Oracle Errata System Oracle Linux 5.3 2010-12-09T00:00:00 Oracle Linux 5 [0.8.4-4.2] - Use system expat library Resolves: #531852 [0.8.4-4.1] - Fix buffer over read Resolves: #531852 MODERATE Copyright 2010 Oracle, Inc. CVE-2009-3720 Oracle Linux 5 [2.0.33-9.4.el5_4.2] - rpmdiff fixes - Resolves: #541632 [2.0.33-9.4.el5_4.1] - security fixes - CVE-2009-3546 gd: insufficient input validation in _gdGetColors() MODERATE Copyright 2010 Oracle, Inc. CVE-2009-3546 Oracle Linux 5 [1.1.2-12.el5_4.1] - CVE-2009-1189 dbus: invalid fix for CVE-2008-3834 MODERATE Copyright 2010 Oracle, Inc. CVE-2009-1189 Oracle Linux 5 [2.6.18-164.10.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb ( John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - FP register state is corrupted during the handling a SIGSEGV (Chuck Anderson) [orabug 7708133] [2.6.18-164.10.1.el5] - [net] e1000, r9169: fix rx length check errors (Cong Wang ) [550914 550915] - [net] e1000e: fix rx length check errors (Amerigo Wang ) [551222 551223] - [net] ipv6: fix ipv6_hop_jumbo remote system crash (Amerigo Wang ) [548642 548643] {CVE-2007-4567} IMPORTANT Copyright 2010 Oracle, Inc. CVE-2007-4567 CVE-2009-4536 CVE-2009-4537 CVE-2009-4538 Oracle Linux 5 [1.6.1-36.el5_4.1] - add candidate patch to correct KDC integer overflows which could be triggered by malformed RC4 and AES ciphertexts (CVE-2009-4212, #546347) CRITICAL Copyright 2010 Oracle, Inc. CVE-2009-4212 Oracle Linux 5 [4.1.2-46.el5_4.2] - fix libjava to avoid opening *.la/dlopening *.so files from current working directory or subdirectories thereof (#545672, CVE-2009-3736) MODERATE Copyright 2010 Oracle, Inc. CVE-2009-3736 Oracle Linux 5 [5.1.6-24.5] - add security fix for CVE-2009-4142 (#543469) [5.1.6-24.4] - build fix pdo_mysql on biarch systems (#543469) [5.1.6-24.3] - add security fixes for CVE-2009-2687, CVE-2009-3291, CVE-2009-3292, CVE-2009-3546 CVE-2009-4017 (#541597) - add build fix for mysqli on some biarch systems (#543469) MODERATE Copyright 2010 Oracle, Inc. CVE-2009-2687 CVE-2009-3291 CVE-2009-3292 CVE-2009-3546 CVE-2009-4017 CVE-2009-4142 Oracle Linux 5 [2.6.18-164.11.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb ( John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - FP register state is corrupted during the handling a SIGSEGV (Chuck Anderson) [orabug 7708133] [2.6.18-164.11.1.el5] - [firewire] ohci: handle receive packets with zero data (Jay Fenlason) [547241 547242] {CVE-2009-4138} - [x86] sanity check for AMD northbridges (Andrew Jones) [549905 547518] - [x86_64] disable vsyscall in kvm guests (Glauber Costa) [550968 542612] - [fs] ext3: replace lock_super with explicit resize lock (Eric Sandeen) [549908 525100] - [fs] respect flag in do_coredump (Danny Feng) [544188 544189] {CVE-2009-4036} - [gfs2] make O_APPEND behave as expected (Steven Whitehouse) [547521 544342] - [fs] hfs: fix a potential buffer overflow (Amerigo Wang) [540740 540741] {CVE-2009-4020} - [fuse] prevent fuse_put_request on invalid pointer (Danny Feng) [538736 538737] {CVE-2009-4021} - [mm] call vfs_check_frozen after unlocking the spinlock (Amerigo Wang) [548370 541956] - [infiniband] init neigh->dgid.raw on bonding events (Doug Ledford) [543448 538067] - [scsi] gdth: prevent negative offsets in ioctl (Amerigo Wang) [539420 539421] {CVE-2009-3080} - [fs] gfs2: fix glock ref count issues (Steven Whitehouse) [544978 539240] - [net] call cond_resched in rt_run_flush (Amerigo Wang) [547530 517588] - [scsi] megaraid: fix sas permissions in sysfs (Casey Dahlin) [537312 537313] {CVE-2009-3889 CVE-2009-3939} - [ia64] kdump: restore registers in the stack on init (Takao Indoh ) [542582 515753] - [x86] kvm: don't ask HV for tsc khz if not using kvmclock (Glauber Costa ) [537027 531268] - [net] sched: fix panic in bnx2_poll_work (John Feeney ) [539686 526481] - [x86_64] fix 32-bit process register leak (Amerigo Wang ) [526797 526798] - [cpufreq] add option to avoid smi while calibrating (Matthew Garrett ) [537343 513649] - [kvm] use upstream kvm_get_tsc_khz (Glauber Costa ) [540896 531025] - [net] fix unbalance rtnl locking in rt_secret_reschedule (Neil Horman ) [549907 510067] - [net] r8169: imporved rx length check errors (Neil Horman ) [552913 552438] - [scsi] lpfc: fix FC ports offlined during target controller faults (Rob Evers ) [549906 516541] - [net] emergency route cache flushing fixes (Thomas Graf ) [545662 545663] {CVE-2009-4272} - [fs] fasync: split 'fasync_helper()' into separate add/remove functions (Danny Feng ) [548656 548657] {CVE-2009-4141} - [scsi] qla2xxx: NPIV vport management pseudofiles are world writable (Tom Coughlan ) [537317 537318] {CVE-2009-3556} IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-2910 CVE-2009-3080 CVE-2009-3556 CVE-2009-3889 CVE-2009-3939 CVE-2009-4020 CVE-2009-4021 CVE-2009-4138 CVE-2009-4141 CVE-2009-4272 CVE-2006-6304 Oracle Linux 5 [0.9.8e-12.1] - fix CVE-2009-2409 - drop MD2 algorithm from EVP tables (#510197) - fix CVE-2009-4355 - do not leak memory when CRYPTO_cleanup_all_ex_data() is called prematurely by application (#546707) MODERATE Copyright 2010 Oracle, Inc. CVE-2009-2409 CVE-2009-4355 Oracle Linux 5 [1.3.5-11.0.1.el5_4.1] - Updated description in specfile to be product neutral [1.3.5-11:.1] - Added fix for CVE-2010-0001: (64 bit) Integer underflow by decompressing LZW format files Resolves: rhbz#555088 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0001 Oracle Linux 5 [30:9.3.6-4.P1.2] - NSEC validation code could cause wrong NXDOMAIN responses (#554851, CVE-2010-0097) - improve fix for CVE-2009-4022 (#538744) - {C,D}NAMEs could be returned to clients without proper DNSSEC validation - don't validate + cache out-of-bailiwick data returned with a secure answer. Refetch it instead. MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0097 CVE-2010-0290 CVE-2010-0382 Oracle Linux 5 [kvm-83-105.0.1.el5_4.22] - Add kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-105.el5_4.22] - kvm-CVE-2010-0297-usb-linux.c-fix-buffer-overflow.patch [bz#560769] - Resolves: bz#560769 (CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow [rhel-5.4.z]) [kvm-83-105.el5_4.21] - kvm-kernel-KVM-introduce-kvm_read_guest_virt-kvm_write_guest_vi.patch [bz#559093] - kvm-kernel-KVM-remove-the-vmap-usage.patch [bz#559093] - kvm-kernel-KVM-Use-kvm_-read-write-_guest_virt-to-read-and-writ.patch [bz#559093] - kvm-kernel-KVM-fix-memory-access-during-x86-emulation.patch [bz#559093] - kvm-kernel-Check-IOPL-level-during-io-instruction-emulation.patch [bz#560697] - kvm-kernel-Fix-popf-emulation.patch [bz#560697] - kvm-kernel-Check-CPL-level-during-privilege-instruction-emulati.patch [bz#560697] - kvm-kernel-KVM-PIT-control-word-is-write-only.patch [bz#560888] - Resolves: bz#559093 (EMBARGOED CVE-2010-0298 kvm: emulator privilege escalation [rhel-5.4.z]) - Resolves: bz#560697 (EMBARGOED CVE-2010-0306 kvm: emulator privilege escalation IOPL/CPL level check [rhel-5.4.z]) - Resolves: bz#560888 (CVE-2010-0309 kvm: cat /dev/port in guest cause the host hang [rhel-5.4.z]) [kvm-83-105.el5_4.20] - Updated kversion to 2.6.18-164.11.1.el5 to match build root - kvm-qemu-add-routines-for-atomic-16-bit-accesses.patch [bz#561022] - kvm-qemu-virtio-atomic-access-for-index-values.patch [bz#561022] - Resolves: bz#561022 (QEMU terminates without warning with virtio-net and SMP enabled) [kvm-83-105.el5_4.19] - Updated kversion to 2.6.18-164.10.1.el5 to match build root - kvm-Fix-VDI-audio-stop.patch [bz#552519] - Resolves: bz#552519 (KVM : QEMU-Audio attempting to stop unactivated audio device (snd_playback_stop: ASSERT playback_channel->base.active failed).) [kvm-83-105.el5_4.18] - kvm-Fix-a-race-in-the-device-that-cuased-guest-stack-on-.patch [bz#553249] - Resolves: bz#553249 (hypercall device - Vm becomes non responsive on Sysmark benchmark (when more than 7 vm's running simultaneously)) [kvm-83-105.el5_4.17] - kvm-kernel-KVM-x86-make-double-triple-fault-promotion-generic-t.patch [bz#552518] - kvm-kernel-KVM-x86-raise-TSS-exception-for-NULL-CS-and-SS-segme.patch [bz#552518] - Resolves: bz#552518 (Rhev-Block driver causes 'unhandled vm exit' with 32bit win2k3r2sp2 Guest VM on restart) - kvm-RHEL-5.X-5.4.Z-Makefile-fix-ksm-dir-has-no-ARCH-pref.patch [bz#552530] - Resolves: bz#552530 (Build tree for RHEL 5.X and RHEL 5.4.z contains build bugs) [kvm-83-105.el5_4.16] - kvm-savevm-add-version_id-to-all-savevm-functions.patch [bz#552529] - kvm-We-need-current-machine-defined-sooner.patch [bz#552529] - kvm-Add-support-for-DeviceVersion-to-machine-type.patch [bz#552529] - kvm-Add-machine-name-alias-support.patch [bz#552529] - kvm-Introduce-rhel5.4.0-machine-type.patch [bz#552529] - kvm-Introduce-rhel-5.4.4-machine-type.patch [bz#552529] - kvm-cpu-for-x86-don-t-save-new-fields-if-version-8.patch [bz#552529] - kvm-RHEL5.4-needs-cpu-at-version-7.patch [bz#552529] - kvm-RHEL-5.4.0-don-t-have-kvmclock.patch [bz#552529] - kvm-make-5.4.0-machine-the-default.patch [bz#552529] - kvm-make-pc-an-alias-of-rhel5.4.0.patch [bz#552529] - Resolves: bz#552529 (kvm: migration: mechanism to make older savevm versions to be emitted on some cases) [kvm-83-105.el5_4.15] - kvm-The-driver-device-pair-does-not-have-a-reset-option-.patch [bz#552528] - kvm-1-The-driver-device-pair-does-not-have-a-reset-option].patch [bz#552528] - Resolves: bz#552528 (Hypercall driver doesn't reset device on power-down) [kvm-83-105.el5_4.14] - Updated kversion to 2.6.18-164.9.1.el5 to match build root - kmod: filter only known non-whitelisted symbols [bz#547293] - Resolves: bz#547293 (kvm kmod package should filter only some specific ksym dependencies) - kvm-kernel-KERNEL-v2-allow-userspace-to-adjust-kvmclock-offset.patch [bz#537028] - kvm-kernel-KVM-MMU-remove-prefault-from-invlpg-handler.patch [bz#548368] - Resolves: bz#537028 (pvclock msr values are not preserved across remote migration) - Resolves: bz#548368 (BSOD BAD_POOL_HEADER STOP 0x19 during boot of Windows Server 2008 R2 installer) - kvm-fix-kvm_arch_save_regs-MSR_COUNT.patch [bz#537028] - kvm-properly-save-kvm-system-time-msr-registers.patch [bz#537028] - kvm-get-and-set-clock-upon-migration.patch [bz#537028] - kvm-slirp-Reassign-same-address-to-same-DHCP-client.patch [bz#546562] - kvm-Fix-race-between-migration-and-cpu-main-loop.patch [bz#546563] - kvm-Make-SMBIOS-pass-MS-SVVP-test.patch [bz#545874] - kvm-fix-rtc-td-hack-on-host-without-high-res-timers.patch [bz#547625] - kvm-qcow2-Fix-grow_refcount_table-error-handling.patch [bz#552159] - Resolves: bz#537028 (pvclock msr values are not preserved across remote migration) - Resolves: bz#545874 (Need to generate SMBIOS table 4 data for windows guests) - Resolves: bz#546562 (Windows XP unattended install doesn't get an IP address after rebooting, if using -net user) - Resolves: bz#546563 (Windows Server 2008 R2 shutdown hangs after restore from migration) - Resolves: bz#547625 (time drift in win2k364 KVM guest) - Resolves: bz#552159 (qcow2: infinite recursion on grow_refcount_table() error handling) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0297 CVE-2010-0298 CVE-2010-0306 CVE-2010-0309 Oracle Linux 5 [1:0.7.0-9.el5_4] - Ensure a connection is not used after its CA certificate has been deleted - Resolves: CVE-2009-4144 - Fix possible information disclosure by nm-connection-editor - Resolves: CVE-2009-4145 MODERATE Copyright 2010 Oracle, Inc. CVE-2009-4144 CVE-2009-4145 Oracle Linux 5 [5.0.77-4.2] - Add fixes for CVE-2009-4019, CVE-2009-4028, CVE-2009-4030 Resolves: #556505 - Use non-expired certificates for SSL testing (upstream bug 50702) - Emit explicit error message if user tries to build RPM as root - Add comment suggesting disabling symbolic links in /etc/my.cnf MODERATE Copyright 2010 Oracle, Inc. CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 Oracle Linux 5 firefox: [3.0.18-1.0.1.el5_4] - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding RedHat ones [3.0.18-1] - Update to 3.0.18 xulrunner: [1.9.0.18-1.0.1.el5_4] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.0.18-1] - Update to 1.9.0.18 CRITICAL Copyright 2010 Oracle, Inc. CVE-2009-1571 CVE-2009-3988 CVE-2010-0159 CVE-2010-0160 CVE-2010-0162 CVE-2010-0167 CVE-2010-0169 CVE-2010-0171 Oracle Linux 5 [1.6.9p17-6] - added patches for CVE-2010-0426 and CVE-2010-0427 Resolves: #567689 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0426 CVE-2010-0427 Oracle Linux 5 [0.9.7-5.3] - rhbz556564-2: CVE-2009-4273 cont'd aka CVE-2010-0412 - rhbz559719: CVE-2010-0411 - pr11286: stap-client --server operation [0.9.7-5.2] - rhbz556564: CVE-2009-4273 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-4273 CVE-2010-0411 Oracle Linux 5 [kvm-83-105.0.1.el5_4.27] - Add kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-105.el5_4.27] - kvm-kernel-KVM-VMX-Check-cpl-before-emulating-debug-register-ac.patch [bz#563516] - Resolves: bz#563516 (KVM: Check cpl before emulating debug register access [rhel-5.4.z]) [kvm-83-105.el5_4.26] - kvm-kernel-KVM-Don-t-check-access-permission-when-loading-segme.patch [bz#563464] - kvm-kernel-KVM-Disable-move-to-segment-registers-and-jump-far-i.patch [bz#563464] - Resolves: bz#563464 (EMBARGOED CVE-2010-0419 kvm: emulator privilege escalation segment selector check [rhel-5.4.z]) [kvm-83-105.el5_4.25] - kvm-virtio-blk-Fix-reads-turned-into-writes-after-read-e.patch [bz#562776] - kvm-virtio-blk-Handle-bdrv_aio_read-write-NULL-return.patch [bz#562776] - Resolves: bz#562776 (Guest image corruption after RHEV-H update to 5.4-2.1.3.el5_4rhev2_1) [kvm-83-105.el5_4.24] - Apply bz#561022 patches again (undo the reverts from kvm-83-105.el5_4.23) - kvm-qemu-add-routines-for-atomic-16-bit-accesses-take-2.patch [bz#561022] - kvm-qemu-virtio-atomic-access-for-index-values-take-2.patch [bz#561022] - Resolves: bz#561022 (QEMU terminates without warning with virtio-net and SMP enabled) [kvm-83-105.el5_4.23] - Revert bz#561022 patches by now, until they get better testing - kvm-Revert-qemu-virtio-atomic-access-for-index-values.patch [bz#561022] - kvm-Revert-qemu-add-routines-for-atomic-16-bit-accesses.patch [bz#561022] - Related: bz#561022 (QEMU terminates without warning with virtio-net and SMP enabled) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-3722 CVE-2010-0419 Oracle Linux 5 [1:1.3.7-11:.6] - Applied patch for CVE-2010-0302 (incomplete fix for CVE-2009-3553, bug #557775). MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0302 Oracle Linux 5 [1.14.9-8.el5] - Updated synthetic-gdef patch - Resolves: #559169 [1.14.9-7.el5] - Add synthetic-gdef patch - Resolves: #559169 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0421 Oracle Linux 5 [2:1.15.1-23.0.1.2] - CVE-2007-4476 - fix stack crashing in safer_name_suffix - CVE-2010-0624 - fix heap-based buffer overflow by expanding a specially-crafted archive MODERATE Copyright 2010 Oracle, Inc. CVE-2007-4476 CVE-2010-0624 Oracle Linux 5 [2.6-23.1] - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-crafted archive - CVE-2007-4476 fix stack crashing in safer_name_suffix MODERATE Copyright 2010 Oracle, Inc. CVE-2007-4476 CVE-2010-0624 Oracle Linux 5 [2.6.18-164.15.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb ( John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258] - [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - FP register state is corrupted during the handling a SIGSEGV (Chuck Anderson) [orabug 7708133] - [x86_64] PCI space below 4GB forces mem remap above 1TB (Larry Woodman) [523522] - [cpufreq] P-state limit: limit can never be increased (Stanislaw Gruszka) [489566] - [rds] patch rds to 4.0-ora-1.4.2-10 (Andy Grover, Tina Yang) [orabug 9168046] [RHBZ 546374] [2.6.18-164.15.1.el5] - [net] sctp: backport cleanups for ootb handling V2 (Neil Horman) [555666 555667] {CVE-2010-0008} - Reverting: [net] sctp: backport cleanups for ootb handling (Neil Horman) [555666 555667] {CVE-2010-0008} [2.6.18-164.14.1.el5] - [fs] ext4: Avoid null pointer dereference when decoding EROFS w/o a journal (Jiri Pirko) [547256 547257] {CVE-2009-4308} - [net] sctp: backport cleanups for ootb handling (Neil Horman) [555666 555667] {CVE-2010-0008} - [mm] fix sys_move_pages infoleak (Eugene Teo) [562589 562590] {CVE-2010-0415} - [x86_64] wire up compat sched_rr_get_interval (Danny Feng) [557684 557092] - [net] netfilter: enforce CAP_NET_ADMIN in ebtables (Danny Feng) [555242 555243] {CVE-2010-0007} - [misc] fix kernel info leak with print-fatal-signals=1 (Danny Feng) [554583 554584] {CVE-2010-0003} - [net] ipv6: fix OOPS in ip6_dst_lookup_tail (Thomas Graf) [559238 552354] - [kvm] pvclock on i386 suffers from double registering (Glauber Costa) [561454 557095] - [pci] VF can't be enabled in dom0 (Don Dutile) [560665 547980] - [kvm] kvmclock won't restore properly after resume (Glauber Costa) [560640 539521] - [mm] prevent performance hit for 32-bit apps on x86_64 (Larry Woodman) [562746 544448] - [fs] fix possible inode corruption on unlock (Eric Sandeen) [564281 545612] - [gfs2] careful unlinking inodes (Steven Whitehouse ) [564288 519049] - [gfs2] gfs2_delete_inode failing on RO filesystem (Abhijith Das ) [564290 501359] [2.6.18-164.13.1.el5] - [net] e1000e: fix broken wol (Andy Gospodarek) [559335 557974] - [net] gro: fix illegal merging of trailer trash (Herbert Xu) [561417 537876] - [xen] hook sched rebalance logic to opt_hardvirt (Christopher Lalancette ) [562777 529271] - [xen] crank the correct stat in the scheduler (Christopher Lalancette ) [562777 529271] - [xen] whitespace fixups in xen scheduler (Christopher Lalancette ) [562777 529271] - [scsi] cciss: ignore stale commands after reboot (Tomas Henzl ) [562772 525440] - [scsi] cciss: version change (Tomas Henzl ) [562772 525440] - [scsi] cciss: switch to using hlist (Tomas Henzl ) [562772 525440] - [net] bonding: allow bond in mode balance-alb to work (Jiri Pirko ) [560588 487763] - [net] e1000e: fix WoL on 82577/82578 (Jiri Pirko ) [543449 517593] [2.6.18-164.12.1.el5] - [net] e1000: fix rx length check errors (Neil Horman) [552137 552138] {CVE-2009-4536} - Revert: [net] e1000, r9169: fix rx length check errors (Cong Wang ) [550914 550915] - [fs] jbd: fix race in slab creation/deletion (Josef Bacik) [553132 496847] IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0008 CVE-2010-0415 CVE-2010-0437 Oracle Linux 5 [0.9.8e-12.6] - fix CVE-2009-3245 - add missing bn_wexpand return checks (#570924) [0.9.8e-12.5] - fix CVE-2010-0433 - do not pass NULL princ to krb5_kt_get_entry which in the RHEL-5 and newer versions will crash in such case (#569774) [0.9.8e-12.4] - do not disable SSLv2 in the renegotiation patch - SSLv2 does not support renegotiation - allow unsafe renegotiation on clients with SSL_OP_LEGACY_SERVER_CONNECT [0.9.8e-12.3] - mention the RFC5746 in the CVE-2009-3555 doc [0.9.8e-12.2] - fix CVE-2009-3555 - support the safe renegotiation extension and do not allow legacy renegotiation on the server by default (#533125) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-3245 CVE-2009-3555 CVE-2010-0433 Oracle Linux 5 [0.9.7a-9.2] - CVE-2009-3555 - support the secure renegotiation RFC (#533125) MODERATE Copyright 2010 Oracle, Inc. CVE-2009-3555 Oracle Linux 5 nspr: [4.8.4-1] - Update to NSPR 4.8.4 nss: [3.12.6-1.0.1.el5_4] - Update clean.gif in the nss-3.12.6-stripped.tar.bz2 tarball [3.12.6-1] - Update to 3.12.6 [3.12.5.99-1.2] - Fix an unsatified tools runtime dependency [3.12.5.99-1.1] - Preserve file attributes and include some test cleanup [3.12.5.99-1] - Update to NSS_3_12_6_RC1 [3.12.3.99.3-1.el5_3.4] - CVE-2009-3555 (bug 543536) MODERATE Copyright 2010 Oracle, Inc. CVE-2009-3555 Oracle Linux 5 [1.4.1-3.8] - fix safe renegotiation on SSL3 protocol [1.4.1-3.7] - implement safe renegotiation - CVE-2009-3555 (#533125) - do not allow MD2 in certificate signatures by default - CVE-2009-2409 (#510197) MODERATE Copyright 2010 Oracle, Inc. CVE-2009-2409 CVE-2009-3555 Oracle Linux 5 [2.2.3-31.0.1.el5_4.4] - Replace index.html with Oracle's index page oracle_index.html - Update vstring and distro in specfile [2.2.3-31.4] - require and BR a version of OpenSSL with the secure reneg API (#567980) [2.2.3-31.3] - mod_ssl: add SSLInsecureRenegotiation (#567980) - add security fixes for CVE-2010-0408, CVE-2010-0434 (#570440) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0408 CVE-2010-0434 Oracle Linux 5 [2.6.18-194.el5] - [net] mlx4: pass attributes down to vlan interfaces (Doug Ledford) [573098] - [block] cfq-iosched: fix sequential read perf regression (Jeff Moyer) [571818] [2.6.18-193.el5] - [fs] gfs2: locking fix for potential dos (Steven Whitehouse) [572390] {CVE-2010-0727} - [acpi] power_meter: avoid oops on driver load (Matthew Garrett) [566575] - [net] r8169: fix assignments in backported net_device_ops (Ivan Vecera) [568040] - [net] virtio_net: refill rx buffer on out-of-memory (Herbert Xu) [554078] [2.6.18-192.el5] - [cpu] fix amd l3 cache disable functionality (Jarod Wilson) [517586] - [misc] backport upstream strict_strto* functions (Jarod Wilson) [517586] - [wireless] rt2x00: fix work cancel race conditions (Stanislaw Gruszka) [562972] - [net] igb: fix DCA support for 82580 NICs (Stefan Assmann) [513712] - Revert: [ia64] kdump: fix a deadlock while redezvousing (Neil Horman) [506694] - [block] cfq: kick busy queues w/o waiting for merged req (Jeff Moyer) [570814] - [fs] cifs: max username len check in setup does not match (Jeff Layton) [562947] - [fs] cifs: CIFS shouldnt make mountpoints shrinkable (Jeff Layton) [562947] - [fs] cifs: fix dentry hash for case-insensitive mounts (Jeff Layton) [562947] - [fs] cifs: fix len for converted unicode readdir names (Jeff Layton) [562947] - [x86_64] xen: fix missing 32-bit syscalls on 64-bit Xen (Christopher Lalancette) [559410] - [fs] gfs2: fix kernel BUG when using fiemap (Abhijith Das) [569610] - [net] sctp: backport cleanups for ootb handling (Neil Horman) [555667] {CVE-2010-0008} - [xen] vtd: ignore unknown DMAR entries (Don Dugger) [563900] [2.6.18-191.el5] - [wireless] iwlwifi: fix dual band N-only use on 5x00 (Stanislaw Gruszka) [566696] - [net] be2net: critical bugfix from upstream (Ivan Vecera) [567718] - [net] tg3: fix 5717 and 57765 asic revs panic under load (John Feeney) [565964] - [net] bnx2x: use single tx queue (Stanislaw Gruszka) [567979] - [net] igb: fix WoL initialization when disabled in eeprom (Stefan Assmann) [564102] - [net] igb: fix warning in igb_ethtool.c (Stefan Assmann) [561076] - [net] s2io: restore ability to tx/rx vlan traffic (Neil Horman) [562732] - [net] ixgbe: stop unmapping DMA buffers too early (Andy Gospodarek) [568153] - [net] e1000e: disable NFS filtering capabilites in ICH hw (Andy Gospodarek) [558809] - [net] bnx2: update firmware and version to 2.0.8 (Andy Gospodarek) [561578] - [net] mlx4: fix broken SRIOV code (Doug Ledford) [567730] - [net] mlx4: pass eth attributes down to vlan interfaces (Doug Ledford) [557109] - [x86_64] fix missing 32 bit syscalls on 64 bit (Wade Mealing) [559410] - [s390] zcrypt: Do not remove coprocessor on error 8/72 (Hendrik Brueckner) [561067] - [misc] usb-serial: add support for Qualcomm modems (Pete Zaitcev) [523888] - [scsi] mpt2sas: fix missing initialization (Tomas Henzl) [565637] - [i386] mce: avoid deadlocks during MCE broadcasts (Prarit Bhargava) [562862] - [x86_64] k8: do not mark early_is_k8_nb as __init (Paolo Bonzini) [567275] - [ia64] kdump: fix a deadlock while redezvousing (Neil Horman) [506694] - [dm] raid45: constructor error path oops fix (Heinz Mauelshagen) [565494] - [mm] prevent severe performance degradation hang fix (Dave Anderson) [544448] - [net] cxgb3: memory barrier addition fixup (Steve Best) [561957] [2.6.18-190.el5] - [x86_64] mce: avoid deadlocks during MCE broadcasts (Prarit Bhargava) [562866] - [scsi] device_handler: add netapp to alua dev list (Mike Christie) [562080] - [misc] wacom: add Intuos4 support (Don Zickus) [502708] - [scsi] be2iscsi: fix eh bugs and enable new hw support (Mike Christie) [564145] - [net] ixgbe: initial support of ixgbe PF and VF drivers (Andy Gospodarek) [525577] - [fs] ext4: avoid divide by 0 when mounting corrupted fs (Eric Sandeen) [547253] - [net] bnx2x: update to 1.52.1-6 firmware (Stanislaw Gruszka) [560556] - [net] bnx2x: update to 1.52.1-6 (Stanislaw Gruszka) [560556] - [misc] hvc_iucv: alloc send/receive buffers in DMA zone (Hendrik Brueckner) [566202] - [net] ixgbe: prevent speculatively processing descriptors (Steve Best) [566309] - [fs] fix randasys crashes x86_64 systems regression (Peter Bogdanovic) [562857] - [scsi] fix bugs in fnic and libfc (Mike Christie) [565594] - [net] tg3: fix 57765 LED (John Feeney) [566016] - [net] tg3: fix race condition with 57765 devices (John Feeney) [565965] - [fs] gfs2: use correct GFP for alloc page on write (Steven Whitehouse) [566221] - [scsi] lpfc: update version for 8.2.0.63.3p release (Rob Evers) [564506] - [scsi] lpfc: fix driver build issues in rhel5.5 (Rob Evers) [564506] - [scsi] lpfc: relax event queue field checking (Rob Evers) [564506] - [scsi] lpfc: implement the PORT_CAPABITIES mailbox cmd (Rob Evers) [564506] - [scsi] lpfc: fix a merge issue (Rob Evers) [564506] - [scsi] lpfc: Add support for new SLI features (Rob Evers) [564506] - [scsi] lpfc: Add support for 64-bit PCI BAR region 0 (Rob Evers) [564506] - [nfs] fix a deadlock in the sunrpc code (Steve Dickson) [548846] - [fs] ecryptfs: fix metadata in xattr feature regression (Eric Sandeen) [553670] - [scsi] qla2xxx: return FAILED if abort command fails (Rob Evers) [559972] - [virtio] fix module loading for virtio-balloon module (Anthony Liguori) [564361] - [mm] xen: make mmap() with PROT_WRITE (Andrew Jones) [562761] - [hwmon] w83627hf: fix data to platform_device_add_data (Dean Nelson) [557172] - [hwmon] smsc47m1: fix data to platform_device_add_data (Dean Nelson) [560944] - [hwmon] it87: fix sio_data to platform_device_add_data (Dean Nelson) [559950] - [hwmon] f71805f: fix sio_data to platform_device_add_data (Dean Nelson) [564399] - [base] make platform_device_add_data accept const pointer (Dean Nelson) [557172 559950 560944 564399] - [net] forcedeth: fix putting system into S4 (Matthew Garrett) [513203] - [net] netfilter: allow changing queue length via netlink (Steve Best) [562945] - [mm] i386: fix iounmaps use of vm_structs size field (Danny Feng) [549465] - [ppc] fix sched while atomic error in alignment handler (Steve Best) [543637] - [pci] aer: disable advanced error reporting by default (Prarit Bhargava) [559978] - [s390] qeth: set default BLKT settings by OSA hw level (Hendrik Brueckner) [559621] - [net] e1000e: fix deadlock unloading module on some ICH8 (Andy Gospodarek) [555818] - [misc] rwsem: fix a bug in rwsem_is_locked() (Amerigo Wang) [526092] - [s390] clear high-order bits after switch to 64-bit mode (Hendrik Brueckner) [546302] [2.6.18-189.el5] - [net] wireless fixes from 2.6.32.7 (John Linville) [559711] - [net] wireless fixes from 2.6.32.4 (John Linville) [559711] - [net] wireless fixes through 2.6.32.3 (John Linville) [559711] - [net] wireless fixes from 2.6.32.2 (John Linville) [559711] [2.6.18-188.el5] - [net] be2net: latest bugfixes from upstream for rhel5.5 (Ivan Vecera) [561322] - [infiniband] fix bitmask handling from QP control block (Steve Best) [561953] - [infiniband] fix issue w/sleep in interrupt ehca handler (Steve Best) [561952] - [char] ipmi: fix ipmi_watchdog deadlock (Tony Camuso) [552675] - [net] cnic: additional fixes for rhel5.5 update (Mike Christie) [517378] - [net] cxgb3: add memory barriers (Steve Best) [561957] - [fs] nfsv4: distinguish expired from stale stateid (Wade Mealing) [514654] - [net] igb: fix msix_other interrupt masking (Stefan Assmann) [552348] - [net] niu: fix deadlock when using bonding (Andy Gospodarek) [547943] - [x86] xen: invalidate dom0 pages before starting guest (Christopher Lalancette) [466681] - [cpufreq] powernow-k8: fix crash on AMD family 0x11 procs (Bhavna Sarathy) [555180] - [misc] ptrace: PTRACE_KILL hangs in 100% cpu loop (Vitaly Mayatskikh) [544138] - [scsi] megaraid: fix 32-bit apps on 64-bit kernel (Tomas Henzl) [518243] - [misc] fix APIC and TSC reads for guests (Prarit Bhargava) [562006] - [mm] fix sys_move_pages infoleak (Eugene Teo) [562590] {CVE-2010-0415} - [fs] aio: fix .5% OLTP perf regression from eventfd (Jeff Moyer) [548565] - [net] sky2: fix initial link state errors (Andy Gospodarek) [559329] - [x86_64] wire up compat sched_rr_get_interval (Danny Feng) [557092] - [net] netfilter: enforce CAP_NET_ADMIN in ebtables (Danny Feng) [555243] {CVE-2010-0007} - [misc] fix kernel info leak with print-fatal-signals=1 (Danny Feng) [554584] {CVE-2010-0003} - [fs] gfs2: dont withdraw on partial rindex entries (Benjamin Marzinski) [553447] - [net] ipv6: fix OOPS in ip6_dst_lookup_tail (Thomas Graf) [552354] - [misc] khungtaskd: set PF_NOFREEZE flag to fix suspend (Amerigo Wang) [550014] - [block] loop: fix aops check for GFS (Josef Bacik) [549397] [2.6.18-187.el5] - [misc] EDAC driver fix for non-MMCONFIG systems (Bhavna Sarathy) [550123] - [misc] audit: fix breakage and leaks in audit_tree.c (Alexander Viro) [549750] - [mm] prevent hangs during memory reclaim on large systems (Larry Woodman) [546428] - [usb] support more Huawei modems (Pete Zaitcev) [517454] - [x86] fix AMD M-C boot inside xen on pre-5.5 hypervisor (Paolo Bonzini) [560013] - [kvm] pvclock on i386 suffers from double registering (Glauber Costa) [557095] - [md] fix kernel panic releasing bio after recovery failed (Takahiro Yasui) [555171] - [md] fix deadlock at suspending mirror device (Takahiro Yasui) [555120] - [pci] VF cant be enabled in dom0 (Don Dutile) [547980] - [acpi] fix NULL pointer panic in acpi_run_os (Prarit Bhargava) [547733] - [kvm] kvmclock wont restore properly after resume (Glauber Costa) [539521] - [x86_64] export additional features in cpuinfo for xen (Prarit Bhargava) [517928] - [fs] proc: make smaps readable even after setuid (Dave Anderson) [322881] - [net] iptables: fix routing of REJECT target packets (Jiri Olsa) [548079] - [net] niu: fix the driver to be functional with vlans (Jiri Pirko) [538649] - [mm] prevent performance hit for 32-bit apps on x86_64 (Larry Woodman) [544448] - [mm] mmap: dont ENOMEM when mapcount is temp exceeded (Danny Feng) [552648] - [fs] proc: make errno values consistent when race occurs (Danny Feng) [556545] - [net] igb: update driver to support End Point DCA (Stefan Assmann) [513712] - [scsi] qla2xxx: FCP2 update, dpc bug, fast mailbox read (Rob Evers) [550286] - [scsi] qla2xxx: fix timeout value for CT passthru cmds (Rob Evers) [552327] - [scsi] lpfc: update to version 8.2.0.63.p2 (Rob Evers) [557792] - [scsi] lpfc: update driver to version 8.2.0.63.1p FC/FCoE (Rob Evers) [555604] - [scsi] be2iscsi: upstream driver refresh for rhel5.5 (Mike Christie) [554545] - [pci] add ids for intel b43 graphics controller (John Villalovos) [523637] - [misc] support Nehalem-EX processors in Oprofile (John Villalovos) [521992] - [scsi] scsi_dh: make rdac hw handlers activate() async (Rob Evers) [537514] - [scsi] scsi_dh: change scsidh_activate interface to async (Rob Evers) [537514] - [alsa] support Creative X-Fi EMU20K1 and EMU20K2 chips (Jaroslav Kysela) [523786] - [net] tg3: update to version 3.106 for 57765 asic support (John Feeney) [545135] - [net] bonding: fix alb mode locking regression (Andy Gospodarek) [533496] - [scsi] stex: dont try to scan a nonexistent lun (David Milburn) [531488] - [scsi] bnx2i: additional fixes for rhel5.5 update (Mike Christie) [517378] - [misc] hpilo: fix build warning in ilo_isr (Tony Camuso) [515010] - [scsi] qla2xxx: add AER support (Rob Evers) [513927] - [x86] relocate initramfs so we can increase vmalloc space (Neil Horman) [499253] - [mm] memory mapped files not updating timestamps (Peter Staubach) [452129] [2.6.18-186.el5] - [net] emergency route cache flushing fixes (Thomas Graf) [545663] {CVE-2009-4272} - [fs] fasync: split 'fasync_helper()' into separate add/remove functions (Danny Feng) [548657] {CVE-2009-4141} - [scsi] qla2xxx: NPIV vport management pseudofiles are world writable (Tom Coughlan) [537318] {CVE-2009-3556} - [net] ipv6: fix ipv6_hop_jumbo remote system crash (Amerigo Wang) [548643] {CVE-2007-4567} - [net] e1000e: fix broken wol (Andy Gospodarek) [557974] - [net] r8169: add missing hunk from frame length filtering fix (Jarod Wilson) [552438] [2.6.18-185.el5] - [net] e1000e: fix rx length check errors (Amerigo Wang) [551223] {CVE-2009-4538} - [net] e1000: fix rx length check errors (Neil Horman) [552138] {CVE-2009-4536} - [net] r8169: improved frame length filtering (Neil Horman) [550915] {CVE-2009-4537} - kabi: fix dma_async_register symbol move (Jarod Wilson) [526342] - [kabi] add {napi,vlan}_gro_receive and intel dca symbols (Jon Masters) [526342] - Revert: amd64_edac: fix access to pci conf space type 1 (Jarod Wilson) [479070] [2.6.18-184.el5] - [scsi] lpfc: Update lpfc to version 8.2.0.63 driver release (Rob Evers) [549763] - [scsi] lpfc: Fix single SCSI buffer not handled on SLI4 (Rob Evers) [549763] - [scsi] lpfc: Fix Dead FCF not triggering discovery others (Rob Evers) [549763] - [scsi] lpfc: Fix vport->fc_flag set outside of lock fail (Rob Evers) [549763] - [scsi] lpfc: Fix processing of failed read fcf record (Rob Evers) [549763] - [scsi] lpfc: Fix fc header seq_count checks (Rob Evers) [549763] - [scsi] lpfc: Update to version 8.2.0.62 driver release (Rob Evers) [549763] - [scsi] lpfc: Fix hbq buff only for sli4 (Rob Evers) [549763] - [scsi] lpfc: Fix hbq buff adds to receive queue (Rob Evers) [549763] - [scsi] lpfc: Fix multi-frame sequence response frames (Rob Evers) [549763] - [scsi] lpfc: Fix adapter reset and off/online stress test (Rob Evers) [549763] - [scsi] lpfc: Update to version 8.2.0.61 driver release (Rob Evers) [549763] - [scsi] lpfc: Fix vport register VPI after devloss timeout (Rob Evers) [549763] - [scsi] lpfc: Fix crash during unload and sli4 abort cmd (Rob Evers) [549763] - [scsi] lpfc: Blocked all SCSI I/O requests from midlayer (Rob Evers) [549763] - [scsi] lpfc: Made TigerShark set up and use single FCP EQ (Rob Evers) [549763] - [scsi] lpfc: Update to 8.2.0.60 driver release (Rob Evers) [549763] - [scsi] lpfc: Fix vport not logging out when being deleted (Rob Evers) [549763] - [net] fixup problems with vlans and bonding (Andy Gospodarek) [526976] - [net] ixgbe: upstream update to include 82599-KR support (Andy Gospodarek) [513707] - [net] enic: update to upstream version 1.1.0.241a (Andy Gospodarek) [550148] - [net] be2net: multiple bug fixes (Ivan Vecera) [549460] - [net] virtio_net: fix tx wakeup race condition (Herbert Xu) [524651] - [net] add send/receive tracepoints (Neil Horman) [475457] - [iscsi] fix install panic w/xen iSCSI boot device (Miroslav Rezanina) [512991] - Revert: [mm] SRAT and NUMA fixes for span and/or is disc (Larry Woodman) [474097] - [misc] oprofile support for nehalme ep processors (John Villalovos) [498624] - [scsi] fix duplicate libiscsi symbol and kabi warnings (Jarod Wilson) [515284] - [edac] amd64_edac: fix access to pci conf space type 1 (Bhavna Sarathy) [479070] - [misc] do not evaluate WARN_ON condition twice (Hendrik Brueckner) [548653] - [xen] fix cpu frequency scaling on Intel procs (Christopher Lalancette) [553324] - [xen] passthrough MSI-X mask bit acceleration V3 (Don Dugger) [537734] - [xen] change interface of hvm_mmio_access V3 (Don Dugger) [537734] - [xen] fix msix table fixmap allocation V3 (Don Dugger) [537734] [2.6.18-183.el5] - [kabi] add scsi_dma_{,un}map (Jon Masters) [533489] - [kabi] add scsi_nl_{send_vendor_msg,{add,remove}_driver} (Jon Masters) [515812] - [kabi] add do_settimeofday and __user_walk_fd (Jon Masters) [486205] - [kabi] add pci_domain_nr (Jon Masters) [450121] - [sound] alsa hda driver update for rhel5.5 (Jaroslav Kysela) [525390] - Revert: [pci] avoid disabling acpi to use non-core PCI (Mauro Carvalho Chehab) [504330 547898] - [net] wireless: fix build when using O=objdir (John Linville) [546712] - [pci] remove msi-x vector allocation limitation (Stefan Assmann) [531266] - [net] vxge: avoid netpoll<->NAPI race (Michal Schmidt) [453683] - [scsi] update fcoe for rhel5.5 (Mike Christie) [526259] - [net] update tg3 driver to version 3.100 (John Feeney) [515312] - [block] fix rcu accesses in partition statistics code (Jerome Marchand) [493517] - [pci] enable acs p2p upstream forwarding (Chris Wright) [518305] - [net] e1000e: support for 82567V-3 and MTU fixes (Andy Gospodarek) [513706] - [pci] aer hest disable support (Prarit Bhargava) [547762] - [pci] aer hest firmware first support (Prarit Bhargava) [547762] - [block] iosched: fix batching fairness (Jeff Moyer) [462472] - [block] iosched: reset batch for ordered requests (Jeff Moyer) [462472] - [net] bonding: allow arp_ip_targets on separate vlan from bond device (Andy Gospodarek) [526976] - [firewire] ohci: handle receive packets with zero data (Jay Fenlason) [547242] {CVE-2009-4138} - [drm] intel: add IRONLAKE support to AGP/DRM drivers (Dave Airlie) [547908] - [xen] mask AMDs Node ID MSR (Andrew Jones) [547518] - Revert: [xen] fix msi-x table fixmap allocation (Don Dugger) [537734] - Revert: [xen] change interface of hvm_mmio_access (Don Dugger) [537734] - Revert: [xen] passthrough msi-x mask bit acceleration (Don Dugger) [537734] [2.6.18-182.el5] - [x86_64] disable vsyscall in kvm guests (Glauber Costa) [542612] - [fs] ext3: replace lock_super with explicit resize lock (Eric Sandeen) [525100] - [net] bonding: add debug module option (Jiri Pirko) [546624] - [fs] respect flag in do_coredump (Danny Feng) [544189] {CVE-2009-4036} - [md] fix a race in dm-raid1 (Mikulas Patocka) [502927] - [misc] timer: add tracepoints (Jason Baron) [534178] - [net] ipv4: fix possible invalid memory access (Prarit Bhargava) [541213] - [x86] support AMD L3 cache index disable (Bhavna Sarathy) [517586] - [scsi] add emc clariion support to scsi_dh modules (Mike Christie) [437107] - [infiniband] fix iser sg aligment handling (Mike Christie) [540686] - [scsi] qla2xxx: CT passthrough and link data rate fixes (Marcus Barrow) [543057] - [scsi] qla2xxx: update to 8.03.01.04.05.05-k (Marcus Barrow) [542834] - [net] s2io: update driver to current upstream version (Michal Schmidt) [513942] - [ia64] export cpu_core_map (like i386 and x86_64) (Michal Schmidt) [448856] - [net] sfc: additional fixes for rhel5.5 (Michal Schmidt) [448856] - [redhat] configs: enable building of the sfc driver (Michal Schmidt) [448856] - [net] sfc: add the sfc (Solarflare) driver (Michal Schmidt) [448856] - [net] vxge: driver update to 2.0.6 (Michal Schmidt) [453683] - [scsi] ibmvscsi: upstream multipath enhancements for 5.5 (Kevin Monroe) [512203] [2.6.18-181.el5] - [vfs] DIO write returns -EIO on try_to_release_page fail (Jeff Moyer) [461100] - [wireless] enable use of internal regulatory database (John Linville) [546712] - [wireless] add wireless regulatory rules database (John Linville) [546712] - [wireless] use internal regulatory database infrastructure (John Linville) [546712] - [wireless] update old static regulatory domain rules (John Linville) [543723] - [net] wireless: report reasonable bitrate for 802.11n (John Linville) [546281] - [net] mac80211: report correct signal for non-dBm values (John Linville) [545899] - [net] wireless: kill some warning spam (John Linville) [545121] - [net] mac80211: avoid uninit ptr deref in ieee80211 (John Linville) [545121] - [net] wireless: avoid deadlock when enabling rfkill (John Linville) [542593] - [wireless] configuration changes for updates (John Linville) [456943 474328 514661 516859] - [net] ath9k: backport driver from 2.6.32 (John Linville) [456943] - [net] wireless: updates of mac80211 etc from 2.6.32 (John Linville) [474328 514661 516859] - [net] wireless support updates from 2.6.32 (John Linville) [456943 474328 514661 516859] - [net] bnx2: update to version 2.0.2 (John Feeney) [517377] - [usb] support lexar expresscard (Pete Zaitcev) [511374] - [net] cnic: update driver for RHEL5.5 (Stanislaw Gruszka) [517378] - [net] bnx2x: update to 1.52.1-5 (Stanislaw Gruszka) [515716 522600] - [net] bnx2x: add mdio support (Stanislaw Gruszka) [515716 522600] - [net] bnx2x: add firmware version 5.2.7.0 (Stanislaw Gruszka) [515716 522600] - [net] bnx2x: update to 1.52.1 (Stanislaw Gruszka) [515716 522600] - [fs] make NR_OPEN tunable (Eric Sandeen) [507159] - [net] mdio: add mdio module from upstream (Michal Schmidt) [448856] - [net] ethtool: add more defines for mdio to use (Michal Schmidt) [448856] - [pci] add and export pci_clear_master (Michal Schmidt) [448856] - [mm] SRAT and NUMA fixes for span and/or is discontig mem (Larry Woodman) [474097] - [fs] eventfd: remove fput call from possible IRQ context (Jeff Moyer) [493101] - [fs] eventfd: kaio integration fix (Jeff Moyer) [493101] - [fs] eventfd: sanitize anon_inode_getfd() (Jeff Moyer) [493101] (Jeff Moyer) [493101] - [fs] eventfd: clean compile when CONFIG_EVENTFD=n (Jeff Moyer) [493101] - [s390] wire up signald, timerfd and eventfd syscalls (Jeff Moyer) [493101] - [fs] eventfd: use waitqueue lock (Jeff Moyer) [493101] - [ppc] wire up eventfd syscalls (Jeff Moyer) [493101] - [ia64] wire up {signal, timer, event}fd syscalls (Jeff Moyer) [493101] - [fs] aio: KAIO eventfd support example (Jeff Moyer) [493101] - [fs] eventfd: wire up x86 arches (Jeff Moyer) [493101] - [fs] add eventfd core (Jeff Moyer) [493101] - [net] r8169: update to latest upstream for rhel5.5 (Ivan Vecera) [540582] - [net] benet: update driver to latest upstream for rhel5.5 (Ivan Vecera) [515269] - [net] e1000e: update and fix WOL issues (Andy Gospodarek) [513706 513930 517593 531086] - [net] e1000: update to latest upstream for rhel5.5 (Dean Nelson) [515524] - [net] mlx4: update to recent version with SRIOV support (Doug Ledford) [503113 512162 520674 527499 529396 534158] - [md] raid: deal with soft lockups during resync (Doug Ledford) [501075] - [x86] amd: add node ID MSR support (Bhavna Sarathy) [530181] - [net] ipv4: fix an unexpectedly freed skb in tcp (Amerigo Wang) [546402] [2.6.18-180.el5] - [fs] ext4: fix insufficient checks in EXT4_IOC_MOVE_EXT (Eric Sandeen) [546105] {CVE-2009-4131} - [fs] fix possible inode corruption on unlock (Eric Sandeen) [545612] - [fs] xfs: fix fallocate error return sign (Eric Sandeen) [544349] - [net] bnx2: fix frags index (Flavio Leitner) [546326] - [pci] implement public pci_ioremap_bar function (Prarit Bhargava) [546244] - [trace] add coredump tracepoint (Masami Hiramatsu) [517115] - [trace] add signal tracepoints (Masami Hiramatsu) [517121] - [trace] add itimer tracepoints (Jason Baron) [534178] - [gfs2] make O_APPEND behave as expected (Steven Whitehouse) [544342] - [gfs2] fix rename locking issue (Steven Whitehouse) [538484] - [usb] add quirk for iso on amd sb800 (Pete Zaitcev) [537433] - [mm] add kernel pagefault tracepoint for x86 & x86_64 (Larry Woodman) [517133] - [ia64] dma_get_required_mask altix workaround (George Beshers) [517192] - [misc] sysctl: require CAP_SYS_RAWIO to set mmap_min_addr (Amerigo Wang) [534018] - [pci] intel-iommu: no pagetable validate in passthru mode (Don Dutile) [518103] - [pci] intel-iommu: set dmar_disabled when DMAR at zero (Don Dutile) [516811 518103] - [pci] dmar: rhsa entry decode (Don Dutile) [516811 518103] - [pci] intel-iommu: add hot (un)plug support (Don Dutile) [516811 518103] - [pci] inte-iommu: alloc_coherent obey coherent_dma_mask (Don Dutile) [516811 518103] - [pci] dmar: check for DMAR at zero BIOS error earlier (Don Dutile) [516811 518103] - [pci] intel-iommu: fix for isoch dmar w/no tlb space (Don Dutile) [516811 518103] - [pci] intel-iommu: add 2.6.32-rc4 sw and hw pass-through (Don Dutile) [516811 518103] - [pci] intel-iommu: IOTLB flushing mods & ATSR support (Don Dutile) [516811 518103] - [aio] implement request batching (Jeff Moyer) [532769] - [net] netxen: further p3 updates for rhel5.5 (Marcus Barrow) [542746] - [net] netxen: driver updates from 2.6.32 (Marcus Barrow) [516833] - [net] netxen: driver updates from 2.6.31 (Marcus Barrow) [516833] - [xen] passthrough msi-x mask bit acceleration (Don Dugger) [537734] - [xen] change interface of hvm_mmio_access (Don Dugger) [537734] - [xen] fix msi-x table fixmap allocation (Don Dugger) [537734] - [xen] fix w/sata set to ide combined mode on amd (Bhavna Sarathy) [544021] - [xen] domU irq ratelimiting (Don Dugger) [524747] [2.6.18-179.el5] - [scsi] st: display current settings of option bits (Tom Coughlan) [501030] - [pci] AER: prevent errors being reported multiple times (Prarit Bhargava) [544923] - [cifs] NULL out pointers when chasing DFS referrals (Jeff Layton) [544417] - [fbfront] xenfb: dont recreate thread on every restore (Christopher Lalancette) [541325] - [net] igb: update igb driver to support barton hills (Stefan Assmann) [513710] - [fs] hfs: fix a potential buffer overflow (Amerigo Wang) [540741] {CVE-2009-4020} - [fuse] prevent fuse_put_request on invalid pointer (Danny Feng) [538737] {CVE-2009-4021} - [scsi] lpfc: update version from 8.2.0.58 to 8.2.0.59 (Rob Evers) [529244] - [scsi] lpfc: update version from 8.2.0.55 to 8.2.0.58 (Rob Evers) [516541 529244] - [scsi] lpfc: update version from 8.2.0.52 to 8.2.0.55 (Rob Evers) [529244] - [scsi] pmcraid: minor driver update for rhel5.5 (Rob Evers) [529979] - [scsi] add pmcraid driver (Rob Evers) [529979] - [scsi] bfa: brocade bfa fibre-channel/fcoe driver (Rob Evers) [475695] - [md] support origin size < chunk size (Mikulas Patocka) [502965] - [md] lock snapshot while reading status (Mikulas Patocka) [543307] - [md] fix deadlock in device mapper multipath (Mikulas Patocka) [543270] - [md] raid5: mark cancelled readahead bios with -EIO (Eric Sandeen) [512552] - [fs] ext2: convert to new aops (Josef Bacik) [513136] - [fs] jbd: fix race in slab creation/deletion (Josef Bacik) [496847] - [net] enic: update to upstream version 1.1.0.100 (Andy Gospodarek) [519086] - [scsi] megaraid: make driver legacy I/O port free (Tomas Henzl) [515863] - [scsi] megaraid: upgrade to version 4.17-RH1 (Tomas Henzl) [518243] - [net] ipvs: synchronize closing of connections (Danny Feng) [492942] - [fs] dlm: fix connection close handling (David Teigland) [521093] - [hwmon] add support for syleus chip to fschmd driver (Dean Nelson) [513101] - [s390] dasd: fix DIAG access for read-only devices (Hendrik Brueckner) [537859] - [acpi] backport support for ACPI 4.0 power metering (Matthew Garrett) [514923] - [scsi] mpt2sas: use selected regions (Tomas Henzl) [516702] - [scsi] mpt2sas: upgrade to 01.101.06.00 (Tomas Henzl) [516702] - [block] blktrace: only tear down our own debug/block (Eric Sandeen) [498489] - Revert: [scsi] fix inconsistent usage of max_lun (David Milburn) [531488] [2.6.18-178.el5] - [x86] fix stale data in shared_cpu_map cpumasks (Prarit Bhargava) [541953] - [mm] call vfs_check_frozen after unlocking the spinlock (Amerigo Wang) [541956] - [md] fix data corruption with different chunksizes (Mikulas Patocka) [210490] - [md] fix snapshot crash on invalidation (Mikulas Patocka) [461506] - [net] cxgb3: fix port index issue (Doug Ledford) [516948] - [net] cxgb3: correct hex/decimal error (Doug Ledford) [516948] - [net] mlx4_en: add a pci id table (Doug Ledford) [508770] - [infiniband] null out skb pointers on error (Doug Ledford) [531784] - [infiniband] init neigh->dgid.raw on bonding events (Doug Ledford) [538067] - [nfs] add an nfsiod workqueue (Ian Kent) [489931] - [nfs] nfsiod: ensure the asynchronous RPC calls complete (Ian Kent) [489931] - [nfs] sunrpc: allow rpc_release() CB run on another workq (Ian Kent) [489931] - [nfs] fix a deadlock with lazy umount -2 (Ian Kent) [489931] - [nfs] fix a deadlock with lazy umount (Ian Kent) [489931] - [fs] ext3/4: free journal buffers (Eric Sandeen) [506217] - [net] resolve issues with vlan creation and filtering (Andy Gospodarek) [521345] - [scsi] stex: update driver for RHEL-5.5 (David Milburn) [516881] - [scsi] be2iscsi: add driver to generic config (Mike Christie) [515284] - [scsi] add be2iscsi driver (Mike Christie) [515284] - [fs] ext4: update to 2.6.32 codebase (Eric Sandeen) [528054] - [scsi] disable state transition from OFFLINE to RUNNING (Takahiro Yasui) [516934] - [scsi] fusion: update mpt driver to 3.4.13rh (Tomas Henzl) [516710] - [net] gro: fix illegal merging of trailer trash (Herbert Xu) [537876] [2.6.18-177.el5] - [scsi] gdth: prevent negative offsets in ioctl (Amerigo Wang) [539421] {CVE-2009-3080} - [net] ixgbe: add and enable CONFIG_IXGBE_DCA (Andy Gospodarek) [514306] - [net] ixgbe: update to upstream version 2.0.44-k2 (Andy Gospodarek) [513707 514306 516699] - [cifs] duplicate data on appending to some samba servers (Jeff Layton) [500838] - [s390] kernel: fix single stepping on svc0 (Hendrik Brueckner) [540527] - [fs] gfs2: fix glock ref count issues (Steven Whitehouse) [539240] - [vbd] xen: fix crash after ballooning (Christopher Lalancette) [540811] - [block] cfq-iosched: get rid of cfqq hash (Jeff Moyer) [427709 448130 456181] - [scsi] devinfo update for hitachi entries for RHEL5.5 (Takahiro Yasui) [430631] - [net] call cond_resched in rt_run_flush (Amerigo Wang) [517588] - [cifs] update cifs version number (Jeff Layton) [500838] - [cifs] avoid invalid kfree in cifs_get_tcp_session (Jeff Layton) [500838] - [cifs] fix broken mounts when a SSH tunnel is used (Jeff Layton) [500838] - [cifs] fix memory leak in ntlmv2 hash calculation (Jeff Layton) [500838] - [cifs] fix potential NULL deref in parse_DFS_referrals (Jeff Layton) [500838] - [cifs] fix read buffer overflow (Jeff Layton) [500838] - [cifs] free nativeFileSystem before allocating new one (Jeff Layton) [500838] - [cifs] add addr= mount option alias for ip= (Jeff Layton) [500838] - [cifs] copy struct *after* setting port, not before (Jeff Layton) [500838] - [cifs] fix artificial limit on reading symlinks (Jeff Layton) [500838] - [scsi] megaraid: fix sas permissions in sysfs (Casey Dahlin) [537313] {CVE-2009-3889 CVE-2009-3939} - [cpufreq] avoid playing with cpus_allowed in powernow-k8 (Alex Chiang) [523505] - [cpufreq] change cpu freq arrays to per_cpu variables (Alex Chiang) [523505] - [cpufreq] powernow-k8: get drv data for correct cpu (Alex Chiang) [523505] - [cpufreq] x86: change NR_CPUS arrays in powernow-k8 (Alex Chiang) [523505] - [cifs] fix error handling in mount-time dfs referral code (Jeff Layton) [513410] - [cifs] add loop check when mounting dfs tree (Jeff Layton) [513410] - [cifs] fix some build warnings (Jeff Layton) [513410] - [cifs] fix build when dfs support not enabled (Jeff Layton) [513410] - [cifs] remote dfs root support (Jeff Layton) [513410] - [cifs] enable dfs submounts to handle remote referrals (Jeff Layton) [513410] - [edac] i3200_edac: backport driver to RHEL 5.5 (Mauro Carvalho Chehab) [469976] - [edac] add upstream i3200_edac driver (Mauro Carvalho Chehab) [469976] - [cifs] no CIFSGetSrvInodeNumber in is_path_accessible (Jeff Layton) [529431] - [block] blktrace: correctly record block to and from devs (Jason Baron) [515551] - [sched] enable CONFIG_DETECT_HUNG_TASK support (Amerigo Wang) [506059] - [xen] fix SRAT check for discontiguous memory (Christopher Lalancette) [519225] - [xen] implement fully preemptible page table teardown (Christopher Lalancette) [510037] [2.6.18-176.el5] - [xen] mask extended topo cpuid feature (Andrew Jones ) [533292] - [fs] pipe.c null pointer dereference (Jeff Moyer ) [530939] {CVE-2009-3547} - [xen] cd-rom drive does not recognize new media (Miroslav Rezanina ) [221676] - [nfs] fix stale nfs_fattr passed to nfs_readdir_lookup (Harshula Jayasuriya ) [531016] - [spec] s390: enable kernel module signing (Don Zickus ) [483665] - [nfs] bring nfs4acl into line with mainline code (Jeff Layton ) [479870 530575] - [ia64] kdump: restore registers in the stack on init (Takao Indoh ) [515753] - [nfs] nfsd4: do exact check of attribute specified (Jeff Layton ) [512361] - [net] igb: add support for 82576ns serdes adapter (Stefan Assmann ) [517063] - [s390] zfcp_scsi: dynamic queue depth adjustment param (Pete Zaitcev ) [508355] - [scsi] fix inconsistent usage of max lun (David Milburn ) [531488] - [ipmi] fix ipmi_si modprobe hang (Tony Camuso ) [507402] - [x86] kvm: dont ask HV for tsc khz if not using kvmclock (Glauber Costa ) [531268] - [net] qlge: updates and fixes for RHEL-5.5 (Marcus Barrow ) [519453] - [net] igb: fix kexec with igb controller (Stefan Assmann ) [527424] - [net] qlge: fix crash with kvm guest device passthru (Marcus Barrow ) [507689] - [misc] hpilo: add polling mechanism (Tony Camuso ) [515010] - [misc] hpilo: add interrupt handler (Tony Camuso ) [515010] - [misc] hpilo: staging for interrupt handling (Tony Camuso ) [515010] - [edac] amd64_edac: enable driver in kernel config (Bhavna Sarathy ) [479070] - [edac] amd64_edac: remove early hardware probe (Bhavna Sarathy ) [479070] - [edac] amd64_edac: detect ddr3 support (Bhavna Sarathy ) [479070] - [edac] amd64_edac: add ddr3 support (Bhavna Sarathy ) [479070] - [edac] add amd64_edac driver (Bhavna Sarathy ) [479070] - [net] igb: set vf rlpml must take vlan tag into account (Don Dugger ) [515602] - [misc] hibernate: increase timeout (Matthew Garrett ) [507331] - [nfs] make sure dprintk() macro works everywhere (Jeff Layton ) [532701] - [acpi] include core wmi support and dell-wmi driver (Matthew Garrett ) [516623] - [powerpc] fix to handle SLB resize during migration (Kevin Monroe ) [524112] - [mm] oom killer output should display UID (Larry Woodman ) [520419] - [net] fix race in data receive/select (Amerigo Wang ) [509866] - [net] augment raw_send_hdrinc to validate ihl in user hdr (Neil Horman ) [500924] - [i2c] include support for Hudson-2 SMBus controller (Stanislaw Gruszka ) [515125] - [net] bonding: introduce primary_reselect option (Jiri Pirko ) [471532] - [net] bonding: ab_arp use std active slave select code (Jiri Pirko ) [471532] - [net] use netlink notifications to track neighbour states (Danny Feng ) [516589] - [net] introduce generic function __neigh_notify (Danny Feng ) [516589] - [fs] skip inodes w/o pages to free in drop_pagecache_sb (Larry Woodman ) [528070] [2.6.18-175.el5] - [net] bnx2x: add support for bcm8727 phy (Stanislaw Gruszka ) [515716] - [net] sched: fix panic in bnx2_poll_work (John Feeney ) [526481] - [acpi] prevent duplicate dirs in /proc/acpi/processor (Matthew Garrett ) [537395] - [mm] conditional flush in flush_all_zero_pkmaps (Eric Sandeen ) [484683] - [fs] ecryptfs: copy lower attrs before dentry instantiate (Eric Sandeen ) [489774] - [ppc] fix compile warnings in eeh code (Prarit Bhargava ) [538407] - [md] multiple device failure renders dm-raid1 unfixable (Jonathan E Brassow ) [498532] - [scsi] ibmvscsi: FCoCEE NPIV support (Steve Best ) [512192] - [fs] gfs2: fix potential race in glock code (Steven Whitehouse ) [498976] - [kvm] balloon driver for guests (Peter Bogdanovic ) [522629] - [sctp] assign tsns earlier to avoid reordering (Neil Horman ) [517504] - [x86] fix boot crash with < 8-core AMD Magny-cours system (Bhavna Sarathy) [522215] - [x86] support amd magny-cours power-aware scheduler fix (Bhavna Sarathy ) [513685] - [x86] cpu: upstream cache fixes needed for amd m-c (Bhavna Sarathy ) [526315] - [x86_64] set proc id and core id before calling fixup_dcm (Bhavna Sarathy) [526315] - [x86] disable NMI watchdog on CPU remove (Prarit Bhargava ) [532514] - [nfsd] dont allow setting ctime over v4 (Jeff Layton ) [497909] - [acpi] bm_check and bm_control update (Luming Yu ) [509422] - [x86_64] amd: iommu system management erratum 63 fix (Bhavna Sarathy ) [531469] - [net] bnx2i/cnic: update driver version for RHEL5.5 (Mike Christie ) [516233] - [x86] fix L1 cache by adding missing break (Bhavna Sarathy ) [526770] - [x86] amd: fix hot plug cpu issue on 32-bit magny-cours (Bhavna Sarathy ) [526770] - [acpi] disable ARB_DISABLE on platforms where not needed (Luming Yu ) [509422] - [s390] do not annotate cmdline as __initdata (Hendrik Brueckner ) [506898] - [x86_64] fix 32-bit process register leak (Amerigo Wang ) [526798] - [misc] dont call printk while crashing (Mauro Carvalho Chehab ) [497195] - [x86] mce_amd: fix up threshold_bank4 creation (Bhavna Sarathy ) [526315] - [pci] fix SR-IOV function dependency link problem (Don Dugger ) [503837] - [xen] fix numa on magny-cours systems (Bhavna Sarathy ) [526051] - [xen] add two HP ProLiant DMI quirks to the hypervisor (Paolo Bonzini ) [536677] - [xen] hook sched rebalance logic to opt_hardvirt (Christopher Lalancette ) [529271] - [xen] crank the correct stat in the scheduler (Christopher Lalancette ) [529271] - [xen] whitespace fixups in xen scheduler (Christopher Lalancette ) [529271] - [xen] fix crash with memory imbalance (Bhavna Sarathy ) [526785] [2.6.18-174.el5] - [fs] private dentry list to avoid dcache_lock contention (Lachlan McIlroy ) [526612] - [gfs2] drop rindex glock on grows (Benjamin Marzinski ) [482756] - [acpi] run events on cpu 0 (Matthew Garrett ) [485016] - [cpufreq] add option to avoid smi while calibrating (Matthew Garrett ) [513649] - [acpi] support physical cpu hotplug on x86_64 (Stefan Assmann ) [516999] - [scsi] qla2xxx: enable msi-x correctly on qlogic 2xxx series (Marcus Barrow ) [531593] - [apic] fix server c1e spurious lapic timer events (Bhavna Sarathy ) [519422] - [pci] aer: fix ppc64 compile - no msi support (Prarit Bhargava ) [514442 517093] - [pci] aer: config changes to enable aer support (Prarit Bhargava ) [514442 517093] - [pci] aer: fix NULL pointer in aer injection code (Prarit Bhargava ) [514442 517093] - [pci] aer: add domain support to aer_inject (Prarit Bhargava ) [514442 517093] - [pci] aer: backport acpi osc functions (Prarit Bhargava ) [517093] - [pci] aer: pcie support and compile fixes (Prarit Bhargava ) [517093] - [pci] aer: changes required to compile in RHEL5 (Prarit Bhargava ) [514442 517093] - [pci] aer: base aer driver support (Prarit Bhargava ) [514442 517093] - [kvm] use upstream kvm_get_tsc_khz (Glauber Costa ) [531025] - [cifs] turn oplock breaks into a workqueue job (Jeff Layton ) [531005] - [cifs] fix oplock request handling in posix codepath (Jeff Layton ) [531005] - [cifs] have cifsFileInfo hold an extra inode reference (Jeff Layton ) [531005] - [cifs] take GlobalSMBSes_lock as read-only (Jeff Layton ) [531005] - [cifs] remove cifsInodeInfo.oplockPending flag (Jeff Layton ) [531005] - [cifs] replace wrtPending with a real reference count (Jeff Layton ) [531005] - [cifs] clean up set_cifs_acl interfaces (Jeff Layton ) [531005] - [cifs] reorganize get_cifs_acl (Jeff Layton ) [531005] - [cifs] protect GlobalOplock_Q with its own spinlock (Jeff Layton ) [531005] - [scsi] qla2xxx: updates and fixes for RHEL-5.5 (Marcus Barrow ) [519447] - [net] vlan: silence multicast debug messages (Danny Feng ) [461442] - [fs] fix inode_table test in ext{2,3}_check_descriptors (Eric Sandeen ) [504797] - [net] netlink: fix typo in initialization (Jiri Pirko ) [527906] - [mm] prevent tmpfs from going readonly during oom kills (Larry Woodman ) [497257] - [x86] set cpu_llc_id on AMD CPUs (Bhavna Sarathy ) [513684] - [x86] fix up threshold_bank4 support on AMD Magny-cours (Bhavna Sarathy ) [513684] - [x86] fix up L3 cache information for AMD Magny-cours (Bhavna Sarathy ) [513684] - [x86] amd: fix CPU llc_shared_map information (Bhavna Sarathy ) [513684] - [fs] trim instantiated file blocks on write errors (Eric Sandeen ) [515529] - [s390] optimize storage key operations for anon pages (Hans-Joachim Picht ) [519977] - [net] cxgb3: bug fixes from latest upstream version (Doug Ledford ) [510818] - [misc] saner FASYNC handling on file close (Paolo Bonzini ) [510746] - [wireless] mac80211: fix reported wireless extensions version (John Linville ) [513430] - [mm] dont oomkill when hugepage alloc fails on node (Larry Woodman ) [498510] - [xen] iommu-amd: extend loop ctr for polling completion wait (Bhavna Sarathy ) [518474 526766] - [xen] iommu: add passthrough and no-intremap parameters (Bhavna Sarathy ) [518474 526766] - [xen] iommu: enable amd iommu debug at run-time (Bhavna Sarathy ) [518474 526766] - [xen] support interrupt remapping on M-C (Bhavna Sarathy ) [518474 526766] - [xen] iommu: move iommu_setup() to setup ioapic correctly (Bhavna Sarathy ) [518474 526766] [2.6.18-173.el5] - [acpi] thinkpad_acpi: disable ecnvram brightness on some (Matthew Garrett ) [522745] - [block] cfq-iosched: dont delay queue kick for merged req (Jeff Moyer ) [456181 448130 427709] - [block] cfq-iosched: fix idling interfering with plugging (Jeff Moyer ) [456181 448130 427709] - [block] cfq: separate merged cfqqs if they stop cooperating (Jeff Moyer ) [456181 448130 427709] - [block] cfq: change the meaning of the cfqq_coop flag (Jeff Moyer ) [456181 448130 427709] - [block] cfq: merge cooperating cfq_queues (Jeff Moyer ) [456181 448130 427709] - [block] cfq: calc seek_mean per cfq_queue not per cfq_io_context (Jeff Moyer ) [456181 448130 427709] - [block] cfq-iosched: cache prio_tree root in cfqq->p_root (Jeff Moyer ) [456181 448130 427709] - [block] cfq-iosched: fix aliased req & cooperation detect (Jeff Moyer ) [456181 448130 427709] - [block] cfq-iosched: default seek when not enough samples (Jeff Moyer ) [456181 448130 427709] - [block] cfq-iosched: make seek_mean converge more quick (Jeff Moyer ) [456181 448130 427709] - [block] cfq-iosched: add close cooperator code (Jeff Moyer ) [456181 448130 427709] - [block] cfq-iosched: development update (Jeff Moyer ) [456181 448130 427709] - [gfs2] careful unlinking inodes (Steven Whitehouse ) [519049] - [scsi] arcmsr: add missing parameter (Tomas Henzl ) [521203] - [nfs] v4: fix setting lock on open file with no state (Jeff Layton ) [533115] {CVE-2009-3726} - [misc] futex priority based wakeup (Jon Thomas ) [531552] - [dlm] use GFP_NOFS on all lockspaces (David Teigland ) [530537] - [gfs2] improve statfs and quota usability (Benjamin Marzinski ) [529796] - [net] forcedeth: let phy power down when IF is down (Ivan Vecera ) [513692] - [drm] r128: check for init on all ioctls that require it (Danny Feng ) [529603] {CVE-2009-3620} - [scsi] htpiop: RocketRAID driver update v1.0 -> v1.6 (Rob Evers ) [519076] - [ipmi] add HP message handling (Tony Camuso ) [507402] - [mm] prevent hangs/long pauses when zone_reclaim_mode=1 (Larry Woodman ) [507360] - [s390] ipl: vmhalt, vmpanic, vmpoff, vmreboot dont work (Hans-Joachim Picht ) [518229] - [nfs] bring putpubfh handling inline with upstream (Wade Mealing ) [515405] [2.6.18-172.el5] - [fs] dio: dont zero out pages array inside struct dio (Jeff Moyer ) [488161] - [cifs] libfs: sb->s_maxbytes casts to a signed value (Jeff Layton ) [486092] - [serial] power7: support the single-port serial device (Kevin Monroe ) [525812] - [kABI] add pci_{enable,disable}_msi{,x} (Jon Masters ) [521081] - [scsi] mpt: errata 28 fix on LSI53C1030 (Tomas Henzl ) [518689] - [scsi] panic at .ipr_sata_reset after device reset (Kevin Monroe ) [528175] - [scsi] lpfc: update to 8.2.0.52 FC/FCoE (Rob Evers ) [515272] - [x86] add ability to access Nehalem uncore config space (John Villalovos ) [504330] - [net] sunrpc: remove flush_workqueue from xs_connect (Jeff Layton ) [495059] - [xen] ia64: command-line arg to increase the heap size (Paolo Bonzini ) [521865] [2.6.18-171.el5] - [security] require root for mmap_min_addr (Eric Paris ) [518143] {CVE-2009-2695} - [ata] ahci: add AMD SB900 controller device IDs (David Milburn ) [515114] - [net] lvs: adjust sync protocol handling for ipvsadm -2 (Neil Horman ) [524129] - Revert: [net] lvs: fix sync protocol handling for timeout values (Neil Horman ) [524129] - [net] AF_UNIX: deadlock on connecting to shutdown socket (Jiri Pirko ) [529631] {CVE-2009-3621} - [fs] inotify: remove debug code (Danny Feng ) [499019] - [fs] inotify: fix race (Danny Feng ) [499019] [2.6.18-170.el5] - [net] lvs: fix sync protocol handling for timeout values (Neil Horman ) [524129] - [net] igb: return PCI_ERS_RESULT_DISCONNECT on failure (Dean Nelson ) [514250] - [net] e100: return PCI_ERS_RESULT_DISCONNECT on failure (Dean Nelson ) [514250] - [nfs] knfsd: query fs for v4 getattr of FATTR4_MAXNAME (Jeff Layton ) [469689] - [block] blkfront: respect elevator=xyz cmd line option (Paolo Bonzini ) [498461] - [firewire] fw-ohci: fix IOMMU resource exhaustion (Jay Fenlason ) [513827] - [scsi] cciss: ignore stale commands after reboot (Tomas Henzl ) [525440] - [scsi] cciss: version change (Tomas Henzl ) [525440] - [scsi] cciss: switch to using hlist (Tomas Henzl ) [525440] - [x86] support always running Local APIC (John Villalovos ) [496306] - [x86_64] fix hugepage memory tracking (Jim Paradis ) [518671] - [net] bnx2: apply BROKEN_STATS workaround to 5706/5708 (Flavio Leitner ) [527748] - [pci] pci_dev->is_enabled must be set (Prarit Bhargava ) [527496] - [audit] dereferencing krule as if it were an audit_watch (Alexander Viro ) [526819] - [mm] fix spinlock performance issue on large systems (John Villalovos ) [526078] - [misc] hotplug: add CPU_DYING notifier (Eduardo Habkost ) [510814] - [misc] hotplug: use cpuset hotplug callback to CPU_DYING (Eduardo Habkost ) [510814] - [misc] define CPU_DYING and CPU_DYING_FROZEN (Eduardo Habkost ) [510814] - [misc] hotplug: adapt thermal throttle to CPU_DYING (Eduardo Habkost ) [510814] - [fs] file truncations when both suid and write perms set (Amerigo Wang ) [486975] - [x86] finish sysdata conversion (Danny Feng ) [519633] - [misc] pipe: fix fd leaks (Amerigo Wang ) [509625] - [x86_64] PCI space below 4GB forces mem remap above 1TB (Larry Woodman ) [523522] - [pci] pciehp: fix PCIe hotplug slot detection (Michal Schmidt ) [521731] - [net] syncookies: support for TCP options via timestamps (jolsa@redhat.com ) [509062] - [net] tcp: add IPv6 support to TCP SYN cookies (jolsa@redhat.com ) [509062] - [xen] blkfront: check for out-of-bounds array accesses (Paolo Bonzini ) [517238] - [xen] fix timeout with PV guest and physical CDROM (Paolo Bonzini ) [506899] - [net] e1000e: return PCI_ERS_RESULT_DISCONNECT on fail (Dean Nelson ) [508387] - [x86_64] vsmp: fix bit-wise operator and compile issue (Prarit Bhargava ) [515408] - [net] e100: add support for 82552 (Dean Nelson ) [475610] - [net] netfilter: honour source routing for LVS-NAT (Jiri Pirko ) [491010] - [misc] hwmon: update to latest upstream for RHEL-5.5 (Prarit Bhargava ) [467994 250561 446061] - [xen] panic in msi_msg_read_remap_rte with acpi=off (Miroslav Rezanina ) [525467] - [xen] mask out xsave for hvm guests (Andrew Jones ) [524052] - [xen] allow booting with broken serial hardware (Chris Lalancette ) [518338] - [xen] mask out more CPUID bits for PV guests (Chris Lalancette ) [502826] - [xen] x86: fix wrong asm (Paolo Bonzini ) [510686] - [xen] always inline memcmp (Paolo Bonzini) [510686] - [xen] i386: handle x87 opcodes in TLS segment fixup (Paolo Bonzini ) [510225] [2.6.18-169.el5] - [scsi] export symbol scsilun_to_int (Tomas Henzl ) [528153] - [fs] eCryptfs: prevent lower dentry from going negative (Eric Sandeen ) [527835] {CVE-2009-2908} - [nfs] v4: reclaimer thread stuck in an infinite loop (Sachin S. Prabhu ) [526888] - [scsi] scsi_dh_rdac: changes for rdac debug logging (Rob Evers ) [524335] - [scsi] scsi_dh_rdac: collect rdac debug info during init (Rob Evers ) [524335] - [scsi] scsi_dh_rdac: move init code around (Rob Evers ) [524335] - [scsi] scsi_dh_rdac: return correct mode select cmd info (Rob Evers ) [524335] - [scsi] scsi_dh_rdac: add support for Dell PV array (Rob Evers ) [524335] - [scsi] scsi_dh_rdac: add support for SUN devices (Rob Evers ) [524335] - [scsi] scsi_dh_rdac: support ST2500, ST2510 and ST2530 (Rob Evers ) [524335] - [s390] cio: boot through XAUTOLOG with conmode 3270 (Hans-Joachim Picht ) [508934] - [x86] add smp_call_function_many/single functions (Prarit Bhargava ) [526043] - [s390] iucv: fix output register in iucv_query_maxconn (Hans-Joachim Picht ) [524251] - [s390] set preferred s390 console based on conmode (Hans-Joachim Picht ) [520461] - [s390] dasd: add large volume support (Hans-Joachim Picht ) [511972] - [s390] dasd: fail requests when dev state is not ready (Hans-Joachim Picht ) [523219] - [s390] cio: failing set online/offline processing (Hans-Joachim Picht ) [523323] - [x86] oprofile: support arch perfmon (John Villalovos ) [523479] - [x86] oprofile: fix K8/core2 on multiple cpus (John Villalovos ) [523479] - [x86] oprofile: utilize perf counter reservation (John Villalovos ) [523479] - [gfs2] genesis stuck writing to unlinked file (Abhijith Das ) [505331] - [net] r8169: avoid losing MSI interrupts (Ivan Vecera ) [514589] - [s390] cio: set correct number of internal I/O retries (Hans-Joachim Picht ) [519814] - [net] e1000: return PCI_ERS_RESULT_DISCONNECT on fail (Dean Nelson ) [508389] - [net] ixgbe: return PCI_ERS_RESULT_DISCONNECT on fail (Dean Nelson ) [508388] - [crypto] s390: enable ansi_cprng config option (Jarod Wilson ) [504667] - [s390] dasd: dev attr to disable blocking on lost paths (Hans-Joachim Picht ) [503222] - [s390] qeth: handle VSwitch Port Isolation error codes (Hans-Joachim Picht ) [503232] - [s390] qeth: improve no_checksumming handling for layer3 (Hans-Joachim Picht ) [503238] - [gfs2] smbd proccess hangs with flock call (Abhijith Das ) [502531] - [input] psmouse: reenable mouse on shutdown (Prarit Bhargava ) [501025] - [xen] x86: make NMI detection work (Miroslav Rezanina ) [494120] [2.6.18-168.el5] - [gfs2] mount option: -o errors=withdraw|panic (Bob Peterson ) [518106] - [net] bonding: set primary param via sysfs (Jiri Pirko ) [499884] - [scsi] fusion: re-enable mpt_msi_enable option (Tomas Henzl ) [520820] - [x86] xen: add 'ida' flag (Prarit Bhargava ) [522846] - [net] ipt_recent: sanity check hit count (Amerigo Wang ) [523982] - [acpi] fix syntax in ACPI debug statement (Stefan Assmann ) [524787] - [s390] AF_IUCV SOCK_SEQPACKET support (Hans-Joachim Picht ) [512006] - [x86] fix nosmp option (Prarit Bhargava ) [509581] - [nfs] nfsd4: idmap upcalls should use unsigned uid/gid (Jeff Layton ) [519184] - [ia64] fix ppoll and pselect syscalls (Prarit Bhargava ) [520867] - [net] ipv4: ip_append_data handle NULL routing table (Jiri Pirko ) [520297] - [net] fix drop monitor to not panic on null dev (Neil Horman ) [523279] - [gfs2] gfs2_delete_inode failing on RO filesystem (Abhijith Das ) [501359] - [nfs] statfs error-handling fix (Jeff Layton ) [519112] - [pci] avoid disabling acpi to use non-core PCI devices (Mauro Carvalho Chehab ) [504330] - [nfs] fix regression in nfs_open_revalidate (Jeff Layton ) [511278] - [nfs] fix cache invalidation problems in nfs_readdir (Jeff Layton ) [511170] - [fs] sanitize invalid partition table entries (Stefan Assmann ) [481658] - [char] fix corrupted intel_rng kernel messages (Jerome Marchand ) [477778] - [net] ipv6: do not fwd pkts with the unspecified saddr (Jiri Pirko ) [517899] - [ata] ahci: add device ID for 82801JI sata controller (David Milburn ) [506200] - [misc] support Intel multi-APIC-cluster systems (Prarit Bhargava ) [507333] - [ext3] fix online resize bug (Josef Bacik ) [515759] - [xen] netback: call netdev_features_changed (Herbert Xu ) [493092] - [net] igbvf: recognize failure to set mac address (Stefan Assmann ) [512469] - [misc] documentation: fix file-nr definition in fs.txt (Danny Feng ) [497200] - [misc] cpufreq: dont set policy for offline cpus (Prarit Bhargava ) [511211] - [net] sunrpc client: IF for binding to a local address (Jeff Layton ) [500653] - [fs] nlm: track local address and bind to it for CBs (Jeff Layton ) [500653] - [net] sunrpc: set rq_daddr in svc_rqst on socket recv (Jeff Layton ) [500653] - [cpufreq] P-state limit: limit can never be increased (Stanislaw Gruszka ) [489566] - [crypto] s390: permit weak keys unless REQ_WEAK_KEY set (Jarod Wilson ) [504667] - [fs] procfs: fix fill all subdirs as DT_UNKNOWN (Danny Feng ) [509713] - [block] ll_rw_blk: more flexable read_ahead_kb store (Danny Feng ) [510257] - [audit] correct the record length of execve (Amerigo Wang ) [509134] - [net] tcp: do not use TSO/GSO when there is urgent data (Danny Feng ) [502572] - [net] vxge: new driver for Neterion 10Gb Ethernet (Michal Schmidt ) [453683] - [net] vxge: Makefile, Kconfig and config additions (Michal Schmidt ) [453683] - [pci] add PCI Express link status register definitions (Michal Schmidt ) [453683] - [net] 8139too: RTNL and flush_scheduled_work deadlock (Jiri Pirko ) [487346] - [x86] suspend-resume: work on large logical CPU systems (John Villalovos ) [499271] - [gfs2] '>>' does not update ctime,mtime on the file (Abhijith Das ) [496716] - [net] icmp: fix icmp_errors_use_inbound_ifaddr sysctl (Jiri Pirko ) [502822] - [nfs] fix stripping SUID/SGID flags when chmod/chgrp dir (Peter Staubach ) [485099] - [net] bonding: allow bond in mode balance-alb to work (Jiri Pirko ) [487763] - [x86] fix mcp55 apic routing (Neil Horman ) [473404] - [net] rtl8139: set mac address on running device (Jiri Pirko ) [502491] - [net] tun: allow group ownership of TUN/TAP devices (Jiri Pirko ) [497955] - [net] tcp: do not use TSO/GSO when there is urgent data (Jiri Olsa ) [497032] - [misc] undefined reference to __udivdi3 (Amerigo Wang ) [499063] [2.6.18-167.el5] - [scsi] st.c: memory use after free after MTSETBLK ioctl (David Jeffery ) [520192] - [nfs] knfsd: fix NFSv4 O_EXCL creates (Jeff Layton ) [524521] {CVE-2009-3286} - [net] r8169: balance pci_map/unmap pair, use hw padding (Ivan Vecera ) [515857] - [net] tc: fix unitialized kernel memory leak (Jiri Pirko ) [520863] - [misc] kthreads: kthread_create vs kthread_stop() race (Oleg Nesterov ) [440273] - [net] fix unbalance rtnl locking in rt_secret_reschedule (Neil Horman ) [510067] [2.6.18-166.el5] - [x86_64] kvm: bound last_kvm to prevent backwards time (Glauber Costa ) [524076] - [x86] kvm: fix vsyscall going backwards (Glauber Costa ) [524076] - [misc] fix RNG to not use first generated random block (Neil Horman ) [522860] - [x86] kvm: mark kvmclock_init as cpuinit (Glauber Costa ) [523450] - [x86_64] kvm: allow kvmclock to be overwritten (Glauber Costa ) [523447] - [x86] kvmclock: fix bogus wallclock value (Glauber Costa ) [519771] - [scsi] scsi_dh_rdace: add more sun hardware (mchristi@redhat.com ) [518496] - [misc] cprng: fix cont test to be fips compliant (Neil Horman ) [523259] - [net] bridge: fix LRO crash with tun (Andy Gospodarek ) [483646] - Revert: [net] atalk/irda: memory leak to user in getname (Don Zickus ) [519310] {CVE-2009-3001 CVE-2009-3002} - Revert: [x86_64] fix gettimeoday TSC overflow issue - 1 (Don Zickus ) [467942] [2.6.18-165.el5] - [net] sky2: revert some phy power refactoring changes (Neil Horman ) [509891] - [net] atalk/irda: memory leak to user in getname (Danny Feng ) [519310] {CVE-2009-3001 CVE-2009-3002} - [x86_64] fix gettimeoday TSC overflow issue - 1 (Prarit Bhargava ) [467942] - [md] prevent crash when accessing suspend_* sysfs attr (Danny Feng ) [518136] {CVE-2009-2849} - [nfs] nlm_lookup_host: dont return invalidated nlm_host (Sachin S. Prabhu ) [507549] - [net] bonding: tlb/alb: set active slave when enslaving (Jiri Pirko ) [499884] - [nfs] r/w I/O perf degraded by FLUSH_STABLE page flush (Peter Staubach ) [498433] - [SELinux] allow preemption b/w transition perm checks (Eric Paris ) [516216] - [scsi] scsi_transport_fc: fc_user_scan correction (David Milburn ) [515176] - [net] tg3: refrain from touching MPS (John Feeney ) [516123] - [net] qlge: fix hangs and read performance (Marcus Barrow ) [517893] - [scsi] qla2xxx: allow use of MSI when MSI-X disabled (Marcus Barrow ) [517922] - [net] mlx4_en fix for vlan traffic (Doug Ledford ) [514141] - [net] mlx4_en device multi-function patch (Doug Ledford ) [500346] - [net] mlx4_core: fails to load on large systems (Doug Ledford ) [514147] - [x86] disable kvmclock by default (Glauber Costa ) [476075] - [x86] disable kvmclock when shuting the machine down (Glauber Costa ) [476075] - [x86] re-register clock area in prepare_boot_cpu (Glauber Costa ) [476075] - [x86] kvmclock smp support (Glauber Costa ) [476075] - [x86] use kvm wallclock (Glauber Costa ) [476075] - [x86_64] kvm clocksources implementation (Glauber Costa ) [476075] - [x86] kvm: import kvmclock.c (Glauber Costa ) [476075] - [x86] kvm: import pvclock.c and headers (Glauber Costa ) [476075] - [x86] export additional cpu flags in /proc/cpuinfo (Prarit Bhargava ) [517928] - [x86] detect APIC clock calibration problems (Prarit Bhargava ) [503957] - [fs] cifs: new opts to disable overriding of ownership (Jeff Layton ) [515252] - [x86] pnpacpi: fix serial ports on IBM Point-of-Sale HW (Kevin Monroe ) [506799] IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-4027 CVE-2009-4307 CVE-2010-0727 CVE-2010-1188 Oracle Linux 5 [3.7.2-4] - use rpm macros more consistently - add manual page for brltty.conf - add more documentation - install the default brltty-pm.conf to docdir only - Resolves: #530554 - silence the postinstall scriptlet - Resolves: #529163 [3.7.2-3] - escape rpm macros in the rpm change log - remove bogus rpath from libbrlttybba.so (CVE-2008-3279, #457942) - add dependencies to bind the subpackages from one build together [3.7.2-2] - fix building with newer kernel-headers (#456247) - do not strip debug info during install (#500545) - Resolves: rhbz #456247 #500545 LOW Copyright 2010 Oracle, Inc. CVE-2008-3279 Oracle Linux 5 [2.3.43-12] - updated spec file, so the compat-libs linking patch applies correctly [2.3.43-11] - backported patch to handle null character in TLS certificates (#560912) [2.3.43-10] - updated chase-referral patch to compile cleanly - updated init script (#562714) [2.3.43-9] - updated ldap.sysconf to include SLAPD_LDAP, SLAPD_LDAPS and SLAPD_LDAPI options (#559520) [2.3.43-8] - fixed connection freeze when TLSVerifyClient = allow (#509230) [2.3.43-7] - fixed chasing referrals in libldap (#510522) [2.3.43-6] - fixed possible double free() in rwm overlay (#495628) - updated slapd man page and slapcat usage string (#468206) - updated default config for slapd - deleted syncprov module (#466937) - fixed migration tools autofs generated format (#460331) - fixed migration tools numbers detection in /etc/shadow (#113857) - fixed migration tools base ldif (#104585) [2.3.43-5] - implementation of limit adjustment before starting slapd (#527313) - init script no longer executes script in /tmp (#483356) - slapd not starting with ldap:/// every time (#481003) - delay between TERM and KILL when shutting down slapd (#452064) [2.3.43-4] - fixed compat libs linking (#503734) - activated lightweight dispatcher feature (#507276) - detection of timeout after failed result (#495701 MODERATE Copyright 2010 Oracle, Inc. CVE-2009-3767 Oracle Linux 5 [7:2.6.STABLE21-6] - Resolves: #561828 - CVE-2009-2855 CVE-2010-0308 squid various flaws [rhel-5.5] [7:2.6.STABLE21-5] - Resolves: #538738 - improved patch [7:2.6.STABLE21-4] - Resolves: #521926 - squid 'stop after stop' is not LSB compliant - Resolves: #496170 - Add arp filter option - Resolves: #516245 - negotiate support not enabled in squid - Resolves: #538738 - Squid accelerator mode works only if port 80 is opened - Resolves: #470843 - Squid 'error_map' does not work when used 'Accep-Encoding: gzip' LOW Copyright 2010 Oracle, Inc. CVE-2009-2855 CVE-2010-0308 Oracle Linux 5 [8.13.8-8] - rpm attributes S,5,T not recorded for statistics file [8.13.8-7] - fix specfile for passing rpm -V test (#555277) [8.13.8-6.el5] - fix verification of SSL certificate with NUL in name (#553618, CVE-2009-4565) - do not accept localhost.localdomain as valid address from smtp (#449391) - skip colon separator when parsing service name in ServiceSwitchFile (#512871) - exit with non-zero error code when free space is low (#299951) - fix -qG description in man page (#250552) - fix comments in sendmail.mc to use correct certs path (#244012) - add MTA to provides (#494408) - fix %dist macro use (#440616) - compile with -fno-strict-aliasing - skip t-sem test as it doesn't allow parallel testing LOW Copyright 2010 Oracle, Inc. CVE-2006-7176 CVE-2009-4565 Oracle Linux 5 [2.2.14-15] - update backport for selecting which key to use for validation so that it prefers services with the local host name as the instance, from HEAD (more of #450776) [2.2.14-14] - backport the 'multiple_ccaches' option from HEAD, requiring that it be enabled to not immediately remove an old ccache when asked to create a new one (#463417) [2.2.14-13] - add patch to add the 'chpw_prompt' option, to allow the older behavior of attempting a password-change during authentication if libkrb5 detects an expired password, based on patch from Olivier Fourdan (#509092) [2.2.14-12] - dont vary the password prompt depending on whether or not the user exists or is known to the KDC (CVE-2009-1384, #505265) - prefer using the 'host' service when verifying that a TGT isnt forged, from HEAD (#450776) [2.2.14-11] - dont enforce minimum_uid when no_user_check is also used, from HEAD (#490404) - dont try to get password-changing creds with all of the flags set that we would request for a TGT (#489015) LOW Copyright 2010 Oracle, Inc. CVE-2009-1384 Oracle Linux 5 [kvm-83-164.0.1.el5] - Add kvm-Introduce-oel-machine-type.patch - Add kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-164.el5] - kvm-Fix-Windows-guests-SVVP-tests.patch [bz#495844] - Resolves: bz#495844 (KVM SVVP: 'Signed Driver check' failure - on the disabled vCPUs (that the VM's BIOS doesn't hide)) [kvm-83-163.el5] - kvm-kernel-avoid-collision-between-out-of-sync-ksm-and-pci-pass.patch [bz#566385] - Resolves: bz#566385 (KVM host panic due to fault in paging64_sync_page() / panic occurs in connection with PCI passthru devices) [kvm-83-162.el5] - kvm-qemu-img-rebase-Add-f-option.patch [bz#569762] - kvm-mark-PCI-IRQs-as-edge-triggered-in-mptables.patch [bz#536749] - Resolves: bz#536749 (can not boot rhel3.9 with if=virtio) - Resolves: bz#569762 ('qemu-img re-base' broken on block devices) - Moved kver to 2.6.18-191.el5 to match build root [kvm-83-161.el5] - kvm-qemu-img-Fix-segfault-during-rebase.patch [bz#563141] - Resolves: bz#563141 (qemu-img re-base subcommand got Segmentation fault) - Moved kver to 2.6.18-190.el5 to match build root [kvm-83-160.el5] - kvm-qxl-defer-vga-updates-in-case-commands-ring-is-full-.patch [bz#544785] - Resolves: bz#544785 (QEMU process can become non-responsive in case command are not pull from qxl vga ring) [kvm-83-159.el5] - Applied patch to spec file [bz#533453] - Updated kversion to 2.6.18-189.el5 to match build root - Resolves: bz#533453 (kvm kmod package should require a compatible kernel version) [kvm-83-158.el5] - Updated kversion to 2.6.18-187.el5 to match build root - kvm-kernel-KVM-Don-t-check-access-permission-when-loading-segme.patch [bz#563465] - kvm-kernel-KVM-Disable-move-to-segment-registers-and-jump-far-i.patch [bz#563465] - kvm-kernel-KVM-VMX-Check-cpl-before-emulating-debug-register-ac.patch [bz#563517] - Resolves: bz#563465 (EMBARGOED CVE-2010-0419 kvm: emulator privilege escalation segment selector check [rhel-5.5]) - Resolves: bz#563517 (KVM: Check cpl before emulating debug register access [rhel-5.5]) [kvm-83-157.el5] - kvm-CVE-2010-0297-usb-linux.c-fix-buffer-overflow.patch [bz#560770] - Resolves: bz#560770 (CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow [rhel-5.5]) [kvm-83-156.el5] - kvm-kernel-KVM-PIT-control-word-is-write-only.patch [bz#553126] - kvm-kernel-KVM-introduce-kvm_read_guest_virt-kvm_write_guest_vi.patch [bz#559095] - kvm-kernel-KVM-remove-the-vmap-usage.patch [bz#559095] - kvm-kernel-KVM-Use-kvm_-read-write-_guest_virt-to-read-and-writ.patch [bz#559095] - kvm-kernel-KVM-fix-memory-access-during-x86-emulation.patch [bz#559095] - kvm-kernel-Check-IOPL-level-during-io-instruction-emulation.patch [bz#560698] - kvm-kernel-Fix-popf-emulation.patch [bz#560698] - kvm-kernel-Check-CPL-level-during-privilege-instruction-emulati.patch [bz#560698] - Resolves: bz#553126 (CVE-2010-0309 kvm: cat /dev/port in guest cause the host hang [rhel-5.5]) - Resolves: bz#559095 (EMBARGOED CVE-2010-0298 kvm: emulator privilege escalation [rhel-5.5]) - Resolves: bz#560698 (EMBARGOED CVE-2010-0306 kvm: emulator privilege escalation IOPL/CPL level check [rhel-5.5]) [kvm-83-155.el5] - kvm-virtio-blk-Fix-reads-turned-into-writes-after-read-e.patch [bz#552487] - kvm-virtio-blk-Handle-bdrv_aio_read-write-NULL-return.patch [bz#552487] - Resolves: bz#552487 (Guest image corruption after RHEV-H update to 5.4-2.1.3.el5_4rhev2_1) - Moved kver to 2.6.18-186.el5 to match build root [kvm-83-154.el5] - kvm-qemu-img-Fix-qemu-img-with-backing-file.patch [bz#558195] - kvm-qemu-add-routines-for-atomic-16-bit-accesses.patch [bz#525323] - kvm-qemu-virtio-atomic-access-for-index-values.patch [bz#525323] - kvm-fix-ide-versioning.patch [bz#559163] - kvm-cpu-CPU_SAVE_VERSION-is-9-know.patch [bz#559163] - Resolves: bz#525323 (QEMU terminates without warning with virtio-net and SMP enabled) - Resolves: bz#558195 (kvm: NFS : kvm-qemu-img convert failure on RAW/Sparse template with COW/Sparse snapshot) - Resolves: bz#559163 (migration failed host 5.5 with -M rhel5.5.0 to host 5.5 with -M rhel5.5.0.) [kvm-83-153.el5] - kvm-qcow2-Fix-error-handling-in-qcow2_grow_l1_table.patch [bz#537077] - kvm-qcow2-Fix-error-handling-in-qcow_save_vmstate.patch [bz#537077] - kvm-qcow2-Return-0-errno-in-get_cluster_table.patch [bz#537077] - kvm-qcow2-Return-0-errno-in-qcow2_alloc_cluster_offset.patch [bz#537077] - kvm-block-Return-original-error-codes-in-bdrv_pread-writ.patch [bz#537077] - kvm-qcow2-Fix-error-handling-in-grow_refcount_table.patch [bz#537077] - kvm-qcow2-Improve-error-handling-in-update_refcount.patch [bz#537077] - kvm-qcow2-Allow-updating-no-refcounts.patch [bz#537077] - kvm-qcow2-Don-t-ignore-update_refcount-return-value.patch [bz#537077] - kvm-qcow2-Don-t-ignore-qcow2_alloc_clusters-return-value.patch [bz#537077] - Resolves: bz#537077 (error codes aren't always propagated up through the block layer (e.g. -ENOSPC)) [kvm-83-152.el5] - kvm-Revert-Queue-notify-support-for-virtio-block-device.patch [bz#552250] (Reverts kvm-Queue-notify-support-for-virtio-block-device.patch) - Related: bz#552250 (Windows virtio block driver performs poorly on small size requests) [kvm-83-151.el5] - kvm-Fix-cpu-versioning.patch [bz#557327] - kvm-reduce-number-of-reinjects-on-ACK.patch [bz#556455] - Resolves: bz#556455 (KVM: WIN7-32bit blue screen (IMAGE_NAME: ntkrnlmp.exe).) - Resolves: bz#557327 (migration failed with -M rhel5.4.4 between host 5.5 and host 5.4.4) [kvm-83-150.el5] - kvm-vnc-more-keypad-fixing.patch [bz#497507] - kvm-qxl-add-netbooks-common-resolutions.-Rhel-5.5-552240.patch [bz#552240] - kvm-block-raw-posix-Abort-on-pread-beyond-end-of-file.patch [bz#515655] - Resolves: bz#497507 (Numeric keypad cannot be used in qemu monitor when using vnc to connect guest.) - Resolves: bz#515655 (Add result test to prevent Infinite loop in raw_pread, reading too large offset) - Resolves: bz#552240 (Spice (QXL) - please add 1024x576 resolution to the driver (netbooks)) [kvm-83-149.el5] - kvm-qemu-qxl-fix-unsafe-rom-data-handling-bug-537888.patch [bz#537888] - kvm-qxl-fix-qxl-backwards-migration-to-version-3.patch [bz#537888] - kvm-Allow-export-of-sse4.1-sse4.2-cpuid-flags-to-guest.-.patch [bz#518090] - Resolves: bz#518090 ([RFE] KVM should be able to export advanced cpu flags to the guest) - Resolves: bz#537888 (fix unsafe device data handling) [kvm-83-148.el5] - Updated kversion to 2.6.18-185.el5 to match build root - Require qspice-libs to make sure the right libspice.so.0 file is installed - Related: bz#555657 [kvm-83-147.el5] - kvm-block-Introduce-BDRV_O_NO_BACKING.patch [bz#530134] - kvm-qemu-img-rebase.patch [bz#530134] - kvm-vnc-improve-capslock-handling.patch [bz#517814] - kvm-block-Add-bdrv_change_backing_file.patch [bz#530134] - kvm-qemu-img-Automatically-detect-block-devices.patch [bz#537655] - Resolves: bz#517814 (Caps Lock the key's appearance of guest is not synchronous as host's --view kvm with vnc) - Resolves: bz#530134 (RFE - In-place backing file format change) - Resolves: bz#537655 (qemu-img: error creating a new preallocated volume image on FCP storage) [kvm-83-146.el5] - Require compatible etherboot-zroms-kvm package - Resolves: bz#550053 (require newer etherboot package that is compatible with new pxe ROM paths) [kvm-83-145.el5] - kvm-fix-barriers-support-during-migration.patch [bz#549938] - kvm-Add-machine-name-alias-support.patch [bz#553187] - kvm-make-pc-an-alias-of-rhel5.4.0.patch [bz#553187] - kvm-Introduce-rhel5.4.4-machine-type.patch [bz#553187] - Resolves: bz#549938 (Maintain barrier state after migration) - Resolves: bz#553187 (Add rhel-5.4.4 support to rhel5.5.0) [kvm-83-144.el5] - kvm-kernel-KVM-x86-Add-KVM_GET-SET_VCPU_EVENTS.patch [bz#541084] - Resolves: bz#541084 (KVM: x86: Add KVM_GET/SET_VCPU_EVENTS) - kvm-x86-Add-support-for-VCPU-event-states.patch [bz#541084] - kvm-BZ550265-compute-checksum-for-roms-bigger-than-a-seg.patch [bz#550265] - kvm-Fix-a-race-in-the-device-that-cuased-guest-stack-on-.patch [bz#503759] - kvm-Queue-notify-support-for-virtio-block-device.patch [bz#552250] - kvm-The-driver-device-pair-does-not-have-a-reset-option-.patch [bz#550755] - kvm-The-driver-device-pair-does-not-have-a-reset-option-2.patch [bz#550755] - Resolves: bz#503759 (hypercall device - Vm becomes non responsive on Sysmark benchmark (when more than 7 vm's running simultaneously)) - Resolves: bz#541084 (KVM: x86: Add KVM_GET/SET_VCPU_EVENTS) - Resolves: bz#550265 (gPXE fails to PXE boot on e1000 virtual NIC) - Resolves: bz#550755 (Hypercall driver doesn't reset device on power-down) - Resolves: bz#552250 (Windows virtio block driver performs poorly on small size requests. In addition, cpu usage on the quest side is very high while handling write requests.) [kvm-83-143.el5] - kvm-Documentation-Fix-description-of-cache-option-for-dr.patch [bz#545194] - kvm-monitor-allow-device-to-be-ejected-if-no-disk-is-ins.patch [bz#539250] - Resolves: bz#539250 (Cannot eject cd-rom when configured to host cd-rom) - Resolves: bz#545194 (Discrepancy between man page and source code for qcow2 with regards to default value used when no explicit caching is specified) [kvm-83-142.el5] - Updated kversion to 2.6.18-183.el5 to match build root - kvm-removing-debugging-printf-leftover.patch [bz#530533] - kvm-enable_write_cache-is-one-bool-no-need-for-32bits.patch [bz#549938] - kvm-virtio_blk-save-if-cache-was-enabled.patch [bz#549938] - kvm-ide-propagate-version_id-to-all-save-load-functions.patch [bz#549938] - kvm-ide-save-if-cache-was-enabled.patch [bz#549938] - kvm-savevm-add-version_id-to-all-savevm-functions.patch [bz#541731] - kvm-We-need-current-machine-defined-sooner.patch [bz#541731] - kvm-Add-support-for-DeviceVersion-to-machine-type.patch [bz#541731] - kvm-Introduce-rhel5.4.0-machine-type.patch [bz#541731] - kvm-Introduce-rhel-5.5.0-machine-type.patch [bz#541731] - kvm-cpu-for-x86-don-t-save-new-fields-if-version-8.patch [bz#541731] - kvm-RHEL5.4-needs-cpu-at-version-7.patch [bz#541731] - kvm-RHEL-5.4.0-don-t-have-kvmclock.patch [bz#541731] - kvm-RHEL5.4-needs-ide-at-device-version-3.patch [bz#541731] - kvm-RHEL5.4-needs-virtio-blk-at-device-version-2.patch [bz#541731] - kvm-make-5.4.0-machine-the-default.patch [bz#541731] - Resolves: bz#530533 (debug message is displayed when save VM state into a compressed file) - Resolves: bz#541731 (kvm: migration: mechanism to make older savevm versions to be emitted on some cases) - Resolves: bz#549938 (Maintain barrier state after migration) [kvm-83-140.el5] - kvm-kernel-KVM-MMU-remove-prefault-from-invlpg-handler.patch [bz#531887] - Resolves: bz#531887 (BSOD BAD_POOL_HEADER STOP 0x19 during boot of Windows Server 2008 R2 installer) - kvm-Make-SMBIOS-pass-MS-SVVP-test.patch [bz#537178] - kvm-bz-545136-whitelist-host-virtio-networking-features.patch [bz#545136] - kvm-fix-rtc-td-hack-on-host-without-high-res-timers.patch [bz#543137] - kvm-v2-RHEL5-BZ543979-get-roms-more-room.-Glauber-Costa.patch [bz#543979] - Resolves: bz#537178 (Need to generate SMBIOS table 4 data for windows guests) - Resolves: bz#543137 (time drift in win2k364 KVM guest) - Resolves: bz#543979 (gPXE fails to PXE boot on e1000 virtual NIC) - Resolves: bz#545136 (whitelist host virtio networking features) [kvm-83-139.el5] - Updated kversion to 2.6.18-182.el5 to match build root - Require etherboot directly, to make sure it is installed by default - Resolves: bz#546019 [kvm-83-138.el5] - Updated kversion to 2.6.18-181.el5 to match build root - Use the new gpxe/etherboot configurable pxe-zroms-qemu system - Resolves: bz#546019 [kvm-83-137.el5] - Updated kversion to 2.6.18-176.el5 to match build root - kvm-kernel-KVM-x86-make-double-triple-fault-promotion-generic-t.patch [bz#532086] - kvm-kernel-KVM-x86-raise-TSS-exception-for-NULL-CS-and-SS-segme.patch [bz#532086] - kvm-kernel-KVM-x86-emulator-limit-instructions-to-15-bytes.patch [bz#541165] - Resolves: bz#532086 (Rhev-Block driver causes 'unhandled vm exit' with 32bit win2k3r2sp2 Guest VM on restart) - Resolves: bz#541165 (CVE-2009-4031 kernel: KVM: x86 emulator: limit instructions to 15 bytes [rhel-5.5]) - kvm-qcow2-Store-exact-backing-format-length.patch [bz#540893] - kvm-qcow-qcow2-Add-bdrv_aio_flush.patch [bz#542923] - Resolves: bz#540893 (qemu-img: snapshot info error) - Resolves: bz#542923 (Get segmentation fault when running with ide block on kvm-83-136.el5) [kvm-83-136.el5] - Update kversion to 2.6.18-175.el5 to match build root - kvm-block-use-fdatasync-instead-of-fsync-if-possible.patch [bz#537646] - kvm-block-add-aio_flush-operation.patch [bz#537646] - kvm-ide-use-bdrv_aio_flush.patch [bz#537646] - kvm-virtio-blk-add-volatile-writecache-feature.patch [bz#537646] - kvm-qcow2-Fix-grow_refcount_table-error-handling.patch [bz#537075] - kvm-virtio-blk-Stop-VM-on-read-errors.patch [bz#531827] - kvm-ide-Stop-VM-on-read-errors.patch [bz#531827 bz#531827 bz#533390] - kvm-slirp-Reassign-same-address-to-same-DHCP-client.patch [bz#531631] - kvm-block-add-enable_write_cache-flag.patch [bz#537646] - kvm-build-fix-add-pci_get_bus_and_slot-to-compat_apis.patch [bz#539589] - kvm-Fix-race-between-migration-and-cpu-main-loop.patch [bz#533090] - Resolves: bz#531631 (Windows XP unattended install doesn't get an IP address after rebooting, if using -net user) - Resolves: bz#531827 (O/S Filesystem Corruption with RHEL-5.4 on a RHEV Guest) - Resolves: bz#533090 (Windows Server 2008 R2 shutdown hangs after restore from migration) - Resolves: bz#533390 (RHEL5.4 VM image corruption with an IDE v-disk) - Resolves: bz#537075 (qcow2: infinite recursion on grow_refcount_table() error handling) - Resolves: bz#537646 (backports of qemu barrier support) - Resolves: bz#539589 (kvm can't build against kernel-2.6.18-174.el5) [kvm-83-135.el5] - kvm-kernel-531701-KERNEL-v2-allow-userspace-to-adjust-kvmclock-.patch [bz#531701] - kvm-531701-properly-save-kvm-system-time-msr-registers.patch [bz#531701] - kvm-BZ531701-get-and-set-clock-upon-migration.patch [bz#531701] - Resolves: bz#531701 (pvclock msr values are not preserved across remote migration) - Filter out ksym dependencies only known non-whitelisted symbols [bz#533197] - Resolves: bz#533197 [kvm-83-134.el5] - kvm-kernel-allow-to-address-up-to-48-bits-of-physical-memory-in.patch [bz#516545 bz#517223] - Resolves: bz#516545 (qemu-kvm crashed when setting 32bitwin28k with 64G ram) - Related: bz#517223 (BUG: warning at /builddir/build/BUILD/kvm-83-maint-snapshot-20090205/kernel-/x86/x86.c:240/kvm_queue_exception_e() (Tainted: G )) - kvm-Add-smp_call_function_many-to-compat_apis.patch [bz#533059] - Resolves: bz#533059 (kvm modules can't be built against latest kernel-devel package) [kvm-83-133.el5] - Update kversion to 2.6.18-172.el5 to match build root - kvm-kernel-KVM-Timer-event-should-not-unconditionally-unhalt-vc.patch [bz#492663] - kvm-kernel-KVM-Fix-interrupt-unhalting-a-vcpu-when-it-shouldn-t.patch [bz#502086] - Resolves: bz#492663 (KVM: Timer event should not unconditionally unhalt vcpu) - Resolves: bz#502086 (KVM: Fix interrupt unhalting a vcpu when it shouldn't) [kvm-83-132.el5] - kvm-keep-initrd-in-below-4g-area.patch [bz#529694] - Resolves: bz#529694 (-initrd is broken with > 4GB guests) [kvm-83-131.el5] - kvm-kernel-KVM-SVM-Reset-cr0-properly-on-vcpu-reset.patch [bz#525699] - Resolves: bz#525699 (x86_64 guest hang when set guest's cpu1 online on AMD host) [kvm-83-130.el5] - Update kversion to 2.6.18-168.el5 to match kernel-devel on build root - kvm-kernel-get_tss_base_addr-should-return-gpa_t-type.patch [bz#516762] - Resolves: bz#516762 (qemu aborted when restart 32bitwin23k with more than 4G mem in intel host.) [kvm-83-129.el5] - kvm-Fix-VDI-audio-stop.patch [bz#520394] - Resolves: bz#520394 (KVM : QEMU-Audio attempting to stop unactivated audio device (snd_playback_stop: ASSERT playback_channel->base.active failed).) [kvm-83-128.el5] - kvm-fix-kvm_arch_save_regs-potential-stack-corruptio.patch [bz#528917] - Resolves: bz#528917 (qemu-kvm : msrs[] array in kvm_arch_save_regs() too small / may cause stack corruption) [kvm-83-127.el5] - kvm-RHEL-5.X-5.4.Z-Makefile-fix-ksm-dir-has-no-ARCH-pref.patch [bz#527722] - Resolves: bz#527722 (Build tree for RHEL 5.X and RHEL 5.4.z contains build bugs) [kvm-83-126.el5] - Add --disable-pcspk option to ./configure [bz#516672] - Resolves: bz#516672 (Disable unused/unsupported features on qemu-kvm) [kvm-83-125.el5] - kvm-kernel-KVM-VMX-Adjust-rflags-if-in-real-mode-emulation.patch [bz#517324] - kvm-kernel-KVM-When-switching-to-a-vm8086-task-load-segments-as.patch [bz#517324] - kvm-kernel-RHEL5.4-defined-this-constants-in-asm-msr.h.patch [bz#515749] - kvm-kernel-For-RHEl5.x-return-types-of-hrtimers-is-int.patch [bz#515749] - kvm-kernel-KVM-VMX-flush-TLB-with-INVEPT-on-cpu-migration.patch [bz#518081] - kvm-kernel-KVM-Fix-task-switch-back-link-handling-v2-including-.patch [bz#517324] - Resolves: bz#515749 (Remove warnings from kvm compilation) - Resolves: bz#517324 (KVM does not implement proper support for hardware task linking when using vm8086 mode) - Resolves: bz#518081 (vmentry fails with ept misconfig) - kvm-test-access-remove-warning.patch [bz#515749] - kvm-test-emulator-remove-unused-variable.patch [bz#515749] - kvm-test-vmexit-remove-warning-undefined-printf.patch [bz#515749] - kvm-external-module-compat-bring-c89-prototypes-to-intel.patch [bz#515749] - Resolves: bz#515749 (Remove warnings from kvm compilation) [kvm-83-124.el5] - kvm-kernel-KVM-x86-verify-MTRR-PAT-validity.patch [bz#526837] - Resolves: bz#526837 (KVM: x86: verify MTRR/PAT validity (upstream backport)) [kvm-83-123.el5] - kvm-Disable-help-for-vmware-vga-and-enable-nesting.patch [bz#516672] - kvm-Now-that-we-have-disable-bluetooth-disable-also-bt-c.patch [bz#516672] - kvm-migration_notify_register-is-only-used-by-spice.patch [bz#516672] - kvm-Fix-typo-should-have-been-from-the-beggining.patch [bz#516672] - kvm-Don-t-compile-drivers-that-are-not-used-in-a-pc.patch [bz#516672] - kvm-Add-option-to-disable-pcspk.patch [bz#516672] - kvm-usb_bluez-depends-of-bluez.patch [bz#516672] - Resolves: bz#516672 (Disable unused/unsupported features on qemu-kvm) [kvm-83-122.el5] - Update kversion to 2.6.18-164.2.1.el5 to match kernel-devel on build root - kvm-libkvm-Add-a-wrapper-for-an-ioctl-for-the-KVM_SE.patch [bz#508040] - kvm-Fetch-sub-leaf-cpuid-values-for-functions-4-0xb-0xd.patch [bz#508040] - kvm-Initialize-entire-cpuid2-structure.patch [bz#508040] - kvm-extend-smp-parsing-to-include-cores-and-threads-opti.patch [bz#508040] - kvm-push-CPUID-level-to-4-to-allow-Intel-multicore-decod.patch [bz#508040] - kvm-set-CPUID-bits-to-present-cores-and-threads-topology.patch [bz#508040] - kvm-allow-overriding-of-CPUID-level-on-command-line.patch [bz#508040] - kvm-force-enable-options.patch [bz#489900] - kvm-move-kvm-extra-features-detection-after-kvm-detectio.patch [bz#489900] - kvm-add-options-to-request-kvm-pit-and-device-assignment.patch [bz#489900] - Added configure options to make build dependency checks more reliable: --enable-kvm --enable-qxl --enable-spice --enable-gcrypt --enable-vnc-tls [bz#489900] - Resolves: bz#489900 (kvm configure should abort if a required option failed) - Resolves: bz#508040 (Windows XP not using all CPUS) [kvm-83-121.el5] - Use rtl8029.zrom for ne2k_pci PXE booting (bz#526124) - Resolves: bz#526124 (ne model failed to get ip address) [kvm-83-120.el5] - kvm-Add-host_device-support-to-qemu-img.-Nolan-Leake.patch [bz#511072 bz#511072] - kvm-raw-posix-Handle-errors-in-raw_create.patch [bz#511072 bz#511072] - Resolves: bz#511072 (KVM - qemu-img fail to copy a RAW format image over FCP storage) [kvm-83-119.el5] - kvm-Use-kernel-s-smp_call_function_single-instead-of-emu.patch [bz#524970] - kvm-Properly-handle-pthread_cond_timedwait-timing-out.patch [bz#525114] - kvm-fix-segfault-in-setting-migration-speed.patch [bz#522887] - Resolves: bz#522887 (Call to migrate_set_speed after a migrate_cancel causes segmentation fault in kvm) - Resolves: bz#524970 (Guest single-cpu IPI leads to a global IPI on host) - Resolves: bz#525114 (KVM QEMU:RHEL OS VM's became not-responding and stopped answering monitor Commands.) [kvm-83-118.el5] - kvm-qemu-virtio-net-do-not-return-stack-pointer-from-fun.patch [bz#521829] - Resolves: bz#521829 (QEMU crash (during virtio-net WHQL tests for Win2008 R2)) [kvm-83-117.el5] - kvm-kernel-KVM-VMX-Optimize-vmx_get_cpl.patch [bz#524126] - kvm-kernel-KVM-x86-Disallow-hypercalls-for-guest-callers-in-rin.patch [bz#524126] - kvm-kernel-KVM-VMX-Don-t-intercept-MSR_KERNEL_GS_BASE-v2.patch [bz#488130 bz#488130] - Resolves: bz#488130 (KVM: VMX: Don't intercept MSR_KERNEL_GS_BASE (upstream patch)) - Resolves: bz#524126 (kernel: KVM: x86: Disallow hypercalls for guest callers in rings > 0 [rhel-5.5]) - kvm-qcow2-Change-cluster-size-to-64k.patch [bz#502809] - kvm-Fix-for-Bug-510706-qemu-kvm-segfault-when-using-i825.patch [bz#510706] - Resolves: bz#502809 ([FEAT] Change qcow2 cluster size to 64k) - Resolves: bz#510706 (qemu-kvm segfault when using i82551 vnic) [kvm-83-116.el5] - kvm-kernel-Revert-KVM-VMX-Don-t-intercept-MSR_KERNEL_GS_BASE.patch [bz#488130] kvm-kernel-KVM-VMX-Don-t-intercept-MSR_KERNEL_GS_BASE.patch was broken - Related: bz#488130 (KVM: VMX: Don't intercept MSR_KERNEL_GS_BASE (upstream patch)) [kvm-83-115.el5] - kvm-kernel-KVM-VMX-Don-t-intercept-MSR_KERNEL_GS_BASE.patch [bz#488130] - Resolves: bz#488130 (KVM: VMX: Don't intercept MSR_KERNEL_GS_BASE (upstream patch)) - kvm-Use-quiet-command-to-get-a-cleaner-build-output.patch [bz#515749] - kvm-This-function-is-not-used-anymore.-It-is-opencoded-i.patch [bz#515749] - kvm-fds-variable-is-not-used.-Remaining-of-a-missmerge.patch [bz#515749] - kvm-use-proper-C89-declarations.patch [bz#515749] - kvm-pit-is-used-in-two-cases-not-easy-way-to-define-.patch [bz#515749] - kvm-In-qemu-all-buffers-are-uint8_t-not-char.patch [bz#515749] - kvm-kvm_allowed-is-exported-in-qemu-kvm.h-and-it-is-used.patch [bz#515749] - kvm-add-three-missing-static-modifiers-for-local-functio.patch [bz#515749] - kvm-put-declaration-of-enable_async_notification-in-a-pr.patch [bz#515749] - kvm-move-several-kvm-variables-after-qemu-kvm.h-include-.patch [bz#515749] - kvm-mark-static-do_block_set_watermark.patch [bz#515749] - kvm-txbufferaccu_offset-and-irq-fields-were-save-load-as.patch [bz#515749] - kvm-mp_state-is-treated-as-unsigned-int-uint32_t-for-sav.patch [bz#515749] - kvm-hp_reset-should-have-type-QEMUResetHandler.patch [bz#515749] - kvm-make-static-lsi_scsi_uninit.patch [bz#515749] - kvm-assigned_dev_data-was-not-used-anywhere.patch [bz#515749] - kvm-bios_enabled-is-load-saved-as-uint32_t-declare-it-as.patch [bz#515749] - kvm-remove-unused-variable.patch [bz#515749] - kvm-add-prototype-for-kvm_add_ioperm_data.patch [bz#515749] - kvm-removed-duplicated-re-declaration-of-kvm_context-2.patch [bz#515749] - kvm-make-static-update_vbios_real_tpr.patch [bz#515749] - kvm-fix-var-may-be-used-uninitialized.patch [bz#515749] - kvm-make-local-functions-static.patch [bz#515749] - kvm-remove-unused-variable-opt_rom_offset.patch [bz#515749] - kvm-removed-duplicated-re-declaration-of-kvm_context.patch [bz#515749] - kvm-perror-is-defined-in-stdio.h-that-got-included-indir.patch [bz#515749] - kvm-remove-unused-variable-cpu.patch [bz#515749] - kvm-nb_sectors-should-be-an-uint64_t.patch [bz#515749] - kvm-uhci_reset-should-have-QEMUResetHandler-type.patch [bz#515749] - kvm-initialize-blen-and-pa-variables-to-0.patch [bz#515749] - kvm-we-got-smp_cpus-declaration-through-sysemu.h.patch [bz#515749] - kvm-int-and-long-masked-as-pointers.-cast-to-avoid-warni.patch [bz#515749] - kvm-we-got-vm_running-declaration-through-sysemu.h.patch [bz#515749] - kvm-BZ503367-obey-S-on-migration.patch [bz#503367 bz#503367] - kvm-reason-paramenter-only-exist-in-newer-qemu-s-not-our.patch [bz#515749] - kvm-Fix-AltGr-and-dead-keys-with-VNC.patch [bz#521835] - kvm-time_t-is-a-long-in-x86_64.patch [bz#515749] - kvm-bugzilla-504237-changed-size-of-variables-to-uint64_.patch [bz#515749] - Resolves: bz#503367 (After migration, paused VM is running on destination) - Resolves: bz#515749 (Remove warnings from kvm compilation) - Resolves: bz#521835 (German keymap using KVM+VNC missing some keys) [83-114.el5] - kvm-kernel-reset-hflags-on-cpu-reset.patch [bz#502543 bz#521749] - Resolves: bz#502543 (Windows 2008 R2 KVM guest can not restart when set it as multiple cpus) - Related: bz#521749 (Guest Window2008-R2-datacenter installation is stopped at step 'Setup will continue after restarting your computer') [83-113.el5] - kvm-qcow2-Refactor-update_refcount.patch [bz#518169] - kvm-qcow2-Update-multiple-refcounts-at-once.patch [bz#518169] - kvm-Combined-patch-of-two-upstream-commits-the-second-fi.patch [bz#518169] - kvm-alloc_cluster_link_l2-Write-complete-sectors.patch [bz#518169] - kvm-update_refcount-Write-complete-sectors.patch [bz#518169] - Resolves: bz#518169 (Bad qcow2 performance with cache=off) [83-112.el5] - kvm-kernel-Fix-coalesced-interrupt-reporting-in-IOAPIC.patch [bz#521025] - Resolves: bz#521025 (rtc-td-hack stopped working. Time drifts in windows) [83-111.el5] - kvm-Fix-VM-state-change-handlers-running-out-of-order.patch [bz#514522] - kvm-Revert-Work-around-VM-state-change-handlers-running-.patch [bz#514522] - Resolves: bz#514522 (QEMU: Fix VM change state issue on IO errors) [83-110.el5] - Update kversion to 2.6.18-164.el5 to match kernel-devel on build root - kvm-kernel-Backport-44882eed2ebe7f75f8cdae5671ab1d6e0fa40dbc.patch [bz#515549] - kvm-kernel-kvm-fix-ack-not-being-delivered-when-msi-present.patch [bz#515549] - kvm-kernel-kvm-fix-build-with-defconfig.patch [bz#515549] - Resolves: bz#515549 (upstream qemu issues on rhel 5.4) - kvm-Remove-initrd-warning-message.patch [bz#512672] - Resolves: bz#512672 (Remove initrd warning message) [83-109.el5] - kvm-kernel-add-nmi-support-to-svm.patch [bz#502543 bz#503322 bz#492290] - kvm-kernel-VMX-Fix-cr8-exiting-control-clobbering-by-EPT.patch [bz#520285] - Resolves: bz#492290 (KVM: XP virtio-net tests fail with BSOD on AMD host (due to lack of NMI injection masking ability)) - Resolves: bz#502543 (Windows 2008 R2 KVM guest can not restart when set it as multiple cpus) - Resolves: bz#503322 (NMI filtering for AMD (Windows 2008 R2 KVM guest can not restart when set it as multiple cpus)) - Resolves: bz#520285 (windows 64 bit does vmexit on each cr8 access.) [83-108.el5] - kvm-kernel-KVM-MMU-make-__kvm_mmu_free_some_pages-handle-empty-.patch [bz#519397] - Resolves: bz#519397 (KVM: MMU: make __kvm_mmu_free_some_pages handle empty list (upstream backport)) [83-107.el5] - kvm-kernel-KVM-MMU-fix-bogus-alloc_mmu_pages-assignment.patch [bz#487857] - Resolves: bz#487857 (The emulator hung after input 'cpu_set 1 online' on qemuMonitor and select 'System->Shutdown') [83-106.el5] - Update kversion to 2.6.18-162.el5 - kvm-Initialize-PS2-keyboard-mouse-state-on-reset.patch [bz#515275] - Resolves: bz#515275 (guest not accepting keystrokes or mouse clicks after reboot) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0430 CVE-2010-0741 Oracle Linux 5 [7.15.5-9] - http://curl.haxx.se/docs/adv_20100209.html (#565408) [7.15.5-8] - mention lack of IPv6, FTPS and LDAP support while using a socks proxy (#473128) - avoid tight loop if an upload connection is broken (#479967) - add options --ftp-account and --ftp-alternative-to-user to program help (#517084) - fix crash when reusing connection after negotiate-auth (#517199) - support for CRL loading from a PEM file (#532069) [7.15.5-7] - sync patch for CVE-2007-0037 with 5.3.Z Related: #485290 [7.15.5-6] - fix CVE-2009-2417 Resolves: #516258 [7.15.5-5] - forwardport one hunk from upstream curl-7.15.1 Related: #485290 [7.15.5-4] - fix hunk applied to wrong place due to nonzero patch fuzz Related: #485290 [7.15.5-3] - fix CVE-2007-0037 Resolves: #485290 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0734 Oracle Linux 5 [0.1.34-12] - Fixes a problem where improper locking commands can crash the system. - Resolves: rhbz#571298 [0.1.34-11] - Fixes 'Resource tempory unavailable' for EWOULDBLOCK message with flocks on gfs file - Resolves: rhbz#515717 [0.1.34-10] - Fixes 'Resource tempory unavailable' for EWOULDBLOCK message with flocks on gfs file - Resolves: rhbz#515717 [0.1.34-9] - Change gfs freeze/unfreeze to use new standard - Resolves: rhbz#487610 [0.1.34-8] - Fixes problem that produces this error message: fatal: assertion 'gfs_glock_is_locked_by_me(gl) && gfs_glock_is_held_excl(gl)' failed - Resolves: rhbz#471258 [0.1.34-7] - GFS kernel panic, suid + nfsd with posix ACLs enabled - Resolves: rhbz#513885 [0.1.34-5] - GFS: New mount option: -o errors=withdraw|panic - Resolves: rhbz#517145 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0727 Oracle Linux 5 [1.9.6-2.3] - increase delay in self checks - add delays in aclocal7 self check http://osdir.com/ml/sysutils.automake.bugs/2006-09/msg00012.html - preserve timestamps of configure files [1.9.6-2.2] - add fix for CVE-2009-4029 LOW Copyright 2010 Oracle, Inc. CVE-2009-4029 Oracle Linux 5 firefox: [3.0.19-1.0.1.el5_5] - Update firstrun and homepage URLs in specfile - Added patch oracle-firefox-branding.patch - Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html and removed the corresponding RedHat ones [3.0.19-1] - Update to 3.0.19 xulrunner: [1.9.0.19-1.0.1.el5_5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.0.19-1] - Update to 1.9.0.19 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179 Oracle Linux 5 [1:1.6.0.0-1.11.b16.0.1.el5] - Add oracle-enterprise.patch [1:1.6.0.0-1.11.b16.el5] - Remove javaws alternative due to conflict with java-1.6.0-sun's alternatives [1:1.6.0-1.10.b16] - Update to openjdk build b16 - Update to icedtea6-1.6 - Added tzdata-java requirement - Added autoconf and automake build requirement - Added tzdata-java requirement - Added java-1.6.0-openjdk-gcc-stack-markings.patch - Added java-1.6.0-openjdk-memory-barriers.patch - Added java-1.6.0-openjdk-jar-misc.patch - Added java-1.6.0-openjdk-linux-separate-debuginfo.patch - Added java-1.6.0-openjdk-securitypatches-20100323.patch - Added STRIP_KEEP_SYMTAB=libjvm* to install section, fix bz530402 - Resolves: rhbz#576124 [1:1.6.0-1.8.b09] - Added java-1.6.0-openjdk-debuginfo.patch - Added java-1.6.0-openjdk-elf-debuginfo.patch IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0088 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0840 CVE-2010-0845 CVE-2010-0847 CVE-2010-0848 Oracle Linux 5 [1.6.1-36.el5_5.3] - add upstream patch to fix a few use-after-free bugs, including one in kadmind (CVE-2010-0629, #578185) [1.6.1-36.el5_5.2] - pull changes to libkrb5 to properly handle and chase off-path referrals back from 1.7 (#574387) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0629 Oracle Linux 5 [2.2-35.4] - import Kees Cook's patch to fix accidental leakage of part of ./DB_CONFIG (#580542, CVE-2010-0826) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0826 Oracle Linux 5 [6:3.5.4-21.0.1.el5_5.1] - Update definition of KONQUEROR_VERSION in specfile [6:3.5.4-21.1] - Resolves: #570622, CVE-2010-0436 kdm privilege escalation flaw IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0436 Oracle Linux 5 [1.0.11-1.0.1.el5_5.5] - Add oracle-ocfs2-network.patch [1.0.11-1.5] - rebuild without smp flags (fixes problems with doc generating) [1.0.11-1.4] - add erf overflow patch - Resolves #532479 [1.0.11-1.3] - bring back pie (patch from Jindrich Novy <jnovy@redhat.com>) - no GUI freeze - Resolves: #549583 MODERATE Copyright 2010 Oracle, Inc. CVE-2009-2560 CVE-2009-2562 CVE-2009-2563 CVE-2009-3550 CVE-2009-3829 CVE-2009-4377 CVE-2010-0304 Oracle Linux 5 [1.7.2p1-6] - added second patch for CVE-2010-0426 (#580441) Resolves: #580525 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-1163 Oracle Linux 5 [0.0-6.20091205snap.2] - 576359 Fix format string vulnerability (CVE-2010-0743) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0743 Oracle Linux 5 [1.1.1-48.76.0.1.el5_5.1 ] - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file [1.1.1-48.76.1] - xserver-1.1.1-mod-macro-parens.patch: Fix insufficient parentheses in Render and arc computation code. (#495733) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-1166 Oracle Linux 5 [2.6.18-194.3.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [nfs] -revert return code check to avoid EIO (Chuck Lever, Guru Anbalagane) [Orabug 9448515] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [mm] Set hugepages dirty bit so vm.drop_caches does not corrupt (John Sobecki) [orabug 9461825] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() [2.6.18-194.3.1.el5] - [net] bnx2: fix lost MSI-X problem on 5709 NICs (John Feeney) [587799 511368] [2.6.18-194.2.1.el5] - [cpu] fix boot crash in 32-bit install on AMD cpus (Bhavna Sarathy) [580846 575799] [2.6.18-194.1.1.el5] - [xen] arpl on MMIO area crashes the guest (Paolo Bonzini) [572979 572982] {CVE-2010-0730} - [mm] fix boot on s390x after bootmem overlap patch (Amerigo Wang) [580838 550974] - [net] bnx2: avoid restarting cnic in some contexts (Andy Gospodarek) [581148 554706] - [iscsi] fix slow failover times (Mike Christie) [580840 570681] - [misc] kernel: fix elf load DoS on x86_64 (Danny Feng) [560552 560553] {CVE-2010-0307} - [netlink] connector: delete buggy notification code (Jiri Olsa) [561684 561685] {CVE-2010-0410} - [sound] hda_intel: avoid divide by zero in azx devices (Jaroslav Kysela) [567171 567172] {CVE-2010-1085} - [dvb] fix endless loop when decoding ULE at dvb-core (Mauro Carvalho Chehab) [569241 569242] {CVE-2010-1086} - [scsi] fnic: fix tx queue handling (Mike Christie) [580829 576709] - [fusion] mptsas: fix event_data alignment (Tomas Henzl) [580832 570000] - [edac] fix internal error message in amd64_edac driver (Bhavna Sarathy) [580836 569938] - [x86_64] fix floating point state corruption after signal (Oleg Nesterov) [580841 560891] - [mm] don't let reserved memory overlap bootmem_map (Amerigo Wang) [580838 550974] - [s390] kernel: correct TLB flush of page table entries (Hendrik Brueckner) [580839 545527] - [xen] iommu: clear IO-APIC pins on boot and shutdown (Paolo Bonzini) [580199 548201] - [xen] vtd: fix ioapic pin array (Don Dugger) [581150 563546] IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0307 CVE-2010-0410 CVE-2010-0730 CVE-2010-1085 CVE-2010-1086 Oracle Linux 5 [3.0-33.8.el5.5] - unify patches for CVE-2010-0739 and CVE-2010-1440 [3.0-33.8.el5.4] - fix CVE-2010-1440 (#586819) [3.0-33.8.el5.3] - initialize data in arithmetic coder elsewhere (CVE-2009-0146) [3.0-33.8.el5.2] - initialize dataLen to properly fix CVE-2009-0146 [3.0-33.8.el5.1] - fix CVE-2010-0739 CVE-2010-0829 CVE-2007-5936 CVE-2007-5937 CVE-2009-0146 CVE-2009-0195 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-0791 CVE-2009-3608 CVE-2009-3609 Resolves: #577328 MODERATE Copyright 2010 Oracle, Inc. CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0195 CVE-2009-0791 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-3608 CVE-2009-3609 CVE-2010-0739 CVE-2010-0829 CVE-2010-1440 Oracle Linux 5 [1.6.1-36.el5_5.4] - add candidate patch to correct KDC null pointer dereference which could be triggered by malformed client requests (CVE-2010-1321, #583703) [1.6.1-36.el5_5.3] - add upstream patch to fix a few use-after-free bugs, including one in kadmind (CVE-2010-0629, #578185) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-1321 Oracle Linux 5 [8.1.21-1.el5_5.1] - Update to PostgreSQL 8.1.21 to fix CVE-2010-1169, CVE-2010-1170, CVE-2009-4136, CVE-2010-0733, CVE-2010-0442, and assorted other bugs described at http://www.postgresql.org/docs/8.1/static/release.html Resolves: #586058 MODERATE Copyright 2010 Oracle, Inc. CVE-2009-4136 CVE-2010-0442 CVE-2010-0733 CVE-2010-1169 CVE-2010-1170 CVE-2010-1975 Oracle Linux 5 [8.4.4-1.el5_5.1] - Update to PostgreSQL 8.4.4, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-4.html including fixes for CVE-2010-1169 and CVE-2010-1170 Resolves: #586060 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-1169 CVE-2010-1170 CVE-2010-1975 Oracle Linux 5 [5.0.77-4.3] - Add fixes for CVE-2010-1626, CVE-2010-1848, CVE-2010-1850 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-1626 CVE-2010-1848 CVE-2010-1850 Oracle Linux 5 [4:5.8.8-32.el5.1] - third version of patch fix change of behaviour of rmtree for common user - Resolves: rhbz#597203 [4:5.8.8-32.el5] - rhbz#595416 change documentation of File::Path - Related: rhbz#591167 [4:5.8.8-31.el5] - remove previous fix - Related: rhbz#591167 [4:5.8.8-30.el5] - change config to file on Util.so - Related: rhbz#594406 [4:5.8.8-29.el5] - CVE-2008-5302 - use latest patch without Cwd module - 507378 because of our paths we need to overload old Util.so in case customer installed Scalar::Util from cpan. In this case we marked new Util.so as .rpmnew. - Related: rhbz#591167 - Resolves: rhbz#594406 [4:5.8.8-28.el5] - CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448) reintroduced after upstream rebase to 5.8.8-1 - CVE-2010-1168 perl Safe: Intended restriction bypass via object references - CVE-2010-1447 Safe 2.26 and earlier: Intended restriction bypass via Perl object references in code executed outside safe compartment - Related: rhbz#591167 MODERATE Copyright 2010 Oracle, Inc. CVE-2008-5302 CVE-2008-5303 CVE-2010-1168 CVE-2010-1447 Oracle Linux 5 [1.7.2p1-7] - added patch that fixes insufficient environment sanitization issue (#598154) Resolves: #598381 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-1646 Oracle Linux 5 samba: [3.0.33-3.29.el5] - Security Release, fixes CVE-2010-2063 - resolves: #602320 samba3x: [3.3.8-0.52] - Security Release, fixes CVE-2010-2063 - resolves: #602322 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-2063 Oracle Linux 5 [1:1.3.7-18:.4] - Don't set domain= for cookies. [1:1.3.7-18:.3] - Save classes.conf when a class member printer is deleted (bug #594621, STR #3505). [1:1.3.7-18:.2] - Applied patch for CVE-2010-1748 (web interface memory disclosure, STR #3577, bug #591983). - Applied patch for CVE-2010-0542 (texttops unchecked memory allocation failure leading to NULL pointer dereference, STR #3516, bug #587746). - Applied patch for CVE-2010-0540 (CUPS administrator web interface CSRF, STR #3498, bug #588805). [1:1.3.7-18:.1] - Update classes when a printer is removed (bug #581902). IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 Oracle Linux 5 devhelp: [0.12-21] - Rebuild against xulrunner esc: [1.1.0-12] - Rebuild for xulrunner update firefox: [3.6.4-8.0.1.el5] - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones [3.6.4-8] - Fixing NVR [3.6.4-7] - Update to 3.6.4 build7 - Disable checking for updates since they can't be applied [3.6.4-6] - Update to 3.6.4 build6 [3.6.4-5] - Update to 3.6.4 build5 [3.6.4-4] - Update to 3.6.4 build4 [3.6.4-3] - Update to 3.6.4 build 3 [3.6.4-2] - Update to 3.6.4 build 2 [3.6.4-1] - Update to 3.6.4 [3.6.3-3] - Fixed language packs (#581392) [3.6.3-2] - Fixed multilib conflict [3.6.3-1] - Rebase to 3.6.3 gnome-python2-extras: [2.14.2-7] - rebuild agains xulrunner totem: [2.16.7-7] - rebuild against new xulrunner xulrunner: [1.9.2.4-9.0.1] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.4-9] - Update to 1.9.2.4 build 7 [1.9.2.4-8] - Update to 1.9.2.4 build 6 [1.9.2.4-7] - Update to 1.9.2.4 build 5 [1.9.2.4-6] - Update to 1.9.2.4 build 4 - Fixed mozbz#546270 patch [1.9.2.4-5] - Update to 1.9.2.4 build 3 [1.9.2.4-4] - Update to 1.9.2.4 build 2 - Enabled oopp [1.9.2.4-3] - Disabled libnotify [1.9.2.4-2] - Disabled oopp, causes TEXTREL [1.9.2.4-1] - Update to 1.9.2.4 [1.9.2.3-3] - fixed js-config.h multilib conflict - fixed file list [1.9.2.3-2] - Added fix for rhbz#555760 - Firefox Javascript anomily, landscape print orientation reverts to portrait (mozbz#546270) [1.9.2.3-1] - Update to 1.9.2.3 [1.9.2.2-1] - Rebase to 1.9.2.2 yelp: [2.16.0-26] - rebuild against xulrunner [2.16.0-25] - rebuild against xulrunner - added xulrunner fix - added -fno-strict-aliasing to build flags CRITICAL Copyright 2010 Oracle, Inc. CVE-2008-5913 CVE-2009-5017 CVE-2010-0182 CVE-2010-1121 CVE-2010-1125 CVE-2010-1196 CVE-2010-1197 CVE-2010-1198 CVE-2010-1199 CVE-2010-1200 CVE-2010-1202 CVE-2010-1203 Oracle Linux 5 [2.6.18-194.8.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enahance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] [2.6.18-194.8.1.el5] - [net] cnic: fix bnx2x panic w/multiple interfaces enabled (Stanislaw Gruszka) [607087 602402] [2.6.18-194.7.1.el5] - [virt] don't compute pvclock adjustments if we trust tsc (Glauber Costa) [601080 570824] - [virt] add a global synchronization point for pvclock (Glauber Costa) [601080 570824] - [virt] enable pvclock flags in vcpu_time_info structure (Glauber Costa) [601080 570824] - [misc] add atomic64_cmpxcgh to x86_64 include files (Glauber Costa) [601080 570824] - [x86] grab atomic64 types from upstream (Glauber Costa) [601080 570824] [2.6.18-194.6.1.el5] - [fs] gfs2: fix permissions checking for setflags ioctl (Steven Whitehouse) [595580 595399] {CVE-2010-1641} - [mm] clear page errors when issuing a fresh read of page (Rik van Riel) [599739 590763] - [misc] keys: do not find already freed keyrings (Vitaly Mayatskikh) [585099 585100] {CVE-2010-1437} - [net] sctp: file must be valid before setting timeout (Jiri Pirko) [598355 578261] - [net] tg3: fix panic in tg3_interrupt (John Feeney) [600498 569106] - [net] e1000/e1000e: implement simple interrupt moderation (Andy Gospodarek) [599332 586416] - [net] cnic: Fix crash during bnx2x MTU change (Stanislaw Gruszka) [596385 582367] - [net] bxn2x: add dynamic lro disable support (Stanislaw Gruszka) [596385 582367] - [net] implement dev_disable_lro api for RHEL5 (Stanislaw Gruszka) [596385 582367] - [x86_64] fix time drift due to faulty lost tick tracking (Ulrich Obergfell) [601090 579711] - [net] neigh: fix state transitions via Netlink request (Jiri Pirko) [600215 485903] - [mm] fix hugepage corruption using vm.drop_caches (Larry Woodman) [599737 579469] - [nfs] don't unhash dentry in nfs_lookup_revalidate (Jeff Layton) [596384 582321] - [fs] remove unneccessary f_ep_lock from fasync_helper (Lachlan McIlroy) [599730 567479] - [xen] set hypervisor present CPUID bit (Paolo Bonzini) [599734 573771] [2.6.18-194.5.1.el5] - [net] bonding: fix broken multicast with round-robin mode (Andy Gospodarek) [594057 570645] - [net] tg3: fix INTx fallback when MSI fails (Steve Best) [592844 587666] - [net] sched: fix SFQ qdisc crash w/limit of 2 packets (Jiri Pirko) [594054 579774] - [nfs] revert retcode check in nfs_revalidate_mapping() (Jeff Layton) [594061 557423] - [misc] futex: handle futex value corruption gracefully (Jerome Marchand) [563093 480396] {CVE-2010-0622} - [misc] futex: handle user space corruption gracefully (Jerome Marchand) [563093 480396] {CVE-2010-0622} - [misc] futex: fix fault handling in futex_lock_pi (Jerome Marchand) [563093 480396] {CVE-2010-0622} - [net] e1000: fix WoL init when WoL disabled in EEPROM (Dean Nelson) [591493 568561] - [virtio] fix GFP flags passed by virtio balloon driver (Amit Shah) [591611 584683] - [net] sctp: fix skb_over_panic w/too many unknown params (Neil Horman) [584657 584658] {CVE-2010-1173} - [acpi] fix WARN on unregister in power meter driver (Matthew Garrett) [592846 576246] - [mm] keep get_unmapped_area_prot functional (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] switch do_brk to get_unmapped_area (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] take arch_mmap_check into get_unmapped_area (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] get rid of open-coding in ia64_brk (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] unify sys_mmap* functions (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] kill ancient cruft in s390 compat mmap (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] fix pgoff in have to relocate case of mremap (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] fix the arch checks in MREMAP_FIXED case (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] fix checks for expand-in-place mremap (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] add new vma_expandable helper function (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] move MREMAP_FIXED into its own header (Danny Feng) [556709 556710] {CVE-2010-0291} - [mm] move locating vma code and checks on it (Danny Feng) [556709 556710] {CVE-2010-0291} [2.6.18-194.4.1.el5] - [acpi] warn on hot-add of memory exceeding 4G boundary (Prarit Bhargava) [587957 571544] - [net] tipc: fix various oopses in uninitialized code (Neil Horman) [578058 558693] {CVE-2010-1187} - [block] cfq-iosched: fix IOPRIO_CLASS_IDLE accounting (Jeff Moyer) [588219 574285] - [block] cfq-iosched: async queue allocation per priority (Jeff Moyer) [588219 574285] - [block] cfq-iosched: fix async queue behaviour (Jeff Moyer) [588219 574285] - [block] cfq-iosched: propagate down request sync flag (Jeff Moyer) [588219 574285] - [block] introduce the rq_is_sync macro (Jeff Moyer) [588219 574285] - [fs] vfs: fix LOOKUP_FOLLOW on automount symlinks (Jeff Layton) [567815 567816] {CVE-2010-1088} - [nfs] fix an oops when truncating a file (Jeff Layton) [567194 567195] {CVE-2010-1087} - [fs] fix kernel oops while copying from ext3 to gfs2 (Abhijith Das) [586008 555754] {CVE-2010-1436} IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0291 CVE-2010-0622 CVE-2010-1087 CVE-2010-1088 CVE-2010-1173 CVE-2010-1187 CVE-2010-1436 CVE-2010-1437 CVE-2010-1641 Oracle Linux 5 [1.39.1-1.el5.1] - cleaning spec and nvr - Related: rhbz#595733 [1.40-1.el5.1] - update to real version 1.39_01, but for rpm updates, it will be 1.40 - Resolves: rhbz#595733 [1.40-1] - update to 1.40 - Resolves: rhbz#595733 MODERATE Copyright 2010 Oracle, Inc. CVE-2007-4829 Oracle Linux 5 [0.0-6.20091205snap.3] - Fix buffer overflow in isns scn handling (CVE-2010-2221) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2221 Oracle Linux 5 [3.8.2-7.el5.5] - Add fixes for multiple SIGSEGV problems, including CVE-2010-1411 Resolves: #602552 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-1411 CVE-2010-2481 CVE-2010-2483 CVE-2010-2595 CVE-2010-2597 CVE-2010-4665 Oracle Linux 5 [0.6.16-9.el5] - Related: #609318 - Fixes CVE-2010-2244 [0.6.16-8.el5] - Related: #609318 - Fixes CVE-2010-2244 MODERATE Copyright 2010 Oracle, Inc. CVE-2009-0758 CVE-2010-2244 Oracle Linux 5 [1.4.4-4] - Fix second typo in overflow patch from upstream [1.4.4-3] - Fix typo in patch [1.4.4-2] - Fix buffer overflow issues MODERATE Copyright 2010 Oracle, Inc. CVE-2009-4901 CVE-2010-0407 Oracle Linux 5 [2:1.2.10-7.1.el5_5.3] - Back-port fixes for CVE-2009-2042, CVE-2010-0205, CVE-2010-1205, CVE-2010-2249 Resolves: #609921 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-2042 CVE-2010-0205 CVE-2010-1205 CVE-2010-2249 Oracle Linux 5 [2.3.43-12.1] - fixed segfault issues in modrdn (#606375) - added patch handling null char in TLS to compat package (#606375, patch backported by Jan Vcelak <jvcelak@redhat.com>) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-0211 CVE-2010-0212 Oracle Linux 5 firefox: [3.6.7-2.0.1.el5] - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones [3.6.7-2] - Update to 3.6.7 beta2 [3.6.7-1] - Update to 3.6.7 [3.6.4-9] - Fixed rhbz#531159 - default browser check xulrunner: [1.9.2.7-2.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.7-2] - Update to build 2 [1.9.2.7-1] - Update to 1.9.2.7 [1.9.2.4-10] - Fix a file dependency issue CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-0654 CVE-2010-1205 CVE-2010-1206 CVE-2010-1207 CVE-2010-1208 CVE-2010-1209 CVE-2010-1210 CVE-2010-1211 CVE-2010-1212 CVE-2010-1213 CVE-2010-1214 CVE-2010-1215 CVE-2010-2751 CVE-2010-2752 CVE-2010-2753 CVE-2010-2754 Oracle Linux 5 firefox: [3.6.7-3.0.1.el5] - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones [3.6.7-3] - Rebuild xulrunner: [1.9.2.7-3.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.7-3] - Include fix for 575836 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-2755 Oracle Linux 5 [0.5.1-17] - Resolves:rh#604861:Clear execstack requirement also for ia64 architecture [0.5.1-16] - Resolves:rh#604861:CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly MODERATE Copyright 2010 Oracle, Inc. CVE-2010-2074 Oracle Linux 5 [2.02.56-el5_5.4] - CVE-2010-2526: Fix insecurity when communicating between lvm2 and clvmd. Resolves: #616044 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-2526 Oracle Linux 5 [2.2.1-25] - Add freetype-2.2.1-axis-name-overflow.patch (Avoid overflow when dealing with names of axes) - Resolves: #614012 [2.2.1-24] - Modify freetype-2.2.1-CVE-2010-2519.patch (additional fix) (If the type of the POST fragment is 0, the segment is completely ignored) - Resolves: #614012 [2.2.1-23] - Add freetype-2.2.1-CVE-2010-2527.patch (Use precision for '%s' where appropriate to avoid buffer overflows) - Resolves: #614012 [2.2.1-22] - Add freetype-2.2.1-CVE-2010-2498.patch (Assure that 'end_point' is not larger than 'glyph->num_points') - Add freetype-2.2.1-CVE-2010-2499.patch (Check the buffer size during gathering PFB fragments) - Add freetype-2.2.1-CVE-2010-2500.patch (Use smaller threshold values for 'width' and 'height') - Add freetype-2.2.1-CVE-2010-2519.patch (Check 'rlen' the length of fragment declared in the POST fragment header) - Resolves: #614012 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2527 CVE-2010-2541 Oracle Linux 5 [0:5.5.23-0jpp.9] - Resolves: rhbz#619424 fixed servlet-api typo. serve4-api to servlet-api - RHSA-2010:9748 [0:5.5.23-0jpp.8] - Patches backported from RHEL-5 tomcat5-5.5.23-0jpp.10.el5 - Updated init script for LSB compliance, catalina.log permissions - Resolves: CVE-2009-2693, CVE-2009-2902, CVE-2010-2227 - CVE_2010-0781 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-2693 CVE-2009-2696 CVE-2009-2902 CVE-2010-2227 Oracle Linux 5 [3.7.11-4.el5_5.3] - Related: CVE-2010-2251 - document change of xfer:clobber default value in manpage, respect xfer:clobber on with xfer:auto-rename on (old behaviour) [3.7.11-4.el5_5.2] - Related: CVE-2010-2251 - describe new option xfer:auto-rename which could restore old behaviour in manpage [3.7.11-4.el5_5.1] - Resolves: CVE-2010-2251 - multiple HTTP client download filename vulnerability (#617870) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-2251 Oracle Linux 5 [2.0.10-3.1] - fix use after free when importing certain X509 certificates CVE-2010-2547 (#618156) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-2547 Oracle Linux 5 [2.1.1-26] - Add freetype-2.2.1-CVE-2010-1797.patch - Resolves: #CVE-2010-1797 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-1797 Oracle Linux 5 [2.6.18-194.11.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] [2.6.18-194.11.1.el5] - [scsi] qla2xxx: update firmware to version 5.03.02 (Chad Dupuis) [613688 598946] [2.6.18-194.10.1.el5] - [fs] xfs: don't let swapext operate on write-only files (Jiri Pirko) [605160 605161] {CVE-2010-2226} - [fs] nfs: fix bug in nfsd4 read_buf (Jiri Olsa) [612034 612035] {CVE-2010-2521} - [fs] cifs: reject DNS upcall add_key req from userspace (Jeff Layton) [612170 612171] {CVE-2010-2524} - [security] keys: new key flag for add_key from userspace (Jeff Layton) [612170 612171] {CVE-2010-2524} - [message] mptsas: fix disk add failing due to timeout (Rob Evers) [612539 542892] - [block] cfq-iosched: fix bad locking in changed_ioprio (Jeff Moyer) [607483 582435] - [block] cfq-iosched: kill cfq_exit_lock (Jeff Moyer) [607483 582435] - [fs] cifs: fix kernel BUG with remote OS/2 server (Jeff Layton) [608587 608588] {CVE-2010-2248} - [net] bluetooth: fix possible bad memory access via sysfs (Mauro Carvalho Chehab) [576020 576021] {CVE-2010-1084} - [net] tcp: fix rcv mss estimate for lro (Stanislaw Gruszka) [613900 593801] - [net] cnic: fix panic when nl msg rcvd when device down (Stanislaw Gruszka) [615260 595862] [2.6.18-194.9.1.el5] - [xen] ia64: unset be from the task psr (Andrew Jones) [587475 587477] {CVE-2010-2070} - [fs] ext4: MOVE_EXT can't overwrite append-only files (Eric Sandeen) [601007 601008] {CVE-2010-2066} - [pci] acpiphp: fix missing acpiphp_glue_exit (Prarit Bhargava) [607486 515556] IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-1084 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 Oracle Linux 5 [0.6.3-33.0.1.el5_5.3] - Replaced docs/et.png in tarball [0.6.3-33.el5_5.3] - Explicitly set qcow2 backing store format (CVE-2010-2239) - Remap privileged source ports from guests behind NAT (CVE-2010-2242) - Eliminate memory leak in xenUnifiedDomainInfoListFree (rhbz 619711) [0.6.3-33.el5_5.2] - Fix discrepancy between xm list and virsh list (rhbz 618200) - Set a stable & high MAC addr for guest TAP devices on host (rhbz 617243) LOW Copyright 2010 Oracle, Inc. CVE-2010-2239 CVE-2010-2242 Oracle Linux 5 NetworkManager: [1:0.7.0-10.el5_5.1] - Rebuild to fix D-Bus property access (for dbus-glib CVE-2010-1172) dbus-glib: [0.73-10] - Add patch to fix CVE-2010-1172 Drop broken-xml.patch which this one now incorporates Resolves: #588397 (and #585395) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-1172 Oracle Linux 5 [1.0.15-1.0.1.el5_5.1] - Add oracle-ocfs2-network.patch [1.0.15-1] - upgrade to 1.0.15 - http://www.wireshark.org/docs/relnotes/wireshark-1.0.15.html - fixes CVE-2010-2287 CVE-2010-2284 - Related: #612239 [1.0.14-1.2] - fix corner case in CVE-2010-2284 - Related: #612239 [1.0.14-1] - upgrade to 1.0.14 - http://www.wireshark.org/docs/relnotes/wireshark-1.0.14.html - fixes CVE-2010-1455 CVE-2010-2283 CVE-2010-2284 CVE-2010-2286 CVE-2010-2287 - Resolves: #612239 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-1455 CVE-2010-2283 CVE-2010-2284 CVE-2010-2286 CVE-2010-2287 CVE-2010-2995 Oracle Linux 5 [kvm-83-164.0.1.el5_5.21] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-164.el5_5.21] - kvm-Fix-segfault-in-mmio-subpage-handling-code.patch [bz#619412] - Resolves: bz#619412 (CVE-2010-2784 qemu: insufficient constraints checking in exec.c:subpage_register() [rhel-5.5.z]) [kvm-83-164.el5_5.20] - kvm-virtio-net-correct-packet-length-checks.patch [bz#610343] - Resolves: bz#610343 (Virtio: Transfer file caused guest in same vlan abnormally quit) [kvm-83-164.el5_5.19] - kvm-qcow2-Fix-qemu-img-check-segfault-on-corrupted-image.patch [bz#610342] - kvm-qcow2-Don-t-try-to-check-tables-that-couldn-t-be-loa.patch [bz#610342] - kvm-qemu-img-check-Distinguish-different-kinds-of-errors.patch [bz#618206] - kvm-qcow2-Change-check-to-distinguish-error-cases.patch [bz#618206] - Resolves: bz#610342 ([kvm] segmentation fault when running qemu-img check on faulty image) - Resolves: bz#618206 ([kvm] qemu image check returns cluster errors when using virtIO block (thinly provisioned) during e_no_space events (along with EIO errors)) [kvm-83-164.el5_5.18] - kvm-New-slots-need-dirty-tracking-enabled-when-migrating.patch [bz#618205] - Resolves: bz#618205 (SPICE - race in KVM/Spice would cause migration to fail (slots are not registered properly?)) [kvm-83-164.el5_5.17] - kvm-kernel-KVM-MMU-fix-conflict-access-permissions-in-direct-sp.patch [bz#616796] - Resolves: bz#616796 (KVM uses wrong permissions for large guest pages) [kvm-83-164.el5_5.16] - kvm-kernel-fix-null-pointer-dereference.patch [bz#570531] - Resolves: bz#570531 - CVE: CVE-2010-0435 - kvm-qemu-fix-unsafe-ring-handling.patch [bz#568816] - Resolves: bz#568816 - CVE: CVE-2010-0431 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0431 CVE-2010-0435 CVE-2010-2784 Oracle Linux 5 [0.3.0-54.el5_5.2] - Fix unsafe accesses + spice: drop libpng from windows components (537849) + libspice: fix unsafe guest data accessing Resolves: #568719 + fix unsafe free() call. Resolves: #568723 + spice server: fix unsafe cursor items handling. Resolves: #568719 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0428 CVE-2010-0429 Oracle Linux 5 [6.2.8.0-4.el5_5.2] - Fix SGI image decoding (625058) [6.2.8.0-4.el5_5.1] - Add fix for CVE-2009-1882 (504304) MODERATE Copyright 2010 Oracle, Inc. CVE-2009-1882 Oracle Linux 5 [2.2.3-43.0.1.el5_5.3 ] - replace index.html with Oracle's index page oracle_index.html - update vstring and distro in specfile [2.2.3-43.3] - mod_ssl: improved fix for SSLRequire's OID() function (#625452) [2.2.3-43.2] - add security fixes for CVE-2010-1452, CVE-2010-2791 (#623210) - mod_deflate: rebase to 2.2.15 (#625435) - stop multiple invocations of filter init functions (#625451) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-1452 CVE-2010-2791 Oracle Linux 5 [2.6.18-194.11.3.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.3.el5] - [mm] accept an abutting stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240} [2.6.18-194.11.2.el5] - [mm] pass correct mm when growing stack (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix up some user-visible effects of stack guard page (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix page table unmap for stack guard page properly (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix missing unmap for stack guard page failure case (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] keep a guard page below a grow-down stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240} IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2240 Oracle Linux 5 [1.7.2p1-8] - added patch for CVE-2010-2956 (#628628) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2956 Oracle Linux 5 [4.4.2.3-20.el5_5.1] - make the sbits removal behavior consistent with all the RHELs - add proper suffix for Z branch [4.4.2.3-19] - fix CVE-2010-2059, fails to drop SUID/SGID bits on package upgrade (#626707) - fix SELinux memory leak (#627630), patch from Florian Festi MODERATE Copyright 2010 Oracle, Inc. CVE-2010-2059 Oracle Linux 5 firefox: [3.6.9-2.0.1.el5] - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones [3.6.9-2] - Fixed xulrunner version [3.6.9-1] - Update to 3.6.9 nspr: [4.8.6-1] - update to 4.8.6 nss: [3.12.7-2.0.1.el5_5] - Update clean.gif in the nss-3.12.7-stripped.tar.bz2 tarball [3.12.7-2] - fix dependencies, undo previous change [3.12.7-1] - Update to 3.12.7 xulrunner: [1.9.2.9-1.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.9-1] - Update to 1.9.2.9 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-2760 CVE-2010-2762 CVE-2010-2764 CVE-2010-2765 CVE-2010-2766 CVE-2010-2767 CVE-2010-2768 CVE-2010-2769 CVE-2010-3166 CVE-2010-3167 CVE-2010-3168 CVE-2010-3169 Oracle Linux 5 [3.0.33-3.29.el5.1] - Security Release, fixes CVE-2010-3069 - resolves: #632229 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-3069 Oracle Linux 5 [3.3.8-0.52.2] - Security Release, fixes CVE-2010-3069 - resolves: #632231 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-3069 Oracle Linux 5 [1.0.3-6] - Related: #632173 use the upstream patch [1.0.3-5] - Resolves: #632173 integer overflow flaw in BZ2_decompress - CVE-2010-0405 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-0405 Oracle Linux 5 [2.6.18-194.11.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] [2.6.18-194.11.4.el5] - [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081} IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-3081 Oracle Linux 5 [3.1.6-39.el5_5.1] - fix CVE-2007-6720, CVE-2009-3995,3996 (#617486) MODERATE Copyright 2010 Oracle, Inc. CVE-2007-6720 CVE-2009-3995 CVE-2009-3996 Oracle Linux 5 [2.6.18-194.17.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-194.17.1.el5] - Syncing following patch from branched build: - [misc] make compat_alloc_user_space() incorporate the access_ok() (Don Howard) [634463 634464] {CVE-2010-3081} [2.6.18-194.16.1.el5] - [fs] xfs: fix missing untrusted inode lookup tag (Dave Chinner) [624366 607032] {CVE-2010-2943} [2.6.18-194.15.1.el5] - [net] cxgb3: don't flush workqueue if called from wq (Doug Ledford) [630978 630124] - [net] cxgb3: get fatal parity error status on interrupt (Doug Ledford) [630978 630124] - [net] cxgb3: clear fatal parity error register on init (Doug Ledford) [630978 630124] - [net] cxgb3: add define for fatal parity error bit (Doug Ledford) [630978 630124] [2.6.18-194.14.1.el5] - [s390] dasd: force online does not work (Hendrik Brueckner) [627194 619466] - [s390] dasd: allocate fallback cqr for reserve/release (Hendrik Brueckner) [627195 619465] - [fs] xfs: fix untrusted inode number lookup (Dave Chinner) [629219 624862] - [net] sched: fix some kernel memory leaks (Jiri Pirko) [624904 624638] {CVE-2010-2942} - [usb] fix usbfs information leak (Eugene Teo) [566628 566629] {CVE-2010-1083} - [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) [624366 607032] {CVE-2010-2943} - [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) [624366 607032] {CVE-2010-2943} - [fs] xfs: always use iget in bulkstat (Dave Chinner) [624366 607032] {CVE-2010-2943} [2.6.18-194.13.1.el5] - [xen] fix guest crash on non-EPT machine may crash host (Paolo Bonzini) [621429 621430] {CVE-2010-2938} - [fs] ext4: consolidate in_range definitions (Eric Sandeen) [624331 624332] {CVE-2010-3015} - [mm] add option to skip ZERO_PAGE mmap of /dev/zero (Larry Woodman) [623141 619541] - [net] bonding: check if clients MAC addr has changed (Flavio Leitner) [623143 610234] - [net] sctp: fix length checks (Neil Horman) [624369 605305] - [xen] bring back VMXE/SVME flags (Andrew Jones) [624365 570091] - Syncing following patches from branched builds: - [mm] accept an abutting stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] pass correct mm when growing stack (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix up some user-visible effects of stack guard page (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix page table unmap for stack guard page properly (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] fix missing unmap for stack guard page failure case (Jiri Pirko) [607857 607858] {CVE-2010-2240} - [mm] keep a guard page below a grow-down stack segment (Jiri Pirko) [607857 607858] {CVE-2010-2240} IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-1083 CVE-2010-2492 CVE-2010-2798 CVE-2010-2938 CVE-2010-2942 CVE-2010-2943 CVE-2010-3015 Oracle Linux 5 [2.2.1-28] - Modify freetype-2.2.1-CVE-2010-3054.patch - Resolves: #638142 [2.2.1-27] - Add freetype-2.2.1-CVE-2010-2806.patch (Protect against negative string_size. Fix comparison.) - Add freetype-2.2.1-CVE-2010-3311.patch (Don't seek behind end of stream.) - Add freetype-2.2.1-CVE-2010-3054.patch (Protect against nested 'seac' calls.) - Add freetype-2.2.1-CVE-2010-2808.patch (Check the total length of collected POST segments.) - Resolves: #638142 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2806 CVE-2010-2808 CVE-2010-3054 CVE-2010-3311 Oracle Linux 5 postgresql: [8.1.22-1.el5_5.1] - Update to PostgreSQL 8.1.22, for various fixes described at http://www.postgresql.org/docs/8.1/static/release.html including the fix for CVE-2010-3433 Resolves: #639931 postgresql84: [8.4.5-1.el5_5.1] - Update to PostgreSQL 8.4.5, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-5.html including the fix for CVE-2010-3433 Resolves: #639933 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-3433 Oracle Linux 5 [0.5.4-4.4.el5_5.14] - Add poppler-0.5.4-CVE-2010-3702.patch (Properly initialize parser) - Add poppler-0.5.4-CVE-2010-3704.patch (Fix crash in broken pdf (code < 0)) - Resolves: #639839 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-3702 CVE-2010-3704 Oracle Linux 5 [1.6.0.0-1.16.b17.0.1.el5] - Add oracle-enterprise.patch [1.6.0.0-1.16.b17.el5] - Updated 1.7.5 tarball (contains additional security fixes) - Resolves: bz639951 [1.6.0.0-1.15.b17.el5] - Rebuild - Resolves: bz639951 [1.6.0.0-1.14.b17.el5] - Synched with el6 branch - Updated to IcedTea 1.7.5 - Resolves: bz639951 - Also resolves 619800 and 621303 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2009-3555 CVE-2010-3541 CVE-2010-3548 CVE-2010-3549 CVE-2010-3551 CVE-2010-3553 CVE-2010-3554 CVE-2010-3557 CVE-2010-3561 CVE-2010-3562 CVE-2010-3564 CVE-2010-3565 CVE-2010-3567 CVE-2010-3568 CVE-2010-3569 CVE-2010-3573 CVE-2010-3574 Oracle Linux 5 firefox: [3.6.11-2.0.1.el5] - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones [3.6.11-2] - Update to 3.6.11 Build 2 [3.6.11-1] - Update to 3.6.11 nss: [3.12.8-1.0.1.el5] - Update clean.gif in the nss-3.12.8-stripped.tar.bz2 tarball [3.12.8-1] - Update to 3.12.8 xulrunner: [1.9.2.11-2.0.1.el5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.11-2] - Update to 1.9.2.11 Build 2 [1.9.2.11-1] - Update to 1.9.2.11 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-3170 CVE-2010-3173 CVE-2010-3175 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3182 CVE-2010-3183 Oracle Linux 5 [0.98.6-5.el5_5.2] - Resolves: #638627 - CVE-2007-4826 CVE-2010-2948 quagga: various flaws MODERATE Copyright 2010 Oracle, Inc. CVE-2007-4826 CVE-2010-2948 Oracle Linux 5 [2.5-49.el5_5.6] - Never expand in privileged programs (#643818, CVE-2010-3847) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-3847 Oracle Linux 5 [2.6.18-194.17.4.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-194.17.4.el5] - [net] rds: fix local privilege escalation (Eugene Teo) [642897 642898] {CVE-2010-3904} IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-3904 Oracle Linux 5 [2.5-49.el5_5.7] - Require suid bit on audit objects in privileged programs (#645677, CVE-2010-3856) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-3856 Oracle Linux 5 [1.9.2.11-4.0.1.el5_5] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. [1.9.2.11-4.el5_5] - Add upstream patch for CVE-2010-3765 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-3765 Oracle Linux 5 [1.3.7-18:.8] - Applied patch to fix cupsd memory corruption vulnerability (CVE-2010-2941, STR #3648, bug #624438). - Fix latent privilege escalation vulnerability (CVE-2010-2431, STR #3510, bug #605397). IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2431 CVE-2010-2941 Oracle Linux 5 [0.99.6.2-6.2] - fix insecure dropping of priviledges in pam_xauth and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335) - fix insecure executing of scripts with user supplied environment variables in pam_namespace - CVE-2010-3853 (#643043) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-3316 CVE-2010-3435 CVE-2010-3853 CVE-2010-4707 Oracle Linux 5 [5.0.77-4.4] - Add fixes for CVE-2010-3677, CVE-2010-3680, CVE-2010-3681, CVE-2010-3682, CVE-2010-3833, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838, CVE-2010-3839, CVE-2010-3840 Resolves: #645642 - Backpatch strmov fix so that code can be tested on more recent platforms MODERATE Copyright 2010 Oracle, Inc. CVE-2010-3677 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3833 CVE-2010-3835 CVE-2010-3836 CVE-2010-3837 CVE-2010-3838 CVE-2010-3839 CVE-2010-3840 Oracle Linux 5 [2.6.18-194.26.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-194.26.1.el5] - [net] mlx4: bump max log_mtts_per_seg memory reservation (Jay Fenlason) [643806 636198] [2.6.18-194.25.1.el5] - [fs] nfs: fix regression in NFS Direct I/O path (Steve Dickson) [647601 647297] [2.6.18-194.24.1.el5] - Changelog fix [2.6.18-194.23.1.el5] - [net] bonding: correctly process non-linear skbs (Andy Gospodarek) [644822 619070] - Syncing following patch from branched build: - [net] rds: fix local privilege escalation (Eugene Teo) [642897 642898] {CVE-2010-3904} [2.6.18-194.22.1.el5] - [fs] xfs: fix speculative allocation beyond eof (Dave Chinner) [643571 638753] [2.6.18-194.21.1.el5] - [scsi] qla2xxx: Correct use-after-free issue in terminate_rport_io callback (Chad Dupuis) [643135 567428] - [misc] futex: replace LOCK_PREFIX in futex.h (Peter Zijlstra) [633175 633176] {CVE-2010-3086} - [v4l] remove compat code for VIDIOCSMICROCODE (Mauro Carvalho Chehab) [642470 642471] {CVE-2010-2963} - [xen] hvm: correct accuracy of pmtimer (Andrew Jones) [641915 633028] - [net] bonding: fix IGMP report on slave during failover (Flavio Leitner) [640973 637764] - [fs] nfsv4: fix bug when server returns NFS4ERR_RESOURCE (Steve Dickson) [628889 620502] - [fs] nfsv4: ensure lockowners are labelled correctly (Steve Dickson) [628889 620502] - [fs] nfsv4: add support for RELEASE_LOCKOWNER operation (Steve Dickson) [628889 620502] - [fs] nfsv4: clean up for lockowner XDR encoding (Steve Dickson) [628889 620502] - [fs] nfsv4: ensure we track lock state in r/w requests (Steve Dickson) [628889 620502] - [time] implement fine grained accounting for PM timer (Ulrich Obergfell) [637069 586285] - [time] initialize tick_nsec based on kernel parameters (Ulrich Obergfell) [637069 586285] - [time] introduce 'pmtimer_fine_grained' kernel parameter (Ulrich Obergfell) [637069 586285] - [fs] nfs: wait for close before silly-renaming (Jeff Layton) [642628 565974] [2.6.18-194.20.1.el5] - [scsi] megaraid_sas: fix physical disk handling (Tomas Henzl) [619365 564249] - [scsi] lpfc: fix ioctl crash in lpfc_nlp_put (Rob Evers) [637727 625841] - [net] sched: fix info leak in traffic policing (Neil Horman) [636391 636392] {CVE-2010-3477} - [md] dm: fix deadlock with fsync vs. resize in lvm (Mikulas Patocka) [632255 624068] - [misc] fix race in pid generation causing immediate reuse (Dave Anderson) [638866 634850] - [scsi] fix disk spinup for shorter path restore times (Rob Evers) [634977 608109] - [fs] aio: check for multiplication overflow in io_submit (Jeff Moyer) [629448 629449] {CVE-2010-3067} - [fs] xfs: prevent reading uninitialized stack memory (Dave Chinner) [630806 630807] {CVE-2010-3078} - [fs] aio: fix cleanup in io_submit_one (Jeff Moyer) [631720 631721] {CVE-2010-3066} - [net] ipv4: fix buffer overflow in icmpmsg_put (Frantisek Hrbata) [634976 601391] - [xen] hvm: fix UP suspend/resume/migration w/PV drivers (Miroslav Rezanina) [630989 629773] - [fs] dlm: fix try 1cb failure, part 2 (Abhijith Das) [639073 504188] - [fs] dlm: no node callback when try 1cb lock req fails (David Teigland) [639073 504188] [2.6.18-194.19.1.el5] - [virt] xen: fix xennet driver to not corrupt data (Neil Horman) [637220 630129] - [pnp] ignore both UNSET and DISABLED ioresources (Prarit Bhargava) [629861 560540] - [pnp] reserve system board iomem and ioport resources (Prarit Bhargava) [629861 560540] - [net] bonding: fix ALB mode to balance traffic on VLANs (Andy Gospodarek) [630540 578531] - [net] qla3xxx: fix oops on too-long netdev priv structure (Neil Horman) [637206 620508] - [acpi] thinkpad-acpi: lock down video output state access (Don Howard) [629241 607037] [2.6.18-194.18.1.el5] - [s390] dasd: fix race between tasklet and dasd_sleep_on (Hendrik Brueckner) [638579 593756] MODERATE Copyright 2010 Oracle, Inc. CVE-2010-3066 CVE-2010-3067 CVE-2010-3078 CVE-2010-3086 CVE-2010-3477 CVE-2010-3448 Oracle Linux 6 [1.0.5-7] - Resolves: #632268 integer overflow flaw in BZ2_decompress - CVE-2010-0405 (upstream patch) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-0405 Oracle Linux 6 [0.12.4-3.el6.1] - Add poppler-0.12.4-CVE-2010-3702.patch (Properly initialize parser) - Add poppler-0.12.4-CVE-2010-3703.patch (Properly initialize stack) - Add poppler-0.12.4-CVE-2010-3704.patch (Fix crash in broken pdf (code < 0)) - Resolves: #639859 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-3702 CVE-2010-3703 CVE-2010-3704 Oracle Linux 6 [3.5.4-68.1] - Security Release, fixes CVE-2010-3069 - resolves: #632264 CRITICAL Copyright 2011 Oracle, Inc. CVE-2010-3069 Oracle Linux 6 nss: [3.12.8-1.0.1.el6] - Update expired PayPalEE.cert to fix build failure - Use blank image instead of clean.gif in nss-3.12.8-stripped.tar.bz2 [3.12.8-1] - Update to 3.12.8 nss-softokn: [3.12.8-1] - Update to 3.12.8 nss-util: [3.12.7-1] - Update to 3.12.7 LOW Copyright 2011 Oracle, Inc. CVE-2010-3170 Oracle Linux 6 [1:1.4.2-35:.1] - Applied patch to fix cupsd memory corruption vulnerability (CVE-2010-2941, STR #3648, bug #624438). IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-2941 Oracle Linux 6 [2.12-1.7.el6_0.3] - Require suid bit on audit objects in privileged programs (#645679, CVE-2010-3856) [2.12-1.7.el6_0.2] - Never expand in privileged programs (#643821) [2.12-1.7.el6_0.1] - Fix bug in generic strstr/memmem implementation handling certain repeated patterns (#643341) - Correctly align TCB for AVX (#643343) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-3847 CVE-2010-3856 Oracle Linux 5 Oracle Linux 6 [2.3.11-6.el6_0.2] - Add freetype-2.3.11-CVE-2010-3855.patch (Protect against invalid runcnt values.) - Resolves: #651761 [2.3.11-6.el6_0.1] - Add freetype-2.3.11-CVE-2010-2805.patch (Fix comparison.) - Add freetype-2.3.11-CVE-2010-2806.patch (Protect against negative string_size. Fix comparison.) - Add freetype-2.3.11-CVE-2010-2808.patch (Check the total length of collected POST segments.) - Add freetype-2.3.11-CVE-2010-3311.patch (Dont seek behind end of stream.) - Resolves: #638838 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2805 CVE-2010-2806 CVE-2010-2808 CVE-2010-3311 CVE-2010-3855 Oracle Linux 6 [2.6.6-6.el6] - Add patch for CVE-2010-3711 (RH bug #645413). MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3711 Oracle Linux 6 [1.1.1-4.1] - fix insecure dropping of priviledges in pam_xauth, pam_env, and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335) - fix insecure executing of scripts with user supplied environment variables in pam_namespace - CVE-2010-3853 (#643043) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3316 CVE-2010-3435 CVE-2010-3853 CVE-2010-4707 CVE-2010-4708 Oracle Linux 6 [2.6.24-8.1] Resolves: #635058 CVE-2010-3302 CVE-2010-3308 CVE-2010-2752 CVE-2010-3753 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3302 CVE-2010-3308 CVE-2010-3752 CVE-2010-3753 Oracle Linux 5 Oracle Linux 6 [1.2-11.0.1.el6_0] - rebuild without docs - remove doc/SystemTap_Beginners_Guide/en-US in tarball [1.2-11] - CVE-2010-4170 - CVE-2010-4171 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-4170 CVE-2010-4171 Oracle Linux 5 [kvm-83-164.0.1.el5_5.25] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-164.el5_5.25] - Adding load_gs_index to kmod symbol greylist - Related: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z]) [kvm-83-164.el5_5.24] - Updated kversion to 2.6.18-194.17.1.el5 to match build root - kvm.spec: fix ./configure arguments (ensure spice, kvm-cap-pit and kvm-cap-device-assignment are always enabled) - kvm-kernel-KVM-Fix-fs-gs-reload-oops-with-invalid-ldt.patch [bz#639886] - Resolves: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z]) - CVE: CVE-2010-3698 MODERATE Copyright 2010 Oracle, Inc. CVE-2010-3698 Oracle Linux 6 [1.11.23-11.el6_0.1] - Fix CVE-2010-3846 (Resolves: #644813) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3846 Oracle Linux 5 [5.1.6-27.3] - add security fix for CVE-2010-3870 (#626735) [5.1.6-27.2] - fix var_export test cases (#626735) [5.1.6-27.1] - add security fixes for CVE-2010-1917, CVE-2010-3065, CVE-2010-2531, CVE-2010-1128, CVE-2010-0397 (#626735) MODERATE Copyright 2010 Oracle, Inc. CVE-2009-5016 CVE-2010-0397 CVE-2010-1128 CVE-2010-1917 CVE-2010-2531 CVE-2010-3065 CVE-2010-3870 Oracle Linux 6 [12:4.1.1-12.P1.1] - CVE-2010-3611: NULL pointer dereference crash via crafted DHCPv6 packet (#651913) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3611 Oracle Linux 5 [1.6.1-36.el5_5.6] - incorporate candidate patch for checksum acceptance issues from MITKRB5-SA-2010-007 (CVE-2010-1323, #652307) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-1323 Oracle Linux 6 [0.99.15-5_el6_0.1] - Resolves: #644830 - CVE-2010-2948 CVE-2010-2949 quagga various flaws MODERATE Copyright 2011 Oracle, Inc. CVE-2010-2948 CVE-2010-2949 Oracle Linux 5 Oracle Linux 6 [1.3.9-3.1] - add security fix for CVE-2010-1623 (#659253) MODERATE Copyright 2010 Oracle, Inc. CVE-2010-1623 Oracle Linux 5 Oracle Linux 6 firefox: [3.6.13-1.0.1.el6_0] - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js [bugz 11762] [3.6.13-2] - Update to 3.6.13 build3 [3.6.13-1] - Update to 3.6.13 [3.6.12-1] - Update to 3.6.12 [3.6.11-1] - Update to 3.6.11 xulrunner: [1.9.2.13-3.0.1.el6_0] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. Bug#11487 [1.9.2.13-3] - Update to 1.9.2.13 build3 [1.9.2.13-2] - Update to 1.9.2.13 build2 [1.9.2.13-1] - Update to 1.9.2.13 [1.9.2.12-1] - Update to 1.9.2.12 [1.9.2.11-1] - Update to 1.9.2.1 CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-3766 CVE-2010-3767 CVE-2010-3768 CVE-2010-3770 CVE-2010-3771 CVE-2010-3772 CVE-2010-3773 CVE-2010-3774 CVE-2010-3775 CVE-2010-3776 CVE-2010-3777 Oracle Linux 6 [3.1.7-3.0.1.el6] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [3.1.7-3] - Update to 3.1.7 build3 [3.1.7-2] - Update to 3.1.7 build2 [3.1.7-1] - Update to 3.1.7 [3.1.6-1] - Update to 3.1.6 [3.1.5-1] - Update to 3.1.5 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3768 CVE-2010-3776 CVE-2010-3777 Oracle Linux 5 [4.63-3.el5_5.2] - fix buffer overflow in string_format (CVE-2010-4344, #662019) CRITICAL Copyright 2010 Oracle, Inc. CVE-2010-4344 Oracle Linux 6 [32:9.7.0-5.P2.1] - fix CVE-2010-3613 and CVE-2010-3614 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-3613 CVE-2010-3614 Oracle Linux 5 [30:9.3.6-4.P1.3] - fixes for CVE-2010-3762, CVE-2010-3613 and CVE-2010-3614 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-3613 CVE-2010-3614 CVE-2010-3762 Oracle Linux 5 [0.9.8e-12.7] - fix CVE-2010-4180 - completely disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (#659462) MODERATE Copyright 2010 Oracle, Inc. CVE-2008-7270 CVE-2010-4180 Oracle Linux 6 [1.0.0-4.2] - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304) [1.0.0-4.1] - fix race in extension parsing code - CVE-2010-3864 (#649304) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3864 CVE-2010-4180 Oracle Linux 5 [kvm-83-164.0.1.el5_5.30] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch to replace RHEL with OEL - Added kvm-Introduce-oel-machine-type.patch so that OEL is a recognized VM [kvm-83-164.el5_5.30] - Revert the bz#661397 patches as they are not enough - kvm-kernel-Revert-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#661397] - kvm-kernel-Revert-KVM-Don-t-spin-on-virt-instruction-faults-dur.patch [bz#661397] - Related: bz#661397 (reboot(RB_AUTOBOOT) fails if kvm instance is running) - kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems-additional-f.patch [bz#656984] - Resolves: bz#656984 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-164.el5_5.29] - kvm-kernel-KVM-Don-t-spin-on-virt-instruction-faults-during-reb.patch [bz#661397] - kvm-kernel-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#661397] - Resolves: bz#661397 (reboot(RB_AUTOBOOT) fails if kvm instance is running) [kvm-83-164.el5_5.28] - kvm-implement-dummy-PnP-support.patch [bz#659850] - kvm-load-registers-after-restoring-pvclock-msrs.patch [bz#660239] - Resolves: bz#659850 (If VM boot seq. is set up as nc (PXE then disk) the VM is always stuck on trying to PXE boot) - Resolves: bz#660239 (clock drift when migrating a guest between mis-matched CPU clock speed) [kvm-83-164.el5_5.27] - kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems.patch [bz#656984] - Resolves: bz#656984 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-164.el5_5.26] - Updated kversion to 2.6.18-194.26.1.el5 to match build root - kvm-kernel-KVM-x86-fix-information-leak-to-userland.patch [bz#649832] - Resolves: bz#649832 (CVE-2010-3881 kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory [5.5.z]) - CVE: CVE-2010-3881 LOW Copyright 2010 Oracle, Inc. CVE-2010-3881 Oracle Linux 6 [0.9.0-8] - Fix CVE-2010-4203 Resolves: rhbz#652440 [0.9.0-7] - Import 0.9.0-6 package from Fedora - Add patch porting yasm syntax to gas Related: rhbz#603113 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4203 Oracle Linux 6 [1:3.0.0-11.1] - add security fix for CVE-2008-2384 (#663617) MODERATE Copyright 2011 Oracle, Inc. CVE-2008-2384 Oracle Linux 6 [1.7.1-2.1] - fix CVE-2010-3906 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3906 Oracle Linux 5 [2.6.32-100.20.1.el5] - [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner) - [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943} - [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2 010-2943} - [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2 010-2943} - [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942} - [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2942 CVE-2010-2943 Oracle Linux 5 Following security bugs are fixed in this errata CVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root. CVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. CVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942. kernel: [2.6.32-100.21.1.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} - [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch - [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch - [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch ofa: [1.5.1-4.0.23] - Fix rds permissions checks during copies [1.5.1-4.0.21] - Update to BXOFED 1.5.1-1.3.6-5 IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-3067 CVE-2010-3477 CVE-2010-3904 Oracle Linux 5 [2.6.18-194.17.1.0.2.el5] - [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} [orabug 10226701] IMPORTANT Copyright 2010 Oracle, Inc. Oracle Linux 5 Following Security fixes are included in this unbreakable enterprise kernel errata: CVE-2010-3432 The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic. CVE-2010-2962 drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations. CVE-2010-2955 The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size. CVE-2010-3705 The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array. CVE-2010-3084 Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command. CVE-2010-3437 Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. CVE-2010-3079 kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file. CVE-2010-3698 The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT). CVE-2010-3442 Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. [2.6.32-100.24.1.el5] - [sctp] Do not reset the packet during sctp_packet_con[CVE-2010-3432] - [drm/i915] Sanity check pread/pwrite [CVE-2010-2962] - [wireless] fix kernel heap content leak [CVE-2010-2955] - [sctp] Fix out-of-bounds reading in sctp_asoc_get_hmac() [CVE-2010-3705] - [niu] Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL [CVE-2010-3084] - Fix pktcdvd ioctl dev_minor range check [CVE-2010-3437] - Do not allow llseek to set_ftrace_filter [CVE-2010-3079] - [kvm] Fix fs/gs reload oops with invalid ldt [CVE-2010-3698] - [alsa] prevent heap corruption in snd_ctl_new() [CVE-2010-3442] - Fix LACP bonding mode (Tina Yang) - Fix grat arps on bonded interfaces (Tina Yang) IMPORTANT Copyright 2010 Oracle, Inc. CVE-2010-2955 CVE-2010-2962 CVE-2010-3079 CVE-2010-3084 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3698 CVE-2010-3705