659] - [ppc64] cell: spufs update for RHEL-5.3 (Brad Peters ) [439483] - [misc] null pointer dereference in register_kretprobe (Jerome Marchand ) [452308] - [alsa] HDA: update to 2008-07-22 (Jaroslav Kysela ) [456215] - [ia64] xen: handle ipi case IA64_TIMER_VECTOR (Luming Yu ) [451745] - [misc] batch kprobe register/unregister (Jiri Pirko ) [437579] - [ia64] add gate.lds to Documentation/dontdiff (Prarit Bhargava ) [449948] - [xen] fix netloop restriction (Bill Burns ) [358281] - [nfs] revert to sync writes when background write errors (Jeff Layton ) [438423] - [ia64] kdump: implement greater than 4G mem restriction (Doug Chapman ) [446188] - [nfs] clean up short packet handling for NFSv4 readdir (Jeff Layton ) [428720] - [nfs] clean up short packet handling for NFSv2 readdir (Jeff Layton ) [428720] - [nfs] clean up short packet handling for NFSv3 readdir (Jeff Layton ) [428720] [2.6.18-105.el5] - [misc] pnp: increase number of devices (Prarit Bhargava ) [445590] - [ppc] PERR/SERR disabled after EEH error recovery (Brad Peters ) [457468] - [ppc] eHEA: update from version 0076-05 to 0091-00 (Brad Peters ) [442409] - [net] modifies inet_lro for RHEL (Brad Peters ) [442409] - [net] adds inet_lro module (Brad Peters ) [442409] - [ppc] adds crashdump shutdown hooks (Brad Peters ) [442409] - [ppc] xmon: setjmp/longjmp code generically available (Brad Peters ) [442409] - [xen] PV: config file changes (Don Dutile ) [442991] - [xen] PV: Makefile and Kconfig additions (Don Dutile ) [442991] - [xen] PV: add subsystem (Don Dutile ) [442991] - [xen] PV: shared used header file changes (Don Dutile ) [442991] - [xen] PV: shared use of xenbus, netfront, blkfront (Don Dutile ) [442991] - [fs] backport zero_user_segments and friends (Eric Sandeen ) [449668] - [fs] backport list_first_entry helper (Eric Sandeen ) [449668] - [ia64] fix boot failure on ia64/sn2 (Luming Yu ) [451745] - [ia64] move SAL_CACHE_FLUSH check later in boot (Luming Yu ) [451745] - [ia64] use platform_send_ipi in check_sal_cache_flush (Luming Yu ) [451745] - [xen] avoid dom0 hang when tearing down domains (Chris Lalancette ) [347161] - [xen] ia64: SMP-unsafe with XENMEM_add_to_physmap on HVM (Tetsu Yamamoto ) [457137] [2.6.18-104.el5] - [crypto] IPsec memory leak (Vitaly Mayatskikh ) [455238] - [ppc] edac: add support for Cell processor (Brad Peters ) [439507] - [ppc] edac: add pre-req support for Cell processor (Brad Peters ) [439507] - [scsi] DLPAR remove operation fails on LSI SCSI adapter (Brad Peters ) [457852] - [net] bridge: eliminate delay on carrier up (Herbert Xu ) [453526] - [mm] tmpfs: restore missing clear_highpage (Eugene Teo ) [426083]{CVE-2007-6417} - [scsi] aic94xx: update to 2.6.25 (Ed Pollard ) [439573] - [fs] dio: lock refcount operations (Jeff Moyer ) [455750] - [fs] vfs: fix lookup on deleted directory (Eugene Teo ) [457866]{CVE-2008-3275} - [fs] jbd: fix races that lead to EIO for O_DIRECT (Brad Peters ) [446599] - [fs] add percpu_counter_add & _sub (Eric Sandeen ) [443896] - [xen] event channel lock and barrier (Markus Armbruster ) [457086] - [ppc] adds DSCR support in sysfs (Brad Peters ) [439567] - [ppc] oprofile: wrong cpu_type returned (Brad Peters ) [441539] - [s390] utrace: PTRACE_POKEUSR_AREA corrupts ACR0 (Anton Arapov ) [431183] - [pci] fix problems with msi interrupt management (Michal Schmidt ) [428696] - [misc] fix wrong test in wait_task_stopped (Jerome Marchand ) [382211] - [fs] ecryptfs: use page_alloc to get a page of memory (Eric Sandeen ) [457058] - [misc] serial: fix break handling for i82571 over LAN (Aristeu Rozanski ) [440018] - [xen] blktap: expand for longer busids (Chris Lalancette ) [442723] - [xen] fix blkfront to accept > 16 devices (Chris Lalancette ) [442723] - [xen] expand SCSI majors in blkfront (Chris Lalancette ) [442077] - [misc] core dump: remain dumpable (Jerome Marchand ) [437958] - [fs] inotify: previous event should be last in list (Jeff Burke ) [453990] - [block] Enhanced Partition Statistics: documentation (Jerome Marchand ) [224322] - [block] Enhanced Partition Statistics: retain old stats (Jerome Marchand ) [224322] - [block] Enhanced Partition Statistics: procfs (Jerome Marchand ) [224322] - [block] Enhanced Partition Statistics: sysfs (Jerome Marchand ) [224322] - [block] Enhanced Partition Statistics: cpqarray fix (Jerome Marchand ) [224322] - [block] Enhanced Partition Statistics: cciss fix (Jerome Marchand ) [224322] - [block] Enhanced Partition Statistics: aoe fix (Jerome Marchand ) [224322] - [block] Enhanced Partition Statistics: update statistics (Jerome Marchand ) [224322] - [block] Enhanced Partition Statistics: core statistics (Jerome Marchand ) [224322] - [fs] add clear_nlink, drop_nlink (Eric Sandeen ) [443896] - [fs] add buffer_submit_read and bh_uptodate_or_lock (Eric Sandeen ) [443896] - [fs] noinline_for_stack attribute (Eric Sandeen ) [443896] - [fs] i_version updates (Eric Sandeen ) [443896] - [fs] add an ERR_CAST function (Eric Sandeen ) [443896] - [fs] introduce is_owner_or_cap (Eric Sandeen ) [443896] - [fs] add generic_find_next_le_bit (Eric Sandeen ) [443896] - [fs] add le32_add_cpu and friends (Eric Sandeen ) [443896] - [net] sctp: export needed data to implement RFC 3873 (Neil Horman ) [277111] - [xen] x86: xenoprof enable additional perf counters (Markus Armbruster ) [426096] [2.6.18-103.el5] - [fs] dio: use kzalloc to zero out struct dio (Jeff Moyer ) [439918] - [x86] hugetlb: inconsistent get_user_pages (x86 piece) (Brad Peters ) [456449] - [fs] fix softlockups when repeatedly dropping caches (Bryn M. Reeves ) [444961] - [char] add hp-ilo driver (Tony Camuso ) [437212] - [net] do liberal tracking for picked up connections (Anton Arapov ) [448328] - [scsi] BusLogic: typedef bool to boolean for compiler (Chip Coldwell ) [445095] - [misc] ioc4: fixes - pci_put_dev, printks, mem resource (Jonathan Lim ) [442424] [2.6.18-102.el5] - [net] slow_start_after_idle influences cwnd validation (Thomas Graf ) [448918] - [dlm] fix a couple of races (David Teigland ) [457569] - [net] NetXen driver update to 3.4.18 (Ed Pollard ) [443619] - [mm] NUMA: system is slow when over-committing memory (Larry Woodman ) [457264] - [net] ixgbe: remove device ID for unsupported device (Andy Gospodarek ) [454910] - [ppc] Event Queue overflow on eHCA adapters (Brad Peters ) [446713] - [ppc] IOMMU Performance Enhancements (Brad Peters ) [439469] - [ppc] RAS update for Cell (Brad Peters ) [313731] - [ppc] fast little endian implementation for System p AVE (Brad Peters ) [439505] - [net] proc: add unresolved discards stat to ndisc_cache (Neil Horman ) [456732] - [x86_64] ia32: increase stack size (Larry Woodman ) [442331] - [mm] fix PAE pmd_bad bootup warning (Larry Woodman ) [455434] - [video] add uvcvideo module (Jay Fenlason ) [439899] - [crypto] add tests for cipher types to self test module (Neil Horman ) [446514] - [mm] fix debug printks in page_remove_rmap() (Larry Woodman ) [457458] - [mm] fix /proc/sys/vm/lowmem_reserve_ratio (Larry Woodman ) [457471] - [xen] add VPS sync read/write according to spec (Bill Burns ) [437096] - [xen] use VPS service to take place of PAL call (Bill Burns ) [437096] - [xen] enable serial console for new ia64 chip (Bill Burns ) [437096] [2.6.18-101.el5] - [ipmi] restrict keyboard I/O port reservation (peterm@redhat.com ) [456300] - [mm] xpmem: inhibit page swapping under heavy mem use (George Beshers ) [456574] - [fs] vfs: wrong error code on interrupted close syscalls (Jeff Layton ) [455729] - [misc] dont randomize when no randomize personality set (Bryn M. Reeves ) [444611] - [ia64] holdoffs in sn_ack_irq when running latency tests (Jonathan Lim ) [447838] - [xen] x86: new vcpu_op call to get physical CPU identity (Bhavana Nagendra ) [434548] - [xen] HV: memory corruption with large number of cpus (Chris Lalancette ) [449945] - [xen] save phys addr for crash utility (Bill Burns ) [443618] - [xen] kexec: allocate correct memory reservation (Bill Burns ) [442661] [2.6.18-100.el5] - [gfs2] glock dumping missing out some glocks (Steven Whitehouse ) [456334] - [scsi] ibmvscsi: add tape device support (Brad Peters ) [439488] - [misc] irq: reset stats when installing new handler (Eugene Teo ) [456218] - [scsi] ibmvscsi: latest 5.3 fixes and enhancements (Brad Peters ) [439487] - [selinux] prevent illegal selinux options when mounting (Eugene Teo ) [456052] - [xen] remove blktap sysfs entries before shutdown (Chris Lalancette ) [250104] - [xen] dont collide symbols with blktap (Chris Lalancette ) [250104] - [xen] blktap: modify sysfs entries to match blkback (Chris Lalancette ) [250104] - [xen] dont try to recreate sysfs entries (Chris Lalancette ) [250104] - [xen] blktap: stats error cleanup (Chris Lalancette ) [250104] - [xen] blktap: add statistics (Chris Lalancette ) [250104] - [xen] rename blktap kernel threads to blktap.dom.blkname (Chris Lalancette ) [250104] - [ia64] xen: incompatibility with HV and userspace tools (Tetsu Yamamoto ) [444589] - [usb] add ids for WWAN cards (John Feeney ) [253137] - [ia64] handle invalid ACPI SLIT table (Luming Yu ) [451591] - [pci] mmconfig: use conf1 for access below 256 bytes (Tony Camuso ) [441615 251493] - [pci] mmconfig: rm pci_legacy_ops and nommconf blacklist (Tony Camuso ) [441615 251493] - [pci] mmconfig: remove pci_bios_fix_bus_scan_quirk (Tony Camuso ) [441615 251493] - [fs] nlm: tear down RPC clients in nlm_shutdown_hosts (Jeff Layton ) [254195] - [fs] nlm: dont reattempt GRANT_MSG with an inflight RPC (Jeff Layton ) [254195] - [fs] nlm: canceled inflight GRANT_MSG shouldnt requeue (Jeff Layton ) [254195] - [fs] potential race in mark_buffer_dirty (Mikulas Patocka ) [442577] [2.6.18-99.el5] - [fs] lockd: nlmsvc_lookup_host called with f_sema held (Jeff Layton ) [453094] - [x86] dont call MP_processor_info for disabled cpu (Prarit Bhargava ) [455425] - [x86_64] dont call MP_processor_info for disabled cpu (Prarit Bhargava ) [455427] - [x86] show apicid in /proc/cpuinfo (Prarit Bhargava ) [455424] - [acpi] disable lapic timer on C2 states (John Villalovos ) [438409] - [acpi] enable deep C states for idle efficiency (Matthew Garrett ) [443516] - [fs] missing check before setting mount propagation (Eugene Teo ) [454393] - [xen] pvfb: frontend mouse wheel support (Markus Armbruster ) [446235] - [ppc] use ibm,slb-size from device tree (Brad Peters ) [432127] - [mm] dio: fix cache invalidation after sync writes (Jeff Moyer ) [445674] - [misc] fix UP compile in skcipher.h (Prarit Bhargava ) [453038] - [ia64] softlock: prevent endless warnings in kdump (Neil Horman ) [453200] - [net] s2io: fix documentation about intr_type (Michal Schmidt ) [450921] - [net] make udp_encap_rcv use pskb_may_pull (Neil Horman ) [350281] - [misc] fix compile when selinux is disabled (Prarit Bhargava ) [452535] - [scsi] update aacraid to 1.1.5-2455 (Chip Coldwell ) [429862] - [x86_64] ptrace: sign-extend orig_rax to 64 bits (Jerome Marchand ) [437882] - [x86_64] ia32 syscall restart fix (Jerome Marchand ) [434998] - [misc] optimize byte-swapping, fix -pedantic compile (Jarod Wilson ) [235699] - [dm] snapshot: reduce default memory allocation (Milan Broz ) [436494] - [dm] snapshot: fix chunksize sector conversion (Milan Broz ) [443627] - [net] ip tunnel cant be bound to another device (Michal Schmidt ) [451196] - [net] bnx2x: chip reset and port type fixes (Andy Gospodarek ) [441259] - [audit] records sender of SIGUSR2 for userspace (Eric Paris ) [428277] - [audit] deadlock under load and auditd takes a signal (Eric Paris ) [429941] - [audit] send EOE audit record at end of syslog events (Eric Paris ) [428275] - [x86] brk: fix RLIMIT_DATA check (Vitaly Mayatskikh ) [315681] - [misc] fix ?!/!? inversions in spec file (Jarod Wilson ) [451008] - [scsi] fix high I/O wait using 3w-9xxx (Tomas Henzl ) [444759] - [net] ipv6: fix unbalanced ref count in ndisc_recv_ns (Neil Horman ) [450855] - [fs] cifs: wait on kthread_stop before thread exits (Jeff Layton ) [444865] - [net] fix the redirected packet if jiffies wraps (Ivan Vecera ) [445536] - [nfs] pages of a memory mapped file get corrupted (Peter Staubach ) [435291] - [net] sunrpc: memory corruption from dead rpc client (Jeff Layton ) [432867] - [fs] debugfs: fix dentry reference count bug (Josef Bacik ) [445787] - [acpi] remove processor module errors (John Feeney ) [228836] - [fs] ext3: make fdatasync not sync metadata (Josef Bacik ) [445649] - [pci] acpiphp_ibm: let ACPI determine _CID buffer size (Prarit Bhargava ) [428874] - [fs] need process map reporting for swapped pages (Anton Arapov ) [443749] - [misc] optional panic on softlockup warnings (Prarit Bhargava ) [445422] - [net] sctp: support remote address table oid (Neil Horman ) [435110] - [nfs] knfsd: revoke setuid/setgid when uid/gid changes (Jeff Layton ) [443043] - [nfs] remove error field from nfs_readdir_descriptor_t (Jeff Layton ) [437479] [2.6.18-98.el5] - [nfs] sunrpc: sleeping rpc_malloc might deadlock (Jeff Layton ) [451317] - [gfs2] initial write performance very slow (Benjamin Marzinski ) [432826] - [ia64] avoid unnecessary TLB flushes when allocating mem (Doug Chapman ) [435362] - [gfs2] lock_dlm: deliver callbacks in the right order (Bob Peterson ) [447748] - [sound] alsa: HDA driver update from upstream 2008-06-11 (Jaroslav Kysela ) [451007] - [x86_64] xen: fix syscall return when tracing (Chris Lalancette ) [453394] - [fs] ext3: lighten up resize transaction requirements (Eric Sandeen ) [425955] - [xen] PVFB probe & suspend fixes (Markus Armbruster ) [434800] - [nfs] ensure that options turn off attribute caching (Peter Staubach ) [450184] - [x86_64] memmap flag results in bogus RAM map output (Prarit Bhargava ) [450244] - [nfs] sunrpc: fix a race in rpciod_down (Jeff Layton ) [448754] - [nfs] sunrpc: fix hang due to eventd deadlock (Jeff Layton ) [448754] - [gfs2] d_doio stuck in readv waiting for pagelock (Bob Peterson ) [432057] - [fs] ext3: fix lock inversion in direct io (Josef Bacik ) [439194] - [fs] jbd: fix journal overflow issues (Josef Bacik ) [439193] - [fs] jbd: fix typo in recovery code (Josef Bacik ) [447742] - [openib] small ipoib packet can cause an oops (Doug Ledford ) [445731] - [sched] domain range turnable params for wakeup_idle (Kei Tokunaga ) [426971] - [edac] k8_edac: fix typo in user visible message (Aristeu Rozanski ) [446068] - [net] ipv6: dont handle default routes specially (Neil Horman ) [426895 243526] - [fs] ext3: unmount hang when quota-enabled goes error-RO (Eric Sandeen ) [429054] - [net] ipv6: no addrconf for bonding slaves (Andy Gospodarek ) [236750] - [misc] fix race in switch_uid and user signal accounting (Vince Worthington ) [441762 440830] - [misc] /proc/pid/limits : fix duplicate array entries (Neil Horman ) [443522] - [nfs] v4: fix ref count and signal for callback thread (Jeff Layton ) [423521] - [mm] do not limit locked memory when using RLIM_INFINITY (Larry Woodman ) [442426] - [xen] ia64: add srlz instruction to asm (Aron Griffis ) [440261] - [nfs] fix transposed deltas in nfs v3 (Jeff Layton ) [437544] - [x86_64] gettimeofday fixes for HPET, PMTimer, TSC (Prarit Bhargava ) [250708] - [ia64] remove assembler warnings on head.S (Luming Yu ) [438230] - [misc] allow hugepage allocation to use most of memory (Larry Woodman ) [438889] - [edac] k8_edac: add option to report GART errors (Aristeu Rozanski ) [390601] - [ia64] add TIF_RESTORE_SIGMASK and pselect/ppoll syscall (Luming Yu ) [206806] [2.6.18-97.el5] - [misc] signaling msgrvc() should not pass back error (Jiri Pirko ) [452533] - [ia64] properly unregister legacy interrupts (Prarit Bhargava ) [445886] - [s390] zfcp: status read locking race (Hans-Joachim Picht ) [451278] - [s390] fix race with stack local wait_queue_head_t. (Hans-Joachim Picht ) [451279] - [s390] cio: fix system hang with reserved DASD (Hans-Joachim Picht ) [451222] - [s390] cio: fix unusable zfcp device after vary off/on (Hans-Joachim Picht ) [451223] - [s390] cio: I/O error after cable pulls (Hans-Joachim Picht ) [451281] - [s390] tape: race condition in tape block device driver (Hans-Joachim Picht ) [451277] - [gfs2] cannot use fifo nodes (Steven Whitehouse ) [450276] - [gfs2] bad subtraction in while-loop can cause panic (Bob Peterson ) [452004] - [tux] crashes kernel under high load (Anton Arapov ) [448973] - [dlm] move plock code from gfs2 (David Teigland ) [450138] - [dlm] fix basts for granted CW waiting PR/CW (David Teigland ) [450137] - [dlm] check for null in device_write (David Teigland ) [450136] - [dlm] save master info after failed no-queue request (David Teigland ) [450135] - [dlm] keep cached master rsbs during recovery (David Teigland ) [450133] - [dlm] change error message to debug (David Teigland ) [450132] - [dlm] fix possible use-after-free (David Teigland ) [450132] - [dlm] limit dir lookup loop (David Teigland ) [450132] - [dlm] reject normal unlock when lock waits on lookup (David Teigland ) [450132] - [dlm] validate messages before processing (David Teigland ) [450132] - [dlm] reject messages from non-members (David Teigland ) [450132] - [dlm] call to confirm_master in receive_request_reply (David Teigland ) [450132] - [dlm] recover locks waiting for overlap replies (David Teigland ) [450132] - [dlm] clear ast_type when removing from astqueue (David Teigland ) [450132] - [dlm] use fixed errno values in messages (David Teigland ) [450130] - [dlm] swap bytes for rcom lock reply (David Teigland ) [450130] - [dlm] align midcomms message buffer (David Teigland ) [450130] - [dlm] use dlm prefix on alloc and free functions (David Teigland ) [450130] - [s390] zfcp: memory handling for GID_PN (Hans-Joachim Picht ) [447727] - [s390] zfcp: out-of-memory handling for status_read req (Hans-Joachim Picht ) [447726] - [s390] zfcp: deadlock in slave_destroy handler (Hans-Joachim Picht ) [447329] - [s390] dasd: fix timeout handling in interrupt handler (Hans-Joachim Picht ) [447316] - [s390] zfcp: fix check for handles in abort handler (Hans-Joachim Picht ) [447331] - [s390] aes_s390 decrypt may produce wrong results in CBC (Hans-Joachim Picht ) [446191] - [s390x] CPU Node Affinity (Hans-Joachim Picht ) [447379] - [gfs2] inode indirect buffer corruption (Bob Peterson ) [345401] - [s390] cio: avoid machine check vs. not operational race (Hans-Joachim Picht ) [444082] - [s390] qeth: avoid inconsistent lock state for inet6_dev (Hans-Joachim Picht ) [444077] - [s390] qdio: missed inb. traffic with online FCP devices (Hans-Joachim Picht ) [444146] - [s390] qeth: eddp skb buff problem running EDDP guestlan (Hans-Joachim Picht ) [444014] - [s390] cio: kernel panic in cm_enable processing (Hans-Joachim Picht ) [442032] - [fs] fix bad unlock_page in pip_to_file() error path (Larry Woodman ) [439917] - [s390] zfcp: Enhanced Trace Facility (Hans-Joachim Picht ) [439482] - [s390] dasd: add support for system information messages (Hans-Joachim Picht ) [439441] - [s390] zcrypt: add support for large random numbers (Hans-Joachim Picht ) [439440] - [s390] qeth: recovery problems with failing STARTLAN (Hans-Joachim Picht ) [440420] - [s390] qdio: change in timeout handling during establish (Hans-Joachim Picht ) [440421] - [s390] lcs: ccl-seq. numbers required for prot. 802.2 (Hans-Joachim Picht ) [440416] - [s390] dasd: diff z/VM minidisks need a unique UID (Hans-Joachim Picht ) [440402] - [s390] qeth: ccl-seq. numbers req for protocol 802.2 (Hans-Joachim Picht ) [440227] - [s390] sclp: prevent console lockup during SE warmstart (Hans-Joachim Picht ) [436967] - [s390] zcrypt: disable ap polling thread per default (Hans-Joachim Picht ) [435161] - [s390] zfcp: hold lock on port/unit handle for task cmd (Hans-Joachim Picht ) [434959] - [s390] zfcp: hold lock on port handle for ELS command (Hans-Joachim Picht ) [434955] - [s390] zfcp: hold lock on port/unit handle for FCP cmd (Hans-Joachim Picht ) [433537] - [s390] zfcp: hold lock when checking port/unit handle (Hans-Joachim Picht ) [434953] - [s390] zfcp: handling of boxed port after physical close (Hans-Joachim Picht ) [434801] - [s390] dasd: fix ifcc handling (Hans-Joachim Picht ) [431592] - [s390] cio: introduce timed recovery procedure (Hans-Joachim Picht ) [430593] - [s390] cio: sense id works with partial hw response (Hans-Joachim Picht ) [430787] - [s390] zfcp: fix use after free bug (Hans-Joachim Picht ) [412881] - [s390] cio: add missing reprobe loop end statement (Hans-Joachim Picht ) [412891] - [s390] zfcp: imbalance in erp_ready_sem usage (Hans-Joachim Picht ) [412831] - [s390] zfcp: zfcp_erp_action_dismiss will ignore actions (Hans-Joachim Picht ) [409091] - [s390] zfcp: Units are reported as BOXED (Hans-Joachim Picht ) [412851] - [s390] zfcp: Reduce flood on hba trace (Hans-Joachim Picht ) [415951] - [s390] zfcp: Deadlock when adding invalid LUN (Hans-Joachim Picht ) [412841] - [s390] pav alias disks not detected on lpar (Hans-Joachim Picht ) [416081] [2.6.18-96.el5] - [net] randomize udp port allocation (Eugene Teo ) [454572] - [tty] add NULL pointer checks (Aristeu Rozanski ) [453154] - [misc] ttyS1 lost interrupt, stops transmitting v2 (Brian Maly ) [451157] - [net] sctp: make sure sctp_addr does not overflow (David S. Miller ) [452483] - [sys] sys_setrlimit: prevent setting RLIMIT_CPU to 0 (Neil Horman ) [437122] - [net] sit: exploitable remote memory leak (Jiri Pirko ) [446039] - [x86_64] zero the output of string inst on exception (Jiri Pirko ) [451276] {CVE-2008-2729} - [net] dccp: sanity check feature length (Anton Arapov ) [447396] {CVE-2008-2358} - [misc] buffer overflow in ASN.1 parsing routines (Anton Arapov ) [444465] {CVE-2008-1673} - [x86_64] write system call vulnerability (Anton Arapov ) [433945] {CVE-2008-0598} [2.6.18-95.el5] - [net] Fixing bonding rtnl_lock screwups (Fabio Olive Leite ) [450219] - [x86_64]: extend MCE banks support for Dunnington, Nehalem (Prarit Bhargava ) [446673] - [nfs] address nfs rewrite performance regression in RHEL5 (Eric Sandeen ) [436004] - [mm] Make mmap() with PROT_WRITE on RHEL5 (Larry Woodman ) [448978] - [i386]: Add check for supported_cpus in powernow_k8 driver (Prarit Bhargava ) [443853] - [i386]: Add check for dmi_data in powernow_k8 driver (Prarit Bhargava ) [443853] - [sata] update sata_svw (John Feeney ) [441799] - [net] fix recv return zero (Thomas Graf ) [435657] - [misc] kernel crashes on futex (Anton Arapov ) [435178] [2.6.18-94.el5] - [misc] ttyS1 loses interrupt and stops transmitting (Simon McGrath ) [440121] [2.6.18-93.el5] - [x86] sanity checking for read_tsc on i386 (Brian Maly ) [443435] - [xen] netfront: send fake arp when link gets carrier (Herbert Xu ) [441716] - [net] fix xfrm reverse flow lookup for icmp6 (Neil Horman ) [446250] - [net] negotiate all algorithms when id bit mask zero (Neil Horman ) [442820] - [net] 32/64 bit compat MCAST_ sock options support (Neil Horman ) [444582] - [misc] add CPU hotplug support for relay functions (Kei Tokunaga ) [441523] IMPORTANT Copyright 2009 Oracle, Inc. CVE-2008-5029 CVE-2008-5079 CVE-2008-5182 CVE-2008-5300 Oracle Linux 5 firefox: [3.0.6-1.0.1.el5] - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch [3.0.6-1] - Update to Firefox 3.0.6 - Fixed #447390 (wrong size of icons) nss: [3.12.2.0-4] - exclude binary db files from change detection [3.12.2.0-3] - Update to NSS_3_12_2_WITH_CKBI_1_73_RTM - Add dependency to pkgconfig to devel package (bug456849) xulrunner: [1.9.0.6-1.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed xulrunner-redhat-default-prefs.js [1.9.0.6-1] - Update to 1.9.0.6 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-0352 CVE-2009-0353 CVE-2009-0354 CVE-2009-0355 CVE-2009-0356 CVE-2009-0357 CVE-2009-0358 Oracle Linux 5 [3.0.0-3.2] - add security fix for CVE-2008-2384 (#480613) MODERATE Copyright 2009 Oracle, Inc. CVE-2008-2384 Oracle Linux 5 [4.1.2-14.el5_3.1] - CVE-2008-4770 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-4770 Oracle Linux 5 [2.6.18-128.1.1.0.1.el5] - [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332] [2.6.18-128.1.1.el5] - [security] introduce missing kfree (Jiri Pirko ) [480597 480598] {CVE-2009-0031} - [sched] fix clock_gettime monotonicity (Peter Zijlstra ) [481122 477763] - [nfs] create rpc clients with proper auth flavor (Jeff Layton ) [481119 465456] - [net] sctp: overflow with bad stream ID in FWD-TSN chunk (Eugene Teo ) [478804 478805] {CVE-2009-0065} - [md] fix oops with device-mapper mirror target (Heinz Mauelshagen ) [481120 472558] - [openib] restore traffic in connected mode on HCA (AMEET M. PARANJAPE ) [479812 477000] - [net] add preemption point in qdisc_run (Jiri Pirko ) [477746 471398] {CVE-2008-5713} - [x86_64] copy_user_c assembler can leave garbage in rsi (Larry Woodman ) [481117 456682] - [misc] setpgid returns ESRCH in some situations (Oleg Nesterov ) [480576 472433] - [s390] zfcp: fix hexdump data in s390dbf traces (Hans-Joachim Picht ) [480996 470618] - [fs] hfsplus: fix buffer overflow with a corrupted image (Anton Arapov ) [469637 469638] {CVE-2008-4933} - [fs] hfsplus: check read_mapping_page return value (Anton Arapov ) [469644 469645] {CVE-2008-4934} - [fs] hfs: fix namelength memory corruption (Anton Arapov ) [470772 470773] {CVE-2008-5025} IMPORTANT Copyright 2009 Oracle, Inc. CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5713 CVE-2009-0031 CVE-2009-0065 Oracle Linux 5 [1.6.9p17-3.el5_3.1] - audit patch rediff (one chunk failed to apply due to fuzz=0) - Fix for incorrect handling of groups in Runas_User (#481720) Resolves: #481820 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0034 Oracle Linux 5 [0.10.9-1.el5.1] - Add patch for CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 Related: rhbz #483220 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 Oracle Linux 5 [3.6-5.11.2] - Resolves: rhbz#467949 CVE-2008-1036 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-1036 Oracle Linux 5 [1.0.6-2.0.1.el5_3] - Add oracle-ocfs2-network.patch [1.0.6-2] - bring back pie - Resolves: #486551 [1.0.6-1] - various security flaws fixed - upgrade to 1.0.6 - Resolves: #486551 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-4680 CVE-2008-4681 CVE-2008-4682 CVE-2008-4683 CVE-2008-4684 CVE-2008-4685 CVE-2008-5285 CVE-2008-6472 CVE-2009-0599 CVE-2009-0600 Oracle Linux 5 firefox: [3.0.7-1.0.1] - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch [3.0.7-1] - Update to Firefox 3.0.7 [3.0.6-2] - Fixed #481805 (Unowned directory /usr/lib/firefox-*/modules) xulrunner: [1.9.0.7-1.0.1] - Added xulrunner-oracle-default-prefs.js and removed xulrunner-redhat-default-prefs.js [1.9.0.7-1] - Update to 1.9.0.7 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-0040 CVE-2009-0771 CVE-2009-0772 CVE-2009-0773 CVE-2009-0774 CVE-2009-0775 CVE-2009-0776 CVE-2009-0777 Oracle Linux 5 [2.6.18-128.1.6.0.1.el5] - [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson) [orabug 8300888] [2.6.18-128.1.6.el5] - [x86] add nonstop_tsc flag in /proc/cpuinfo (Luming Yu ) [489310 474091] [2.6.18-128.1.5.el5] - Revert: [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [489847 467942] [2.6.18-128.1.4.el5] - [x86_64] mce: do not clear an unrecoverable error status (Aristeu Rozanski ) [490433 489692] - [wireless] iwlwifi: booting with RF-kill switch enabled (John W. Linville ) [489846 482990] - [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [489847 467942] - [misc] signal: modify locking to handle large loads (AMEET M. PARANJAPE ) [489457 487376] - [x86] TSC keeps running in C3+ (Luming Yu ) [489310 474091] - [net] fix icmp_send and icmpv6_send host re-lookup code (Jiri Pirko ) [489253 439670] {CVE-2009-0778} [2.6.18-128.1.3.el5] - [net] skfp_ioctl inverted logic flaw (Eugene Teo ) [486539 486540] {CVE-2009-0675} - [net] memory disclosure in SO_BSDCOMPAT gsopt (Eugene Teo ) [486517 486518] {CVE-2009-0676} - [x86] limit max_cstate to use TSC on some platforms (Tony Camuso ) [488239 470572] - [ptrace] correctly handle ptrace_update return value (Jerome Marchand ) [487394 483814] - [misc] minor signal handling vulnerability (Oleg Nesterov ) [479963 479964] {CVE-2009-0028} - [firmware] dell_rbu: prevent oops (Don Howard ) [482941 482942] - [gfs2] panic in debugfs_remove when unmounting (Abhijith Das ) [485910 483617] [2.6.18-128.1.2.el5] - [scsi] libata: sas_ata fixup sas_sata_ops (David Milburn ) [485909 483171] - [fs] ecryptfs: readlink flaw (Eric Sandeen ) [481606 481607] {CVE-2009-0269} - [qla2xxx] correct endianness during flash manipulation (Marcus Barrow ) [485908 481691] - [net] ixgbe: frame reception and ring parameter issues (Andy Gospodarek ) [483210 475625] - [misc] fix memory leak during pipe failure (Benjamin Marzinski ) [481576 478643] - [block] enforce a minimum SG_IO timeout (Eugene Teo ) [475405 475406] {CVE-2008-5700} - [nfs] handle attribute timeout and u32 jiffies wrap (Jeff Layton ) [483201 460133] - [fs] ext[234]: directory corruption DoS (Eugene Teo ) [459601 459604] {CVE-2008-3528} - [net] deadlock in Hierarchical token bucket scheduler (Neil Horman ) [481746 474797] - [wireless] iwl: fix BUG_ON in driver (Neil Horman ) [483206 477671] IMPORTANT Copyright 2009 Oracle, Inc. CVE-2008-3528 CVE-2008-5700 CVE-2009-0028 CVE-2009-0269 CVE-2009-0322 CVE-2009-0675 CVE-2009-0676 CVE-2009-0778 Oracle Linux 5 [1.2.10-7.1.el5_3.2] - Back-port fixes for CVE-2008-1382 and CVE-2009-0040. Resolves: #487168 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-1382 CVE-2009-0040 Oracle Linux 5 [2.12.3-4] - Build with -fno-strict-aliasing [2.12.3-3] - Fix CVE-2008-4316, overflows in the base64 handling functions - Fixes #487497 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-4316 Oracle Linux 5 [5.1.6-23.2.el5] - ext/gd: fix overflow2 usage for CVE-2007-3996, CVE-2008-3658 [5.1.6-23.1.el5] - add security fixes for CVE-2008-3658, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5814, and mbstring func_overload issue (#487369) MODERATE Copyright 2009 Oracle, Inc. CVE-2008-3658 CVE-2008-3660 CVE-2008-5498 CVE-2008-5557 CVE-2008-5814 CVE-2009-0754 Oracle Linux 5 [1.18-beta1.1.el5_3.2] - Add patch theoretically preventing division by zero [1.18-beta1.1.el5_3.1] - Rebase to upstream 1.18beta1 - CVE-2009-0581 LittleCms memory leak - CVE-2009-0723 LittleCms integer overflow - CVE-2009-0733 LittleCms lack of upper-bounds check on sizes - Resolves: #487513 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0581 CVE-2009-0723 CVE-2009-0733 Oracle Linux 5 [7.15.5-2.1.el5_3.4] - another correction of the patch for CVE-2009-0037 [7.15.5-2.1.el5_3.3] - forwardport one hunk from upstream curl-7.15.1 Related: #485290 [7.15.5-2.1.el5_3.2] - fix hunk applied to wrong place due to nonzero patch fuzz Related: #485289 [7.15.5-2.1.el5_3.1] - fix CVE-2009-0037 Resolves: #485289 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0037 Oracle Linux 5 [2.2.98-2.el5.1] - Add patch for RH bug #488030 (CVE-2009-0585, soup_base64_encode()). MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0585 Oracle Linux 5 [8.15.2-9.4:.4] - Avoid dividing by zero while checking for integer overflows. [8.15.2-9.4:.1] - Applied patch to fix CVE-2009-0583 (bug #487742) and CVE-2009-0584 (bug #487744). MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0583 CVE-2009-0584 Oracle Linux 5 [0.10.20-3.0.1] - CVE-2009-0586: integer overflow in gst_vorbis_tag_add_coverart (#488210) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0586 Oracle Linux 5 [1.12.3-10.el5_3.3] - Add patch for RH bug #488280 (CVE-2009-0547, S/MIME signatures). [1.12.3-10.el5_3.2] - Add patch for RH bug #488280 (CVE-2009-0582, NTLM authentication). [1.12.3-10.el5_3.1] - Add patch for RH bug #488280 (CVE-2009-0587, Base64 encoding). MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0547 CVE-2009-0582 CVE-2009-0587 Oracle Linux 5 [0.7.0-4] - CVE-2009-0365: GetSecrets disclosure - CVE-2009-0578: local users can modify the connection settings - Resolves: #487778 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0365 CVE-2009-0578 Oracle Linux 5 [0.7.2-3.0.1.el5_3] - Add oracle-enterprise.patch [0.7.2-3] - Resolves: bug #489979, CVE-2009-0784 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0784 Oracle Linux 5 [1:1.6.0.0-0.30.b09.0.1.el5] - Add oracle-enterprise.patch [1:1.6.0.0-0.30.b09] - Updated java-1.6.0-openjdk-lcms.patch [1:1.6.0.0-0.29.b09] - Updated java-1.6.0-openjdk-lcms.patch [1:1.6.0.0-0.29.b09] - Added java-1.6.0-openjdk-messageutils.patch - Updated release. [1:1.6.0.0-0.28.b09] - Updated java-1.6.0-openjdk-lcms.patch - Updated release. [1:1.6.0.0-0.27.b09] - Updated java-1.6.0-openjdk-lcms.patch [1:1.6.0.0-0.26.b09] - Updated java-1.6.0-openjdk-securitypatches.patch. - Added java-1.6.0-openjdk-lcms.patch. - Updated release. - Removed fedora sources. We can now build with system-installed openjdk. - Resolves: rhbz#490182 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0581 CVE-2009-0723 CVE-2009-0733 CVE-2009-0793 CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1101 CVE-2009-1102 CVE-2006-2426 Oracle Linux 5 [0.3.3-14.0.1.el5_3.1] - Replaced docs/redhat.gif in tarball [0.3.3-14.el5_3.1] - Add missing readonly checks for APIs (CVE-2008-5086) - Add missing buf check in proxy daemon (CVE-2009-0036) MODERATE Copyright 2009 Oracle, Inc. CVE-2008-5086 CVE-2009-0036 Oracle Linux 5 xulrunner: [1.9.0.7-3.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one [1.9.0.7-3] - Updated per 1.9.0.8 firefox: [3.0.7-3.0.1.el4] - Update firstrun and homepage URLS - Add oracle-firefox-branding.patch - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding RedHat ones [3.0.7-3.el4] - Updated per 1.9.0.8 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-1044 CVE-2009-1169 Oracle Linux 5 [2.6.14-1.2] - security update (CVE-2009-0790, CVE-2008-4190) Resolves: CVE-2009-0790, CVE-2008-4190 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2008-4190 CVE-2009-0790 Oracle Linux 5 [1.6.1-31.el5_3.3] - update to revised patch for CVE-2009-0844/CVE-2009-0845 [1.6.1-31.el5_3.2] - add fix for potential buffer read overrun in the SPNEGO GSSAPI mechanism (#490635, CVE-2009-0844) - add fix for NULL pointer dereference when handling certain error cases in the SPNEGO GSSAPI mechanism (#490635, CVE-2009-0845) - add fix for attempt to free uninitialized pointer in the ASN.1 decoder (#490635, CVE-2009-0846) - add fix for bug in length validation in the ASN.1 decoder (CVE-2009-0847) [1.6.1-31.el5_3.1] - add backport of svn patch to fix a bug in how the gssapi library handles certain error cases in gss_accept_sec_context (CVE-2009-0845, IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 Oracle Linux 5 [0.4.7-23.el5_3.2] - Added 493401_multipathd_umask_fix.patch - Resolves: bz #493401 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0115 Oracle Linux 5 [8.15.2-9.4:.7] - Added extra checking for CVE-2009-0792 (bug #491853). [8.15.2-9.4:.6] - Applied patch to fix gdevpdtb buffer overflow (bug #493445). - Applied patch to fix scfd buffer underrun (bug #493442). - Applied patch to fix CVE-2009-0792 (bug #491853). - Applied patch to fix CVE-2009-0196 (bug #493379). MODERATE Copyright 2009 Oracle, Inc. CVE-2007-6725 CVE-2009-0196 CVE-2009-0792 CVE-2008-6679 Oracle Linux 5 [095-14.20] - fix for CVE-2009-1185 (bug #495051) - Resolves: rhbz#495055 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-1185 Oracle Linux 5 [1:1.3.7-8:.4] - Applied additional patches by Tim Waugh for batch3892.pdf, batch4781.pdf, batch5486.pdf, batch19856.pdf, batch19869.pdf testing files from CERT (bug #491864). - Resolves: rhbz#492386. [1:1.3.7-8:.3] - Applied patches to fix CVE-2009-0163 (bug #490596), CVE-2009-0146 (bug #490612), CVE-2009-0147 (bug #490614), and CVE-2009-0166 (bug #490625). IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0146 CVE-2009-0147 CVE-2009-0163 CVE-2009-0166 CVE-2009-0195 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 Oracle Linux 5 firefox: [3.0.9-1.0.1.el5] - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch [3.0.9-1] - Update to Firefox 3.0.9 - Gnome crash dialog disabled (#493455) xulrunner: [1.9.0.9-1.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one [1.9.0.9-1] - Update to 1.9.0.9 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-0652 CVE-2009-1302 CVE-2009-1303 CVE-2009-1304 CVE-2009-1305 CVE-2009-1306 CVE-2009-1307 CVE-2009-1308 CVE-2009-1309 CVE-2009-1310 CVE-2009-1311 CVE-2009-1312 Oracle Linux 5 [4.1.3-7.1.el5_3.1] - cve-2005-3350, cve-2005-2974 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2005-2974 CVE-2005-3350 Oracle Linux 5 firefox: [3.0.10-1.0.1.el5] - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch [3.0.10-1] - Update to 3.0.10 xulrunner: [1.9.0.10-1.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one [1.9.0.10-1] - Update to 1.9.0.10 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-1313 Oracle Linux 5 [0.2.8.4-10.2] - Resolves: rhbz#497511 CVE-2009-1364 bad realloc MODERATE Copyright 2009 Oracle, Inc. CVE-2009-1364 Oracle Linux 5 [2.6.18-128.1.10.0.1.el5] - [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson) [orabug 8300888] [2.6.18-128.1.10.el5] - [fs] fix softlockup in posix_locks_deadlock (Josef Bacik ) [496842 476659] [2.6.18-128.1.9.el5] - [net] ipv4: remove uneeded bh_lock/unlock from udp_rcv (Neil Horman ) [496044 484590] [2.6.18-128.1.8.el5] - [misc] exit_notify: kill the wrong capable check [494270 494271] {CVE-2009-1337} - [misc] fork: CLONE_PARENT && parent_exec_id interaction (Don Howard ) [479963 479964] {CVE-2009-0028} - [scsi] qla2xxx: reduce DID_BUS_BUSY failover errors (Marcus Barrow ) [495635 244967] - [nfs] v4: client crash on file lookup with long names (Sachin S. Prabhu ) [494078 493942] {CVE-2009-1336} - [net] ixgbe: stop double counting frames and bytes (Andy Gospodarek ) [489459 487213] - [xen] x86: update the earlier APERF/MPERF patch (Chris Lalancette ) [495929 493557] - [xen] x86: fix dom0 panic when using dom0_max_vcpus (Chris Lalancette ) [495931 485119] - [net] fix oops when using openswan (Neil Horman ) [496044 484590] [2.6.18-128.1.7.el5] - [nfs] remove bogus lock-if-signalled case (Bryn M. Reeves ) [456287 456288] {CVE-2008-4307} - [x86] NONSTOP_TSC in tsc clocksource (Luming Yu ) [493356 474091] - [ppc] keyboard not recognized on bare metal (Justin Payne ) [494293 455232] - [fs] ecryptfs: fix memory leak into crypto headers (Eric Sandeen ) [491255 491256] {CVE-2009-0787} - [xen] x86: silence WRMSR warnings (Chris Lalancette ) [488928 470035] - [ptrace] audit_syscall_entry to use right syscall number (Jiri Pirko ) [488001 488002] {CVE-2009-0834} - [dlm] fix length calculation in compat code (David Teigland ) [491677 487672] - [nfs] fix hung clients from deadlock in flush_workqueue (David Jeffery ) [488929 483627] - [ia64] use current_kernel_time/xtime in hrtimer_start() (Prarit Bhargava ) [490434 485323] - [net] bonding: fix arp_validate=3 slaves behaviour (Jiri Pirko ) [488064 484304] - [net] enic: return notify intr credits (Andy Gospodarek ) [472474 484824] - [input] wacom: 12x12 problem while using lens cursor (Aristeu Rozanski ) [489460 484959] - [net] ehea: improve behaviour in low mem conditions (AMEET M. PARANJAPE ) [487035 483148] IMPORTANT Copyright 2009 Oracle, Inc. CVE-2008-4307 CVE-2009-0787 CVE-2009-0834 CVE-2009-1336 CVE-2009-1337 Oracle Linux 5 [1.0.4-7.el5_3.1] - Updated the License entry - Fixed CVE-2009-0798 (too many open files DoS) - Resolves: #496291 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0798 Oracle Linux 5 [1.14.9-4] - Add pango-glyphstring.patch - Resolves: #497361 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-1194 Oracle Linux 5 [1.49-2.el5_3.1] - fix CVE-2009-0663 and CVE-2009-1341 - Resolves: #498000 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0663 CVE-2009-1341 Oracle Linux 5 [0.5.4-4.4.el5_3.9] - Another fix of integer overflows. - Adds memory-allocation.patch. - Resolves: #490707 [0.5.4-4.4.el5_3.8] - Change calling of exit() to _exit(). - Adds exit-handling.patch. - Resolves: #490707 [0.5.4-4.4.el5_3.7] - Improve handling of EOF at JBIG2Stream.cc. - Adds eof-handling.patch. - Resolves: #490707 [0.5.4-4.4.el5_3.6] - Memory handling from upstream. - Removes CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.allocation-size-check.patch. - Adds upstream-memory-handling.patch. - Resolves: #490707 [0.5.4-4.4.el5_3.5] - Fix allocation of memory in several functions. - Adds CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.allocation-size-check.patch. - Removes CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.long-int.patch. - Resolves: #490707 [0.5.4-4.4.el5_3.4] - Fix allocation of memory in several functions. - Add CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.long-type.patch. - Resolves: #490707 [0.5.4-4.4.el5_3.3] - Add CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.mem.patch. - Resolves: #490707 [0.5.4-4.4.el5_3.2] - A little change of spec file because to pass *RPM requires/provides* test. - Resolves: #490707 [0.5.4-4.4.el5_3.1] - Add CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.patch. - Resolves: #490707 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0195 CVE-2009-0791 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 CVE-2009-3604 CVE-2009-3606 Oracle Linux 5 [0.6.5-13.1] - fix nul dereference in frag code and some memory leaks (#497990) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-1574 CVE-2009-1632 Oracle Linux 5 [4.2.2p1-9.el5_3.2] - fix buffer overflow when parsing Autokey association message (#500783, CVE-2009-1252) - fix buffer overflow in ntpq (#500783, CVE-2009-0159) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0159 CVE-2009-1252 Oracle Linux 5 [2.2.1-21] - Add freetype-2009-CVEs.patch - Resolves: #496111 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0946 Oracle Linux 5 [1.4.8-5.0.1.el5_3.7] - Remove Redhat splash screen images [1.4.8-5.7] - fix broken patch for CVE-2009-1579 [1.4.8-5.6] - fix broken patch for CVE-2009-1579 [1.4.8-5.5] - don't ship patch backup files [1.4.8-5.4] - fix: CVE-2009-1581 : CSS positioning vulnerability - fix: CVE-2009-1579 : Server-side code injection in map_yp_alias username map - fix: CVE-2009-1578 : Multiple cross site scripting issues IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-1578 CVE-2009-1579 CVE-2009-1581 Oracle Linux 5 [2.2.3-22.0.1.el5_3.1] - Replace index.html with oracle's index page oracle_index.html - Update vstring and distro in specfile [2.2.3-22.el5_3.1] - add security fixes for CVE-2008-1678, CVE-2009-1195 (#499284) MODERATE Copyright 2009 Oracle, Inc. CVE-2008-1678 CVE-2009-1195 Oracle Linux 5 [1:1.3.7-8:.6] - Applied patch to fix CVE-2009-0791 (bug #491840). [1:1.3.7-8:.5] - Applied patch to fix CVE-2009-0949 (bug #500972) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0949 Oracle Linux 5 firefox: [3.0.11-2.0.1.el5_3] - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch [3.0.11-2] - Update due to respin [3.0.11-1] - Update to 3.0.11 xulrunner: [1.9.0.11-3.0.1.el5_3] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one [1.9.0.11-3] - Added patch to fix #488570 [1.9.0.11-2] - Update due to respin [1.9.0.11-1] - Update to 1.9.0.11 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-1392 CVE-2009-1832 CVE-2009-1833 CVE-2009-1834 CVE-2009-1835 CVE-2009-1836 CVE-2009-1837 CVE-2009-1838 CVE-2009-1839 CVE-2009-1840 CVE-2009-1841 Oracle Linux 5 [1.0.8-1.0.1.el5_3.1] - Add oracle-ocfs2-network.patch [1.0.8-1.1] - bump release to match Z-stream/EUS NVR policy - Resolves: #501950 [1.0.8-1] - upgrade to 1.0.8 - Resolves: #501950 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-1210 CVE-2009-1268 CVE-2009-1269 CVE-2009-1829 Oracle Linux 5 [15.5-15.1.el5_3.1] - Release bump to create newer nvr despite dist tag change (fc6 -> el5) [15.5-15.el5_3.4] - Merge incdir-overflow and snprintf patches for better readability, snprintf is used now with PATHLEN limit without other adjustments, related strlen / %.*s / *_len are no longer needed and were dropped - Update tempsec patch, drop extraneous s(n)printf argument to suppress compiler warnings - Update fscanf-overflows patch to perform reffile argument length check earlier, now also includes strlen-adjust-fix patch [15.5-15.el5_3.3] - Correcting buffer overflow fix (bz 499200) [15.5-15.el5_3.2] - Fix some buffer overflows (bz 499200) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0148 CVE-2004-2541 Oracle Linux 5 [2.6.18-128.1.14.0.1.el5] - [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson) [orabug 8300888] [2.6.18-128.1.14.el5] - [nfs] v4: client handling of MAY_EXEC in nfs_permission (Peter Staubach ) [500301 500302] {CVE-2009-1630} - [fs] proc: avoid info leaks to non-privileged processes (Amerigo Wang ) [499546 499541] - [net] tg3: Fix firmware event timeouts (Jiri Pirko ) [502837 481715] - [scsi] libiscsi: fix nop response/reply and session cleanup race (Jiri Pirko ) [502916 497411] - [fs] cifs: fix pointer and checks in cifs_follow_symlink (Jeff Layton ) [496576 496577] {CVE-2009-1633} - [fs] cifs: fix error handling in parse_DFS_referrals (Jeff Layton ) [496576 496577] {CVE-2009-1633} - [fs] cifs: buffer overruns when converting strings (Jeff Layton ) [496576 496577] {CVE-2009-1633} - [fs] cifs: unicode alignment and buffer sizing problems (Jeff Layton ) [494279 494280] {CVE-2009-1439} - [x86] xen: fix local denial of service (Chris Lalancette ) [500950 500951] {CVE-2009-1758} - [misc] compile: add -fwrapv to gcc CFLAGS (Don Zickus ) [501751 491266] - [misc] random: make get_random_int more random (Amerigo Wang ) [499783 499776] - [gfs2] fix uninterruptible quotad sleeping (Steven Whitehouse ) [501742 492943] - [mm] cow vs gup race fix (Andrea Arcangeli ) [486921 471613] - [mm] fork vs gup race fix (Andrea Arcangeli ) [486921 471613] - [nfs] fix hangs during heavy write workloads (Peter Staubach ) [486926 469848] [2.6.18-128.1.13.el5] - [misc] add some long-missing capabilities to CAP_FS_MASK (Eric Paris ) [499075 497271 499076 497272] {CVE-2009-1072} - [agp] zero pages before sending to userspace (Jiri Olsa ) [497025 497026] {CVE-2009-1192} - [fs] keep eventpoll from locking up the box (Josef Bacik ) [497322 487585] - [misc] waitpid reports stopped process more than once (Vitaly Mayatskikh ) [486945 481199] - [ata] libata: ahci enclosure management bios workaround (David Milburn ) [500120 488471] [2.6.18-128.1.12.el5] - [ia64] fix regression in nanosleep syscall (Prarit Bhargava ) [500349 499289] [2.6.18-128.1.11.el5] - [nfs] race with nfs_access_cache_shrinker() and umount (Peter Staubach ) [498653 469225] IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-1072 CVE-2009-1192 CVE-2009-1439 CVE-2009-1630 CVE-2009-1633 CVE-2009-1758 CVE-2009-3238 Oracle Linux 5 [1.2.7-7.el5_3.1] - add security fixes for CVE-2009-0023, CVE-2009-1955, and CVE-2009-1956 (#504560) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0023 CVE-2009-1955 CVE-2009-1956 Oracle Linux 5 [2.3.7-2.2] - add -fno-strict-aliasing to cflags [2.3.7-2.1] - fix sasl_encode64's buffers (#505427) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0688 Oracle Linux 5 [3.6-5.11.4] - Resolves: rhbz#505159 CVE-2009-0153 guarantee abi [3.6-5.11.3] - Resolves: rhbz#505159 CVE-2009-0153 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0153 Oracle Linux 5 [0.10.9-1.el5.2] - CVE-2009-1932: Integer overflow in PNG decoder. MODERATE Copyright 2009 Oracle, Inc. CVE-2009-1932 Oracle Linux 5 [3.5.4-22.0.1.el5_3] - Remove Version branding - Maximum rpm trademark logos removed (pics/crystalsvg/*-mime-rpm*) in tarball [3.5.4-22] - Resolves: #505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content (DoS, ACE) [3.5.4-21] - Resolves: #505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content (DoS, ACE) [3.5.4-20] - Resolves: #505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content (DoS, ACE) [3.5.4-19] - Resolves: #505621, CVE-2009-1690 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-1687 CVE-2009-1690 CVE-2009-1698 Oracle Linux 5 [2.6.14-1.3] - security update (CVE-2009-2185) Resolves: CVE-2009-2185 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-2185 Oracle Linux 5 [1.8.5-5.el5_3.7] - security fixes. (#505087) - CVE-2007-1558: APOP password disclosure vulnerability. - CVE-2009-0642: Incorrect checks for validity of X.509 certificates. - CVE-2009-1904: DoS vulnerability in BigDecimal. MODERATE Copyright 2009 Oracle, Inc. CVE-2007-1558 CVE-2009-0642 CVE-2009-1904 Oracle Linux 5 [2.2.3-22.0.1.el5_3.2] - Replace index.html with Oracle's index page oracle_index.html - Update vstring and distro in specfile [2.2.3-22.el5_3.2] - add security fixes for CVE-2009-1890, CVE-2009-1891 (#509782) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-1890 CVE-2009-1891 Oracle Linux 5 [3.8.2-7.el5.4] - Fix buffer overrun risks caused by unchecked integer overflow (CVE-2009-2347) Resolves: #507725 [3.8.2-7.el5.3] - Fix some more LZW decoding vulnerabilities (CVE-2009-2285) Resolves: #507725 - Update upstream URL MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2285 CVE-2009-2347 Oracle Linux 5 firefox: [3.0.12-1.0.1.el5_3] - Update firstrun and homepage URLs - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones - Added patch oracle-firefox-branding.patch [3.0.12-1] - Update to 3.0.12 xulrunner: [1.9.0.12-1.0.1.el5_3] - Added xulrunner-oracle-default-prefs.js - Removed RedHat corresponding one [1.9.0.12-1] - Update to 1.9.0.12 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-2462 CVE-2009-2463 CVE-2009-2464 CVE-2009-2465 CVE-2009-2466 CVE-2009-2467 CVE-2009-2469 CVE-2009-2470 CVE-2009-2471 CVE-2009-2472 CVE-2009-2664 Oracle Linux 5 [5.5.23-0jpp.7.2] - Actually add the patch files this time Resolves: rhbz#427779 Resolves: rhbz#504758 Resolves: rhbz#503980 Resolves: rhbz#504162 [5.5.23-0jpp.7.2] - add patch for CVE-2007-5333 Resolves: rhbz#427779 - add patch for CVE-2008-5515 Resolves: rhbz#504758 - add patch for CVE-2009-0033 - add patch for CVE-2009-0580 Resolves: rhbz#503980 - add patch for CVE-2009-0783 Resolves: rhbz#504162 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2007-5333 CVE-2008-5515 CVE-2009-0033 CVE-2009-0580 CVE-2009-0781 CVE-2009-0783 Oracle Linux 5 [2.4.3-24.el5_3.6] - Fix all of the low priority security bugs: - Resolves: rhbz#486351 - Multiple integer overflows in python core (CVE-2008-2315) - Resolves: 455008 - PyString_FromStringAndSize does not check for negative size values (CVE-2008-1887) - Resolves: 443810 - Multiple integer overflows discovered by Google (CVE-2008-3143) - Resolves: 455013 - Multiple buffer overflows in unicode processing (CVE-2008-3142) - Resolves: 454990 - Potential integer underflow and overflow in the PyOS_vsnprintf C API function (CVE-2008-3144) - Resolves: 455018 - imageop module multiple integer overflows (CVE-2008-4864) - Resolves: 469656 - stringobject, unicodeobject integer overflows (CVE-2008-5031) - Resolves: 470915 - integer signedness error in the zlib extension module (CVE-2008-1721) - Resolves: 442005 - off-by-one locale.strxfrm() (possible memory disclosure) (CVE-2007-2052) - Resolves: 235093 - imageop module heap corruption (CVE-2007-4965) - Resolves: 295971 MODERATE Copyright 2009 Oracle, Inc. CVE-2007-2052 CVE-2007-4965 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CVE-2008-4864 CVE-2008-5031 Oracle Linux 5 [30:9.3.4-10.P1.3] - fix named_sdb as well (CVE-2009-0696, #514292) [30:9.3.4-10.P1.2] - security fix for remote DoS (CVE-2009-0696, #514292) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0696 Oracle Linux 5 nspr: [4.7.4-1.el5_3.1] - create z-stream version [4.7.4-1] - Update to NSPR 4.7.4 nss: [3.12.3.99.3-1.el5_3.2] - adjust ssl cipher count constant (bug 505650) [3.12.3.99.3-1.el5_3.1] - create z-stream version [3.12.3.99.3-1] - updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75 [3.12.3-5] - updated patch to seckey [3.12.3-4] - add a patch to seckey [3.12.3-3] - remove references to SEED [3.12.3-2] - update to NSS 3.12.3 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 Oracle Linux 5 nspr: [4.7.4-1.el5_3.1] - create z-stream version [4.7.4-1] - Update to NSPR 4.7.4 nss: [3.12.3.99.3-1.0.1.el5_3.2] - Update clean.gif in the nss-3.12.3.99.3-stripped.tar.bz2 tarball [3.12.3.99.3-1.el5_3.2] - adjust ssl cipher count constant (bug 505650) [3.12.3.99.3-1.el5_3.1] - create z-stream version [3.12.3.99.3-1] - updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75 [3.12.3-5] - updated patch to seckey [3.12.3-4] - add a patch to seckey [3.12.3-3] - remove references to SEED [3.12.3-2] - update to NSS 3.12.3 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-2404 CVE-2009-2408 CVE-2009-2409 Oracle Linux 5 [2.6.18-128.4.1.0.1.el5] - [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson) [orabug 8300888] - [NET] Add entropy support to igb ( John Sobecki) [orabug 7607479] - [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329] - [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526] [2.6.18-128.4.1.el5] - [fs] ecryptfs: check tag 11 packet literal data buffer size (Eric Sandeen ) [512862 512863] {CVE-2009-2406} - [fs] ecryptfs: check tag 3 packet encrypted key size (Eric Sandeen ) [512886 512887] {CVE-2009-2407} - [misc] personality handling: fix PER_CLEAR_ON_SETID (Vitaly Mayatskikh ) [511173 508842] {CVE-2009-1895} - [xen] HV: remove high latency spin_lock (Chris Lalancette ) [512311 459410] [2.6.18-128.3.1.el5] - [pci] quirk: disable MSI on VIA VT3364 chipsets (Dean Nelson ) [507529 501374] - [char] tty: prevent an O_NDELAY writer from blocking (Mauro Carvalho Chehab ) [510239 506806] - [misc] hrtimer: fix a soft lockup (Amerigo Wang ) [418061 418071] {CVE-2007-5966} - [misc] hrtimer: check relative timeouts for overflow (AMEET M. PARANJAPE ) [510018 492230] IMPORTANT Copyright 2009 Oracle, Inc. CVE-2007-5966 CVE-2009-1385 CVE-2009-1388 CVE-2009-1389 CVE-2009-1895 CVE-2009-2406 CVE-2009-2407 Oracle Linux 5 [1:1.6.0.0-1.2.b09.0.1.el5] - Add oracle-enterprise.patch [1:1.6.0.0-1.2.b09] - Updated release. - Moved java-1.6.0-openjdk-securitypatches.patch to java-1.6.0-openjdk-march24-securitypatches.patch. - Created new java-1.6.0-openjdk-july28-securitypatches.patch. - Updated release. - Resolves: rhbz#513391 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0217 CVE-2009-2475 CVE-2009-2476 CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2674 CVE-2009-2675 CVE-2009-2689 CVE-2009-2690 Oracle Linux 5 [1.4.2-4.0.1.el5_3.1] - Add oracle-enterprise.patch [1.4.2-4.el5_3.1] - add security fix for CVE-2009-2411 (#515817) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-2411 Oracle Linux 5 apr: [1.2.7-11.1] - add security fix for CVE-2009-2412 (#515709) apr-util: [1.2.7-7.el5_3.2] - add security fix for CVE-2009-2412 (#515713) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2412 Oracle Linux 5 libxml: [1:1.8.17-9.3] - fix a couple of crash - Resolves: rhbg#515226 libxml2: [2.6.26-2.1.2.8.0.1] - Add libxml2-enterprise.patch and update logos in tarball [2.6.26-2.1.2.8] - Fix a couple of crash CVE-2009-2414 and CVE-2009-2416 - Resolves: rhbz#515236 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2414 CVE-2009-2416 Oracle Linux 5 [7.15.5-2.1.el5_3.5] - fix CVE-2009-2417 (#516257) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2417 Oracle Linux 5 [1:1.1.2-3.el5.3] - fix CVE-2009-2663 Resolves: #516348 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-2663 Oracle Linux 5 [2.6.18-128.7.1.0.1.el5] - [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [MM] balloon code needs to adjust totalhigh_pages (Chuck Anderson) [orabug 8300888] - [NET] Add entropy support to igb ( John Sobecki) [orabug 7607479] - [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329] - [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526] [2.6.18-128.7.1.el5] - [net] prevent null pointer dereference in udp_sendmsg (Vitaly Mayatskikh) [518047 518043] {CVE-2009-2698} [2.6.18-128.6.1.el5] - [net] make sock_sendpage use kernel_sendpage (Jiri Pirko ) [517445 516955] {CVE-2009-2692} [2.6.18-128.5.1.el5] - [dlm] free socket in error exit path (David Teigland ) [515432 508829] IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-2692 CVE-2009-2698 Oracle Linux 5 [1.4.1-3.5] - fix NUL characters in DN and SAN cert fields issue, make sure gnutls_x509_crt_check_hostname() fails when certificate has no CN or SAN CVE-2009-2730 (#516231) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2730 Oracle Linux 5 [2.45-1.1.el5] - problems with strings when enabling tftp CVE-2009-2957 and CVE-2009-2957 - Resolves: rhbg#519021 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-2957 CVE-2009-2958 Oracle Linux 5 [2.6.18-164.el5] - [misc] information leak in sigaltstack (Vitaly Mayatskikh ) [515396] - [misc] execve: must clear current->clear_child_tid (Oleg Nesterov ) [515429] - [net] igb: set lan id prior to configuring phy (Stefan Assmann ) [508870] - [net] udp: socket NULL ptr dereference (Vitaly Mayatskikh ) [518043] {CVE-2009-2698} [2.6.18-163.el5] - [net] make sock_sendpage use kernel_sendpage (Danny Feng ) [516955] {CVE-2009-2692} [2.6.18-162.el5] - [x86_64] Intel IOMMU: Pass Through Support (Don Dutile ) [504363] [2.6.18-161.el5] - [dlm] free socket in error exit path (David Teigland ) [508829] - [net] tg3: fix concurrent migration of VM clients (John Feeney ) [511918] - [scsi] mptfusion: revert to pci_map (Tomas Henzl ) [514049] - [scsi] bnx2i: fix conn disconnection bugs (mchristi@redhat.com ) [513802] - [scsi] qla2xxx: unable to destroy npiv HBA ports (Marcus Barrow ) [514352] - [scsi] ALUA: send STPG if explicit and implicit (mchristi@redhat.com ) [482737] - [scsi] megaraid: fix the tape drive issue (Tomas Henzl ) [510665] - [scsi] cxgb3i: fix skb allocation (mchristi@redhat.com ) [514073] - [fs] __bio_clone: dont calculate hw/phys segment counts (Milan Broz ) [512387] - [fs] ecryptfs: check tag 11 packet data buffer size (Eric Sandeen ) [512863] {CVE-2009-2406} - [fs] ecryptfs: check tag 3 packet encrypted key size (Eric Sandeen ) [512887] {CVE-2009-2407} - [xen] amd iommu: crash with pass-through on large memory (Bhavna Sarathy ) [514910] [2.6.18-160.el5] - [scsi] mptsas: fix max_id initialization (mchristi@redhat.com ) [455678] - [ata] ahci: add IDs for Ibex Peak ahci controllers (David Milburn ) [513067] - [scsi] lpfc: update to 8.2.0.48.2p, fix multiple panics (Rob Evers ) [512266] - [gfs2] remove dcache entries for remote deleted inodes (Benjamin Marzinski ) [505548] - [alsa] add native support for IbexPeak audio (Jaroslav Kysela ) [509526] - [alsa] IbexPeak related patches for codec auto-config (Jaroslav Kysela ) [509526] - [scsi] cciss: call bus_unregister in cciss_remove_one (Rob Evers ) [513070] - [scsi] cciss: add driver sysfs entries (Rob Evers ) [513070] - [net] e1000e/igb: make sure wol can be configured (Andy Gospodarek ) [513032] - [fs] xfs: only compile for x86_64 (Eric Sandeen ) [512827] - [ahci] add SATA GEN3 related messages (David Milburn ) [512086] - [net] tun/tap: open /dev/net/tun and then poll() it fix (Danny Feng ) [512286] {CVE-2009-1897} - [net] mlx4_en: problem with LRO that segfaults KVM host (Doug Ledford ) [510789] - [openib] mthca: fix over sized kmalloc usage (Doug Ledford ) [508902] - [s390] zcrypt: request gets timed out under high load (Hans-Joachim Picht ) [511289] [2.6.18-159.el5] - [scsi] cciss: fix sysfs broken symlink regression (Rob Evers ) [510178] - [kabi] add consume_skb (Jon Masters ) [479200] - [net] ipv6: fix incorrect disable_ipv6 behavior (jolsa@redhat.com ) [512258] - [net] ipv6: fix BUG when disabled module is unloaded (jolsa@redhat.com ) [512258] - [net] ipv6: add 'disable' module parameter support (jolsa@redhat.com ) [512258] - Revert: [mm] fix swap race in fork-gup patch group (Larry Woodman ) [508919] - [scsi] mptfusion: fix OOPS in failover path (Rob Evers ) [504835] - [scsi] stex: minimize DMA coherent allocation (David Milburn ) [486466] - [misc] personality handling: fix PER_CLEAR_ON_SETID (Vitaly Mayatskikh ) [508842] - [misc] build with -fno-delete-null-pointer-checks (Eugene Teo ) [511181] - [scsi] qla2xxx: provide reset capability for EEH (Marcus Barrow ) [511141] - [scsi] bnx2i: fix host setup and libiscsi abort locking (mchristi@redhat.com ) [511096] - [xen] ia64: fix rmmod of PCI devices (Chris Lalancette ) [507520] - [pci] kvm: PCI FLR support for device assignment (Don Dutile ) [510805] - [gfs2] dont put unlikely reclaim glocks on reclaim list (Benjamin Marzinski ) [504335] [2.6.18-158.el5] - [s390] add missing kernel option CONFIG_SHARED_KERNEL (Hans-Joachim Picht ) [506947] - [gfs2] fix incorrent statfs_slow consistency check (Benjamin Marzinski ) [505171] - [net] be2net: fix msix performance regression (Andy Gospodarek ) [510008] - [gfs2] umount.gfs2 hangs eating CPU (Abhijith Das ) [508876] - [block] protect the per-gendisk partition array with rcu (Jeff Moyer ) [495866] - [net] igb: fix panic when assigning device to guest (Andy Gospodarek ) [507173] - [ia64] xen: dom0 get/set_address_size (Chris Lalancette ) [510069] - [x86] fix suspend/resume issue on SB800 chipset (Bhavna Sarathy ) [498135] - [scsi] cciss: fix spinlock (Tomas Henzl ) [509818] - [scsi] qla2xxx: NPIV broken for PPC, endian fix (Marcus Barrow ) [510268] - [scsi] qla2xxx: prevent hangs in extended error handling (Marcus Barrow ) [470510] - [mm] prevent softlockups in copy_hugetlb_page_range (Larry Woodman ) [508919] - [scsi] cxgb3i: fix vlan support (mchristi@redhat.com ) [508409] - [net] bnx2i: RHEL-5.4 code cleanups (mchristi@redhat.com ) [504181] - [x86_64] import asm/svm.h and asm/vmx.h (Eduardo Habkost ) [507483] - [x86_64] import asm/virtext.h (Eduardo Habkost ) [507483] - [x86_64] add MSR_VM_* defines (Eduardo Habkost ) [507483] - [x86_64] disable VMX and SVM on machine_crash_shutdown (Eduardo Habkost ) [507483] - [x86_64] add EFER_SVME define (Eduardo Habkost ) [507483] - [x86_64] define X86_CR4_VMXE (Eduardo Habkost ) [507483] - [net] qlge: rhel-5.4 cleanups (Marcus Barrow ) [509647] - [scsi] lpfc: fix ctx_idx increase and update version (Rob Evers ) [509010] - [scsi] lpfc: move pointer ref. inside alloc check in (Rob Evers ) [509010] - [scsi] lpfc: update to version 8.2.0.48 (Rob Evers ) [509010] - [mm] fix re-read performance regression (Josef Bacik ) [506511] - [net] ipsec: add missing braces to fix policy querying (Herbert Xu ) [462731] - [net] tg3: 5785F and 50160M support (Andy Gospodarek ) [506205] - [pci] intel-iommu: fix iommu address space allocation (Chris Wright ) [509207] - [xen] virtio: do not statically allocate root device (Mark McLoughlin ) [501468] - [xen] virtio: add PCI device release function (Mark McLoughlin ) [501468] - [misc] driver core: add root_device_register (Mark McLoughlin ) [501468] - [block] blktrace: fix recursive block remap tracepoint (Jason Baron ) [502573] - [scsi] qla2xxx: rhel-5.4 fixes and cleanups (Marcus Barrow ) [507246] - [xen] HV: remove high latency spin_lock (Chris Lalancette ) [459410] - [xen] ia64: add get/set_address_size support (Chris Lalancette ) [510069] [2.6.18-157.el5] - [mm] readv: sometimes returns less than it should (Amerigo Wang ) [500693] - [net] be2net: fix races in napi and interrupt handling (Andy Gospodarek ) [508839] - [net] be2net: fix deadlock with bonding (Andy Gospodarek ) [508871] - [xen] quiet printk on FV guest shutdown (Don Dutile ) [501474] - [fs] fuse: enable building the subsystem (Josef Bacik ) [457975] - [gfs2] fix panic in glock memory shrinker (Benjamin Marzinski ) [508806] - [net] rt2x00: use mac80211-provided workqueue (John W. Linville ) [506845] - [pci] quirk: disable MSI on VIA VT3364 chipsets (Dean Nelson ) [501374] - [net] undo vlan promiscuity count when unregistered (Neil Horman ) [481283] - [net] be2net: crash on PPC with LRO and jumbo frames (Andy Gospodarek ) [508404] - [net] RTNL: assertion failed due to bonding notify (Stanislaw Gruszka ) [508297] - [scsi] ibmvfc: process async events before cmd responses (AMEET M. PARANJAPE ) [508127] - [scsi] ibmvfc: fix endless PRLI loop in discovery (AMEET M. PARANJAPE ) [508127] - [scsi] ibmvfc: improve LOGO/PRLO ELS handling (AMEET M. PARANJAPE ) [508127] - [net] iucv: provide second per-cpu cmd parameter block (Hans-Joachim Picht ) [503240] - [net] sky2: /proc/net/dev statistics are broken (Flavio Leitner ) [507932] - [scsi] qla2xxx: prevent I/O stoppage (Marcus Barrow ) [507620] - [scsi] qla2xxx: updates 24xx firmware to 4.04.09 (Marcus Barrow ) [507398] - [scsi] qla2xxx: updates 25xx firmware to 4.04.09 (Marcus Barrow ) [507398] - [scsi] qla4xxx: extended sense data errors, cleanups (Marcus Barrow ) [506981] - [char] tty: prevent an O_NDELAY writer from blocking (Mauro Carvalho Chehab ) [506806] - [xen] allow msi reconfigure for pt_bind_irq (ddugger@redhat.com ) [507970] [2.6.18-156.el5] - [misc] kdump: make mcp55 chips work (Neil Horman ) [462519] - [ide] enable VX800 to use UDMA mode (John Feeney ) [504121] - [misc] wacom: reset state when tool is not in proximity (Aristeu Rozanski ) [499870] - [scsi] lpfc: update to version 8.2.0.46 (Rob Evers ) [506792] - [mm] prevent panic in copy_hugetlb_page_range (Larry Woodman ) [507860] - [gfs2] keep statfs info in sync on grows (Benjamin Marzinski ) [494885] - [gfs2] always queue work after after setting GLF_LOCK (Benjamin Marzinski ) [506140] - [scsi] cxgb3i: use kref to track ddp, support page sizes (mchristi@redhat.com ) [506151] - [security] drop mmap_min_addr to 4096 (Eric Paris ) [507017] - [misc] hrtimer: fix a soft lockup (Amerigo Wang ) [418071] {CVE-2007-5966} - [net] backport net_rx_action tracepoint (Neil Horman ) [506138] - [gfs2] fix truncate buffered/direct I/O issue (Steven Whitehouse ) [504676] - [xen] x86: fix IRQ problem on legacy hardware (ddugger@redhat.com ) [505491] - [xen] disable 2MB support on PAE kernels (Bhavna Sarathy ) [503737] [2.6.18-155.el5] - [mm] fix swap race condition in fork-gup-race patch (Andrea Arcangeli ) [506684] - [net] e1000e: stop unnecessary polling when using msi-x (Andy Gospodarek ) [506841] [2.6.18-154.el5] - [kABI] add smp_send_reschedule and get_user_pages_fast (Jon Masters ) [504038] - [scsi] lpfc: update to version 8.2.0.45 (Rob Evers ) [505445] - [fs] ext4: fix prealloc vs truncate corruption (Eric Sandeen ) [505601] - [net] r8169: fix crash when large packets are received (Ivan Vecera ) [504732] {CVE-2009-1389} - [pci] fix pcie save restore patch (Don Dutile ) [505541] - [scsi] ibmvscsi: add 16 byte CDB support (AMEET M. PARANJAPE ) [502944] - [infiniband] iw_cxgb3: add final fixups for 1.4.1 (Doug Ledford ) [504906] - [infiniband] mlx4_en: hand remove XRC support (Doug Ledford ) [506097] - [infiniband] cxgb3: update firmware from 7.1 to 7.4 (Doug Ledford ) [504955] - [infiniband] ofed: backports from ofed 1.4.1 final bits (Doug Ledford ) [506097] - [infiniband] RDS: Update to ofed 1.4.1 final bits (Doug Ledford ) [506097] - [infiniband] mthca: update to ofed 1.4.1 final bits (Doug Ledford ) [506097] - [net] cxgb3: support two new phys and page mapping fix (Doug Ledford ) [504955] - [infiniband] ipoib/sdp: update to ofed 1.4.1 final bits (Doug Ledford ) [506097] - [infiniband] OFED: back out XRC patch, not ready yet (Doug Ledford ) [506097] - [infiniband] mlx4_en: update to ofed 1.4.1 final bits (Doug Ledford ) [506097] - [infiniband] iw_nes: update to ofed 1.4.1 final bits (Doug Ledford ) [506097] - [infiniband] OFED: fix broken switch statement (Doug Ledford ) [506097] - [infiniband] OFED: removes this backport and all callers (Doug Ledford ) [506097] - [infiniband] iw_cxgb3: update to ofed 1.4.1 final bits (Doug Ledford ) [506097] - [infiniband] mlx4_ib: update to ofed 1.4.1 final bits (Doug Ledford ) [506097] - [infiniband] remove duplicate definition (Doug Ledford ) [500368] - [net] be2net: add intial support (Andy Gospodarek ) [490074] - [net] ixgbe: backport fixups and bugfixes for 82599 (Andy Gospodarek ) [505653] - [md] increase pg_init_in_progress only if work is queued (Jesse Larrew ) [489582] - [x86_64] AMD IOMMU: fix GLX issue in bare metal (Bhavna Sarathy ) [504010] - [scsi] libsas: use the supplied address for SATA devices (David Milburn ) [494658] - [x86_64] amd iommu: fix kdump unknown partition table (Bhavna Sarathy ) [504751] - [char] TPM: get_event_name stack corruption (Dean Nelson ) [503905] - [net] e1000e: update to upstream version 1.0.2-k2 (Andy Gospodarek ) [480241] - [crypto] add continuous test to hw rng in FIPS mode (Neil Horman ) [504218] - [net] ehea: fix invalid pointer access (AMEET M. PARANJAPE ) [504679] - [x86_64] amd iommu: fix spinlock imbalance (Bhavna Sarathy ) [501571] - [x86_64] iommu: protect against broken IVRS ACPI table (Bhavna Sarathy ) [501571] - [x86_64] amd iommu: fix flag masks (Bhavna Sarathy ) [501571] - [x86_64] iommu: fix the handling of device aliases (Bhavna Sarathy ) [501571] - [x86_64] amd iommu: fix an off-by-one error (Bhavna Sarathy ) [501571] - [xen] x86: give dom0 access to machine e820 map (ddugger@redhat.com ) [503818] - [pci] fix sr-iov regression with PCI device class (ddugger@redhat.com ) [503826] - [scsi] qla4xxx: extended sense data errors (Marcus Barrow ) [489389] - [scsi] qla4xxx: remove some dead code (Marcus Barrow ) [459449] - [net] qla2xxx, ql8xxx : support for 10 GigE (Marcus Barrow ) [479288] [2.6.18-153.el5] - [s390x] zfcpdump: move zfcpdump kernel removal to %post (Don Zickus ) [499629] - [x86_64] kvm: fix libvirt based device assignment issue (Bhavna Sarathy ) [504165] - [gfs2] get gfs2meta superblock correctly (Benjamin Marzinski ) [504086] - [ptrace] fix do_coredump vs ptrace_start() deadlock (Oleg Nesterov ) [504157] {CVE-2009-1388} - [scsi] ipr: fix PCI permanent error handler (AMEET M. PARANJAPE ) [503960] - [scsi] IPR: adapter taken offline after first EEH error (AMEET M. PARANJAPE ) [504675] - [scsi] lpfc: update to version 8.2.0.44 (Rob Evers ) [503248] - [net] skb_seq_read: wrong offset/len for page frag data (mchristi@redhat.com ) [501308] - [xen] netback: change back to a flipping interface (Chris Lalancette ) [479754] - [fs] autofs4: remove hashed check in validate_wait (Ian Kent ) [490078] - [ppc64] resolves issues with pcie-save-restore-state (AMEET M. PARANJAPE ) [504198] - [net] gso: stop fraglists from escaping (Herbert Xu ) [499347] - [tun] use non-linear packets where possible (Herbert Xu ) [503309] - [net] skb_copy_datagram_from_iovec (Herbert Xu ) [503309] - [net] tun: only wake up writers (Herbert Xu ) [503191] - Re-apply: [net] tun: add packet accounting (Don Zickus ) [495863] - [sched] fix cond_resched_softirq() offset (Jesse Larrew ) [496935] - [ata] sata_sx4: fixup interrupt and exception handling (David Milburn ) [503827] - Revert: [net] avoid extra wakeups in wait_for_packet (Don Zickus ) [497897] - [net] e1000: fix skb_over_panic (Neil Horman ) [503441] {CVE-2009-1385} [2.6.18-152.el5] - [x86_64] kvm: export symbols to allow building (john cooper ) [504038] - [misc] s390 zfcpdump: check for another image on removal (Hans-Joachim Picht ) [499629] - [net] ixgbe: fix MSI-X allocation on 8+ core systems (Andy Gospodarek ) [500857] - [s390] dasd: add EMC ioctl to the driver (Christoph Hellwig ) [461288] - [net] ixgbe: fix polling saturates CPU (Andy Gospodarek ) [503559] - [misc] core dump: wrong thread info in core dump file (Amerigo Wang ) [503553] - [crypto] testmgr: check all test vector lengths (Jarod Wilson ) [503091] - [net] igb and igbvf: return from napi poll correctly (Andy Gospodarek ) [503215] - [crypto] testmgr: dynamically allocate xbuf and axbuf (Jarod Wilson ) [503091] - [fs] vfs: skip I_CLEAR state inodes in drop_pagecache_sb (Eric Sandeen ) [500164] - Revert: [net] tun: add packet accounting (Herbert Xu ) [495863] - [net] netxen: add GRO Support (Herbert Xu ) [499347] - [nfs] v4: 'r'/'w' perms for user do not work on client (Peter Staubach ) [502244] - [x86] nmi: add Intel cpu 0x6f4 to perfctr1 workaround (Prarit Bhargava ) [500892] - [dm] raid45 target: kernel oops in constructor (Heinz Mauelshagen ) [503070] - [net] sky2: fix sky2 stats (Neil Horman ) [503080] - [acpi] check _PSS frequency to prevent cpufreq crash (Prarit Bhargava ) [500311] - [scsi] mvsas: sync w/ appropriate upstream changes (Rob Evers ) [485126] - [scsi] mvsas: comment cleanup (Rob Evers ) [485126] - [scsi] mvsas: correct bit-map implementation (Rob Evers ) [485126] - [scsi] mvsas: initial patch submission (Rob Evers ) [485126] - [net] add broadcom cnic driver (mchristi@redhat.com ) [441979] - [scsi] add bnx2i iscsi driver (mchristi@redhat.com ) [441979] - [scsi] add netlink msg to iscsi IF to support offload (mchristi@redhat.com ) [441979] - [misc] add UIO framework from upstream (mchristi@redhat.com ) [441979] - [net] add cnic support to bnx2 (mchristi@redhat.com ) [441979] - [powerpc] pass the PDN to check_msix_entries (AMEET M. PARANJAPE ) [502906] - [fs] proc: avoid info leaks to non-privileged processes (Amerigo Wang ) [499541] - [net] ixgbe: add GRO suppport (Herbert Xu ) [499347] - [net] igb: add GRO suppport (Herbert Xu ) [499347] - [net] cxgb3: add GRO suppport (Herbert Xu ) [499347] - [net] vlan: add GRO interfaces (Herbert Xu ) [499347] - [net] tcp6: add GRO support (Herbert Xu ) [499347] - [net] ipv6: add GRO support (Herbert Xu ) [499347] - [net] ethtool: add GGRO and SGRO ops (Herbert Xu ) [499347] - [net] tcp: add GRO support (Herbert Xu ) [499347] - [net] add skb_gro_receive (Herbert Xu ) [499347] - [net] ipv4: add GRO infrastructure (Herbert Xu ) [499347] - [net] add Generic Receive Offload infrastructure (Herbert Xu ) [499347] - [net] add frag_list support to GSO (Herbert Xu ) [499347] - [net] add frag_list support to skb_segment (Herbert Xu ) [499347] - [net] skbuff: add skb_release_head_state (Herbert Xu ) [499347] - [net] skbuff: merge code copy_skb_header and skb_clone (Herbert Xu ) [499347] - [netfilter] nf_conntrack: add __nf_copy to copy members (Herbert Xu ) [499347] - [net] skbuff: add skb_cow_head (Herbert Xu ) [499347] - [net] netpoll: backport netpoll_rx_on (Herbert Xu ) [499347] - [net] gro: Optimise Ethernet header comparison (Herbert Xu ) [499347] - [net] backport csum_replace4/csum_replace2 (Herbert Xu ) [499347] - [net] backport csum_unfold without sparse annotations (Herbert Xu ) [499347] - [net] sky2: fix eeprom reads (Neil Horman ) [501050] - [nfs] v4: client handling of MAY_EXEC in nfs_permission (Peter Staubach ) [500302] {CVE-2009-1630} - [net] forcedeth: restore power up snippet (Ivan Vecera ) [479740] - [md] dm: I/O failures when running dm-over-md with xen (Mikulas Patocka ) [223947] - [selinux] warn on nfs mounts with same SB but diff opts (Eric Paris ) [466701] [2.6.18-151.el5] - [alsa] hda: improve init for ALC262_HP_BPC model (Jaroslav Kysela ) [473949] - [ppc] LPAR hang on multipath device with FCS v2 (AMEET M. PARANJAPE ) [498927] - [fs] nfsd: fix setting the nfsv4 acls (Steve Dickson ) [403021] - [scsi] fnic: compile on x86 too (mchristi@redhat.com ) [501112] - [net] avoid extra wakeups in wait_for_packet (Neil Horman ) [497897] - [x86] xen: fix local denial of service (Chris Lalancette ) [500951] - [scsi] ibmvfc: wait on adapter init before starting scan (AMEET M. PARANJAPE ) [501560] - [net] bnx2x: update to 1.48.105 (Stanislaw Gruszka ) [475481] - [xen] add Credit Scheduler Fairness and hard virt (Justin M. Forbes ) [432700] - [xen] deadlock between libvirt and xentop (Miroslav Rezanina ) [499013] - [xen] sched: remove printk introduced with hard virt (Justin M. Forbes ) [501475] [2.6.18-150.el5] - [kabi] add cmirror symbols to kABI (Jon Masters ) [500745] - Revert: [sched] accurate task runtime accounting (Linda Wang ) [297731] {CVE-2007-3719} - [alsa] hda: add missing comma in ad1884_slave_vols (Jeff Burke ) [500626] - [x86] remove xtime_lock from time_cpufreq_notifier (Prarit Bhargava ) [501178] - [fs] cifs: fix pointer and checks in cifs_follow_symlink (Jeff Layton ) [496577] {CVE-2009-1633} - [fs] ext4: corruption fixes (Eric Sandeen ) [501082] - [lockdep] dont omit lock_set_subclass (Aristeu Rozanski ) [462248] - [ppc] cell: make ptcal more reliable (AMEET M. PARANJAPE ) [501356] - [x86] include asm-x86_64 in i686-devel package (Don Zickus ) [491775] - [misc] compile: add -fwrapv to gcc CFLAGS (Don Zickus ) [491266] - [trace] mm: eliminate extra mm tracepoint overhead (Larry Woodman ) [501013] - [dlm] use more NOFS allocation (Abhijith Das ) [460218] - [dlm] connect to nodes earlier (Abhijith Das ) [460218] - [wireless] mac80211: freeze when ath5k IF brought down (Michal Schmidt ) [499999] - [audit] watch: fix removal of AUDIT_DIR rule on rmdir (Alexander Viro ) [501321] - [trace] sunrpc: adding trace points to status routines v2 (Steve Dickson ) [499008] - [misc] random: make get_random_int more random (Amerigo Wang ) [499776] - [md] retry immediate in 2 seconds (Jesse Larrew ) [489582] - [scsi] retry for NOT_READY condition (Jesse Larrew ) [489582] - [md] handle multiple paths in pg_init (Jesse Larrew ) [489582] - [scsi] fix compilation error (Jesse Larrew ) [489582] - [scsi] add LSI storage IDs (Jesse Larrew ) [489582] - [scsi] handle quiescence in progress (Jesse Larrew ) [489582] - [scsi] retry IO on unit attention (Jesse Larrew ) [489582] - [scsi] handle unit attention in mode select (Jesse Larrew ) [489582] - [scsi] make the path state active by default (Jesse Larrew ) [471426] - [scsi] Retry mode select in rdac device handler (Jesse Larrew ) [489582] [2.6.18-149.el5] - [acpi] updated dock driver for RHEL-5.4 (Matthew Garrett ) [485181] - [infiniband] ib_core: use weak ordering for user memory (AMEET M. PARANJAPE ) [501004] - [mm] fork-o_direct-race v3 (aarcange@redhat.com ) [471613] - [nfs] make nfsv4recoverydir proc file readable (Evan McNabb ) [499840] - [pci] remove pci-stub driver from -xen kernels (Don Dutile ) [500568] - [pci] IOMMU phys_addr cleanup (Don Dutile ) [500901] - [pci] missed fix to pci_find_upstream_pcie_bridge (Don Dutile ) [500901] - [misc] IOMMU MSI header cleanup (Don Dutile ) [500901] - [scsi] megaraid: update megasas to 4.08-RH1 (Tomas Henzl ) [475574] - [fs] nfs: fix an f_mode/f_flags confusion in write.c (Jeff Layton ) [490181] - [fs] cifs: renaming dont try to unlink negative dentry (Jeff Layton ) [500839] - [fs] cifs: fix error handling in parse_DFS_referrals (Jeff Layton ) [496577] {CVE-2009-1633} - [scsi] aacraid: update to 1.1.5-2461 (Rob Evers ) [475559] - [md] dm raid45: dont clear the suspend flag on recovery (Heinz Mauelshagen ) [499406] - [net] cxgb3: update driver for RHEL-5.4 (mchristi@redhat.com ) [439518] - [scsi] add cxgb3i iscsi driver (mchristi@redhat.com ) [439518] - [scsi] port upstream offload code to RHEL-5.4 (mchristi@redhat.com ) [439518] - [scsi] force retry of IO when port/session is changing (mchristi@redhat.com ) [498281] - [net] igbvf: new driver, support 82576 virtual functions (Andy Gospodarek ) [480524] - [net] ehea: fix circular locking problem (AMEET M. PARANJAPE ) [493359] - [s390] appldata: vtimer bug with cpu hotplug (Hans-Joachim Picht ) [497207] [2.6.18-148.el5] - Revert: [mm] fork vs fast gup race fix (Andrea Arcangeli ) [471613] [2.6.18-147.el5] - Revert: [scsi] marvell sas: initial patch submission (Rob Evers ) [485126] - Revert: [scsi] marvell sas: correct bit-map implementation (Rob Evers ) [485126] - Revert: [scsi] marvell sas: comment cleanup (Rob Evers ) [485126] - [misc] FIPS: create checksum for verification at bootup (Don Zickus ) [444632] - [md] dm: raid45 target oops on mapping table reload (Heinz Mauelshagen ) [500387] - [md] dm: raid45 target doesnt create parity as expected (Heinz Mauelshagen ) [499406] - [net] igb: correctly free multiqueue netdevs (Andy Gospodarek ) [500446] - [misc] lockdep: fix large lock subgraph traversal (Aristeu Rozanski ) [462248] - [crypto] make tcrypt stay loaded on success (Jarod Wilson ) [499646] - [crypto] block use of non-fips algs in fips mode (Jarod Wilson ) [499646] - [crypto] mark algs allowed in fips mode (Jarod Wilson ) [499646] - [x86_64] 32-bit ptrace emulation mishandles 6th arg (Jiri Olsa ) [495125] - [fs] cifs: buffer overruns when converting strings (Jeff Layton ) [496577] - [scsi] lpfc: update from version 8.2.0.41 to 8.2.0.43 (Rob Evers ) [498524] - [cpufreq] xen: powernow identifies wrong number of procs (Miroslav Rezanina ) [456437] - [scsi] MPT fusion: remove annoying debug message v2 (Tomas Henzl ) [475455] - [scsi] MPT fusion: make driver legacy I/O port free v2 (Tomas Henzl ) [475451] - [scsi] MPT fusion: update version 3.04.07rh v2 (Tomas Henzl ) [475455] - [ia64] fix regression in nanosleep syscall (Prarit Bhargava ) [499289] - [md] s390: I/O stall when performing random CHPID off/on (Mikulas Patocka ) [500729] - [crypto] add hmac and hmac(sha512) test vectors (Jarod Wilson ) [499463] - [sched] accurate task runtime accounting (Peter Zijlstra ) [297731] {CVE-2007-3719} - [sched] rq clock (Peter Zijlstra ) [297731] {CVE-2007-3719} - [x86] scale cyc_2_nsec according to CPU frequency (Peter Zijlstra ) [297731] {CVE-2007-3719} - [i386] untangle xtime_lock vs update_process_times (Peter Zijlstra ) [297731] {CVE-2007-3719} - [x86_64] clean up time.c (Peter Zijlstra ) [297731] {CVE-2007-3719} - [net] tun: add packet accounting (Herbert Xu ) [495863] - [kabi] add pcie_set_readrq (Jon Masters ) [479200] - [kabi] add Kernel Virtual Machine kABI symbols (Jon Masters ) [466961] - [crypto] add ctr test vectors (Jarod Wilson ) [497888] - [crypto] print self-test success notices in fips mode (Jarod Wilson ) [497885] - [mm] fork vs fast gup race fix (Andrea Arcangeli ) [471613] - [mm] support for lockless get_user_pages (aarcange@redhat.com ) [474913] - Revert: [mm] fork vs gup race fix (aarcange@redhat.com ) [471613] - [net] r8169: reset IntrStatus after chip reset (Ivan Vecera ) [500740] - Revert: [net] forcedeth: power down phy when IF is down (Ivan Vecera ) [479740] - [misc] add AMD IOMMU support to KVM (Bhavna Sarathy ) [481026] - [misc] VT-d: backport of Intel VT-d support to RHEL5 (Don Dutile ) [480411] - [misc] VT-d: add clflush_cache_range function (Don Dutile ) [480411] - [misc] VT-d: add DMAR-related timeout definition (Don Dutile ) [480411] - [misc] VT-d: add DMAR ACPI table support (Don Dutile ) [480411] - [misc] VT-d: add pci_find_upstream_pcie_bridge (Don Dutile ) [480411] - [misc] VT-d: move common MSI defines to msi.h (Don Dutile ) [480411] - [trace] blk tracepoints (Arnaldo Carvalho de Melo ) [493454] - [pci] enable CONFIG_PCI_IOV (ddugger@redhat.com ) [493152] - [pci] save and restore PCIe 2.0 registers (ddugger@redhat.com ) [493152] - [pci] restore PCI-E capability registers after PM event (ddugger@redhat.com ) [493152] - [pci] add SR-IOV API for Physical Function driver (ddugger@redhat.com ) [493152] - [pci] centralize device setup code (ddugger@redhat.com ) [493152] - [pci] reserve bus range for SR-IOV device (ddugger@redhat.com ) [493152] - [pci] restore saved SR-IOV state (ddugger@redhat.com ) [493152] - [pci] initialize and release SR-IOV capability (ddugger@redhat.com ) [493152] - [pci] add a new function to map BAR offsets (ddugger@redhat.com ) [493152] - [pci] allow pci_alloc_child_bus to handle a NULL bridge (ddugger@redhat.com ) [493152] - [pci] enhance pci_ari_enabled (ddugger@redhat.com ) [493152] - [pci] fix ARI code to be compatible with mixed systems (ddugger@redhat.com ) [493152] - [pci] support PCIe ARI capability (ddugger@redhat.com ) [493152] - [pci] export __pci_read_base (ddugger@redhat.com ) [493152] - [pci] fix 64-vbit prefetchable memory resource BARs (ddugger@redhat.com ) [493152] - [pci] handle 64-bit resources better on 32-bit machines (ddugger@redhat.com ) [493152] - [pci] rewrite PCI BAR reading code (ddugger@redhat.com ) [493152] - [xen] add Credit Scheduler Fairness and hard virt (Justin M. Forbes ) [432700] - [xen] x86_64: add 1GB page table support (Bhavna Sarathy ) [251982] [2.6.18-146.el5] - [fs] vfs freeze: use vma->v_file to get to superblock (Eric Sandeen ) [476148] - [net] tg3: allow 5785 to work when running at 10Mbps (Andy Gospodarek ) [469772] - [net] af_iucv: race when queuing incoming iucv messages (Hans-Joachim Picht ) [499626] - [trace] sunrpc: adding trace points to status routines (Steve Dickson ) [499008] - [gfs2] fix glock ref count issue (Steven Whitehouse ) [485098] - [kabi] add acpi_bus_register_driver (Jon Masters ) [462911] - [kabi] add nobh_truncate_page and kernel_read (Jon Masters ) [497276] - [usb] support Huaweis mode switch in kernel (Pete Zaitcev ) [485182] - [scsi] ibmvscsi: LPAR hang on a multipath device (AMEET M. PARANJAPE ) [498927] - [wireless] mac80211: scanning related fixes (John W. Linville ) [498719] - [fs] ecryptfs: remove ecryptfs_unlink_sigs warnings (Eric Sandeen ) [499171] - [fs] ext4: re-fix warning on x86 build (Eric Sandeen ) [499202] - [ppc64] adjust oprofile_cpu_type detail (AMEET M. PARANJAPE ) [496709] - [nfs] SELinux can copy off the top of the stack (Eric Paris ) [493144] - [xen] x86: explicitly zero CR[1] in getvcpucontext (Miroslav Rezanina ) [494876] - [xen] x86: fix overflow in the hpet code (Rik van Riel ) [449346] - [xen] x86: fixes to the 'no missed-tick accounting' code (Rik van Riel ) [449346] - [xen] introduce 'no missed-tick accounting' (Rik van Riel ) [449346] - [xen] x86: misc fixes to the timer code (Rik van Riel ) [449346] - [xen] x86: initialize vlapic->timer_last_update (Rik van Riel ) [449346] [2.6.18-145.el5] - [ia64] xen: switch from flipping to copying interface (Chris Lalancette ) [479754] - [scsi] fnic: init retry counter (Mike Christie ) [484438] - [misc] add some long-missing capabilities to CAP_FS_MASK (Eric Paris ) [499076 497272] {CVE-2009-1072} - [crypto] add ansi_cprng test vectors (Jarod Wilson ) [497891] - [crypto] add rng self-test infra (Jarod Wilson ) [497891] - [md] bitmap merge feature (Doug Ledford ) [481226] - [md] fix lockup on read error (Doug Ledford ) [465781] - [md] dm-raid45: corrupt data and premature end of synch (Heinz Mauelshagen ) [480733 479383] - [fs] generic freeze ioctl interface (Eric Sandeen ) [476148] - [scsi] add mpt2sas driver (Tomas Henzl ) [475665] - [misc] kprobes: fix deadlock issue (John Villalovos ) [210555] - [block] disable iostat collection in gendisk (Jerome Marchand ) [484158] - [block] fix request flags (Jerome Marchand ) [484158] - [misc] fix blktrace api breakage (Hans-Joachim Picht ) [475334] - [fs] fuse: update for RHEL-5.4 (Josef Bacik ) [457975] [2.6.18-144.el5] - Revert: [scsi] MPT Fusion: update to version 3.04.07rh (Tomas Henzl ) [475455] - Revert: [scsi] make fusion MPT driver legacy I/O port free (Tomas Henzl ) [475451] - Revert: [scsi] MPT fusion: remove annoying debug message (Tomas Henzl ) [475455] - [openib] ehca: fix performance during creation of QPs (AMEET M. PARANJAPE ) [498527] - [scsi] qla4xxx: fix driver fault recovery (Marcus Barrow ) [497478] - [misc] make bus_find_device more robust, match upstream (Don Dutile ) [492488] - [md] dm snapshot: refactor __find_pending_exception (Mikulas Patocka ) [496100] - [md] race conditions in snapshots (Mikulas Patocka ) [496100] - [md] dm-raid1: switch read_record from kmalloc to slab (Mikulas Patocka ) [496101] - [md] dm-raid1/mpath: partially completed request crash (Mikulas Patocka ) [496101] - [md] snapshot: store damage (Mikulas Patocka ) [496102] - [scsi] cciss: change in discovering memory bar (Tomas Henzl ) [474392] - [scsi] cciss: version change for RHEL-5.4 (Tomas Henzl ) [474392] - [scsi] cciss: thread to detect config changes on MSA2012 (Tomas Henzl ) [474392] - [scsi] cciss: changes in config functions (Tomas Henzl ) [474392] - [openib] update all the backports for the code refresh (Doug Ledford ) [476301] - [openib] add support for XRC queues (Doug Ledford ) [476301] - [openib] RDS: add the RDS protocol (Doug Ledford ) [477065] - [openib] IPoIB: update to OFED 1.4.1-rc3 (Doug Ledford ) [434779 466086] - [openib] SRP: update to OFED 1.4.1-rc3 (Doug Ledford ) [476301] - [openib] SDP: update to OFED 1.4.1-rc3 (Doug Ledford ) [476301] - [openib] qlgc_vnic: update to OFED 1.4.1-rc3 (Doug Ledford ) [476301] - [openib] cxgb3: update driver to OFED 1.4.1-rc3 (Doug Ledford ) [476301] - [openib] iw_nes: update NES iWARP to OFED 1.4.1-rc3 (Doug Ledford ) [476301] - [openib] mthca: update driver to OFED 1.4.1-rc3 (Doug Ledford ) [476301] - [openib] ipath: update driver to OFED 1.4.1-rc3 (Doug Ledford ) [230035 480696] - [openib] ehca: update driver for RHEL-5.4 (Doug Ledford ) [466086] - [openib] core: disable lock dep annotation (Don Zickus ) [476301] - [openib] core: update core code to OFED 1.4.1-rc3 (Doug Ledford ) [476301] - [openib] rmda: update rdma headers to OFED 1.4.1-rc3 (Doug Ledford ) [476301] - [openib] mlx4: Update mlx4_ib and mlx4_core, add mlx4_en (Doug Ledford ) [456525 477065] - [openib] enable mlx4_en and rds, disable iw_c2 (Doug Ledford ) [476301] - [mm] add tracepoints (Larry Woodman ) [493444] [2.6.18-143.el5] - [net] bonding: ignore updelay param when no active slave (Jiri Pirko ) [495318] - [net] ipv6: fix incoming packet length check (Jiri Pirko ) [492972] - [misc] drivers fix dma_get_required_mask (Tomas Henzl ) [475455] - [gfs2] NFSv2 support (Steven Whitehouse ) [497954] - [ppc64] set error_state to pci_channel_io_normal (AMEET M. PARANJAPE ) [496872] - [mm] allow tuning of MAX_WRITEBACK_PAGES (Larry Woodman ) [479079] - [trace] add 'success' to sched_wakeup/sched_wakeup_new (Jason Baron ) [497414] - [scsi] update iscsi layer and drivers for RHEL-5.4 (mchristi@redhat.com ) [436791 484455] - [crypto] fips: panic box when module validation fails (Neil Horman ) [497228] - [scsi] st: option to use SILI in variable block reads (Tom Coughlan ) [457970] - [net] bonding: support for bonding of IPoIB interfaces (Andy Gospodarek ) [430758] - [net] bonding: update to upstream version 3.4.0 (Andy Gospodarek ) [462632] - [scsi] add md3000 and md3000i entries to rdac_dev_list (John Feeney ) [487293] - [trace] tracepoints for page cache (KII Keiichi ) [475719] - [trace] tracepoints for network socket (KII Keiichi ) [475719] - [scsi] stex: support promise 6Gb sas raid controller (David Milburn ) [492022] - [scsi] add ALUA scsi device handler (mchristi@redhat.com ) [482737] - [scsi] update fnic fcoe driver for RHEL-5.4 (mchristi@redhat.com ) [484438] - [scsi] update libfc/fcoe for RHEL-5.4 (mchristi@redhat.com ) [484438] - [video] efifb: driver update (Brian Maly ) [488820] - [fs] fix softlockup in posix_locks_deadlock (Josef Bacik ) [476659] - [fs] cifs: unicode alignment and buffer sizing problems (Jeff Layton ) [494280] {CVE-2009-1439} - [mm] vmscan: bail out of direct reclaim after max pages (Rik van Riel ) [495442] - [crypto] add self-tests for rfc4309 (Jarod Wilson ) [472386] - [crypto] handle ccm dec test vectors expected to fail (Jarod Wilson ) [472386] - [crypto] fix rfc4309 deadlocks (Jarod Wilson ) [472386] - [scsi] marvell sas: comment cleanup (Rob Evers ) [485126] - [scsi] marvell sas: correct bit-map implementation (Rob Evers ) [485126] - [scsi] marvell sas: initial patch submission (Rob Evers ) [485126] - [acpi] CPU P-state limits ignored by OS (Stanislaw Gruszka ) [494288] - [net] provide a generic SIOETHTOOL ETHTOOL_GPERMADDR (Flavio Leitner ) [462352] - [scsi] lpfc: update to version 8.2.0.41 (Rob Evers ) [476738] - [scsi] lpfc: update to version 8.2.0.40 (Rob Evers ) [476738] - [scsi] lpfc: update to version 8.2.0.39 (Rob Evers ) [476738] - [scsi] lpfc: update to version 8.2.0.38 (Rob Evers ) [476738] [2.6.18-142.el5] - [net] ipv4: remove uneeded bh_lock/unlock from udp_rcv (Neil Horman ) [484590] - [net] ixgbe: update to upstream version 2.0.8-k2 (Andy Gospodarek ) [472547] - [net] igb: update to upstream version 1.3.16-k2 (Andy Gospodarek ) [484102 474881] - [mm] vmalloc: dont pass __GFP_ZERO to slab (Jiri Olsa ) [491685] - [agp] zero pages before sending to userspace (Jiri Olsa ) [497026] {CVE-2009-1192} - [net] e1000: enable TSO6 via ethtool with correct hw (Andy Gospodarek ) [449175] - [net] tg3: update to version 3.96 (Andy Gospodarek ) [481715 469772] - [x86] apic: rollover in calibrate_APIC_clock (Brian Maly ) [456938] - [alsa] handle subdevice_mask in snd_pci_quirk_lookup (Jaroslav Kysela ) [473949 483594] - [ia64] altix: performance degradation in PCI mode (George Beshers ) [497136] - [misc] I/O AT: config file changes (John Feeney ) [436048] - [misc] I/O AT: new ioat*.c (John Feeney ) [436048] - [misc] I/O AT: new dmaengine_v3.c (John Feeney ) [436048] - [misc] I/O AT: new include files (John Feeney ) [436048] - [misc] I/O AT: add drivers/dca (John Feeney ) [436048] - [misc] I/O AT: update network changes (John Feeney ) [436048] - [misc] I/O AT: update existing files (John Feeney ) [436048] - [misc] I/O AT: update include files (John Feeney ) [436048] - [mm] tweak vm diry_ratio to prevent stalls on some DBs (Larry Woodman ) [295291] - [nfs] setacl not working over NFS (Peter Staubach ) [496903] - [fs] ext4: update config options (Eric Sandeen ) [485315] - [fs] ext4: post-2.6.29 fixes (Eric Sandeen ) [485315] - [fs] backport patch for 2.6.29 ext4 (Eric Sandeen ) [485315] - [fs] rebase ext4 and jbd2 to 2.6.29 codebase (Eric Sandeen ) [485315 487933 487940 487944 487947] {CVE-2009-0745 CVE-2009-0746 CVE-2009-0747 CVE-2009-0748} - [fs] update write_cache_pages (Eric Sandeen ) [485315] - [fs] export set_task_ioprio (Eric Sandeen ) [485315] - [scsi] qla2xxx : updates and fixes from upstream, part 4 (Marcus Barrow ) [496126] - [scsi] MPT fusion: remove annoying debug message (Tomas Henzl ) [475455] - [scsi] make fusion MPT driver legacy I/O port free (Tomas Henzl ) [475451] - [scsi] MPT Fusion: update to version 3.04.07rh (Tomas Henzl ) [475455] - [x86] add MAP_STACK mmap flag (Larry Woodman ) [459321] - [scsi] sym53c8xx_2: fix up hotplug support (mchristi@redhat.com ) [461006] - [scsi] qla2xxx : updates and fixes from upstream, part 3 (Marcus Barrow ) [495094] - [scsi] qla2xxx : updates and fixes from upstream, part 2 (Marcus Barrow ) [495092] - [scsi] qla2xxx : updates and fixes from upstream, part 1 (Marcus Barrow ) [480204] - [nfs] memory leak when reading files wth option 'noac' (Peter Staubach ) [493045] - [x86] powernow-k8: export module parameters via sysfs (Prarit Bhargava ) [492010] - [misc] IO accounting: tgid accounting (Jerome Marchand ) [461636] - [misc] IO accounting: read accounting nfs fix (Jerome Marchand ) [461636] - [misc] IO accounting: read accounting (Jerome Marchand ) [461636] - [misc] IO accounting: write cancel accounting (Jerome Marchand ) [461636] - [misc] IO accounting: report in procfs (Jerome Marchand ) [461636] - [misc] IO accounting: account for direct-io (Jerome Marchand ) [461636] - [misc] IO accounting: set CONFIG_TASK_IO_ACCOUNTING (Jerome Marchand ) [461636] - [misc] IO accounting: write accounting (Jerome Marchand ) [461636] - [misc] IO accounting: core statistics (Jerome Marchand ) [461636] - [misc] IO accounting: read accounting cifs fix (Jerome Marchand ) [461636] - [misc] auxiliary signal structure: signal_struct_aux (Jerome Marchand ) [461636] - [misc] auxiliary signal structure: preparation (Jerome Marchand ) [461636] - [xen] x86: fix MSI eoi handling for HVM passthru (Gerd Hoffmann ) [477261] [2.6.18-141.el5] - [x86_64] more cpu_khz to tsc_khz conversions (Prarit Bhargava ) [483300] - [gfs2] unaligned access in gfs2_bitfit (Abhijith Das ) [485226] - [gfs2] remove scand & glockd kernel processes (Benjamin Marzinski ) [273001] - [x86] fix tick divider with clocksource=pit (Chris Lalancette ) [427588] - [fs] autofs4: fix incorect return in autofs4_mount_busy (Ian Kent ) [496766] - [x86] fix cpuid.4 instrumentation (Brian Maly ) [454981] - [md] dm-mpath: propagate ioctl error codes (Benjamin Marzinski ) [461469] - [fs] aio: race in aio_complete leads to process hang (Jeff Moyer ) [475814] - [s390] enable raw devices (Jeff Moyer ) [452534] - [net] bnx2: update to latest upstream - 1.9.3 (Ivan Vecera ) [475567 476897 489519] - [net] forcedeth: update to upstream version 0.62 (Ivan Vecera ) [479740] - [net] r8169: dont update stats counters when IF is down (Ivan Vecera ) [490162] - [net] r8169: fix RxMissed register access (Ivan Vecera ) [474334] - [x86] prevent boosting kprobes on exception address (Masami Hiramatsu ) [493088] - [gfs2] add fiemap support (Steven Whitehouse ) [476626] - [net] e1000e: fix false link detection (Michal Schmidt ) [492270] - [ppc] pseries: set error_state to pci_channel_io_normal (AMEET M. PARANJAPE ) [496872] - [nfs] large writes rejected when sec=krb5i/p specified (Peter Staubach ) [486756] - [wireless] iwlwifi: problems switching b/w WPA and WEP (John W. Linville ) [474699] - [net] ipv6: assume loopback address in link-local scope (Jiri Pirko ) [487233] - [fs] keep eventpoll from locking up the box (Josef Bacik ) [487585] - [ppc64] adjust oprofile_cpu_type (AMEET M. PARANJAPE ) [496709] - [fs] jbd: properly dispose of unmapped data buffers (Josef Bacik ) [479296] - [fs] ext3: dir_index: error out on corrupt dx dirs (Josef Bacik ) [454942] - [fs] ext3: dont resize if no reserved gdt blocks left (Josef Bacik ) [443541] - [agp] add pci ids for new video cards (John Villalovos ) [474513] - [ata] sata_mv: fix chip type for RocketRaid 1740/1742 (David Milburn ) [496338] - [misc] exit_notify: kill the wrong capable check (Oleg Nesterov ) [494271] {CVE-2009-1337} - [ipmi] fix platform crash on suspend/resume (peterm@redhat.com ) [475536] - [ipmi] fix some signedness issues (peterm@redhat.com ) [475536] - [ipmi] hold ATTN until upper layer is ready (peterm@redhat.com ) [475536] - [ipmi] allow shared interrupts (peterm@redhat.com ) [475536] - [scsi] add missing SDEV_DEL state if slave_alloc fails (Tomas Henzl ) [430170] - [net] eHEA: mutex_unlock missing in eHEA error path (AMEET M. PARANJAPE ) [482796] - [misc] xen: change PVFB not to select abs. pointer (Markus Armbruster ) [492866] - [pci] pci-stub module to reserve pci device (Mark McLoughlin ) [491842] - [pci] add remove_id sysfs entry (Mark McLoughlin ) [491842] - [pci] use proper call to driver_create_file (Mark McLoughlin ) [491842] - [pci] fix __pci_register_driver error handling (Mark McLoughlin ) [491842] - [misc] add /sys/bus/*/driver_probe (Mark McLoughlin ) [491842] - [misc] backport new ramdisk driver (Don Howard ) [480663] - [x86] general pci_scan_bus fix for baremetal and xen (Prarit Bhargava ) [494114] - [misc] add HP xw460c to bf sort pci list (Prarit Bhargava ) [490068] - [mm] enable dumping of hugepages into core dumps (Dave Anderson ) [470411] - [misc] hrtimer: check relative timeouts for overflow (AMEET M. PARANJAPE ) [492230] - [acpi] add T-state notification support (Luming Yu ) [487567] - [x86_64] copy_user_c can zero more data than needed (Vitaly Mayatskikh ) [490938] - [misc] hpilo: backport bugfixes and updates for RHEL-5.4 (tcamuso@redhat.com ) [488964] - [pci] do not clear PREFETCH register (Prarit Bhargava ) [486185] - [misc] waitpid reports stopped process more than once (Vitaly Mayatskikh ) [481199] - [scsi] ipr: enhance driver to support MSI-X interrupt (AMEET M. PARANJAPE ) [475717] - [specfile] add ability to build only debug kernel (Jeff Layton ) [469707] - [xen] clear X86_FEATURE_APIC in cpuid when apic disabled (ddugger@redhat.com ) [496873] - [xen] enable systems without APIC (ddugger@redhat.com ) [496873] - [xen] vt-d: workaround for Mobile Series 4 Chipset (ddugger@redhat.com ) [496873] - [xen] pci: fix definition of PCI_PM_CTRL_NO_SOFT_RESET (ddugger@redhat.com ) [496873] - [xen] utilise the GUEST_PAT and HOST_PAT vmcs area (ddugger@redhat.com ) [496873] - [xen] VT-d: enhance MTRR/PAT virtualization (ddugger@redhat.com ) [496873] - [xen] fix interrupt remapping on AMD systems (Bhavna Sarathy ) [477261] - [xen] enable AMD IOMMU Xen driver (Bhavna Sarathy ) [477261] - [xen] add AMD IOMMU Xen driver (Bhavna Sarathy ) [477261] - [xen] live migration failure due to fragmented memory (Jiri Denemark ) [469130] [2.6.18-140.el5] - [fs] xfs: add fiemap support (Josef Bacik ) [296951] - [net] add DSCP netfilter target (Thomas Graf ) [481652] - [gfs2] blocked after recovery (Abhijith Das ) [483541] - [net] remove misleading skb_truesize_check (Thomas Graf ) [474883] - [mm] 100% time spent under NUMA when zone_reclaim_mode=1 (Larry Woodman ) [457264] - [mm] msync does not sync data for a long time (Larry Woodman ) [479079] - [md] dm: fix OOps in mempool_free when device removed (Milan Broz ) [495230] - [net] bonding: clean up resources upon removing a bond (Masahiro Matsuya ) [463244] - [fs] nfs: convert to new aops (Jeff Layton ) [476224] - [fs] cifs: update CIFS for RHEL5.4 (Jeff Layton ) [465143] - [misc] types: add fmode_t typedef (Jeff Layton ) [465143] - [misc] keys: key facility changes for AF_RXRPC (Jeff Layton ) [465143] - [misc] xen: bump max_phys_cpus to 256 (Chris Lalancette ) [477206] - [misc] fork: CLONE_PARENT && parent_exec_id interaction (Don Howard ) [479964] - [wireless] iwlagn: make swcrypto/swcrypto50=1 default (John W. Linville ) [474699] - [wireless] mac80211: avoid null deref (John W. Linville ) [482990] - [net] fix out of bound access to hook_entries (Thomas Graf ) [484036] - [net] sctp: allow sctp_getladdrs to work for IPv6 (Neil Horman ) [492633] - [x86] xen: fix interaction between dom0 and NTP (Rik van Riel ) [494879] - [ata] sata_mv: fix 8-port timeouts on 508x/6081 chips (David Milburn ) [493451] - [net] fixed tcp_ack to properly clear ->icsk_probes_out (Jiri Olsa ) [494427] - [x86] xen: crash when specifying mem= (Chris Lalancette ) [240429] - [scsi] qla2xxx: reduce DID_BUS_BUSY failover errors (Marcus Barrow ) [244967] - [ata] libata: ahci enclosure management bios workaround (David Milburn ) [488471] - [scsi] aic7xxx: increase max IO size (mchristi@redhat.com ) [493448] - [nfs] v4: client crash on file lookup with long names (Sachin S. Prabhu ) [493942] - [mm] fix prepare_hugepage_range to check offset (Larry Woodman ) [488260] - [misc] make sure fiemap.h is installed in headers pkg (Josef Bacik ) [296951] - [fs] generic block based fiemap (Josef Bacik ) [296951] - [fs] add fiemap interface (Josef Bacik ) [296951] - [trace] use unregister return value (Jason Baron ) [465543] - [trace] change rcu_read_sched -> rcu_read (Jason Baron ) [465543] - [trace] introduce noupdate apis (Jason Baron ) [465543] - [trace] simplify rcu usage (Jason Baron ) [465543] - [trace] fix null pointer dereference (Jason Baron ) [465543] - [trace] tracepoints fix reentrancy (Jason Baron ) [465543] - [trace] make tracepoints use rcu sched (Jason Baron ) [465543] - [trace] use TABLE_SIZE macro (Jason Baron ) [465543] - [trace] remove kernel-trace.c (Jason Baron ) [465543] - [trace] remove prototype from tracepoint name (Jason Baron ) [465543] - [x86] use CPU feature bits to skip tsc_unstable checks (Chris Lalancette ) [463573] - [x86] vmware: disable softlock processing on tsc systems (Chris Lalancette ) [463573] - [x86] vmware lazy timer emulation (Chris Lalancette ) [463573] - [x86] xen: improve KVM timekeeping (Chris Lalancette ) [463573] - [x86_64] xen: implement a minimal TSC based clocksource (Chris Lalancette ) [463573] - [x86] use cpu_khz for loops_per_jiffy calculation (Chris Lalancette ) [463573] - [x86] vmware: look for DMI string in product serial key (Chris Lalancette ) [463573] - [x86] VMware: Fix vmware_get_tsc code (Chris Lalancette ) [463573] - [x86] xen: add X86_FEATURE_HYPERVISOR feature bit (Chris Lalancette ) [463573] - [x86] xen: changes timebase calibration on Vmware (Chris Lalancette ) [463573] - [x86] add a synthetic TSC_RELIABLE feature bit (Chris Lalancette ) [463573] - [x86] hypervisor: detection and get tsc_freq (Chris Lalancette ) [463573] - [x86] fdiv bug detection fix (Chris Lalancette ) [463573] - [misc] printk: add KERN_CONT (Chris Lalancette ) [463573] - [s390] add additional card IDs to CEX2C and CEX2A (Hans-Joachim Picht ) [488496] - [gfs2] merge upstream uevent patches into RHEL 5.4 (Steven Whitehouse ) [476707] - [xen] x86: GDT: replace single page with one page/CPU (Chris Lalancette ) [477206] - [xen] x86: VPID: free resources (ddugger@redhat.com ) [464821] - [xen] x86: VPID: implement feature (ddugger@redhat.com ) [464821] - [xen] fix 32-on-64 PV oops in xen_set_pud (Chris Lalancette ) [467698] [2.6.18-139.el5] - [pci] xen dom0: hook PCI probe and remove callbacks (ddugger@redhat.com ) [484227] - [misc] xen dom0: add hypercall for add/remove PCI device (ddugger@redhat.com ) [484227] - [pci] xen: dom0/domU MSI support using PHSYDEV_map_irq (ddugger@redhat.com ) [484227] - [mm] mmu_notifier: kabi workaround support (john cooper ) [485718] - [mm] mmu_notifier: set CONFIG_MMU_NOTIFIER to y (john cooper ) [485718] - [mm] mmu-notifier: optimized ability to admin host pages (john cooper ) [485718] - [mm] mmu-notifiers: add mm_take_all_locks operation (john cooper ) [485718] - [misc] introduce list_del_init_rcu (john cooper ) [485718] - [ppc] spufs: fix incorrect buffer offset in regs write (AMEET M. PARANJAPE ) [493426] - [ppc] spufs: check offset before calculating write size (AMEET M. PARANJAPE ) [493426] - [net] add dropmonitor protocol (Neil Horman ) [470539] - [ppc] reject discontiguous MSI-X requests (AMEET M. PARANJAPE ) [492580] - [ppc] implement a quota system for MSIs (AMEET M. PARANJAPE ) [492580] - [ppc] return req#msi(-x) if request is larger (AMEET M. PARANJAPE ) [492580] - [ppc] msi: return the number of MSIs we could allocate (AMEET M. PARANJAPE ) [492580] - [ppc] check for MSI-X also in rtas_msi_pci_irq_fixup() (AMEET M. PARANJAPE ) [492580] - [ppc] add support for ibm,req#msi-x (AMEET M. PARANJAPE ) [492580] - [ppc] fix MSI-X interrupt querying (AMEET M. PARANJAPE ) [492580] - [ppc] msi: return the number of MSI-X available (AMEET M. PARANJAPE ) [492580] - [trace] add include/trace dir to -devel (Jason Baron ) [489096] - [mm] xen: 'ptwr_emulate' messages when booting PV guest (Chris Lalancette ) [490567] - [fs] lockd: reference count leaks in async locking case (Jeff Layton ) [471254] - [s390] kernel: cpcmd with vmalloc addresses (Hans-Joachim Picht ) [487697] - [s390] af_iucv: error handling in iucv_callback_txdone (Hans-Joachim Picht ) [487697] - [s390] af_iucv: broken send_skb_q result in endless loop (Hans-Joachim Picht ) [487697] - [s390] af_iucv: free iucv path/socket in path_pending cb (Hans-Joachim Picht ) [487697] - [s390] af_iucv: avoid left over IUCV connections (Hans-Joachim Picht ) [487697] - [s390] af_iucv: new error return codes for connect (Hans-Joachim Picht ) [487697] - [s390] af_iucv: hang if recvmsg is used with MSG_PEEK (Hans-Joachim Picht ) [487703] - [net] ixgbe: stop double counting frames and bytes (Andy Gospodarek ) [487213] - [net] netfilter: x_tables: add connlimit match (Jiri Pirko ) [483588] - [nfs] only set file_lock.fl_lmops if stateowner is found (Jeff Layton ) [479323] - [dlm] init file_lock before copying conflicting lock (Jeff Layton ) [479323] - [nfs] nfsd: ensure nfsv4 calls the fs on LOCKT (Jeff Layton ) [479323] - [net] allow for on demand emergency route cache flushing (Neil Horman ) [461655] - [xen] x86: update the earlier APERF/MPERF patch (Chris Lalancette ) [493557] - [xen] fix evtchn exhaustion with 32-bit HVM guest (Chris Lalancette ) [489274] - [xen] ia64: fix HVM guest kexec (Chris Lalancette ) [418591] - [xen] ia64: fix whitespace error in vmx.h (Chris Lalancette ) [477098] - [xen] add hypercall for adding and removing PCI devices (ddugger@redhat.com ) [484227] - [xen] HVM MSI passthrough support (ddugger@redhat.com ) [484227] - [xen] VT-d2: enable interrupt remapping for MSI/MSI-x (ddugger@redhat.com ) [484227] - [xen] MSI support interface (ddugger@redhat.com ) [484227] - [xen] MSI supprt internal functions (ddugger@redhat.com ) [484227] - [xen] convert pirq to per-domain (ddugger@redhat.com ) [484227] - [xen] rename evtchn_lock to event_lock (ddugger@redhat.com ) [484227] - [xen] sync VT-d2 code with xen-unstable (ddugger@redhat.com ) [484227] - [xen] VT-d2: support interrupt remapping (ddugger@redhat.com ) [484227] - [xen] VT-d2: support queue invalidation (ddugger@redhat.com ) [484227] - [xen] x86: emulate accesses to PCI window regs cf8/cfc (ddugger@redhat.com ) [484227] - [xen] vtd: avoid redundant context mapping (ddugger@redhat.com ) [484227] - [xen] x86: fix EPT for VT-d (ddugger@redhat.com ) [484227] - [xen] x86: add domctl interfaces for VT-d (ddugger@redhat.com ) [484227] - [xen] x86: memory changes for VT-d (ddugger@redhat.com ) [484227] - [xen] x86: intercept I/O for assigned device (ddugger@redhat.com ) [484227] - [xen] x86: IRQ injection changes for VT-d (ddugger@redhat.com ) [484227] - [xen] add VT-d specific files (ddugger@redhat.com ) [484227] - [xen] some system changes for VT-d (ddugger@redhat.com ) [484227] - [xen] add VT-d public header files (ddugger@redhat.com ) [484227] - [xen] ia64: add pci definitions and access functions (ddugger@redhat.com ) [484227] [2.6.18-138.el5] - [nfs] remove bogus lock-if-signalled case (Bryn M. Reeves ) [456288] - [gfs2] fix uninterruptible quotad sleeping (Steven Whitehouse ) [492943] - [net] iptables NAT port randomisation (Thomas Graf ) [459943] - [gfs2] tar off gfs2 broken - truncated symbolic links (Steven Whitehouse ) [492911] - [net] skip redirect msg if target addr is not link-local (Thomas Graf ) [481209] - [scsi] lpfc: remove duplicate pci* functions from driver (Prarit Bhargava ) [442007] - [net] igb: make driver ioport free (Prarit Bhargava ) [442007] - [net] e1000: make driver ioport free (Prarit Bhargava ) [442007] - [net] e1000e: make driver ioport free (Prarit Bhargava ) [442007] - [pci] add pci*_selected_region/pci_enable_device_io|mem (Prarit Bhargava ) [442007] - [x86] NONSTOP_TSC in tsc clocksource (Luming Yu ) [474091] - [ppc] keyboard not recognized on bare metal (Justin Payne ) [455232] - [fs] writeback: fix persistent inode->dirtied_when val (Jeff Layton ) [489359] - [fs] xfs: misc upstream fixes (Eric Sandeen ) [470845] - [fs] xfs: fix compat ioctls (Eric Sandeen ) [470845] - [fs] xfs: new aops interface (Eric Sandeen ) [470845] - [fs] xfs: backport to rhel5.4 kernel (Eric Sandeen ) [470845] - [fs] xfs: update to 2.6.28.6 codebase (Eric Sandeen ) [470845] - [fs] d_obtain_alias helper (Eric Sandeen ) [470845] - [fs] d_add_ci helper (Eric Sandeen ) [470845] - [misc] completion helpers (Eric Sandeen ) [470845] - [fs] block_page_mkwrite helper (Eric Sandeen ) [470845] - [mm] generic_segment_checks helper (Eric Sandeen ) [470845] - [i2c] add support for SB800 SMBus (Bhavna Sarathy ) [488746] - [i2c] i2c-piix4: support for the Broadcom HT1100 chipset (Flavio Leitner ) [474240] - [s390] hvc_iucv: z/VM IUCV hypervisor console support (Hans-Joachim Picht ) [475551] - [s390] hvc_console: upgrade version of hvc_console (Hans-Joachim Picht ) [475551] - [s390] iucv: locking free version of iucv_message_ (Hans-Joachim Picht ) [475551] - [s390] set default preferred console device 'ttyS' (Hans-Joachim Picht ) [475551] - [s390] kernel: shutdown action 'dump_reipl' (Hans-Joachim Picht ) [474688] - [s390] splice: handle try_to_release_page failure (Hans-Joachim Picht ) [475334] - [s390] blktrace: add ioctls to SCSI generic devices (Hans-Joachim Picht ) [475334] - [s390] add FCP performance data collection (Hans-Joachim Picht ) [475334] - [s390] extra kernel parameters via VMPARM (Hans-Joachim Picht ) [475530] - [s390] kernel: extra kernel parameters via VMPARM (Hans-Joachim Picht ) [475530] - [s390] z90crypt: add ap adapter interrupt support (Hans-Joachim Picht ) [474700] - [s390] add Call Home data (Hans-Joachim Picht ) [475820] - [s390] kernel: processor degredation support (Hans-Joachim Picht ) [475820] - [s390] kernel: Shutdown Actions Interface (Hans-Joachim Picht ) [475563] - [s390] provide service levels of HW & Hypervisor (Hans-Joachim Picht ) [475570] - [s390] qeth: ipv6 support for hiper socket layer 3 (Hans-Joachim Picht ) [475572] - [s390] kernel: NSS Support (Hans-Joachim Picht ) [474646] - [acpi] donot evaluate _PPC until _PSS has been evaluated (Matthew Garrett ) [469105] - [net] iwlwifi: enable LEDS Kconfig options (John W. Linville ) [486030] - [spec] devel pkg: own the directories they write too (Don Zickus ) [481808] - [crypto] bugfixes to ansi_cprng for fips compliance (Neil Horman ) [481175 469437] - [scsi] qla2xxx: production FCoE firmware (Marcus Barrow ) [471900] - [scsi] qla2xxx: production FCoE support (Marcus Barrow ) [471900] - [fs] add compat_sys_ustat (Eric Sandeen ) [472426] - [x86_64] panic if AMD cpu_khz is wrong (Prarit Bhargava ) [472523] - [x86] fix calls to pci_scan_bus (Prarit Bhargava ) [470202] [2.6.18-137.el5] - [fs] HFS: mount memory leak (Dave Anderson ) [488048] - [docs] document netdev_budget (Stanislaw Gruszka ) [463249] - [net] netfilter: nfmark IPV6 routing in OUTPUT (Anton Arapov ) [470059] - [gfs2] use ->page_mkwrite for mmap() (Benjamin Marzinski ) [315191] - [fs] ecryptfs: fix memory leak into crypto headers (Eric Sandeen ) [491256] - [x86] add nonstop_tsc flag in /proc/cpuinfo (Luming Yu ) [474091] - [alsa] HDA: update for RHEL-5.4 (Jaroslav Kysela ) [483594] - [fs] autofs4: fix lookup deadlock (Ian Kent ) [490078] - [fs] autofs4: make autofs type usage explicit (Ian Kent ) [452120] - [fs] autofs4: add miscelaneous device for ioctls (Ian Kent ) [452120] - [fs] autofs4: devicer node ioctl docoumentation (Ian Kent ) [452120] - [fs] autofs4: track uid and gid of last mount requester (Ian Kent ) [452120] - [nfs] memory corruption in nfs3_xdr_setaclargs (Sachin S. Prabhu ) [479432] - [misc] cpuset: attach_task fixes (KII Keiichi ) [471634] - [s390] dasd: fix race in dasd timer handling (Hans-Joachim Picht ) [490128] - [x86] use [ml]fence to synchronize rdtsc (Chris Lalancette ) [448588] - [xen] silence MMCONFIG warnings (Chris Lalancette ) [462572] - [xen] fix occasional deadlocks in Xen netfront (Chris Lalancette ) [480939] - [xen] fix crash when modprobe xen-vnif in a KVM guest (Chris Lalancette ) [487691] - [xen] xen reports bogus LowTotal (Chris Lalancette ) [428892] - [xen] wait 5 minutes for device connection (Chris Lalancette ) [396621] - [xen] only recover connected devices on resume (Chris Lalancette ) [396621] - [xen] ia64: fix bad mpa messages (Chris Lalancette ) [288511] - [net] handle non-linear packets in skb_checksum_setup (Herbert Xu ) [477012] - [fs] fix __page_symlink to be kabi friendly (Josef Bacik ) [445433] - [fs] ext3: convert to new aops (Josef Bacik ) [445433] - [mm] make new aops kABI friendly (Josef Bacik ) [445433] - [fs] fix symlink allocation context (Josef Bacik ) [445433] - [mm] iov_iter_advance fix, dont go off the end (Josef Bacik ) [445433] - [mm] fix infinite loop with iov_iter_advance (Josef Bacik ) [445433] - [mm] restore the KERNEL_DS optimisations (Josef Bacik ) [445433] - [gfs2] remove generic aops stuff (Josef Bacik ) [445433] - [fs] new cont helpers (Josef Bacik ) [445433] - [mm] introduce new aops, write_begin and write_end (Josef Bacik ) [445433] - [fs] splice: dont do readpage (Josef Bacik ) [445433] - [fs] splice: dont steal pages (Josef Bacik ) [445433] - [gfs2] remove static iov iter stuff (Josef Bacik ) [445433] - [mm] iov_iter helper functions (Josef Bacik ) [445433] - [mm] fix pagecache write deadlocks (Josef Bacik ) [445433] - [mm] write iovec cleanup (Josef Bacik ) [445433] - [mm] fix other users of __grab_cache_page (Josef Bacik ) [445433] - [mm] cleanup page caching stuff (Josef Bacik ) [445433] - [mm] cleanup error handling (Josef Bacik ) [445433] - [mm] clean up buffered write code (Josef Bacik ) [445433] - [mm] revert deadlock on vectored write fix (Josef Bacik ) [445433] - [mm] kill the zero-length iovec segments handling (Josef Bacik ) [445433] - [mm] revert KERNEL_DS buffered write optimisation (Josef Bacik ) [445433] - [mm] clean up pagecache allocation (Josef Bacik ) [445433] - [x86] move pci_video_fixup to later in boot (Prarit Bhargava ) [467785] - [usb] net: dm9601: upstream fixes for 5.4 (Ivan Vecera ) [471800] - [xen] ia64: fix FP emulation in a PV domain (Chris Lalancette ) [477098] - [xen] ia64: make sure guest pages dont change (Chris Lalancette ) [477098] - [xen] improve handle_fpu_swa (Chris Lalancette ) [477098] - [xen] ia64: fix windows 2003 BSOD (Chris Lalancette ) [479923] - [xen] x86: fix dom0 panic when using dom0_max_vcpus (Chris Lalancette ) [485119] - [xen] x86: silence WRMSR warnings (Chris Lalancette ) [470035] [2.6.18-136.el5] - Revert: [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [467942] - [ptrace] audit_syscall_entry to use right syscall number (Jiri Pirko ) [488002] {CVE-2009-0834} - [md] dm: check log bitmap will fit within the log device (Milan Broz ) [471565] - [nfs] add 'lookupcache' mount option for nfs shares (Sachin S. Prabhu ) [489285] - [nfs] add fine grain control for lookup cache in nfs (Sachin S. Prabhu ) [489285] - [net] tulip: MTU problems with 802.1q tagged frames (Ivan Vecera ) [484796] - [net] rtnetlink: fix sending message when replace route (Jiri Pirko ) [462725] - [s390] sclp: handle zero-length event buffers (Hans-Joachim Picht ) [487695] - [s390] dasd: DASDFMT not operating like CPFMTXA (Hans-Joachim Picht ) [484836] - [xen] fix blkfront bug with overflowing ring (Chris Lalancette ) [460693] - [net] ipv6: disallow IPPROTO_IPV6-level IPV6_CHECKSUM (Jiri Pirko ) [486204] - [ide] fix interrupt flood at startup w/ESB2 (James Paradis ) [438979] - [s390] cio: Properly disable not operational subchannel (Hans-Joachim Picht ) [487701] - [misc] kernel-headers: add serial_reg.h (Don Zickus ) [463538] [2.6.18-135.el5] - [s390] iucv: failing cpu hot remove for inactive iucv (Hans-Joachim Picht ) [485412] - [s390] dasd: fix waitqueue for sleep_on_immediatly (Hans-Joachim Picht ) [480161] - [ide] increase timeouts in wait_drive_not_busy (Stanislaw Gruszka ) [464039] - [x86_64] mce: do not clear an unrecoverable error status (Aristeu Rozanski ) [489692] - [wireless] iwlwifi: booting with RF-kill switch enabled (John W. Linville ) [482990] - [net] put_cmsg: may cause application memory overflow (Jiri Pirko ) [488367] - [x86_64] fix gettimeoday TSC overflow issue (Prarit Bhargava ) [467942] - [net] ipv6: check hop limit setting in ancillary data (Jiri Pirko ) [487406] - [net] ipv6: check outgoing interface in all cases (Jiri Pirko ) [486215] - [acpi] disable GPEs at the start of resume (Matthew Garrett ) [456302] - [crypto] include crypto headers in kernel-devel (Neil Horman ) [470929] - [net] netxen: rebase for RHEL-5.4 (tcamuso@redhat.com ) [485381] - [misc] signal: modify locking to handle large loads (AMEET M. PARANJAPE ) [487376] - [kexec] add ability to dump log from vmcore file (Neil Horman ) [485308] - [fs] ext3: handle collisions in htree dirs (Eric Sandeen ) [465626] - [acpi] use vmalloc in acpi_system_read_dsdt (Prarit Bhargava ) [480142] - [misc] make ioctl.h compatible with userland (Jiri Pirko ) [473947] - [nfs] sunrpc: add sv_maxconn field to svc_serv (Jeff Layton ) [468092] - [nfs] lockd: set svc_serv->sv_maxconn to a better value (Jeff Layton ) [468092] - [mm] decrement reclaim_in_progress after an OOM kill (Larry Woodman ) [488955] - [misc] sysrq-t: display backtrace for runnable processes (Anton Arapov ) [456588] [2.6.18-134.el5] - [dlm] fix length calculation in compat code (David Teigland ) [487672] - [net] ehea: remove adapter from list in error path (AMEET M. PARANJAPE ) [488254] - [x86] reserve low 64k of memory to avoid BIOS corruption (Matthew Garrett ) [471851] - [nfs] fix hung clients from deadlock in flush_workqueue (David Jeffery ) [483627] - [net] fix a few udp counters (Neil Horman ) [483266] - [ia64] use current_kernel_time/xtime in hrtimer_start() (Prarit Bhargava ) [485323] - [sata] libata: ahci withdraw IGN_SERR_INTERNAL for SB800 (David Milburn ) [474301] - [ata] libata: iterate padded atapi scatterlist (David Milburn ) [446086] - [x86] TSC keeps running in C3+ (Luming Yu ) [474091] - [acpi] fix C-states less efficient on certain machines (Luming Yu ) [484174] - [net] ipv6: fix getsockopt for sticky options (Jiri Pirko ) [484105 483790] - [ppc64] cell spufs: update to the upstream for RHEL-5.4 (AMEET M. PARANJAPE ) [475620] - [ppc64] cell: fix npc setting for NOSCHED contexts (AMEET M. PARANJAPE ) [467344] - [ppc64] handle null iommu dma-window property correctly (AMEET M. PARANJAPE ) [393241] - [net] e1000, bnx2: enable entropy generation (Ivan Vecera ) [439898] - Revert: [xen] console: make LUKS passphrase readable (Bill Burns ) [475986] - [gfs2] add UUID to gfs2 super block (Steven Whitehouse ) [242696] - [x86] consistent time options for x86_64 and i386 (Prarit Bhargava ) [475374] - [xen] allow > 4GB EPT guests on i386 (Chris Lalancette ) [478522] - [xen] clear screen to make LUKS passphrase visible (Bill Burns ) [475986] [2.6.18-133.el5] - [net] fix oops when using openswan (Neil Horman ) [484590] - [net] bonding: fix arp_validate=3 slaves behaviour (Jiri Pirko ) [484304] - [serial] 8250: fix boot hang when using with SOL port (Mauro Carvalho Chehab ) [467124] - [usb] sb600/sb700: workaround for hang (Pete Zaitcev ) [471972] - [gfs2] make quota mount option consistent with gfs (Bob Peterson ) [486168] - [xen] pv-block: remove anaconda workaround (Don Dutile ) [477005] - [ppc64] power7: fix /proc/cpuinfo cpus info (AMEET M. PARANJAPE ) [486649] - [net] skfp_ioctl inverted logic flaw (Eugene Teo ) [486540] {CVE-2009-0675} - [net] memory disclosure in SO_BSDCOMPAT gsopt (Eugene Teo ) [486518] {CVE-2009-0676} - [net] enic: upstream update to version 1.0.0.933 (Andy Gospodarek ) [484824] - [mm] cow vs gup race fix (Andrea Arcangeli ) [471613] - [mm] fork vs gup race fix (Andrea Arcangeli ) [471613] - [gfs2] parsing of remount arguments incorrect (Bob Peterson ) [479401] - [ppc64] eeh: disable/enable LSI interrupts (AMEET M. PARANJAPE ) [475696] - [x86] limit max_cstate to use TSC on some platforms (Tony Camuso ) [470572] - [ptrace] correctly handle ptrace_update return value (Jerome Marchand ) [483814] - [dlm] fix plock notify callback to lockd (David Teigland ) [470074] - [input] wacom: 12x12 problem while using lens cursor (Aristeu Rozanski ) [484959] - [wireless] ath5k: update to F10 version (Michal Schmidt ) [479049] - [xen] disable suspend in kernel (Justin M. Forbes ) [430928] - [net] ipv6: update setsockopt to support RFC 3493 (Jiri Pirko ) [484971] - [net] ipv6: check length of userss optval in setsockopt (Jiri Pirko ) [484977] - [scsi] handle work queue and shost_data setup failures (mchristi@redhat.com ) [450862] - [net] skbuff: fix oops in skb_seq_read (mchristi@redhat.com ) [483285] - [net] sky2: update driver for RHEL-5.4 (Neil Horman ) [484712] - [net] ipv6: Hop-by-Hop options header returned bad value (Jiri Pirko ) [483793] - [pci] fix MSI descriptor leak during hot-unplug (James Paradis ) [484943] - [net] improve udp port randomization (Vitaly Mayatskikh ) [480951] - [misc] ia64, s390: add kernel version to panic output (Prarit Bhargava ) [484403] - [x86-64] fix int db_5.RHSA-2009-1243x80 -ENOSYS return (Vitaly Mayatskikh ) [481682] - [net] dont add NAT extension for confirmed conntracks (Herbert Xu ) [481076] - [xen] fbfront dirty race (Markus Armbruster ) [456893] - [net] ehea: improve behaviour in low mem conditions (AMEET M. PARANJAPE ) [483148] - [net] fix icmp_send and icmpv6_send host re-lookup code (Jiri Pirko ) [439670] - [scsi] ibmvscsi: N-Port-ID support on ppc64 (AMEET M. PARANJAPE ) [474701] - [xen] guest crash when host has >= 64G RAM (Rik van Riel ) [448115] - [ppc] cell: add support for power button on blades (AMEET M. PARANJAPE ) [475658] - [ppc64] serial_core: define FIXED_PORT flag (AMEET M. PARANJAPE ) [475621] - [s390] cio: I/O error after cable pulls 2 (Hans-Joachim Picht ) [479878] - [misc] ptrace, utrace: fix blocked signal injection (Jerome Marchand ) [451849] - [xen] irq: remove superfluous printk (Rik van Riel ) [456095] - [s390] qeth: print HiperSocket version on z9 and later (Hans-Joachim Picht ) [479881] - [s390] qeth: crash in case of layer mismatch for VSWITCH (Hans-Joachim Picht ) [476205] - [s390] qdio: only 1 buffer in INPUT_PROCESSING state (Hans-Joachim Picht ) [479867] - [s390] disable cpu topology support by default (Hans-Joachim Picht ) [475797] - [s390] qeth: unnecessary support ckeck in sysfs route6 (Hans-Joachim Picht ) [474469] - [s390] cio: ccwgroup online vs. ungroup race condition (Hans-Joachim Picht ) [479879] - [s390] dasd: dasd_device_from_cdev called from interrupt (Hans-Joachim Picht ) [474806] - [misc] minor signal handling vulnerability (Oleg Nesterov ) [479964] {CVE-2009-0028} [2.6.18-132.el5] - [firmware] dell_rbu: prevent oops (Don Howard ) [482942] - [fs] lockd: improve locking when exiting from a process (Peter Staubach ) [448929] - [misc] backport RUSAGE_THREAD support (Jerome Marchand ) [451063] - [gfs2] panic in debugfs_remove when unmounting (Abhijith Das ) [483617] - [nfs] memory corruption in nfs3_xdr_setaclargs (Sachin S. Prabhu ) [479432] - [nfs] fix hangs during heavy write workloads (Peter Staubach ) [469848] - [pci] msi: set 'En' bit for devices on HT-based platform (Andy Gospodarek ) [290701] - [net] ipt_REJECT: properly handle IP options (Ivan Vecera ) [473504] - [ppc] cell: fix GDB watchpoints (AMEET M. PARANJAPE ) [480239] - [edac] add i5400 driver (Mauro Carvalho Chehab ) [462895] - [xen] fix disappearing PCI devices from PV guests (Bill Burns ) [233801] - [net] s2io: flush statistics when changing the MTU (AMEET M. PARANJAPE ) [459514] - [scsi] no-sense msgs, data corruption, but no i/o errors (Rob Evers ) [468088] - [powerpc] wait for a panic_timeout > 0 before reboot (AMEET M. PARANJAPE ) [446120] - [ppc64] cell: axon-msi: Retry on missing interrupt (AMEET M. PARANJAPE ) [472405] - [ppc] MSI interrupts are unreliable on IBM QS21 and QS22 (AMEET M. PARANJAPE ) [472405] - [crypto] des3_ede: permit weak keys unless REQ_WEAK_KEY (Jarod Wilson ) [474394] - [ata] JMB361 only has one port (Prarit Bhargava ) [476206] - [net] r8169: disable the ability to change MAC address (Ivan Vecera ) [475867] - [misc] futex.h: remove kernel bits for userspace header (Anton Arapov ) [475790] - [fs] inotify: send IN_ATTRIB event on link count changes (Eric Paris ) [471893] - [misc] ppc64: large sends fail with unix domain sockets (Larry Woodman ) [461312] - [audit] misc kernel fixups (Alexander Viro ) [475330] - [audit] records for descr created by pipe and socketpair (Alexander Viro ) [475278] - [audit] control character detection is off-by-one (Alexander Viro ) [475150] - [audit] fix kstrdup error check (Alexander Viro ) [475149] - [audit] assorted audit_filter_task panics on ctx == NULL (Alexander Viro ) [475147] - [audit] increase AUDIT_MAX_KEY_LEN (Alexander Viro ) [475145] - [nfs] race with nfs_access_cache_shrinker() and umount (Peter Staubach ) [469225] - [nfs] lockd: handle long grace periods correctly (Peter Staubach ) [474590] - [crypto] ansi_cprng: fix inverted DT increment routine (Jarod Wilson ) [471281] - [crypto] ansi_cprng: extra call to _get_more_prng_bytes (Jarod Wilson ) [471281] - [fs] proc: Proportional Set Size calculation and display (Larry Woodman ) [471969] - [video] avoid writing outside shadow.bytes array (Mauro Carvalho Chehab ) [471844] - [fs] need locking when reading /proc/<pid>/oom_score (Larry Woodman ) [470459] - [x86] memmap=X does not yield new map (Prarit Bhargava ) [464500] - [s390] qeth: avoid problems after failing recovery (Hans-Joachim Picht ) [468019] - [s390] qeth: avoid skb_under_panic for bad inbound data (Hans-Joachim Picht ) [468075] - [s390] sclp: incorrect softirq disable/enable (Hans-Joachim Picht ) [468021] - [crypto] export DSA_verify as a gpl symbol (Jarod Wilson ) [470111] - [s390] lcs: output request completion with zero cpa val (Hans-Joachim Picht ) [463165] - [s390] dasd: oops when Hyper PAV alias is set online (Hans-Joachim Picht ) [458155] - [s390] ipl: file boot then boot from alt dev wont work (Hans-Joachim Picht ) [458115] - [s390] zfcp: remove messages flooding the kernel log (Hans-Joachim Picht ) [455260] - [snd] fix snd-sb16.ko compile (Prarit Bhargava ) [456698] [2.6.18-131.el5] - [scsi] libata: sas_ata fixup sas_sata_ops (David Milburn ) [483171] - [fs] ecryptfs: readlink flaw (Eric Sandeen ) [481607] {CVE-2009-0269} - [crypto] ccm: fix handling of null assoc data (Jarod Wilson ) [481031] - [misc] fix leap second hang (Prarit Bhargava ) [479765] - [qla2xxx] correct endianness during flash manipulation (Marcus Barrow ) [481691] - [net] gso: ensure that the packet is long enough (Jiri Pirko ) [479927] - [audit] remove bogus newlines in EXECVE audit records (Jiri Pirko ) [479412] - [ppc] dont reset affinity for secondary MPIC on boot (AMEET M. PARANJAPE ) [480801] - [nfs] knfsd: alloc readahead cache in individual chunks (Jeff Layton ) [459397] - [nfs] knfsd: read-ahead cache, export table corruption (Jeff Layton ) [459397] - [nfs] knfsd: replace kmalloc/memset with kcalloc (Jeff Layton ) [459397] - [nfs] knfsd: make readahead params cache SMP-friendly (Jeff Layton ) [459397] - [crypto] fix sha384 blocksize definition (Neil Horman ) [469167] [2.6.18-130.el5] - [security] keys: introduce missing kfree (Jiri Pirko ) [480598] {CVE-2009-0031} - [net] ixgbe: frame reception and ring parameter issues (Andy Gospodarek ) [475625] - [net] tcp-lp: prevent chance for oops (Ivan Vecera ) [478638] - [misc] fix memory leak during pipe failure (Benjamin Marzinski ) [478643] - [block] enforce a minimum SG_IO timeout (Eugene Teo ) [475406] {CVE-2008-5700} - [x86] pci domain: re-enable support on blacklisted boxes (Prarit Bhargava ) [474891] - [fs] link_path_walk sanity, stack usage optimization (Anton Arapov ) [470139] - [x86_64] incorrect cpu_khz calculation for AMD processor (Prarit Bhargava ) [467782] - [crypto] fips: panic kernel if we fail crypto self tests (Neil Horman ) [462909] - [genkey] increase signing key length to 1024 bits (Neil Horman ) [413241] - [x86] kdump: lockup when crashing with console_sem held (Neil Horman ) [456934] - [fs] ext[234]: directory corruption DoS (Eugene Teo ) [459604] {CVE-2008-3528} [2.6.18-129.el5] - [gfs2] mount attempt hangs if no more journals available (Bob Peterson ) [475312] - [sched] fix clock_gettime monotonicity (Peter Zijlstra ) [477763] - [nfs] create rpc clients with proper auth flavor (Jeff Layton ) [465456] - [nfs] handle attribute timeout and u32 jiffies wrap (Jeff Layton ) [460133] - [net] deadlock in Hierarchical token bucket scheduler (Neil Horman ) [474797] - [net] sctp: overflow with bad stream ID in FWD-TSN chunk (Eugene Teo ) [478805] {CVE-2009-0065} - [md] fix oops with device-mapper mirror target (Heinz Mauelshagen ) [472558] - [openib] restore traffic in connected mode on HCA (AMEET M. PARANJAPE ) [477000] - [net] add preemption point in qdisc_run (Jiri Pirko ) [471398] {CVE-2008-5713} - [wireless] iwl: fix BUG_ON in driver (Neil Horman ) [477671] - [x86_64] copy_user_c assembler can leave garbage in rsi (Larry Woodman ) [456682] - [misc] setpgid returns ESRCH in some situations (Oleg Nesterov ) [472433] - [s390] zfcp: fix hexdump data in s390dbf traces (Hans-Joachim Picht ) [470618] - [fs] hfsplus: fix buffer overflow with a corrupted image (Anton Arapov ) [469638] {CVE-2008-4933} - [fs] hfsplus: check read_mapping_page return value (Anton Arapov ) [469645] {CVE-2008-4934} - [fs] hfs: fix namelength memory corruption (Anton Arapov ) [470773] {CVE-2008-5025} - [net] netlink: fix overrun in attribute iteration (Eugene Teo ) [462283] IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-0745 CVE-2009-0746 CVE-2009-0747 CVE-2009-0748 CVE-2009-2847 CVE-2009-2848 Oracle Linux 5 [3.7.11-4] - Resolves: #461922 - lftp 'help mirror' does not display all options defined in manpage [3.7.11-3] - Resolves: #504594 - Alias ''edit' has multiple flaws [3.7.11-2] - Resolves: #504591 - Problems with spaces in file names over HTTP - Resolves: #504594 - Alias ''edit' has multiple flaws [3.7.11-1] - Resolves: #468858 - Clean up lftp source code - corrected licensing - Resolves: #458777 - License conflict between OpenSSL and GNU GPL v2 licenses in lftp - Resolves: #461922 - lftp 'help mirror' does not display all options defined in manpage - Resolves: #308721 - re-base to latest upstream 3.7.11 [3.7.3-1] - Resolves: #308721 rebase to latest upstream - Resolves: #239334 solves CVE-2007-2348 - Resolves: #422881 fixes bug with -c options - Resolves: #434294 fixes bug in (m)put with usage -c option LOW Copyright 2009 Oracle, Inc. CVE-2007-2348 Oracle Linux 5 [4.3p2-36] - tiny change in chroot sftp capability into openssh-server solve ls speed problem (#440240) [4.3p2-35] - workaround to plaintext recovery attack against CBC ciphers CVE-2008-5161 (#502230) [4.3p2-34] - disable protocol 1 in the FIPS mode [4.3p2-33] - fix scp hangup on exit (#454812) - call integrity checks only on binaries which are part of the OpenSSH FIPS modules [4.3p2-32] - log if FIPS mode is initialized (#492363) - check the integrity of the binaries in the FIPS mode (#467268) [4.3p2-31] - fix ssh hangup on exit (#454812) [4.3p2-30] - add chroot sftp capability into openssh-server (#440240) LOW Copyright 2009 Oracle, Inc. CVE-2008-5161 Oracle Linux 5 [5.0.77-3] - Add fix for CVE-2009-2446 (format string vulnerability in COM_CREATE_DB and COM_DROP_DB processing) Resolves: #512200 [5.0.77-2] - Back-port upstream fix for CVE-2008-4456 (mysql command line client XSS flaw) Resolves: #502169 [5.0.77-1] - Update to MySQL 5.0.77, for numerous fixes described at http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-77.html including low-priority security issues CVE-2008-2079, CVE-2008-3963 Resolves: #448487, #448534, #452824, #453156, #455619, #456875 Resolves: #457218, #462534, #470036, #476896, #479615 - Improve mysql.init to pass configured datadir to mysql_install_db, and to force user=mysql for both mysql_install_db and mysqld_safe. Resolves: #450178 - Fix mysql.init to wait correctly when socket is not in default place Resolves: #435494 MODERATE Copyright 2009 Oracle, Inc. CVE-2008-2079 CVE-2008-3963 CVE-2008-4456 CVE-2009-2446 Oracle Linux 5 [75-4] - fix EOF handling (#499367) - add icon to gui desktop file [75-3] - ask for password confirmation when creating openssl key (#500850) - removed executable permission from ecryptfs-dot-private (#500817) - ecryptfs-rewrite-file: improve of progress output (#500813) - dont error out when unwrapping and adding a key that already exists (#500810) - fix typo in ecryptfs-rewrite-file(1) (#500804) - add error message about full keyring (#501460) - gui sub-package must requires pygtk2-libglade (#500997) - require cryptsetup-luks for encrypted swap (#500824) - use blkid instead of vol_id (#500820) - dont rely on cryptdisks service (#500829) [75-2] - dont hang when used with wrong/missing stdin (#499367) - dont print error when key already removed (#499167) - refuse mounting with too small rsa key (#499175) - dont error out when adding key that already exists (#500361) - allow only working key sizes (#500352) - retutn nonzero when fnek is not supported (#500566) - add icon for Access-Your-Private-Data.desktop file (#500623) - fix information about openssl_passwd in openssl_passwd_file (#499128) - dont list mount.ecryptfs_private twice [75-1] - update to 75 and drop some patches [74-24] - add suid mount.ecryptfs_private, restrict it to ecryptfs group [74-23] - skip releases -2 - -22 to be sure its always newer nvr [74-22] - drop setuid for mount.ecryptfs_private - resolves: #482834 [74-1] - update to 74 - fix difference between apps. real names and names in usage messages (#475969) - describe verobse and verbosity=X in man page (#470444) - adding passphrase to keyring is fixed (#469662) - mount wont fail with wrong/empty input to yes/no questions (#466210) - try to load modules instead of failing when its missing (#460496) - fix wrong return codes (#479429) - resolves: #482834 LOW Copyright 2009 Oracle, Inc. CVE-2008-5188 Oracle Linux 5 [1.0.9-42 ] - mountd: Check host alias with netgroups (bz 478952) - exportfs: fixed typo in man page (bz 474848) - nfs.init: NFS server reboot results in 'Stale NFS file handle' (bz 474449) - nfslock.init: options not correctly parsed (bz 459591) - mount.nfs: mounts fail with read-only /etc (bz 450646) - nfslock.init: lockd not using settings in sysconfig/nfs (bz 434795) - tcpwrappers: updated code to correctly use api (bz 494878) - nhfsstone: added v3 and v4 support (bz 465933) - mount.nfs: add support for lookupcache= option (bz 489335). [1.0.9-41] - clarify 'mount request from unknown host' log message from mountd (bz 463578) LOW Copyright 2009 Oracle, Inc. CVE-2008-4552 Oracle Linux 5 [0.9.8e-12] - abort if selftests failed and random number generator is polled - mention EVP_aes and EVP_sha2xx routines in the manpages - add README.FIPS [0.9.8e-10] - fix CVE-2009-1386 CVE-2009-1387 (DTLS DoS problems) (#503685, #503688) [0.9.8e-9] - fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 (DTLS DoS problems) (#501253, #501254, #501572) [0.9.8e-8] - support multiple CRLs with same subject in a store (#457134) - fix CVE-2009-0590 - reject incorrectly encoded ASN.1 strings (#492304) - seed FIPS rng directly from kernel random device - do not require fipscheck to build the package (#475798) - call pairwise key tests in FIPS mode only (#479817) - do not crash when parsing bad mime data (#472440) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0590 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2006-7250 Oracle Linux 5 [0.1.62-1] - Fix man page references to fsck.gfs2. - Resolves: rhbz#477072 [0.1.61-1] - fsck.gfs2 no longer segfaults when fixing 'EA leaf block type' problems. - Resolves: rhbz#510758 [0.1.60-1] - When '/' is a gfs2 file system it is now properly mounted without an error. - Resolves: rhbz#507893 [0.1.59-1] - gfs_convert -vy now works properly on a ppc system. - Resolves: rhbz#506629 [0.1.58-1] - Fixed an issue with the gfs2_edit savemeta function not saving blocks of type 2. - Resolves: rhbz#502056 [0.1.57-1] - A gfs filesystems metadata is now properly copied with 'gfs2_edit savemeta' - Resolves: rhbz#501732 [0.1.56-1] - gfs2_fsck now properly fixes journal sequence numbers - The debugfs mount point has been randomized to prevent symlink attacks - Resolves: rhbz#498646 rhbz#498950 [0.1.55-1] - gfs2_convert now properly frees blocks when removing a file with a height greater than 1 - Updated man pages - Added options to gfs2_tool df to provide more human readable output - GFS2 utilities now use and provide filesystem UUID - gfs2_fsck now uses the proper return codes - gfs2_edit has been updated - gfs2_tool df no longer segfaults on a non-4k block size - gfs2_grow no longer references the '-r' option - gfs2_convert no longer causes filesystem corruption - gfs2_edit has been improved to help differentiate between zero-data and non-zero data from pointers - gfs2_edit now properly saves the per-node quota files - A segfault in gfs2_fsck as been fixed - Resolves: rhbz#474707 rhbz#477072 rhbz#480833 rhbz#242701 rhbz#474705 rhbz#483799 rhbz#485761 rhbz#486034 rhbz#490136 rhbz#483799 rhbz#496330 LOW Copyright 2009 Oracle, Inc. CVE-2008-6552 Oracle Linux 5 [2.0.52-1.0.1] - Update summary and description to be vendor neutral [2.0.52-1] - When vm.sh does a status check and gets 'no state' it is now treated as a running state. - Resolves: rhb#514044 [2.0.51-1] - In some cases virtual machines will be restarted after a successful migration when the cluster configuration is updated. - Resolves: rhbz#505340 [2.0.50-1] - Extra checks from the oracle agents have been removed. - Several fixes to prevent DOS attacks through insecure use of /tmp/ files have been implemented. - vm.sh now uses libvirt - Users can now define an explicit service processing order when central_processing is enabled - Resolves: rhbz#470917 rhbz#412911 rhbz#468691 rhbz#492828 [2.0.49-1] - Rgmanger now checks to see if it has been killed by the OOM killer and if so, reboots the node. - Resolves: rhbz#488072 [2.0.48-1] - clulog now accepts '-' as the first character in messages. - If expire_time is 0 max_restarts is no longer ignored. - SAP scripts have been updated. - Empty PID files no longer cause resource start failures. - Recovery policy of type restart now works properly when using a resource based on ra-skelet.sh - startup_wait option has been added to the mysql resource agent. - samba.sh now kills the pid listed in the proper pid file. - Handling of '-F' has been improved to fix issues with rgmanager crashing if no members of a restricted failover domain are online and rgmanager failing to correctly restart service is they fail on the first node. - Enabled ability to prioritize services. - It is now possible to cap the number of simultaneious status checks to prevent load spikes. - Enabling a frozen service no longer fails and leaves the service in a failed state. - Forking and cloning during status checks has been optimized to reduce load spikes. - rg_test no longers hangs when running against a cluster due to the removal of an 8MB memory cap. - Resolves: rhbz#471431 rhbz#475826 rhbz#474444 rhbz#449394 rhbz#481058 rhbz#483093 rhbz#486711 rhbz#486717 rhbz#482858 rhbz#487598 rhbz#488714 rhbz#250718 rhbz#490455 LOW Copyright 2009 Oracle, Inc. CVE-2008-6552 Oracle Linux 5 [2.0.115-1] - RSA II fencing agent has been fixed. - Resolves: rhbz#493802 [2.0.114-1] - local variable 'verbose_filename' referenced before assignment has been fixed - RSA II fencing agent has been fixed. - Resolves: rhbz#493802 rhbz#514758 [2.0.113-1] - Limitations with 2-node fence_scsi are now properly documented in the man page. - Resolves: rhbz#512998 [2.0.112-1] - The pexpect exception is now properly checked in fence agents. - Resolves: rhbz#501586 [2.0.111-1] - cman_tool leave remove does now properly reduces quorum. - Resolves: rhbz#505258 [2.0.110-1] - Updated fence_lpar man page to remove options that do not yet exist. - Resolves: rhbz#498045 [2.0.108-1] - A semaphore leak in cman has been fixed. - Resolves: rhbz#505594 [2.0.107-1] - Added man page for lpar fencing agent (fence_lpar). - Resolves: rhbz#498045 [2.0.106-1] - The lssyscfg command can take longer than the shell timeout which will cause fencing to fail, we now wait longer for the lssyscfg command to complete. - Resolves: rhbz#504705 [2.0.105-1] - The fencing agents no longer fail with pexpect exceptions. - Resolves: rhbz#501586 [2.0.104-1] - Broadcast communcations are now possible with cman - fence_lpar can now login to IVM systems - Resolves: rhbz#502674 rhbz#492808 [2.0.103-1] - fence_apc no longer fails with a pexpect exception - symlink vulnerabilities in fance_apc_snmp were fixed - The virsh fencing agent was added. - Resolves: rhbz#496629 rhbz#498952 rhbz#501586 [2.0.102-1] - Correct return code is checked during disk scanning check. - Resolves: rhbz#484956 [2.0.101-1] - The SCSI fence agent now verifies that sg_persist is installed properly. - The DRAC5 fencing agent now properly handles a modulename. - QDisk now logs warning messages if it appears it's I/O to shared storage is hung. - Resolves: rhbz#496724 rhbz#500450 rhbz#500567 [2.0.100-1] - Support has been added for ePowerSwitch 8+ devices - cluster.conf files can now have more than 52 entries inside a block inside [block] - The output of the group_tool dump sub commands are no longer NULL padded. - Using device='' instead of label='' no longer causes qdiskd to incorrectly exit - The IPMI fencing agent has been modified to timeout after 10 seconds. It is also now possible to specify a different timeout with the '-t' option. - The IPMI fencing agent now allows punctuation in the password - Quickly starting and stopping the cman service no longer causes the cluster membership to become inconsistent across the cluster - An issue with lock syncing causing 'receive_own from ...' errors in syslog has been fixed - An issue which caused gfs_controld to segfault when mounting hundreds of filesystems has been fixed - The LPAR fencing agent now properly reports status when an LPAR is in Open Firmware - The APC SNMP fencing agent now properly recognizes outletStatusOn and outletStatusOff returns codes from the SNMP agent - WTI Fencing agent can now connect to fencing devices with no password - The rps-10 fencing agent now properly performs a reboot when run with no options. - The IPMI fencing agent now supports different cipher types with the '-C' option - Qdisk now properly scans devices and partitions - Added support for LPAR/HMC v3 - cman now checks to see if a new node has state to prevent killing the first node during cluster setup - service qdiskd start now works properly - The McData fence agent now works properly with the Sphereon 4500 model - The Egenera fence agent can now specify an ssh login name - APC Fence agent works with non-admin accounts with firmware 3.5.x - fence_xvmd now tries two methods to reboot a virtual machine - Connections to openais are now allowed from unprivileged CPG clients with user and group of 'ais' - Support has been added for Cisco 9124/9134 SAN switches - groupd no longer allows the default fence domain to be '0' which would cause rgmanager to hang - The RSA fence agent now supports ssh enabled RSA II devices - DRAC fence agent now works with iDRAC on the Dell M600 Blade Chassis - fence_drac5 now shows proper usage instructions - cman no longer uses the wrong node name when getnameinfo() fails - The SCSI fence agent now verifies that sg_persist is installed properly - Resolves: rhbz#467112 rhbz#468966 rhbz#470318 rhbz#276541 rhbz#447964 rhbz#472786 rhbz#474163 rhbz#480401 rhbz#481566 rhbz#484095 rhbz#481664 rhbz#322291 rhbz#447497 rhbz#484956 rhbz#485700 rhbz#485026 rhbz#485199 rhbz#470983 rhbz#488958 rhbz#487501 rhbz#491640 rhbz#480178 rhbz#485469 rhbz#480836 rhbz#493207 rhbz#493802 rhbz#462390 rhbz#498329 rhbz#488565 rhbz#499871 LOW Copyright 2009 Oracle, Inc. CVE-2008-4579 CVE-2008-6552 Oracle Linux 5 [1:2.16.0-56] - Resolves: #239818 181302 - Fix tcp wrappers detection on 64-bit [1:2.16.0-55] Resolves: #196054 - Fix docs subpackage Requires [1:2.16.0-53] Resolves: #196054 - Add docs subpackage [1:2.16.0-52] Resolves: #226931 - Add te_IN translations [1:2.16.0-51] Resolves: #441971 - Make ctrl-alt-backspace at the login screen more robust [1:2.16.0-50] Resolves: #458331 - Add GDM to audio group by default. [1:2.16.0-49] Resolves: #474588 - Don't crash if defined extended input device is unplugged Patch by Olivier Fourdan. [1:2.16.0-48] Resolves: #239818 - Rebuild with tcp_wrappers build requires [1:2.16.0-47] Resolves: #473262 - Fix pointer on tablet devices. LOW Copyright 2009 Oracle, Inc. CVE-2009-2697 Oracle Linux 5 [6.3.6-1.1.el5_3.1] - Fix fetchmail various flaws (CVE-2007-4565, CVE-2008-2711, CVE-2009-2666) Resolves: #516269 MODERATE Copyright 2009 Oracle, Inc. CVE-2007-4565 CVE-2008-2711 CVE-2009-2666 Oracle Linux 5 [1.2.9-8.1.1] - Fix a security issue on short hmac lenght CVE-2009-0217 - Resolves: rhbz#516724 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0217 Oracle Linux 5 firefox: [3.0.14-1.0.1.el5_4] - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones [3.0.14-1] - Update to 3.0.14 [3.0.13-1] - Update to 3.0.13 nspr: [4.7.5-1] - Update to NSPR 4.7.5 xulrunner: [1.9.0.14-1.0.1.el5_4] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.0.14-1] - Update to 1.9.0.14 [1.9.0.13-1] - Update to 1.9.0.13 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-2654 CVE-2009-3070 CVE-2009-3071 CVE-2009-3072 CVE-2009-3074 CVE-2009-3075 CVE-2009-3076 CVE-2009-3077 CVE-2009-3078 CVE-2009-3079 Oracle Linux 5 [1.1.3-1.5] - Security: Fix Tunnel-Password zero-length attributes flaw (bug #521912) Resolves: RH BZ#522062 - rebase a couple of old patches (freeradius-0.9.0-com_err.patch, freeradius-1.0.0-samba3.patch) so they apply with fuzz=0 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3111 Oracle Linux 5 [0.25.5-10.el5_4.1] - add security fixes for CVE-2009-2473 CVE-2009-2474 (#521788) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2473 CVE-2009-2474 Oracle Linux 5 [2.6.18-164.2.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb ( John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] [2.6.18-164.2.1.el5] - [x86_64] kvm: bound last_kvm to prevent backwards time (Glauber Costa ) [524527 524076] - [x86] kvm: fix vsyscall going backwards (Glauber Costa ) [524527 524076] - [misc] fix RNG to not use first generated random block (Neil Horman ) [523289 522860] - [x86] kvm: mark kvmclock_init as cpuinit (Glauber Costa ) [524151 523450] - [x86_64] kvm: allow kvmclock to be overwritten (Glauber Costa ) [524150 523447] - [x86] kvmclock: fix bogus wallclock value (Glauber Costa ) [524152 519771] - [scsi] scsi_dh_rdace: add more sun hardware (mchristi@redhat.com ) [523237 518496] - [misc] cprng: fix cont test to be fips compliant (Neil Horman ) [523290 523259] - [net] bridge: fix LRO crash with tun (Andy Gospodarek ) [522636 483646] - Revert: [x86_64] fix gettimeoday TSC overflow issue - 1 (Don Zickus ) [489847 467942] - Revert: [net] atalk/irda: memory leak to user in getname (Danny Feng ) [519309 519310] {CVE-2009-3001 CVE-2009-3002} [2.6.18-164.1.1.el5] - [net] sky2: revert some phy power refactoring changes (Neil Horman ) [517976 509891] - [net] atalk/irda: memory leak to user in getname (Danny Feng ) [519309 519310] {CVE-2009-3001 CVE-2009-3002} - [x86_64] fix gettimeoday TSC overflow issue - 1 (Prarit Bhargava ) [489847 467942] - [md] prevent crash when accessing suspend_* sysfs attr (Danny Feng ) [518135 518136] {CVE-2009-2849} - [nfs] nlm_lookup_host: don't return invalidated nlm_host (Sachin S. Prabhu ) [517967 507549] - [net] bonding: tlb/alb: set active slave when enslaving (Jiri Pirko ) [517971 499884] - [nfs] r/w I/O perf degraded by FLUSH_STABLE page flush (Peter Staubach ) [521244 498433] - [SELinux] allow preemption b/w transition perm checks (Eric Paris ) [520919 516216] - [scsi] scsi_transport_fc: fc_user_scan correction (David Milburn ) [521239 515176] - [net] tg3: refrain from touching MPS (John Feeney ) [521241 516123] - [net] qlge: fix hangs and read performance (Marcus Barrow ) [519783 517893] - [scsi] qla2xxx: allow use of MSI when MSI-X disabled (Marcus Barrow ) [519782 517922] - [net] mlx4_en fix for vlan traffic (Doug Ledford ) [520906 514141] - [net] mlx4_core: fails to load on large systems (Doug Ledford ) [520908 514147] - [x86] disable kvmclock by default (Glauber Costa ) [520685 476075] - [x86] disable kvmclock when shuting the machine down (Glauber Costa ) [520685 476075] - [x86] re-register clock area in prepare_boot_cpu (Glauber Costa ) [520685 476075] - [x86] kvmclock smp support (Glauber Costa ) [520685 476075] - [x86] use kvm wallclock (Glauber Costa ) [520685 476075] - [x86_64] kvm clocksource's implementation (Glauber Costa ) [520685 476075] - [x86] kvm: import kvmclock.c (Glauber Costa ) [520685 476075] - [x86] kvm: import pvclock.c and headers (Glauber Costa ) [520685 476075] - [x86] export additional cpu flags in /proc/cpuinfo (Prarit Bhargava ) [520686 517928] - [x86] detect APIC clock calibration problems (Prarit Bhargava ) [521238 503957] - [x86] pnpacpi: fix serial ports on IBM Point-of-Sale HW (Kevin Monroe ) [520905 506799] MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2849 Oracle Linux 5 [2.3.7-7.0.1.el5_4.3] - Enabled lm_sensors-devel build dependency for x86 and x86_64 only [2.3.7-7.3] - fix more buffer overflows in cyrus sieve (CVE-2009-3235) [2.3.7-7.2] - bump release for rebuild [2.3.7-7.1] - fix buffer overflow in cyrus sieve (#521011) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-2632 CVE-2009-3235 Oracle Linux 5 [0.52.2-12.el5_4.1] - fix buffer overflow in textbox when reflowing (#524618, CVE-2009-2905) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2905 Oracle Linux 5 [83-105.0.1.el5_4.7] - Add kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-105.el5_4.7] - kvm-qemu-virtio-net-do-not-return-stack-pointer-from-fun.patch [bz#524557] - Resolves: bz#524557 (QEMU crash (during virtio-net WHQL tests for Win2008 R2)) [kvm-83-105.el5_4.6] - kvm-Revert-update_refcount-Write-complete-sectors.patch [bz#520693] - kvm-Revert-alloc_cluster_link_l2-Write-complete-sectors.patch [bz#520693] - kvm-Revert-Combined-patch-of-two-upstream-commits-the-se.patch [bz#520693] - kvm-Revert-qcow2-Update-multiple-refcounts-at-once.patch [bz#520693] - kvm-Revert-qcow2-Refactor-update_refcount.patch [bz#520693] - Related: bz#520693 (Bad qcow2 performance with cache=off) [kvm-83-105.el5_4.5] - kvm-kernel-KVM-VMX-Optimize-vmx_get_cpl.patch [bz#524125 bz#524125] - kvm-kernel-KVM-x86-Disallow-hypercalls-for-guest-callers-in-rin.patch [bz#524125 bz#524125] - Resolves: bz#524125 (kernel: KVM: x86: Disallow hypercalls for guest callers in rings > 0 [rhel-5.4.z]) [83-105.el5_4.4] - kvm-kernel-reset-hflags-on-cpu-reset.patch [bz#520694] - Resolves: bz#520694 (NMI filtering for AMD (Windows 2008 R2 KVM guest can not restart when set it as multiple cpus)) [83-105.el5_4.3] - kvm-kernel-Fix-coalesced-interrupt-reporting-in-IOAPIC.patch [bz#521794] - kvm-kernel-VMX-Fix-cr8-exiting-control-clobbering-by-EPT.patch [bz#521793] - Resolves: bz#521793 (windows 64 bit does vmexit on each cr8 access.) - Resolves: bz#521794 (rtc-td-hack stopped working. Time drifts in windows) - kvm-qcow2-Refactor-update_refcount.patch [bz#520693] - kvm-qcow2-Update-multiple-refcounts-at-once.patch [bz#520693] - kvm-Combined-patch-of-two-upstream-commits-the-second-fi.patch [bz#520693] - kvm-alloc_cluster_link_l2-Write-complete-sectors.patch [bz#520693] - kvm-update_refcount-Write-complete-sectors.patch [bz#520693] - Resolves: bz#520693 (Bad qcow2 performance with cache=off) [83-105.el5_4.2] - Update kversion to 2.6.18-164.el5 to match build root - kvm-kernel-add-nmi-support-to-svm.patch [bz#520694] - Resolves: bz#520694 (NMI filtering for AMD (Windows 2008 R2 KVM guest can not restart when set it as multiple cpus)) [83-105.el5_4.1] - Update kversion to 2.6.18-162.el5 - kvm-Initialize-PS2-keyboard-mouse-state-on-reset.patch [bz#517855] - Resolves: bz#517855 (guest not accepting keystrokes or mouse clicks after reboot) IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-3290 Oracle Linux 5 [4.3p2-36.2] - minimize chroot patch to be compatible with upstream (#522141) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2904 Oracle Linux 5 [0.11.1-6.1] - fix #235411 - CVE-2007-2027 - elinks tries to load .po files from non-absolute path - fix #523258 - CVE-2008-7224 - entity_cache static array buffer overflow IMPORTANT Copyright 2009 Oracle, Inc. CVE-2007-2027 CVE-2008-7224 Oracle Linux 5 [3.0.3-94.el5_4.1] - Fix race condition on domain reboot (rhbz 525143) - Avoid multiple restarts of a domain (rhbz 525141) - Add grub.conf password protection support to pygrub (rhbz 525142) - Ignore unimplemented PHYSDEVOP_map_pirq (rhbz 525149) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3525 Oracle Linux 5 [8.1.18-2.el5_4.1] - Remove unnecessary .o file that confuses TPS tests Related: #525284 [8.1.18-1.el5_4.1] - Update to PostgreSQL 8.1.18 to fix CVE-2009-0922, CVE-2009-3230, and assorted other bugs described at http://www.postgresql.org/docs/8.1/static/release.html Resolves: #525284 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-0922 CVE-2009-3230 Oracle Linux 5 [1.4.8-5.0.1.el5_4.10] - Remove Redhat splash screen images [1.4.8-5.10] - fix: CVE-2009-2964 : CSRF issues in all forms - extend to all forms [1.4.8-5.9] - fix: CVE-2009-2964 : CSRF issues in all forms - add missing parts [1.4.8-5.8] - fix: CVE-2009-2964 : CSRF issues in all forms MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2964 Oracle Linux 5 [0.5.4-4.4.el5_4.11] - Fixes various flaws addressed in bugs #526637, #526893 and #526915 which were tracked in #527403. - Resolves: #527403 [0.5.4-4.4.el5_4.10] - Add poppler-0.5.4-JBIG2-segment-reading.patch to fix reading of arithmetically encoded JBIG2 images with unknown length. - Resolves: #528147 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-3603 CVE-2009-3608 CVE-2009-3609 Oracle Linux 5 [1:1.3.7-11:.3] - Include NULL pointer check in ObjectStream::getObject. Part of the fix for CVE-2009-3608 (bug #526637). [1:1.3.7-11:.2] - Applied patch to fix CVE-2009-3608 (bug #526637) and CVE-2009-3609 (bug #526893). MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3608 CVE-2009-3609 Oracle Linux 5 [3.0.33-3.15.el5] - Security Release, fixes CVE-2009-1888, CVE-2009-2813, CVE-2009-2948 and CVE-2009-2906 - resolves: #526660 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 Oracle Linux 5 firefox: [3.0.15-3.0.1.el5_4] - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones [3.0.15-3] - Rebuild due to Mozilla's respin [3.0.15-2] - Rebuild due to xulrunner changes [3.0.15-1] - Update to 3.0.15 nspr: [4.7.6-1] - update to 4.7.6 xulrunner: [1.9.0.15-3.0.1.el5_4] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.0.15-3] - Rebuild due to Mozilla's respin [1.9.0.15-2] - Added remedy patch [1.9.0.15-1] - Update to 1.9.0.15 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-1563 CVE-2009-3274 CVE-2009-3370 CVE-2009-3372 CVE-2009-3373 CVE-2009-3374 CVE-2009-3375 CVE-2009-3376 CVE-2009-3380 CVE-2009-3382 CVE-2009-3384 Oracle Linux 5 [2.6.18-164.6.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb ( John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] [2.6.18-164.6.1.el5] - [fs] fix pipe null pointer dereference (Jeff Moyer) [530938 530939] {CVE-2009-3547} - [security] require root for mmap_min_addr (Eric Paris ) [518142 518143] {CVE-2009-2695} - [net] lvs: adjust sync protocol handling for ipvsadm -2 (Neil Horman ) [528645 524129] - [xen] allow booting with broken serial hardware (Chris Lalancette ) [524153 518338] [2.6.18-164.5.1.el5] - [fs] eCryptfs: prevent lower dentry from going negative (Eric Sandeen ) [527834 527835] {CVE-2009-2908} - [nfs] v4: reclaimer thread stuck in an infinite loop (Sachin S. Prabhu ) [529162 526888] - [net] r8169: avoid losing MSI interrupts (Ivan Vecera ) [529366 514589] - [scsi] st.c: memory use after free after MTSETBLK ioctl (David Jeffery ) [528133 520192] - [net] r8169: balance pci_map/unmap pair, use hw padding (Ivan Vecera ) [529143 515857] {CVE-2009-3613} [2.6.18-164.4.1.el5] - [net] bonding: set primary param via sysfs (Jiri Pirko ) [517971 499884] - [scsi] fusion: re-enable mpt_msi_enable option (Tomas Henzl ) [526963 520820] - [net] ipt_recent: sanity check hit count (Amerigo Wang ) [527434 523982] - [net] ipv4: ip_append_data handle NULL routing table (Jiri Pirko ) [527436 520297] - [nfs] fix cache invalidation problems in nfs_readdir (Jeff Layton ) [526960 511170] - [net] tc: fix unitialized kernel memory leak (Jiri Pirko ) [520994 520863] [2.6.18-164.3.1.el5] - [nfs] knfsd: fix NFSv4 O_EXCL creates (Jeff Layton ) [522163 524521] {CVE-2009-3286} IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-2695 CVE-2009-2908 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3613 Oracle Linux 5 [1.11.4-3] - add fix for CVE-2009-3490, incorrect verification of SSL certificate with NUL in name MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3490 Oracle Linux 5 [1:1.1.2-3.el5.4] - fix CVE-CVE-2009-3379 Resolves: #532418 IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-3379 Oracle Linux 5 [2.2.3-31.0.1.el5_4.2] - replace index.html with Oracle's index page oracle_index.html - update vstring and distro in specfile [2.2.3-31.2] - add security fixes for CVE-2009-3094, CVE-2009-3095, CVE-2009-3555 (#534041) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 Oracle Linux 5 [1:1.6.0.0.0-1.7.b09.0.1.el5] - Add oracle-enterprise.patch [1:1.6.0-1.7.b09] - Fixed applying patches [1:1.6.0-1.6.b09] - Updated Release [1:1.6.0-1.5.b09] - Fixed Makefile patch [1:1.6.0-1.4.b09] - Updated release tag [1:1.6.0-1.3.b09] - Updated release IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-2409 CVE-2009-3728 CVE-2009-3869 CVE-2009-3871 CVE-2009-3873 CVE-2009-3874 CVE-2009-3875 CVE-2009-3876 CVE-2009-3877 CVE-2009-3879 CVE-2009-3880 CVE-2009-3881 CVE-2009-3882 CVE-2009-3883 CVE-2009-3884 Oracle Linux 5 [1:1.3.7-11:.4] - Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200). - Applied patch to fix CVE-2009-2820 (bug #529833, STR #3367, STR #3401). MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2820 CVE-2009-3553 Oracle Linux 5 [3.5.4-25.0.1.el5_4.1] - Remove Version branding - Maximum rpm trademark logos removed (pics/crystalsvg/*-mime-rpm*) in tarball [3.5.4-25.1] - bump release [3.5.4-22.2] - Resolves: #539716, CVE-2009-0689, kdelibs remote array overrun CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-0689 Oracle Linux 5 [0:2.7.1-7jpp.2.2] - Specifies target=1.3 for compilation Resolves: rhbz#526017 [0:2.7.1-7jpp.2.1] - Add patch for CVE-2009-2625 Resolves: rhbz#526017 MODERATE Copyright 2009 Oracle, Inc. CVE-2009-2625 Oracle Linux 5 [0.6.6-3.1] - removed . and ./plugins from module loading path (#538469) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3894 Oracle Linux 5 [30:9.3.6-4.P1.1] - don't cache unvalidated additional sections (#538744) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-4022 Oracle Linux 5 [1.95.8-8.3.2] - add security fix for CVE-2009-3560 (#531710) [1.95.8-8.3.1] - add security fix for CVE-2009-3720 (#531710) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3560 CVE-2009-3720 Oracle Linux 5 [1.0.4-9.el5_4.1] - Resolves: #515062 CVE-2009-4033 acpid: log file created with random permissions IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-4033 Oracle Linux 5 [1.5.22-7] - add fix for CVE-2009-3736, libltdl may load and execute code from a library in the current directory MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3736 Oracle Linux 5 [4.2.2p1-9.el5_4.1] - fix DoS with mode 7 packets (#532639, CVE-2009-3563) - compile with -fno-strict-aliasing MODERATE Copyright 2009 Oracle, Inc. CVE-2009-3563 Oracle Linux 5 [kvm-83-105.0.1.el5_4.13] - Add kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-105.el5_4.13] - kvm-kernel-KVM-x86-emulator-limit-instructions-to-15-bytes.patch [bz#541164] - Resolves: bz#541164 (CVE-2009-4031 kernel: KVM: x86 emulator: limit instructions to 15 bytes [rhel-5.4.z]) [kvm-83-105.el5_4.12] - kvm-virtio-blk-Stop-VM-on-read-errors.patch [bz#537334] - kvm-ide-Stop-VM-on-read-errors-respin.patch [bz#537334 bz#540406] - Resolves: bz#537334 (O/S Filesystem Corruption with RHEL-5.4 on a RHEV Guest) - Resolves: bz#540406 (RHEL5.4 VM image corruption with an IDE v-disk) [kvm-83-105.el5_4.11] - kvm-qcow2-Refactor-update_refcount-take-2.patch [bz#520693] - kvm-qcow2-Update-multiple-refcounts-at-once-take-2.patch [bz#520693] - kvm-Combined-patch-of-two-upstream-commits-the-second-fi-take-2.patch.patch [bz#520693] - kvm-alloc_cluster_link_l2-Write-complete-sectors-take-2.patch.patch [bz#520693] - kvm-update_refcount-Write-complete-sectors-take-2.patch [bz#520693] - Resolves: bz#520693 (Bad qcow2 performance with cache=off) [kvm-83-105.el5_4.10] - Update kversion to 2.6.18-164.6.1.el5 to match build root - kvm-kernel-get_tss_base_addr-should-return-gpa_t-type.patch [bz#532043] - kvm-kernel-KVM-VMX-Adjust-rflags-if-in-real-mode-emulation.patch [bz#532031] - kvm-kernel-KVM-When-switching-to-a-vm8086-task-load-segments-as.patch [bz#532031] - kvm-kernel-KVM-Fix-task-switch-back-link-handling-v2-including-.patch [bz#532031] - Resolves: bz#532031 (KVM does not implement proper support for hardware task linking when using vm8086 mode) - Resolves: bz#532043 (qemu aborted when restart 32bitwin23k with more than 4G mem in intel host.) MODERATE Copyright 2009 Oracle, Inc. CVE-2009-4031 Oracle Linux 5 [2.6.18-164.9.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb ( John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] [2.6.18-164.9.1.el5] - [x86] fix stale data in shared_cpu_map cpumasks (Prarit Bhargava) [545583 541953] [2.6.18-164.8.1.el5] - [xen] iommu-amd: extend loop ctr for polling completion wait (Bhavna Sarathy ) [539687 518474 526766] - [xen] iommu: add passthrough and no-intremap parameters (Bhavna Sarathy ) [539687 518474 526766] - [xen] iommu: enable amd iommu debug at run-time (Bhavna Sarathy ) [539687 518474 526766] - [xen] support interrupt remapping on M-C (Bhavna Sarathy ) [539687 518474 526766] - [xen] iommu: move iommu_setup() to setup ioapic correctly (Bhavna Sarathy ) [539687 518474 526766] - [net] bnx2x: add support for bcm8727 phy (Stanislaw Gruszka ) [540381 515716] - [x86] cpu: upstream cache fixes needed for amd m-c (Bhavna Sarathy ) [540469 526315] - [x86_64] set proc id and core id before calling fixup_dcm (Bhavna Sarathy) [540469 526315] - [x86] mce_amd: fix up threshold_bank4 creation (Bhavna Sarathy ) [540469 526315] - Revert: [net] sched: fix panic in bnx2_poll_work (John Feeney ) [539686 526481] - FP register state is corrupted during the handling a SIGSEGV (Chuck Anderson) [orabug 7708133] [2.6.18-164.7.1.el5] - [xen] fix numa on magny-cours systems (Bhavna Sarathy ) [539684 526051] - [xen] fix crash with memory imbalance (Bhavna Sarathy ) [539690 526785] - [net] sched: fix panic in bnx2_poll_work (John Feeney ) [539686 526481] - [acpi] prevent duplicate dirs in /proc/acpi/processor (Matthew Garrett ) [539692 537395] - [x86] fix boot crash with < 8-core AMD Magny-cours system (Bhavna Sarathy) [539682 522215] - [x86] support amd magny-cours power-aware scheduler fix (Bhavna Sarathy ) [539680 513685] - [x86] disable NMI watchdog on CPU remove (Prarit Bhargava ) [539691 532514] - [acpi] bm_check and bm_control update (Luming Yu ) [539677 509422] - [x86_64] amd: iommu system management erratum 63 fix (Bhavna Sarathy ) [539689 531469] - [net] bnx2i/cnic: update driver version for RHEL5.5 (Mike Christie ) [537014 516233] - [x86] fix L1 cache by adding missing break (Bhavna Sarathy ) [539688 526770] - [x86] amd: fix hot plug cpu issue on 32-bit magny-cours (Bhavna Sarathy ) [539688 526770] - [acpi] disable ARB_DISABLE on platforms where not needed (Luming Yu ) [539677 509422] - [fs] private dentry list to avoid dcache_lock contention (Lachlan McIlroy ) [537019 526612] - [scsi] qla2xxx: enable msi-x correctly on qlogic 2xxx series (Marcus Barrow ) [537020 531593] - [apic] fix server c1e spurious lapic timer events (Bhavna Sarathy ) [539681 519422] - [net] netlink: fix typo in initialization (Jiri Pirko ) [528872 527906] - [x86] set cpu_llc_id on AMD CPUs (Bhavna Sarathy ) [539678 513684] - [x86] fix up threshold_bank4 support on AMD Magny-cours (Bhavna Sarathy ) [539678 513684] - [x86] fix up L3 cache information for AMD Magny-cours (Bhavna Sarathy ) [539678 513684] - [x86] amd: fix CPU llc_shared_map information (Bhavna Sarathy ) [539678 513684] - [nfs] v4: fix setting lock on open file with no state (Jeff Layton ) [533114 533115] {CVE-2009-3726} - [misc] futex priority based wakeup (Jon Thomas ) [533858 531552] - [dlm] use GFP_NOFS on all lockspaces (David Teigland ) [533859 530537] - [drm] r128: check for init on all ioctls that require it (Danny Feng ) [529602 529603] {CVE-2009-3620} - [scsi] mpt: errata 28 fix on LSI53C1030 (Tomas Henzl ) [529308 518689] - [x86] add ability to access Nehalem uncore config space (John Villalovos ) [539675 504330] - [net] AF_UNIX: deadlock on connecting to shutdown socket (Jiri Pirko ) [529630 529631] {CVE-2009-3621} - [fs] inotify: remove debug code (Danny Feng ) [533822 499019] - [fs] inotify: fix race (Danny Feng ) [533822 499019] - [audit] dereferencing krule as if it were an audit_watch (Alexander Viro ) [533861 526819] - [mm] fix spinlock performance issue on large systems (John Villalovos ) [539685 526078] - [x86] finish sysdata conversion (Danny Feng ) [537346 519633] - [pci] pciehp: fix PCIe hotplug slot detection (Michal Schmidt ) [530383 521731] - [x86] oprofile: support arch perfmon (John Villalovos ) [539683 523479] - [x86] oprofile: fix K8/core2 on multiple cpus (John Villalovos ) [539683 523479] - [x86] oprofile: utilize perf counter reservation (John Villalovos ) [539683 523479] - [pci] avoid disabling acpi to use non-core PCI devices (Mauro Carvalho Chehab ) [539675 504330] - [misc] support Intel multi-APIC-cluster systems (Prarit Bhargava ) [539676 507333] - [x86] suspend-resume: work on large logical CPU systems (John Villalovos ) [539674 499271] IMPORTANT Copyright 2009 Oracle, Inc. CVE-2009-3612 CVE-2009-3620 CVE-2009-3621 CVE-2009-3726 Oracle Linux 5 firefox: [3.0.16-1.0.1.el5_4] - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding Red Hat ones [3.0.16-1] - Update to 3.0.16 xulrunner: [1.9.0.16-2.0.1.el5_4] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.0.16-2] - Rebuild due to Mozilla's respin [1.9.0.16-1] - Update to 1.9.0.16 CRITICAL Copyright 2009 Oracle, Inc. CVE-2009-3979 CVE-2009-3981 CVE-2009-3983 CVE-2009-3984 CVE-2009-3985 CVE-2009-3986