Oracle Errata System Oracle Linux 5.11 2024-09-21T19:06:07 Oracle Linux 5 [2.6.18-194.32.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314] - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) [orabug 9504524] - [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh) [orabug 9245919] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919] - fix filp_close() race (Joe Jin) [orabug 10335998] [2.6.18-194.32.1.el5] - [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [664416 663853] [2.6.18-194.31.1.el5] - [fs] nfs: set lock_context field in nfs_writepage_sync (Jeff Layton) [663381 660580] - [fs] nfs: remove problematic calls to nfs_clear_request (Jeff Layton) [663353 656492] - [fs] nfs: handle alloc failures in nfs_create_request (Jeff Layton) [663353 656492] - [fs] nfs: clean up nfs_create_request (Jeff Layton) [663353 656492] - [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [636412 635999] {CVE-2010-3699} [2.6.18-194.30.1.el5] - [scsi] lpfc: set heartbeat timer off by default (Rob Evers) [658079 655119] - [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656265 656266] {CVE-2010-4248} - [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645226 645227] {CVE-2010-3858} - [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651266 651267] {CVE-2010-3880} - [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645871 645872] {CVE-2010-3859} - [bluetooth] hci_ldisc: fix missing NULL check (Jarod Wilson) [655664 655666] {CVE-2010-4242} - [virt] xen: add bounds req-process loop in blkback/blktap (Laszlo Ersek) [656208 654546] {CVE-2010-4247} - [virt] xen: don't leak dev refs on bad xenbus transitions (Laszlo Ersek) [636412 635999] {CVE-2010-3699} - [scsi] lpfc: fix crashes on NULL pnode dereference (Rob Evers) [658864 649489] - [scsi] qla2xxx: check null fcport in _queuecommands (Chad Dupuis) [657029 644863] - [fs] gfs2: fix race in unlinked inode deallocation (Robert S Peterson) [651811 643165] - [scsi] lpfc: fix a BUG_ON in lpfc_abort_handler (Rob Evers) [658378 639028] - [scsi] re-enable transistions from OFFLINE to RUNNING (Mike Christie) [658934 641193] - [scsi] scsi_dh_alua: handle transitioning state correctly (Mike Snitzer) [657028 619361] - [misc] add round_jiffies_up and related routines (Michal Schmidt) [658520 556476] - [fs] fix dcache accounting bug (Josef Bacik) [658857 596548] - [usb] uhci: fix oops in uhci_scan_schedule (Pete Zaitcev) [657319 516851] - [scsi] lpfc: fix panic in lpfc_scsi_cmd_iocb_cmpl (Rob Evers) [658379 603806] [2.6.18-194.29.1.el5] - [net] rds: fix rds_iovec page count overflow (Jiri Pirko) [647421 647422] {CVE-2010-3865} - [net] fix deadlock in sock_queue_rcv_skb (Danny Feng) [652536 652537] {CVE-2010-4161} - [net] packet: fix information leak to userland (Jiri Pirko) [649897 649898] {CVE-2010-3876} - [ipc] sys_semctl: fix kernel stack leakage (Danny Feng) [648721 648722] {CVE-2010-4083} - [misc] kernel: remove yield from stop_machine paths (Oleg Nesterov) [651818 634454] - [fs] dlm: reduce cond_resched during send (David Teigland) [653335 604139] - [fs] dlm: use TCP_NODELAY (David Teigland) [653335 604139] - [net] sctp: do not reset packet during sctp_packet_config (Jiri Pirko) [637866 637867] {CVE-2010-3432} - [net] bonding: no lock on copy/clear VLAN list on slave (Andy Gospodarek) [652561 627974] - [scsi] gdth: prevent integer overflow in ioc_general (Frantisek Hrbata) [651175 651176] {CVE-2010-4157} - [kernel] add stop_machine barrier to fix lock contention (Prarit Bhargava) [651818 634454] [2.6.18-194.28.1.el5] - [net] bnx2: Increase max rx ring size from 1K to 2K (Andy Gospodarek) [649255 640026] - [net] bnx2: fixup broken NAPI accounting (Andy Gospodarek) [649255 640026] - [pci] include DL580 G7 in bfsort whitelist (Tony Camuso) [646765 644879] - [sound] core: prevent heap corruption in snd_ctl_new (Jerome Marchand) [638483 638484] {CVE-2010-3442} - [net] ixgbe: add option to control interrupt mode (Andy Gospodarek) [643339 571495] - [fs] execve: fix interactivity and response to SIGKILL (Dave Anderson) [643344 629176] - [usb] fix test of wrong variable in create_by_name (Don Howard) [643347 594635] - [fs] gfs2: fix stuck in inode wait, no glocks stuck (Robert S Peterson) [651805 595397] - [net] gro: fix bogus gso_size on the first fraglist entry (Herbert Xu) [648938 588015] - [virt] xen: fix Connected state after netback dev closed (Paolo Bonzini) [643345 591548] - [net] tun: orphan an skb on tx (Michael S. Tsirkin) [643348 584412] [2.6.18-194.27.1.el5] - [net] netxen: fix set mac addr (Andy Gospodarek) [647681 562937] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-3432 CVE-2010-3859 CVE-2010-4083 CVE-2010-4157 CVE-2010-3876 CVE-2010-4161 CVE-2010-4247 CVE-2010-3442 CVE-2010-3699 CVE-2010-3858 CVE-2010-3865 CVE-2010-3880 CVE-2010-4242 CVE-2010-4248 cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.6.32-71.14.1.0.1.el6] - replace Red Hat with Oracle in files genkey and kernel.spec [2.6.32-71.14.1.el6] - [kvm] x86: zero kvm_vcpu_events->interrupt.pad (Marcelo Tosatti) [665471 665409] {CVE-2010-4525} [2.6.32-71.13.1.el6] email_6.RHSA-2011-0007 178L, 11970C written - [scsi] lpfc: Fixed crashes for NULL pnode dereference (Rob Evers) [660589 635733] [2.6.32-71.12.1.el6] - [netdrv] igb: only use vlan_gro_receive if vlans are registered (Stefan Assmann) [652804 660192] {CVE-2010-4263} - [net] core: neighbour update Oops (Jiri Pirko) [660591 658518] - [scsi] lpfc: Set heartbeat timer off by default (Rob Evers) [660244 655935] - [scsi] lpfc: Fixed crashes for BUG_ONs hit in the lpfc_abort_handler (Rob Evers) [659611 645882] [2.6.32-71.11.1.el6] - [kernel] posix-cpu-timers: workaround to suppress the problems with mt exec (Oleg Nesterov) [656267 656268] {CVE-2010-4248} - [fs] bio: take care not overflow page count when mapping/copying user data (Danny Feng) [652530 652531] {CVE-2010-4162} - [net] can-bcm: fix minor heap overflow (Danny Feng) [651846 651847] {CVE-2010-3874} - [net] filter: make sure filters dont read uninitialized memory (Jiri Pirko) [651704 651705] {CVE-2010-4158} - [net] inet_diag: Make sure we actually run the same bytecode we audited (Jiri Pirko) [651268 651269] {CVE-2010-3880} - [v4l] ivtvfb: prevent reading uninitialized stack memory (Mauro Carvalho Chehab) [648832 648833] {CVE-2010-4079} - [drm] via/ioctl.c: prevent reading uninitialized stack memory (Dave Airlie) [648718 648719] {CVE-2010-4082} - [char] nozomi: clear data before returning to userspace on TIOCGICOUNT (Mauro Carvalho Chehab) [648705 648706] {CVE-2010-4077} - [serial] clean data before filling it on TIOCGICOUNT (Mauro Carvalho Chehab) [648702 648703] {CVE-2010-4075} - [net] af_unix: limit unix_tot_inflight (Neil Horman) [656761 656762] {CVE-2010-4249} - [block] check for proper length of iov entries in blk_rq_map_user_iov() (Danny Feng) [652958 652959] {CVE-2010-4163} - [net] Limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri Pirko) [651894 651895] {CVE-2010-4160} - [netdrv] mlx4: Add OFED-1.5.2 patch to increase log_mtts_per_seg (Jay Fenlason) [643815 637284] - [kernel] kbuild: fix external module compiling (Aristeu Rozanski) [658879 655231] - [net] bluetooth: Fix missing NULL check (Jarod Wilson) [655667 655668] {CVE-2010-4242} - [kernel] ipc: initialize structure memory to zero for compat functions (Danny Feng) [648694 648695] {CVE-2010-4073} - [kernel] shm: fix information leak to userland (Danny Feng) [648688 648689] {CVE-2010-4072} - [md] dm: remove extra locking when changing device size (Mike Snitzer) [653900 644380] - [block] read i_size with i_size_read() (Mike Snitzer) [653900 644380] - [kbuild] don't sign out-of-tree modules (Aristeu Rozanski) [655122 653507] [2.6.32-71.10.1.el6] - [fs] xfs: prevent reading uninitialized stack memory (Dave Chinner) [630808 630809] {CVE-2010-3078} - [net] fix rds_iovec page count overflow (Jiri Pirko) [647423 647424] {CVE-2010-3865} - [scsi] Fix megaraid_sas driver SLAB memory leak detected with CONFIG_DEBUG_SLAB (Shyam Iyer) [649436 633836] - [usb] serial/mos*: prevent reading uninitialized stack memory (Don Zickus) [648697 648698] {CVE-2010-4074} - [kernel] ecryptfs_uid_hash() buffer overflow (Jerome Marchand) [626320 611388] {CVE-2010-2492} - [sound] seq/oss - Fix double-free at error path of snd_seq_oss_open() (Jaroslav Kysela) [630554 630555] {CVE-2010-3080} - [virt] virtio-net: init link state correctly (Jason Wang) [653340 646369] - [netdrv] prevent reading uninitialized memory in hso driver (Thomas Graf) [633143 633144] {CVE-2010-3298} [2.6.32-71.9.1.el6] - [fs] Do not mix FMODE_ and O_ flags with break_lease() and may_open() (Harshula Jayasuriya) [648408 642677] - [fs] aio: check for multiplication overflow in do_io_submit (Jeff Moyer) [629450 629451] {CVE-2010-3067} - [net] fix info leak from kernel in ethtool operation (Neil Horman) [646727 646728] {CVE-2010-3861} - [net] packet: fix information leak to userland (Jiri Pirko) [649899 649900] {CVE-2010-3876} - [net] clean up info leak in act_police (Neil Horman) [636393 636394] {CVE-2010-3477} - [mm] Prevent Out Of Memory when changing cpuset's mems on NUMA (Larry Woodman) [651996 597127] [2.6.32-71.8.1.el6] - [mm] remove false positive THP pmd_present BUG_ON (Andrea Arcangeli) [647391 646384] [2.6.32-71.7.1.el6] - [drm] ttm: fix regression introduced in dfb4a4250168008c5ac61e90ab2b86f074a83a6c (Dave Airlie) [646994 644896] [2.6.32-71.6.1.el6] - [block] fix a potential oops for callers of elevator_change (Jeff Moyer) [644926 641408] [2.6.32-71.5.1.el6] - [security] IMA: require command line option to enabled (Eric Paris) [644636 643667] - [net] Fix priv escalation in rds protocol (Neil Horman) [642899 642900] {CVE-2010-3904} - [v4l] Remove compat code for VIDIOCSMICROCODE (Mauro Carvalho Chehab) [642472 642473] {CVE-2010-2963} - [kernel] tracing: do not allow llseek to set_ftrace_filter (Jiri Olsa) [631625 631626] {CVE-2010-3079} - [virt] xen: hold mm->page_table_lock in vmalloc_sync (Andrew Jones) [644038 643371] - [fs] xfs: properly account for reclaimed inodes (Dave Chinner) [642680 641764] - [drm] fix ioctls infoleak (Danny Feng) [626319 621437] {CVE-2010-2803} - [netdrv] wireless extensions: fix kernel heap content leak (John Linville) [628437 628438] {CVE-2010-2955} - [netdrv] niu: buffer overflow for ETHTOOL_GRXCLSRLALL (Danny Feng) [632071 632072] {CVE-2010-3084} - [mm] add debug checks for mapcount related invariants (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] move VM_BUG_ON inside the page_table_lock of zap_huge_pmd (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] compaction: handle active and inactive fairly in too_many_isolated (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] start_khugepaged after setting transparent_hugepage_flags (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] fix hibernate memory corruption (Andrea Arcangeli) [644037 642570] - [mm] ksmd wait_event_freezable (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] khugepaged wait_event_freezable (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] unlink_anon_vmas in __split_vma in case of error (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] fix memleak in copy_huge_pmd (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] fix hang on anon_vma->root->lock (Andrea Arcangeli) [642679 622327 644037 642570] - [mm] avoid breaking huge pmd invariants in case of vma_adjust failures (Andrea Arcangeli) [642679 622327 644037 642570] [2.6.32-71.4.1.el6] - [scsi] fcoe: set default FIP mode as FIP_MODE_FABRIC (Mike Christie) [641457 636233] - [virt] KVM: Fix fs/gs reload oops with invalid ldt (Avi Kivity) [639884 639885] {CVE-2010-3698} - [drm] i915: prevent arbitrary kernel memory write (Jerome Marchand) [637690 637691] {CVE-2010-2962} - [scsi] libfc: adds flogi retry in case DID is zero in RJT (Mike Christie) [641456 633907] - [kernel] prevent heap corruption in snd_ctl_new() (Jerome Marchand) [638485 638486] {CVE-2010-3442} - [scsi] lpfc: lpfc driver oops during rhel6 installation with snapshot 12/13 and emulex FC (Rob Evers) [641907 634703] - [fs] ext4: Always journal quota file modifications (Eric Sandeen) [641454 624909] - [mm] fix split_huge_page error like mapcount 3 page_mapcount 2 (Andrea Arcangeli) [641258 640611] - [block] Fix pktcdvd ioctl dev_minor range check (Jerome Marchand) [638088 638089] {CVE-2010-3437} - [drm] ttm: Fix two race conditions + fix busy codepaths (Dave Airlie) [642045 640871] - [drm] Prune GEM vma entries (Dave Airlie) [642043 640870] - [virt] ksm: fix bad user data when swapping (Andrea Arcangeli) [641459 640579] - [virt] ksm: fix page_address_in_vma anon_vma oops (Andrea Arcangeli) [641460 640576] - [net] sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (Jiri Pirko) [640461 640462] {CVE-2010-3705} - [mm] Move vma_stack_continue into mm.h (Mike Snitzer) [641483 638525] - [net] sctp: Do not reset the packet during sctp_packet_config() (Jiri Pirko) [637681 637682] {CVE-2010-3432} - [mm] vmstat incorrectly reports disk IO as swap in (Steve Best) [641458 636978] - [scsi] fcoe: Fix NPIV (Neil Horman) [641455 631246] [2.6.32-71.3.1.el6] - [block] prevent merges of discard and write requests (Mike Snitzer) [639412 637805] - [drm] nouveau: correct INIT_DP_CONDITION subcondition 5 (Ben Skeggs) [638973 636678] - [drm] nouveau: enable enhanced framing only if DP display supports it (Ben Skeggs) [638973 636678] - [drm] nouveau: fix required mode bandwidth calculation for DP (Ben Skeggs) [638973 636678] - [drm] nouveau: disable hotplug detect around DP link training (Ben Skeggs) [638973 636678] - [drm] nouveau: set DP display power state during DPMS (Ben Skeggs) [638973 636678] - [mm] remove madvise from possible /sys/kernel/mm/redhat_transparent_hugepage/enabled options (Larry Woodman) [636116 634500] - [netdrv] cxgb3: don't flush the workqueue if we are called from the workqueue (Doug Ledford) [634973 631547] - [netdrv] cxgb3: deal with fatal parity error status in interrupt handler (Doug Ledford) [634973 631547] - [netdrv] cxgb3: now that we define fatal parity errors, make sure they are cleared (Doug Ledford) [634973 631547] - [netdrv] cxgb3: Add define for fatal parity error bit manipulation (Doug Ledford) [634973 631547] - [virt] Emulate MSR_EBC_FREQUENCY_ID (Jes Sorensen) [633966 629836] - [virt] Define MSR_EBC_FREQUENCY_ID (Jes Sorensen) [633966 629836] - [kernel] initramfs: Fix initramfs size calculation (Hendrik Brueckner) [637087 626956] - [kernel] initramfs: Generalize initramfs_data.xxx.S variants (Hendrik Brueckner) [637087 626956] - [drm] radeon/kms: fix sideport detection on newer rs880 boards (Dave Airlie) [634984 626454] - [block] switch s390 tape_block and mg_disk to elevator_change() (Mike Snitzer) [633864 632631] - [block] add function call to switch the IO scheduler from a driver (Mike Snitzer) [633864 632631] [2.6.32-71.2.1.el6] - [misc] make compat_alloc_user_space() incorporate the access_ok() (Xiaotian Feng) [634465 634466] {CVE-2010-3081} - [x86] kernel: fix IA32 System Call Entry Point Vulnerability (Xiaotian Feng) [634451 634452] {CVE-2010-3301} [2.6.32-71.1.1.el6] - [security] Make kernel panic in FIPS mode if modsign check fails (David Howells) [633865 625914] - [virt] Guests on AMD with CPU type 6 and model >= 8 trigger errata read of MSR_K7_CLK_CTL (Jes Sorensen) [632292 629066] - [x86] UV: use virtual efi on SGI systems (George Beshers) [633964 627653] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-2492 CVE-2010-3067 CVE-2010-3477 CVE-2010-4073 CVE-2010-4077 CVE-2010-4079 CVE-2010-4080 CVE-2010-4082 CVE-2010-4083 CVE-2010-4160 CVE-2010-4249 CVE-2010-2803 CVE-2010-2955 CVE-2010-3442 CVE-2010-3904 CVE-2010-3865 CVE-2010-3079 CVE-2010-3298 CVE-2010-4074 CVE-2010-3437 CVE-2010-3861 CVE-2010-3874 CVE-2010-3876 CVE-2010-4158 CVE-2010-4162 CVE-2010-4242 CVE-2010-2962 CVE-2010-3698 CVE-2010-3078 CVE-2010-3080 CVE-2010-4668 CVE-2010-3432 CVE-2010-3880 CVE-2010-4072 CVE-2010-4075 CVE-2010-4081 CVE-2010-4163 CVE-2010-3084 CVE-2010-4248 CVE-2010-4263 CVE-2010-4525 CVE-2010-3081 CVE-2010-3301 CVE-2010-3705 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.28.2-14.el6_0.1] - Fixes CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643 - Resolves: #666323 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-2641 CVE-2010-2640 CVE-2010-2642 CVE-2010-2643 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:6:7:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base Oracle Linux 5 Oracle Linux 6 [1.2.13-1.0.1.el6_0.2] - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect packets bug#11486 [1.2.13-1.1] - fix buffer overflow in ENTTEC dissector - Resolves: #667337 [1.2.13-1] - upgrade to 1.2.13 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.11.html - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.12.html - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.13.html - Resolves: #657534 (CVE-2010-4300 CVE-2010-3445) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3445 CVE-2010-4300 CVE-2010-4538 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [2.6.18-238.el5] - [net] bnx2: remove extra call to pci_map_page (John Feeney) [663509] - [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [663853] [2.6.18-237.el5] - [block] fully zeroize request struct in rq_init (Rob Evers) [662154] - [scsi] qla4xxx: update to 5.02.04.02.05.06-d0 (Chad Dupuis) [656999] - [scsi] qla4xxx: make get_sys_info function return void (Chad Dupuis) [656999] - [scsi] qla4xxx: dont default device to FAILED state (Chad Dupuis) [656999] - [scsi] qla4xxx: mask bits in F/W Options during init (Chad Dupuis) [656999] - [scsi] qla4xxx: update to 5.02.04.01.05.06-d0 (Chad Dupuis) [661768] - [scsi] qla4xxx: disable irq instead of req pci_slot_reset (Chad Dupuis) [661768] - [scsi] qla4xxx: no device add until scsi_add_host success (Chad Dupuis) [661768] - [fs] nfs: set lock_context field in nfs_writepage_sync (Jeff Layton) [660580] - [scsi] bfa: fix crash reading driver sysfs statistics (Rob Evers) [659880] {CVE-2010-4343} - [misc] cpufeature: avoid corrupting cpuid vendor id (Matthew Garrett) [568751] - [char] drm: dont set signal blocker on master process (Dave Airlie) [570604] - [fs] nfs: remove problematic calls to nfs_clear_request (Jeff Layton) [656492] - [fs] nfs: handle alloc failures in nfs_create_request (Jeff Layton) [656492] - [fs] nfs: clean up nfs_create_request (Jeff Layton) [656492] - [net] forcedeth: fix race condition in latest backport (Ivan Vecera) [658434] - [net] cxgb3: fix read of uninitialized stack memory (Jay Fenlason) [633155] {CVE-2010-3296} - [net] tg3: increase jumbo flag threshold (John Feeney) [660506] - [net] s2io: fix netdev initialization failure (Bob Picco) [654948] - [net] igb: only use vlan_gro_receive if vlans registered (Stefan Assmann) [660190] {CVE-2010-4263} - [net] ipv6: try all routers with unknown reachable state (Thomas Graf) [661393] - [misc] kernel: fix address limit override in OOPS path (Dave Anderson) [659571] {CVE-2010-4258} [2.6.18-236.el5] - [powerpc] support DLPAR remove operations (Steve Best) [655089] - [net] igb: fix tx packet count (Stefan Assmann) [658801] - [usb] serial: new driver MosChip MCS7840 (Stefan Assmann) [574507] - [fs] exec: copy fixes into compat_do_execve paths (Oleg Nesterov) [625694] {CVE-2010-4243} - [fs] exec: make argv/envp memory visible to oom-killer (Oleg Nesterov) [625694] {CVE-2010-4243} - [misc] binfmts: kill bprm->argv_len (Oleg Nesterov) [625694] {CVE-2010-4243} - [mm] backport upstream stack guard page /proc reporting (Larry Woodman) [643426] - [mm] add guard page for stacks that grow upwards (Johannes Weiner) [630563] - [net] tipc: fix information leak to userland (Jiri Pirko) [649892] {CVE-2010-3877} - [sound] ALSA: fix sysfs unload and OSS mixer mutex issues (Jaroslav Kysela) [652165] - [net] tg3: fix 5719 bugs (John Feeney) [657097] - [net] bnx2: update firmware to 6.0.x (John Feeney) [644438] - [redhat] configs: add CONFIG_SECURITY_DMESG_RESTRICT (Frantisek Hrbata) [653250] - [misc] kernel: restrict unprivileged access to dmesg (Frantisek Hrbata) [653250] - [virt] xen: dont allow blkback virtual CDROM device (Andrew Jones) [635638] {CVE-2010-4238} - Revert: [xen] cd-rom drive does not recognize new media (Andrew Jones) [635638] {CVE-2010-4238} - [net] qlge: fix deadlock when interface is going down (Chad Dupuis) [654420] - [net] qlge: reset chip before freeing buffers (Chad Dupuis) [654420] - [net] qlge: restore vlan setting during ql_adapter_up (Chad Dupuis) [654420] - [scsi] qla4xxx: Update version to V5.02.04.00.05.06-d0 (Chad Dupuis) [656999] - [scsi] qla4xxx: Document Driver Versioning Scheme (Chad Dupuis) [656999] - [scsi] qla4xxx: Updated the Copyright header to 2010 (Chad Dupuis) [656999] - [scsi] qla4xxx: dont process devices untill probe done (Chad Dupuis) [656999] - [scsi] qla4xxx: free DDB when application calls for it (Chad Dupuis) [656999] - [scsi] qla4xxx: memory wedge with peg_halt test in loop (Chad Dupuis) [656999] - [scsi] qla4xxx: clear AF_FW_RECOVERY flag after reset (Chad Dupuis) [656999] - [scsi] qla4xxx: fix new IP address caching (Chad Dupuis) [656999] - [scsi] qla4xxx: replace hard coded values with macros (Chad Dupuis) [656999] - [scsi] qla4xxx: mark dev FAILED on 82XX init failure (Chad Dupuis) [656999] - [scsi] qla4xxx: fail init if pci mem write fails (Chad Dupuis) [656999] - [scsi] qla4xxx: ensure proper qla4xxx_conn_start state (Chad Dupuis) [656999] - [scsi] qla4xxx: do not process interrupts unconditionally (Chad Dupuis) [656999] - [scsi] qla4xxx: fix add w/iscsi2_create_conn not done yet (Chad Dupuis) [656999] - [scsi] qla4xxx: no fw hung if reset retry is in progress (Chad Dupuis) [656999] - [scsi] qla4xxx: correct use of cmd->host_scribble (Chad Dupuis) [656999] - [scsi] qla4xxx: msi init request_irq parameter usage fix (Chad Dupuis) [656999] - [scsi] qla4xxx: cleanup qla4xxx_wait_for_hba_online (Chad Dupuis) [656999] - [scsi] qla4xxx: grab hardware_lock before accessing srb (Chad Dupuis) [656999] - [scsi] qla4xxx: remove unwanted check for bad spd (Chad Dupuis) [656999] - [scsi] qla4xxx: update AER support for ISP82XX (Chad Dupuis) [656999] - [scsi] qla4xxx: clear rom lock if firmware died holding (Chad Dupuis) [656999] - [scsi] qla4xxx: CRB Register for Request Queue in-pointer (Chad Dupuis) [656999] - [scsi] qla4xxx: dump mailbox registers on System Error (Chad Dupuis) [656999] - [scsi] qla4xxx: add support for 8130/8131 AENs (Chad Dupuis) [656999] - [scsi] qla4xxx: fix seconds_since_last_heartbeat reset (Chad Dupuis) [656999] - [scsi] qla4xxx: no wait for outstanding command complete (Chad Dupuis) [656999] - [scsi] qla4xxx: free_irqs on failed initialize_adapter (Chad Dupuis) [656999] - [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [635999] - [xen] fix 64-bit PV guest user mode segv crashing host (Paolo Bonzini) [658354] {CVE-2010-4255} [2.6.18-235.el5] - [net] filter: fix backport error in prior filter fix (Jarod Wilson) [651703] [2.6.18-234.el5] - [s390] vmlogrdr: purge after recording is switched off (Hendrik Brueckner) [653479] - [wireless] ieee80211: fix deauthentication (Stanislaw Gruszka) [644367] - [wireless] zd1211rw: fix associate after disassociate (Stanislaw Gruszka) [644367] - [fs] proc: fix NULL ->i_fop oops (Steve Best) [655083] - [scsi] lpfc: Update version to 8.2.0.87.1p (Rob Evers) [655119] - [scsi] lpfc: set heartbeat timer off by default (Rob Evers) [655119] - [scsi] lpfc: fix NULL deref duing allocation failure (Rob Evers) [655119] - [scsi] lpfc: fix remote SLI4 firmware download data bug (Rob Evers) [655119] - [scsi] lpfc: fix FDMI_DID login failure after link bounce (Rob Evers) [655119] - [scsi] lpfc: handle CVL after nameserver PLOGI timeouts (Rob Evers) [655119] - [scsi] lpfc: cleanup mbox cmds in mboxq_cmpl if CVL rcvd (Rob Evers) [655119] - [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656266] - [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645227] - [net] bnx2x: force interrupt mode for iscsi unset mac (Michal Schmidt) [655885] - [scsi] bnx2i: allow to abort connect if request times out (Mike Christie) [653991] - [scsi] bnx2i: fix remote TCP RST handling for 570X (1g) (Mike Christie) [653991] - [scsi] bnx2i: fix a cid leak issue for 5771X (10g) (Mike Christie) [653991] - [scsi] bnx2i: fix endian bug in TMF LUN cmd send (Mike Christie) [653991] - [misc] prevent divide by 0 in the kernel during boot (Larry Woodman) [508140] - [net] filter: make sure filters dont read uninit memory (Jiri Pirko) [651703] {CVE-2010-4158} - [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651267] - [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645872] {CVE-2010-3859} - [bluetooth] hci_ldisc: fix missing NULL check (Jarod Wilson) [655666] - [net] be2net: avoid firmware update if interface not open (Ivan Vecera) [651948] - [ipc] shm: fix information leak to userland (Danny Feng) [648687] {CVE-2010-4072} - [ipc] initialize struct memory to 0 for compat functions (Danny Feng) [648693] {CVE-2010-4073} - [net] netxen: dont use reset_devices, it may go away (Chad Dupuis) [643254] - [net] netxen: fix kdump (Chad Dupuis) [643254] - [net] qlcnic: avoid reset_devices, it may become obsolete (Chad Dupuis) [656008] - [net] qlcnic: fix for kdump (Chad Dupuis) [656008] - [pci] block on access to temporarily unavailable device (Chad Dupuis) [656008] - [serial] serial_core: clean data before filling it (Mauro Carvalho Chehab) [648701] {CVE-2010-4075} - [edac] i7core_edac: return -ENODEV if dev already probed (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: properly terminate pci_dev_table (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: fix PCI refcounting on reloads (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: fix refcount error at PCI devices (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: safe to unregister mci when mci NULL (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: fix an oops at i7core probe (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: remove unused member in i7core_pvt (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: remove unused arg in get_dimm_config (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: reduce args of i7core_register_mci (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: use saved pointers (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: check probe counter in i7core_remove (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: call pci_dev_put on alloc failure (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: fix error path of i7core_register_mci (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: fix line order in i7core_register_mci (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: always do get/put for all devices (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: ensure edac pci handler release (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: introduce free_i7core_dev (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: introduce alloc_i7core_dev (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: reduce args of i7core_get_onedevice (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: fix the logic in i7core_remove (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: dont do legacy PCI probe by default (Mauro Carvalho Chehab) [651869] - [edac] edac_core: print debug messages at release calls (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: remove PCI devices from devices list (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: MCE NMI handling should stop first (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: improve debug register/remove errors (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: move #if PAGE_SHIFT to edac_core.h (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: terminate the group of udimm counters (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: mark const static vars as such (Mauro Carvalho Chehab) [651869] - [edac] i7core_edac: move static vars to the top of file (Mauro Carvalho Chehab) [651869] - [virt] xen: add bounds req-process loop in blkback/blktap (Laszlo Ersek) [654546] {CVE-2010-4247} - [virt] xen: dont leak dev refs on bad xenbus transitions (Laszlo Ersek) [635999] {CVE-2010-3699} - [mm] fix possible integer overflow in mm/fremap.c (Larry Woodman) [637047] - [misc] futex: replace LOCK_PREFIX in futex.h (Jiri Pirko) [633176] {CVE-2010-3086} [2.6.18-233.el5] - [scsi] mpt2sas: use sas device list for enclosure id (Tomas Henzl) [652284] - [scsi] ipr: fix mailbox register definition and add delay (Steve Best) [654446] - [scsi] ipr: fix lun assignment and comparison (Steve Best) [654446] - [powerpc] add AT_BASE_PLATFORM to Aux Vector and power7 (Steve Best) [652279] - [infiniband] ehea: use shca_list_lock spinlock (Steve Best) [613797] - [powerpc] kdump: CPUs assume context of oopsing CPU (Steve Best) [509792] - [scsi] lpfc: Update version for 8.2.0.87 driver release (Rob Evers) [649489] - [scsi] lpfc: add handling SLI4 unsolicted ELS RTV (Rob Evers) [649489] - [scsi] lpfc: add handling ECHO response support (Rob Evers) [649489] - [scsi] lpfc: add handling of SLI4 unsolicted ELS (Rob Evers) [649489] - [scsi] lpfc: fix locking for security mailbox commands (Rob Evers) [649489] - [scsi] lpfc: abort I/Os and wait on XRI in SLI4 unload (Rob Evers) [649489] - [scsi] lpfc: handle devloss timeout in FIP engine (Rob Evers) [649489] - [scsi] lpfc: fix crashes on NULL pnode dereference (Rob Evers) [649489] - [net] cnic: Add cnic_free_uio (Mike Christie) [651287] - [net] cnic: Add cnic_uio_dev struct (Mike Christie) [651287] - [net] cnic: Add cnic_free_uio (Mike Christie) [651287] - [net] cnic: Fine-tune ring init code (Mike Christie) [651287] - [misc] fix dirty_bytes sysctl name (Larry Woodman) [635782] - [fs] procfs: acquire inode mutex around llseek operation (Lachlan McIlroy) [644726] - [virt] netfront: default to copying instead of flipping (Laszlo Ersek) [653262] - [virt] netback: dont balloon up for copying receivers (Laszlo Ersek) [653501] - [net] rds: fix rds_iovec page count overflow (Jiri Pirko) [647422] - [net] virtio_net: add link status handling (Jason Wang) [649573] - [net] be2net: Update be2net to version 2.102.512r (Ivan Vecera) [647259] - [char] watchdog: another LPC Controller ID for Patsburg (David Milburn) [570868] - [misc] another LPC Controller ID for Intel Patsburg PCH (David Milburn) [570868] - [i2c] i2c-i801: Add Intel Patsburg device ID (David Milburn) [570868] - [misc] pci: update Intel Patsburg defines (David Milburn) [570868] - [misc] x86/PCI irq and pci_ids for Intel Patsburg Devices (David Milburn) [570868] - [sound] ALSA HD Audio for Intel Patsburg DeviceIDs (David Milburn) [570868] - [char] watchdog: TCO Watchdog for Intel Patsburg Devices (David Milburn) [570868] - [ata] ahci: AHCI and RAID mode for Intel Patsburg Devices (David Milburn) [570868] - [ata] ata_piix: IDE Mode SATA for Intel Patsburg Devices (David Milburn) [570868] - [net] fix deadlock in sock_queue_rcv_skb (Danny Feng) [652537] - [scsi] qla2xxx: check null fcport in _queuecommands (Chad Dupuis) [644863] - [net] qlcnic: Fix missing error codes (Chad Dupuis) [637194] - [usb] wacom: add support for Cintiq 21UX2 (Aristeu Rozanski) [652731] - [xen] hvm: add HVMOP_get_time hypercall (Paolo Bonzini) [638082] [2.6.18-232.el5] - [scsi] mpt2sas: use correct pci_resource_flag for compare (Tomas Henzl) [649885] - [sound] rme9652: prevent reading uninitialized stack mem (Stanislaw Gruszka) [648709 648714] {CVE-2010-4080 CVE-2010-4081} - [net] packet: fix information leak to userland (Jiri Pirko) [649898] - [ipc] sys_semctl: fix kernel stack leakage (Danny Feng) [648722] {CVE-2010-4083} - [misc] kernel: remove yield from stop_machine paths (Oleg Nesterov) [634454] - [fs] dlm: reduce cond_resched during send (David Teigland) [604139] - [fs] dlm: use TCP_NODELAY (David Teigland) [604139] - [fs] nfs: fix a referral error Oops (Steve Dickson) [556886] - [fs] gfs2: fix race in unlinked inode deallocation (Robert S Peterson) [643165] - [scsi] retry on DID_REQUEUE errors (Mike Christie) [627836] - [net] sctp: do not reset packet during sctp_packet_config (Jiri Pirko) [637867] - [net] bnx2: add AER support (John Feeney) [617024] - [net] bonding: no lock on copy/clear VLAN list on slave (Andy Gospodarek) [627974] - [scsi] gdth: prevent integer overflow in ioc_general (Frantisek Hrbata) [651176] [2.6.18-231.el5] - [scsi] scsi_dh_alua: remove IBM Power Virtual SCSI ALUA (Steve Best) [567292] - [fs] gfs2: flock (LOCK_EX|LOCK_NB) blocks (Robert S Peterson) [648602] - [scsi] lpfc: update version for 8.2.0.86 driver release (Rob Evers) [645881] - [scsi] lpfc: fix race sending FDISC to un-init VPI (Rob Evers) [645881] - [scsi] lpfc: fix mailbox handling for UNREG_RPI_ALL case (Rob Evers) [645881] - [kernel] add stop_machine barrier to fix lock contention (Prarit Bhargava) [634454] - [scsi] bnx2i: fix ip address formatting and oops (Mike Christie) [646708] - [scsi] be2iscsi: remove premature free of cid (Mike Christie) [640029] - [fs] proc: make proc pid limits world readable (Jiri Olsa) [611535] - [ide] atiixp: fix locking hang in ide layer ATIIXP driver (James Leddy) [586482] - [security] only check mmap_min_addr perms for write (Eric Paris) [623519] - [ata] sata_sil24: add DID for another adaptec flavor (David Milburn) [640586] - [s390] cio: prevent panic in I/O cancel function (Hendrik Brueckner) [647807] - [s390] cio: prevent panic after unexpected I/O interrupt (Hendrik Brueckner) [647502] [2.6.18-230.el5] - [fs] nfs: fix regression in NFS Direct I/O path (Steve Dickson) [647297] - [fs] nfs: allow different protocol mounts to same server (Steve Dickson) [460659] - [scsi] lpfc: update version for 8.2.0.85 driver release (Rob Evers) [639028] - [scsi] lpfc: fix a BUG_ON in lpfc_abort_handler (Rob Evers) [639028] - [scsi] lpfc: use pci reset function on driver unload (Rob Evers) [639028] - [scsi] lpfc: replace some spin_lock_irqs w/spin_locks (Rob Evers) [639028] - [scsi] lpfc: fail io w/lost frame and target check cond (Rob Evers) [639028] - [scsi] lpfc: fix abort WQEs for FIP frames (Rob Evers) [639028] - [scsi] lpfc: update version for 8.2.0.84 driver release (Rob Evers) [639028] - [scsi] lpfc: unreg all rpi mbox command before unreg vpi (Rob Evers) [639028] - [scsi] lpfc: make all error values negative (Rob Evers) [639028] - [scsi] lpfc: remove duplicate code from lpfc_els_retry (Rob Evers) [639028] - [scsi] lpfc: fix circular spinlock dep w/scsi midlayer (Rob Evers) [639028] - [scsi] lpfc: update version for 8.2.0.83 driver release (Rob Evers) [639028] - [scsi] lpfc: fix FLOGI issue with McData4700 FC switch (Rob Evers) [639028] - [scsi] lpfc: fix possible roundrobin failover failure (Rob Evers) [639028] - [scsi] lpfc: fix unregister of unused FCF on timeout (Rob Evers) [639028] - [scsi] lpfc: fix heartbeat timeout during pause test (Rob Evers) [639028] - [scsi] lpfc: update version for 8.2.0.82 driver release (Rob Evers) [639028] - [scsi] lpfc: fix lpfc_els_retry delay/retry for PLOGI (Rob Evers) [639028] - [scsi] lpfc: streamline some spin locks (Rob Evers) [639028] - [scsi] lpfc: fix lpfc_initial_flogi return on failure (Rob Evers) [639028] - [scsi] lpfc: fix stray state update issue with new FCF (Rob Evers) [639028] - [scsi] lpfc: treat FCF prop with different index as error (Rob Evers) [639028] - [scsi] lpfc: fix misc auth issues on EmulexSecure FC HBA (Rob Evers) [639028] - [scsi] lpfc: update version for 8.2.0.81 driver release (Rob Evers) [639028] - [scsi] lpfc: move unload flag earlier in vport delete (Rob Evers) [639028] - [scsi] lpfc: fix IOCB leak on FDISC completion (Rob Evers) [639028] - [scsi] lpfc: fix possible crash on non-SLI4 hba (Rob Evers) [639028] - [scsi] mpt2sas: fix panic w/direct attached SEP (Jarod Wilson) [641086] - [redhat] spec: clean up rpmbuild kabideps detritus (Jarod Wilson) [644129] - [net] bnx2: Increase max rx ring size from 1K to 2K (Andy Gospodarek) [640026] - [net] bnx2: fixup broken NAPI accounting (Andy Gospodarek) [640026] - [s390] qeth: portno 1 support for OSM-device insufficient (Hendrik Brueckner) [644008] [2.6.18-229.el5] - [pci] include DL580 G7 in bfsort whitelist (Tony Camuso) [644879] - [net] igb: fix TX hang when loading igb with max_vfs > 7 (Stefan Assmann) [645284] - [virt] fix timekeeping_use_tsc check in init_tsc_timer (Prarit Bhargava) [643926] - [net] bonding: support netconsole over bonded link (Neil Horman) [235343] - [virt] xen: increase txqueuelen of netback vif devices (Miroslav Rezanina) [539626] - [sound] core: prevent heap corruption in snd_ctl_new (Jerome Marchand) [638484] {CVE-2010-3442} - [net] updated drivers need version string updates too (Andy Gospodarek) [635027] - [misc] softlockup: increase timeout to 60 seconds (Don Zickus) [643707] - [virt] xen: fix vdso failure under xen pv environment (Danny Feng) [644860] - [scsi] qla2xxx: fix zero test on array in ql_fc_loopback (Chad Dupuis) [644136] - [usb] net/catc: change NICs TX_MAX_BURST, fixes probe (Bob Picco) [637826] - [virt] console: dont block guest if host doesnt read (Amit Shah) [644735] - [media] video: remove compat code for VIDIOCSMICROCODE (Mauro Carvalho Chehab) [642471] {CVE-2010-2963} - [xen] vtd: let IOMMU use another IRQ without conflict (Don Dugger) [575790] - [net] bonding: correctly process non-linear skbs (Andy Gospodarek) [619070] - [net] rds: fix local privilege escalation (Eugene Teo) [642898] {CVE-2010-3904} [2.6.18-228.el5] - [char] tpm: pay attention to IRQ info from PNP in tpm_tis (Stefan Assmann) [636760] - [misc] cpufreq: add missing cpufreq_cpu_put (Prarit Bhargava) [643080] - [md] fix softlockup issue waiting for resync to finish (James Paradis) [573106] - [s390] dasd_eckd: remove PSF order/suborder ioctl check (John Feeney) [565973] - [fs] xfs: fix speculative allocation beyond eof (Dave Chinner) [638753] [2.6.18-227.el5] - [net] ixgbe: add option to control interrupt mode (Andy Gospodarek) [571495] - [md] raid0: fix data corruption on 32-bit w/large storage (Stanislaw Gruszka) [573185] - [scsi] fix write buffer length in scsi_req_map_sg (Steve Best) [637235] - [scsi] ipr: back out isr optimization changes (Steve Best) [634213] - [scsi] ipr: fix rsrc addr format and add attr for dev ID (Steve Best) [634213] - [fs] jbd2: properly align sized slab caches (Eric Sandeen) [638961] - [fs] ext4: dont scan/accumulate too many pages (Eric Sandeen) [572930] - [fs] gfs2: fix fatal filesystem consistency error (Robert S Peterson) [529914] - [scsi] lpfc: update version for 8.2.0.80 driver release (Rob Evers) [619917] - [scsi] lpfc: add Security Crypto support to CONFIG_PORT (Rob Evers) [619917] - [scsi] lpfc: remove unused variables (Rob Evers) [619917] - [scsi] lpfc: log msg 0318 is a warning, not an error (Rob Evers) [619917] - [scsi] lpfc: fix bug w/cable swap and non-empty nodelist (Rob Evers) [619917] - [scsi] lpfc: fix a failure to roundrobin on all FCFs (Rob Evers) [619917] - [scsi] lpfc: fix heartbeat timeout during fabric reconfig (Rob Evers) [619917] - [scsi] lpfc: update version for 8.2.0.79 driver release (Rob Evers) [619917] - [scsi] lpfc: fix a Clear Virtual Link recovery failure (Rob Evers) [619917] - [scsi] lpfc: clear VFI_REGISTERED flag after UNREG_VFI (Rob Evers) [619917] - [scsi] lpfc: ignore failure of REG_VPI mbox w/UPD bit set (Rob Evers) [619917] - [scsi] lpfc: fix ioctl using inactive ndlp for ct resp (Rob Evers) [619917] - [scsi] lpfc: fix bug w/ndlp not activated post-cable swap (Rob Evers) [619917] - [scsi] lpfc: add support UPD bit of REG_VPI mailbox cmd (Rob Evers) [619917] - [scsi] lpfc: fix driver discovery issue after link bounce (Rob Evers) [619917] - [scsi] lpfc: fix VLAN ID 0xFFF set to reg_fcfi mbox cmd (Rob Evers) [619917] - [scsi] lpfc: update version for 8.2.0.78 driver release (Rob Evers) [619917] - [scsi] lpfc: fix race condition causing >1 FLOGI commands (Rob Evers) [619917] - [scsi] lpfc: enhance round-robin FCF failover algorithm (Rob Evers) [619917] - [scsi] lpfc: clear Ignore Reg Login when purging mailbox (Rob Evers) [619917] - [scsi] lpfc: fix for ELS commands stuck on txq (Rob Evers) [619917] - [scsi] lpfc: added target queuedepth module parameter (Rob Evers) [619917] - [scsi] lpfc: fix RoundRobin FCF failover issue (Rob Evers) [619917] - [scsi] re-enable transistions from OFFLINE to RUNNING (Mike Christie) [641193] - [edac] i7300_edac: properly init per-csrow memory size (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: better initialize page counts (Mauro Carvalho Chehab) [487428] - [redhat] configs: enable edac debugging debug kernels (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: backport driver to RHEL5.6 codebase (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: add appropriate MAINTAINERS info (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: coding style cleanups (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: improve inline comments/documentation (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: reorganize file contents (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: properly detect channel on CE errors (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: enrich FBD info for corrected errors (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: enrich FBD error info for fatal errors (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: pre-allocate buffer for error messages (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: fix MTR x4/x8 detection logic (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: make debug messages consistent (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: remove stale get_error_info logic (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: add error registers cleanup support (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: add support for reporting FBD errors (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: properly detect error correction type (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: detect if device is in single mode (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: add detection of enhanced scrub mode (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: clear error bit after reading (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: add error detection for global errors (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: better PCI device names (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: Add FIXME about error correction type (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: add global error registers (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: display info if ECC is enabled or not (Mauro Carvalho Chehab) [487428] - [edac] i7300_edac: new driver for Intel i7300 chipset (Mauro Carvalho Chehab) [487428] - [mm] kswapd: dont get stuck in D state w/fragmented mem (Larry Woodman) [609668] - [misc] x86_64: fix hang at Booting processor 1/8 APIC (John Villalovos) [639851] - [misc] oprofile: add backtraces for compat mode processes (Jiri Olsa) [622024] - [net] tg3: re-enable 5717 B0 support (John Feeney) [634320] - [net] tg3: fix 5717/57765/5719 memory leak (John Feeney) [631963] - [net] tg3: display FW version, handle FW events correctly (John Feeney) [634325] - [net] bnx2: improve tx fast path performance (John Feeney) [632057] - [net] enic: update to upstream version 1.4.1.2 (Andy Gospodarek) [568111] - [net] ixgbe: fix 82598 link issue and panic w/shared irq (Andy Gospodarek) [637331] - [net] mlx4: bump max log_mtts_per_seg memory reservation (Jay Fenlason) [636198] - [usb] net: add support for CDC EEM (Don Zickus) [572519] - [scsi] qla2xxx: clear post-uncorrectable non-fatal errors (Chad Dupuis) [572258] - [net] qlcnic: fix poll implementation (Chad Dupuis) [625084] - [net] qlcnic: TSO feature added for vlan devices (Chad Dupuis) [625084] - [net] qlcnic: fix diag resource allocation (Chad Dupuis) [625084] - [net] qlcnic: fix loopback test (Chad Dupuis) [625084] - [net] qlcnic: fix bandwidth check (Chad Dupuis) [625084] - [net] qlcnic: fix gro support (Chad Dupuis) [625084] - [s390] kernel: fix fork vs /proc/stat race (Hendrik Brueckner) [627298] - [misc] amd_iommu: fix kdump OOM issue seen with iommu=pt (Bhavna Sarathy) [627663] - [fs] execve: fix interactivity and response to SIGKILL (Dave Anderson) [629176] - [virt] virtio_console: fix userspace NULL buffer submits (Amit Shah) [636046] - [virt] virtio_console: fix poll blocking when data ready (Amit Shah) [636020] - [virt] virtio_console: send SIGIO as needed for host evts (Amit Shah) [636053] - [virt] virtio_console: make hot-unplug safe (Amit Shah) [628828] - [net] virtio_net: defer skb allocation in receive path (Anthony Liguori) [565560] - [misc] increase logbuf size to 512K (Don Zickus) [563535] - [xen] hvm: correct accuracy of pmtimer (Andrew Jones) [633028] - [xen] fix guest crash on non-EPT machine may crash host (Paolo Bonzini) [621430] {CVE-2010-2938} [2.6.18-226.el5] - [net] bonding: fix IGMP report on slave during failover (Flavio Leitner) [637764] [2.6.18-225.el5] - [usb] serial/pl2303: add id for HP LD220-HP POS display (Don Zickus) [580698] [2.6.18-224.el5] - [scsi] mpt2sas: recover from injected PCIe bus errors (Tomas Henzl) [568281] - [message] fusion: remove unnecessary printk flooding logs (Tomas Henzl) [629081] - [scsi] scsi_dh_alua: handle transitioning state correctly (Mike Snitzer) [619361] - [scsi] lpfc: fix ioctl crash in lpfc_nlp_put (Rob Evers) [625841] - [net] trace: fix sk_buff typo in network tracepoints (Neil Horman) [568614] - [net] sched: fix info leak in traffic policing (Neil Horman) [636392] - [md] dm: fix deadlock with fsync vs. resize in lvm (Mikulas Patocka) [624068] - [misc] amd_iommu: fix slab corruption with iommu enabled (Larry Woodman) [530619] - [mm] add dirty_background_bytes and dirty_bytes sysctls (Larry Woodman) [635782] - [scsi] add scsi_dispatch_* tracepoints (Jiri Olsa) [568290] - [misc] oprofile: support Intel CPU Family 6, Model 22, 29 (Jiri Olsa) [493047] - [fs] aio: fix flush_workqueue deadlock (Jeff Moyer) [546700] - [net] be2net: use generated MAC addr for VFs, fix BUG_ON (Ivan Vecera) [630680] - [fs] sysfs: add labeling support for sysfs (Eric Paris) [582374] - [selinux] inode_*secctx hooks to access security ctx info (Eric Paris) [582374] - [fs] xattr: refactor vfs_setxattr for SELinux hook use (Eric Paris) [582374] - [redhat] configs: compile TCG modules for kernel-xen (Andrew Jones) [636100] - [net] netxen: fix poll implementation (Chad Dupuis) [625079] - [net] netxen: fix a race in netxen_nic_get_stats() (Chad Dupuis) [625079] - [net] netxen: update version 4.0.74 (Chad Dupuis) [625079] - [net] netxen: fix feature setting for vlan devices (Chad Dupuis) [625079] - [net] netxen: fix tx csum setting (Chad Dupuis) [625079] - [scsi] qla2xxx: recover on mmio_enable function for 82XX (Chad Dupuis) [613134] - [scsi] qla2xxx: add AER support for 82XX (Chad Dupuis) [613134] - [misc] amd_iommu: change default to passthrough mode (Bhavna Sarathy) [628018] - [misc] amd_iommu: add passthrough mode support (Bhavna Sarathy) [561127] - [misc] amd: dont use mwait_idle on AMD CPUs (Bhavna Sarathy) [610199] - [misc] amd: show L3 cache info for all CPU families (Bhavna Sarathy) [610199] - [misc] amd: unify L3 cache index disable checking (Bhavna Sarathy) [610199] - [misc] amd: avoid dupe sysfs bits for thresholding banks (Bhavna Sarathy) [610199] - [misc] amd: remove superfluous CPU family/model check (Bhavna Sarathy) [610199] - [misc] fix race in pid generation causing immediate reuse (Dave Anderson) [634850] [2.6.18-223.el5] - [redhat] kabi: add net symbols for RHEL5.6 (Jon Masters) [547689 555708 558999 568558 569606 613193] - [redhat] kabi: add Block and SCSI symbols for RHEL5.6 (Jon Masters) [547689 558999 566767 569606 574557] - [redhat] kabi: add PCI kernel symbols for RHEL5.6 (Jon Masters) [547689 555708 566767 568558 569606 597143 613193] - [redhat] kabi: add core kernel symbols for RHEL5.6 (Jon Masters) [545218 562242] - [net] ipvs: add one-packet scheduler (Thomas Graf) [578836] - [pci] fix pci_mmcfg_init making some memory uncacheable (Shyam Iyer) [581933] - [virt] xen: fix crashing of x86 hvm guest on x86_64 (Radim Krcmar) [605697] - [scsi] fix disk spinup for shorter path restore times (Rob Evers) [608109] - [scsi] aacraid: fix file system falsely going read-only (Rob Evers) [523920] - [misc] x86: fix cpuid_level on Intel pre-model 13 cpus (Prarit Bhargava) [606851] - [net] cxgb3: alt buffer freeing strategy when xen dom0 (Paolo Bonzini) [488882] - [net] bonding: enable output slave selection (Neil Horman) [516289] - [md] dm-raid1: fix data lost at mirror log failure (Mikulas Patocka) [555197] - [md] kcopyd: dm snapshot performance improvement (Mikulas Patocka) [466088] - [scsi] increase sync cache timeout (Mike Christie) [592322] - [scsi] log msg when getting Unit Attention (Mike Christie) [585431] - [virt] xen: add dummy mwait for xen to make it compile (Luming Yu) [573514] - [x86_64] use apic as main timer if non-stop-apic timer (Luming Yu) [573514] - [acpi] cpu: use MWAIT for C-state (Luming Yu) [573514] - [net] ipv4/defrag: check socket type before reference (Jiri Olsa) [632266] - [net] ipv4: prevent chained skb destined to UFO device (Jiri Olsa) [633450] - [block] cfq: no merges for queues w/no process references (Jeff Moyer) [605265] - [fs] aio: check for multiplication overflow in io_submit (Jeff Moyer) [629449] {CVE-2010-3067} - [misc] make compat_alloc_user_space incorporate access_ok (Don Howard) [634464] {CVE-2010-3081} - [fs] xfs: prevent reading uninitialized stack memory (Dave Chinner) [630807] {CVE-2010-3078} - [fs] aio: fix cleanup in io_submit_one (Jeff Moyer) [631721] {CVE-2010-3066} [2.6.18-222.el5] - [cpufreq] powernow-k8: fix per core frequency control (Bhavna Sarathy) [502397] - [misc] uid/gid: fix integer overflow in groups_search (Jerome Marchand) [629626] - [virt] xen: remove dead code (Paolo Bonzini) [507846] - [virt] xen: dont give up ballooning under mem pressure (Paolo Bonzini) [507846] - [net] ipv4: fix oops in writing to forwarding sysctl (Neil Horman) [629638] - [net] trace: backport some networking tracepoints (Neil Horman) [568614] - [misc] rename topology_*_cpumask back to *_siblings (Michal Schmidt) [633388] - [scsi] 3w_sas: add new 3ware SAS driver (Tomas Henzl) [572011] - [scsi] 3w-9xxx: update to 2.26.08.007-2.6.18RH (Tomas Henzl) [572004] - [scsi] megaraid: fix suspend function (Tomas Henzl) [630927] - [net] ipv6: add modes to do RA/RS when in forwarding mode (Thomas Graf) [614064] - [fs] nfsv4: fix bug when server returns NFS4ERR_RESOURCE (Steve Dickson) [620502] - [fs] nfsv4: ensure lockowners are labelled correctly (Steve Dickson) [620502] - [fs] nfsv4: add support for RELEASE_LOCKOWNER operation (Steve Dickson) [620502] - [fs] nfsv4: clean up for lockowner XDR encoding (Steve Dickson) [620502] - [fs] nfsv4: ensure we track lock state in r/w requests (Steve Dickson) [620502] - [scsi] qla4xxx: add PCIe AER support (Chad Dupuis) [624710] - [scsi] qla4xxx: update version to 5.02.03.00.05.06-d1 (Chad Dupuis) [623675] - [scsi] qla4xxx: resolve name space error with qla2xxx (Chad Dupuis) [623675] - [net] qlcnic: add AER support and miscellaneous fixes (Chad Dupuis) [614281] - [net] qlcnic: add NIC partitioning and other misc fixes (Chad Dupuis) [614281] - [net] qlcnic: misc upstream fixes for RHEL5.6 (Chad Dupuis) [614281] - [net] ipv4: fix buffer overflow in icmpmsg_put (Frantisek Hrbata) [601391] - [proc] allow access to /proc//fd after setuid (Danny Feng) [617707] - [fs] xfs: fix missing untrusted inode lookup tag (Dave Chinner) [607032] - [wireless] fixes from 2.6.32.18 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.17 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.16 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.14 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.13 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.12 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.11 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.10 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.9 (Stanislaw Gruszka) [621105] - [wireless] fixes from 2.6.32.8 (Stanislaw Gruszka) [621105] - [xen] emulate task switching (Paolo Bonzini) [625903] - [xen] introduce hvm_set_cr3 (Paolo Bonzini) [625903] - [xen] introduce hvm_virtual_to_linear_addr (Paolo Bonzini) [625903] - [xen] introduce hvm_set_segment_register (Paolo Bonzini) [625903] - [xen] hvm: big cleanups and fixes to event deliver logic (Paolo Bonzini) [625903] - [xen] vmx: simplify event-injection logic (Paolo Bonzini) [625903] - [xen] xm trigger NMI support for HVM guests (Paolo Bonzini) [625902] - [xen] virtual NMI support (Paolo Bonzini) [625902] - [xen] emulate injection of guest NMI (Paolo Bonzini) [625902] - [xen] introduce get_isa_irq_vector and is_isa_irq_masked (Paolo Bonzini) [625902] - [xen] hvm: fix UP suspend/resume/migration w/PV drivers (Miroslav Rezanina) [629773] [2.6.18-221.el5] - [acpi] check _PPC state on cpufreq start (Matthew Garrett) [581037] - [fs] aio: bump i_count instead of using igrab (Jeff Moyer) [626963] - [redhat] dont generate kABI deps when building w/o kABI (Jon Masters) [456765] - [watchdog] support for iTCO on Ibex Peak and Cougar Point (John Villalovos) [534152] - [edac] amd64_edac: whitespace cleanups (Bhavna Sarathy) [568576] - [edac] amd64_edac: minor formatting fix (Bhavna Sarathy) [568576] - [edac] amd64_edac: fix operator precedence error (Bhavna Sarathy) [568576] - [edac] amd64_edac: fix syndrome calculation on K8 (Bhavna Sarathy) [568576] - [edac] amd64_edac: simplify ECC override handling (Bhavna Sarathy) [568576] - [edac] amd64_edac: do not falsely trigger kerneloops (Bhavna Sarathy) [568576] - [edac] amd64_edac: restrict PCI config space access (Bhavna Sarathy) [568576] - [edac] amd64_edac: fix forcing module load/unload (Bhavna Sarathy) [568576] - [edac] amd64_edac: fix driver instance freeing (Bhavna Sarathy) [568576] - [edac] amd64_edac: fix k8 chip select reporting (Bhavna Sarathy) [568576] - [edac] amd64_edac: add leaner syndrome decoding algorithm (Bhavna Sarathy) [568576] - [scsi] bnx2i: link hba and cnic device before device reg (Mike Christie) [578005] - [scsi] bnx2i: make fw use statsn field to build header (Mike Christie) [578005] - [net] cnic: select bug fixes from upstream for RHEL5.6 (Mike Christie) [595548 619767] - [scsi] bnx2i: update version to bnx2i-2.1.3 (Mike Christie) [568606] - [scsi] bnx2i: add chip cleanup for remove module path (Mike Christie) [568606] - [scsi] bnx2i: rebind CFC cleanup to cm_abort/close comp (Mike Christie) [568606] - [scsi] bnx2i: add support for additional TMFs (Mike Christie) [568606] - [scsi] bnx2i: fix protocol violation on nopout responses (Mike Christie) [568606] - [scsi] bnx2i: fix response panic on unsolicited NOP-In (Mike Christie) [568606] - [scsi] bnx2i: fix bugs in handling of unsolicited NOP-Ins (Mike Christie) [568606] - [scsi] bnx2i: add host param ISCSI_HOST_PARAM_IPADDRESS (Mike Christie) [568606] - [scsi] bnx2i: fix TCP graceful termination initiation (Mike Christie) [568606] - [scsi] bnx2i: fine tune misc destroy timeout values (Mike Christie) [568606] - [scsi] bnx2i: optimize bnx2i_stop connection clean up (Mike Christie) [568606] - [scsi] bnx2i: create active linklist holding endpoints (Mike Christie) [568606] - [scsi] bnx2i: split hardware cleanup from ep_disconnect (Mike Christie) [568606] - [fs] dlm: fix try 1cb failure, part 2 (Abhijith Das) [504188] - [fs] dlm: no node callback when try 1cb lock req fails (David Teigland) [504188] - [misc] crypto: add Intel x86_64 hardware CRC32 support (Prarit Bhargava) [626018] - [net] bnx2: update to v2.0.8+ with new 5709 firmware j15 (John Feeney) [568601] - [net] tg3: update to 3.108+ and add 5718 B0, 5719 support (John Feeney) [567462] - [misc] move dev_name to device.h (John Feeney) [568551] - [misc] add WARN_ONCE macro (John Feeney) [568551] - [dma_v3] update I/O AT and DCA drivers (John Feeney) [568551] - [net] forcedeth: update to latest upstream for RHEL5.6 (Ivan Vecera) [628831] - [net] e1000e: update to upstream version 1.2.7-k2 (Andy Gospodarek) [566021] - [net] qla2xxx: fix display of link down state (Chad Dupuis) [627612] - [scsi] qla2xxx: rom lock recover if fw hangs holding lock (Chad Dupuis) [619814] - [scsi] qla2xxx: update AER support, do early abort cmds (Chad Dupuis) [619814] - [scsi] qla2xxx: add IS_QLA82XX check in update_fw_options (Chad Dupuis) [619814] - [scsi] qla2xxx: cover UNDERRUN case where SCSI status set (Chad Dupuis) [619814] - [scsi] qla2xxx: fix set fw hung and complete waiting mbx (Chad Dupuis) [619814] - [scsi] qla2xxx: fix seconds_since_last_heartbeat reset (Chad Dupuis) [619814] - [scsi] qla2xxx: correct extended sense-data handling (Chad Dupuis) [619814] - [scsi] qla2xxx: dont {s,g}et port MBC if invalid port id (Chad Dupuis) [619814] - [scsi] qla2xxx: stop firmware before doing init firmware (Chad Dupuis) [619814] - [xen] oprofile: force use of architectural perfmon (Don Dugger) [538564] - [xen] oprofile: support Intels arch perfmon registers (Don Dugger) [538564] - [xen] oprofile: add support for Core i7 and Atom (Don Dugger) [538564] [2.6.18-220.el5] - [block] cciss: version string to 3.6.22.RH1 (Tomas Henzl) [568830] - [block] cciss: bus_unregister_once not once per hba (Tomas Henzl) [568830] - [block] cciss: rename cciss_sector_size (Tomas Henzl) [568830] - [block] cciss: make log_unit_to_scsi3addr an inline (Tomas Henzl) [568830] - [block] cciss: fix enxio weirdness (Tomas Henzl) [568830] - [block] cciss: reorder functions (Tomas Henzl) [568830] - [block] cciss: fix raid level sysfs permissions (Tomas Henzl) [568830] - [block] cciss: make device attributes static (Tomas Henzl) [568830] - [block] cciss: make cciss_seq_show handle drv_array holes (Tomas Henzl) [568830] - [block] cciss: add via_ioctl param to rebuild_lun_table (Tomas Henzl) [568830] - [block] cciss: add support for multi-lun tape devices (Tomas Henzl) [568830] - [block] cciss: notify scsi midlayer of device changes (Tomas Henzl) [568830] - [block] cciss: fix scatter-gather on scsi side (Tomas Henzl) [568830] - [block] cciss: add more commands for tapes (Tomas Henzl) [568830] - [block] cciss: factor out scsi dma code (Tomas Henzl) [568830] - [block] cciss: eliminate unnecessary pointer use (Tomas Henzl) [568830] - [block] cciss: dont use void pointer for hba (Tomas Henzl) [568830] - [block] cciss: detect bad alignment (Tomas Henzl) [568830] - [block] cciss: factor out sg chain block mapping code (Tomas Henzl) [568830] - [block] cciss: fix DMA direction kludge (Tomas Henzl) [568830] - [block] cciss: simplify scatter gather code (Tomas Henzl) [568830] - [block] cciss: factor out scatter gather alloc and free (Tomas Henzl) [568830] - [block] cciss: enhanced scatter-gather support (Tomas Henzl) [568830] - [block] cciss: remove the scan thread (Tomas Henzl) [568830] - [block] cciss: fix scsi status typo (Tomas Henzl) [568830] - [block] cciss: remove sendcmd (Tomas Henzl) [568830] - [block] cciss: clean up code in cciss_shutdown (Tomas Henzl) [568830] - [block] cciss: retry driver cmds with unit attention cond (Tomas Henzl) [568830] - [block] cciss: no pci_release_regions on regions not held (Tomas Henzl) [568830] - [block] cciss: fix memory leak in cciss_init_one (Tomas Henzl) [568830] - [block] cciss: dynamically allocate drive info struct (Tomas Henzl) [568830] - [block] cciss: fix raid label related magic number (Tomas Henzl) [568830] - [block] cciss: no check busy initializing in cciss open (Tomas Henzl) [568830] - [block] cciss: add usage_count attribute to logical drive (Tomas Henzl) [568830] - [block] cciss: add raid_level attribute to logical drives (Tomas Henzl) [568830] - [block] cciss: add lunid attribute to log drives in /sys (Tomas Henzl) [568830] - [block] cciss: dont call putdisk excessively (Tomas Henzl) [568830] - [block] cciss: zero out drive info on removal (Tomas Henzl) [568830] - [block] cciss: handle special case for /dev/cciss/c0d0 (Tomas Henzl) [568830] - [block] cciss: handle cases when cciss_add_disk fails (Tomas Henzl) [568830] - [block] cciss: fix and rearrange logical drive sysfs code (Tomas Henzl) [568830] - [block] cciss: dynamic allocate struct device for logical (Tomas Henzl) [568830] - [block] cciss: Use helper functions to access drive_data (Tomas Henzl) [568830] - [block] cciss: remove withirq parameter where possible (Tomas Henzl) [568830] - [block] cciss: remove sysfs entries during driver cleanup (Tomas Henzl) [568830] - [block] cciss: add cciss_sysfs_stat_inquiry function (Tomas Henzl) [568830] - [block] cciss: add CTLR_LUNID define (Tomas Henzl) [568830] - [block] cciss: Remove unused was_only_controller_node (Tomas Henzl) [568830] - [block] cciss: fix problem with LUN addressing (Tomas Henzl) [568830] - [block] cciss: fix problem with SG_IO completions (Tomas Henzl) [568830] - [block] cciss: retry commands from within sendcmd_withirq (Tomas Henzl) [568830] - [block] cciss: change SCSI error handling code (Tomas Henzl) [568830] - [block] cciss: remove sendcmd reject processing (Tomas Henzl) [568830] - [block] cciss: let scsi error handling work w/interrupts (Tomas Henzl) [568830] - [block] cciss: factor out error processing code (Tomas Henzl) [568830] - [block] cciss: factor out target status code (Tomas Henzl) [568830] - [block] cciss: simplify device addressing methods (Tomas Henzl) [568830] - [block] cciss: factor out sendcmd_withirq core (Tomas Henzl) [568830] - [block] cciss: use uninterruptible timeout when waiting (Tomas Henzl) [568830] - [block] cciss: fix lun reset code (Tomas Henzl) [568830] - [block] cciss: factor out sendcmd core for sane interface (Tomas Henzl) [568830] - [block] cciss: remove double setting of h->busy (Tomas Henzl) [568830] - [block] cciss: disable scan thread, it prevents rmmod (Tomas Henzl) [568830] - [net] netxen: fix inconsistent lock state (Chad Dupuis) [562937] - [net] netxen: protect tx timeout recovery by rtnl lock (Chad Dupuis) [562937] - [net] netxen: fix for kdump (Chad Dupuis) [562937] - [net] netxen: fix caching window register (Chad Dupuis) [562937] - [net] netxen: fix rcv buffer leak (Chad Dupuis) [562937] - [net] netxen: fix memory leaks in error path (Chad Dupuis) [562937] - [net] netxen: remove unnecessary returns (Chad Dupuis) [562937] - [net] netxen: handle queue manager access (Chad Dupuis) [562937] - [net] netxen: to fix onchip memory access. (Chad Dupuis) [562937] - [net] netxen: remove unnecessary size checks (Chad Dupuis) [562937] - [net] netxen: fix register usage (Chad Dupuis) [562937] - [net] netxen: fix deadlock in aer (Chad Dupuis) [562937] - [net] netxen: fix interrupt for NX2031 (Chad Dupuis) [562937] - [net] netxen: fix fw load from file (Chad Dupuis) [562937] - [net] netxen: validate unified romimage (Chad Dupuis) [562937] - [net] netxen: fix corner cases of firmware recovery (Chad Dupuis) [562937] - [net] netxen: update version to 4.0.73 (Chad Dupuis) [562937] - [net] netxen: fix tx csum status (Chad Dupuis) [562937] - [net] netxen: added sanity check for pci map (Chad Dupuis) [562937] - [net] netxen: fix warning in ioaddr for NX3031 chip (Chad Dupuis) [562937] - [net] netxen: fix bios version calculation (Chad Dupuis) [562937] - [net] netxen: disable on NX_P3_B1 hardware (Chad Dupuis) [562937] - [net] netxen: protect resource cleanup by rtnl lock (Chad Dupuis) [562937] - [net] netxen: fix tx timeout recovery for NX2031 chip (Chad Dupuis) [562937] - [net] netxen: fix sparse warning (Chad Dupuis) [562937] - [net] netxen: fix license header (Chad Dupuis) [562937] - [net] netxen: fix endianness intr coalesce (Chad Dupuis) [562937] - [net] netxen: fix endianness read mac address (Chad Dupuis) [562937] - [net] netxen: use DEFINE_PCI_DEVICE_TABLE() (Chad Dupuis) [562937] - [net] netxen: update version to 4.0.72 (Chad Dupuis) [562937] - [net] netxen: fix set mac addr (Chad Dupuis) [562937] - [net] netxen: fix smatch warning (Chad Dupuis) [562937] - [net] netxen: fix tx ring memory leak (Chad Dupuis) [562937] - [net] netxen: fix ethtool link test (Chad Dupuis) [562937] - [net] netxen: move && and || to end of previous line (Chad Dupuis) [562937] - [net] netxen: fix ethtool register dump (Chad Dupuis) [562937] - [net] netxen: fix unified fw size check (Chad Dupuis) [562937] - [net] netxen: support pci error handlers (Chad Dupuis) [562937] - [net] netxen: fix tx timeout recovery (Chad Dupuis) [562937] - [net] netxen: minor suspend resume fixes (Chad Dupuis) [562937] - [net] netxen: use module parameter correctly (Chad Dupuis) [562937] - [net] netxen: fix firmware type check (Chad Dupuis) [562937] - [net] netxen: fix napi intr enable check (Chad Dupuis) [562937] - [net] netxen: protect device reset by rtnl_lock (Chad Dupuis) [562937] - [net] netxen: fix failure cases for fw hang recovery (Chad Dupuis) [562937] - [net] netxen: fix debug tools access for NX2031 (Chad Dupuis) [562937] - [misc] clone: fix race between copy_process and de_thread (Jiri Olsa) [590864] - [s390] dasd: let recovery cqr get flags from failed cqr (Hendrik Brueckner) [628838] - [net] ipv4: fix leak, rcu and length in route cache gc (Thomas Graf) [541224] - [net] tcp: zero out rx_opt in tcp_disconnect (Thomas Graf) [539560] - [net] ipv6: Update Neighbor Cache when IPv6 RA received (Thomas Graf) [560870] - [net] ipv6: Plug sk_buff leak in ipv6_rcv (Thomas Graf) [574913] - [redhat] configs: enable building k10temp sensor driver (Michal Schmidt) [443745] - [hwmon] add k10temp sensor driver (Michal Schmidt) [443745] - [pci] add AMD 10h, 11h PCI IDs to pci_ids.h (Michal Schmidt) [443745] - [net] vxge: fix multicast issues (Michal Schmidt) [608598] - [net] vxge: show startup message with KERN_INFO (Michal Schmidt) [608598] - [net] vxge: fix memory leak in vxge_alloc_msix error path (Michal Schmidt) [608598] - [net] vxge: fix checkstack warning in vxge_probe (Michal Schmidt) [608598] - [net] vxge: remove unnecessary returns from void functs (Michal Schmidt) [608598] - [net] vxge: version update (Michal Schmidt) [608598] - [net] vxge: pass correct number of VFs value to sriov (Michal Schmidt) [608598] - [net] vxge: allow load for all enumerated pci functions (Michal Schmidt) [608598] - [net] vxge: fix possible memory leak in device init (Michal Schmidt) [608598] - [net] vxge: add missing vlan_rx_kill_vid method (Michal Schmidt) [594404 608598] - [net] vxge: remove trailing space in messages (Michal Schmidt) [608598] - [net] vxge: use pci_dma_mapping_error to test return val (Michal Schmidt) [608598] - [net] vxge: use DEFINE_PCI_DEVICE_TABLE (Michal Schmidt) [608598] - [net] vxge: use DMA_BIT_MASK instead of plain values (Michal Schmidt) [608598] - [net] vxge: move && and || to end of previous line (Michal Schmidt) [608598] - [net] bnx2x: fix wrong return from bnx2x_trylock_hw_lock (Michal Schmidt) [572012] - [net] bnx2x: small fix in stats handling (Michal Schmidt) [572012] - [net] bnx2x: update bnx2x version to 1.52.53-4 (Michal Schmidt) [572012] - [net] bnx2x: fix PHY locking problem (Michal Schmidt) [572012] - [net] bnx2x: adjust confusing if indentation (Michal Schmidt) [572012] - [net] bnx2x: load firmware in open instead of probe (Michal Schmidt) [572012] - [net] bnx2x: fix net/ip6_checksum.h include (Michal Schmidt) [572012] - [net] bnx2x: update driver version to 1.52.53-3 (Michal Schmidt) [572012] - [net] bnx2x: move statistics handling code to own files (Michal Schmidt) [572012] - [net] bnx2x: create separate file for ethtool routines (Michal Schmidt) [572012] - [net] bnx2x: create bnx2x_cmn.* files (Michal Schmidt) [572012] - [net] bnx2x: main netdev does not need ->poll, ->weight (Michal Schmidt) [572012] - [net] bnx2x: move global variable load_count to bnx2x.h (Michal Schmidt) [572012] - [net] bnx2x: store module parameters in main structure (Michal Schmidt) [572012] - [net] bnx2x: create separate folder for bnx2x driver (Michal Schmidt) [572012] - [net] bnx2x: set RXHASH for LRO packets (Michal Schmidt) [572012] - [net] bnx2x: return -EINVAL for unsupported flags (Michal Schmidt) [572012] - [net] bnx2x: fail when trying to setup unsupported features (Michal Schmidt) [572012] - [net] bnx2x: fix link problem with some DACs (Michal Schmidt) [572012] - [net] bnx2x: protect a SM state change (Michal Schmidt) [572012] - [net] bnx2x: avoid TX timeout when stopping device (Michal Schmidt) [572012] - [net] bnx2x: fix check to get RX hash (Michal Schmidt) [572012] - [net] bnx2x: remove two unneeded prefetch calls (Michal Schmidt) [572012] - [net] bnx2x: add support for receive hashing (Michal Schmidt) [572012] - [net] bnx2x: update date and version to 1.52.53-1 (Michal Schmidt) [572012] - [net] bnx2x: dont report link down if already down (Michal Schmidt) [572012] - [net] bnx2x: rework power state handling code (Michal Schmidt) [572012] - [net] bnx2x: use register mask to avoid parity error (Michal Schmidt) [572012] - [net] bnx2x: fix MSI-X enabling flow (Michal Schmidt) [572012] - [net] bnx2x: add new statistics (Michal Schmidt) [572012] - [net] bnx2x: white space and formatting fixups (Michal Schmidt) [572012] - [net] bnx2x: protect code with NOMCP (Michal Schmidt) [572012] - [net] bnx2x: increase DMAE max write size for 57711 (Michal Schmidt) [572012] - [net] bnx2x: add skeleton VPD firmware version read code (Michal Schmidt) [572012] - [net] bnx2x: parity error handling for 57710 and 57711 (Michal Schmidt) [572012] - [net] bnx2x: use DEFINE_PCI_DEVICE_TABLE() (Michal Schmidt) [572012] - [net] bnx2x: move && and || to end of previous line (Michal Schmidt) [572012] - [net] bnx2x: remove trailing space in messages (Michal Schmidt) [572012] - [net] bnx2x: clean up debug prints (Michal Schmidt) [572012] - [net] bnx2x: use macro for phy address (Michal Schmidt) [572012] - [net] bnx2x: convert more to %pM (Michal Schmidt) [572012] - [net] bnx2x: use pci_ioremap_bar (Michal Schmidt) [572012] - [net] bnx2x: make NAPI poll routine closer to upstream (Michal Schmidt) [572012] - [net] bnx2x: typo fixes (Michal Schmidt) [572012] macro helpers (Michal Schmidt) [572012] - [net] bnx2x: use DMA_BIT_MASK(64) over DMA_64BIT_MASK (Michal Schmidt) [572012] - [net] sfc: update to upstream version 2.6.36-rc1 code (Michal Schmidt) [556476] - [net] sfc: undo now unnecessary RHEL workqueue changes (Michal Schmidt) [556476] - [net] netdevice: add netdev_for_each_mc_addr (Michal Schmidt) [556476] - [misc] add round_jiffies_up and related routines (Michal Schmidt) [556476] - [net] core: bug fix for vlan + gro issue (Michal Schmidt) [556476] - [net] vlan/bridge: fix skb_pull_rcsum fatal exception (Michal Schmidt) [556476] - [fs] proc: add file position and flags info in /proc (Jerome Marchand) [498081] - [net] e100*/igb*/ixgb*: add missing read memory barrier (Andy Gospodarek) [629761] - [net] igb/igbvf: turn on TSO for VLAN interfaces (Andy Gospodarek) [629457] - [net] vlan: control vlan device TSO status with ethtool (Andy Gospodarek) [629457] - [xen] vtd: fix parameter iommu=no-intremap (Paolo Bonzini) [576478] [2.6.18-219.el5] - [net] udp: fix bogus UFO packet generation (Jarod Wilson) [632266] - [virt] xen: fix xennet driver to not corrupt data (Neil Horman) [630129] - [virt] fix 64-bit compile issue in VMWare TSC update (Prarit Bhargava) [538022] [2.6.18-218.el5] - [net] tcp: prevent sending past receiver window with TSO (Thomas Graf) [494400] - [misc] netdevice: add printk helpers for net drivers (Michal Schmidt) [629634] - [misc] drivers: remove private definitions of pr_* macros (Michal Schmidt) [629634] - [misc] kernel: add pr_* family of printk helper macros (Michal Schmidt) [629634] - [infiniband] iw_cxgb3: always define states[] (Michal Schmidt) [629634] - [net] ifb: fix syntax error in pr_debug usage (Michal Schmidt) [629634] - [net] tg3: disable PME bit during resume (John Feeney) [598530] - [net] netfilter: fix crashes caused by fragment jumps (Jiri Pirko) [617268] - [virt] update VMWare TSC code (Prarit Bhargava) [538022] [2.6.18-217.el5] - [time] implement fine grained accounting for PM timer (Ulrich Obergfell) [586285] - [time] initialize tick_nsec based on kernel parameters (Ulrich Obergfell) [586285] - [time] introduce 'pmtimer_fine_grained' kernel parameter (Ulrich Obergfell) [586285] - [scsi] ibmvfc: Fix terminate_rport_io (Steve Best) [628615] - [fs] ext3: flush disk caches on fsync when needed (Eric Sandeen) [592961] - [fs] ext4: move aio completion after unwritten extent con (Eric Sandeen) [617690] - [fs] xfs: move aio completion after unwritten extent conv (Eric Sandeen) [617690] - [fs] direct-io: move aio_complete into ->end_io (Eric Sandeen) [617690] - [fs] ext4: quota updates for RHEL5.6 (Eric Sandeen) [457153] - [fs] ext4: quota infrastructure updates for RHEL5.6 (Eric Sandeen) [457153] - [fs] ext4: core updates for RHEL5.6 (Eric Sandeen) [457153] - [fs] ext4: add new kernel helpers for RHEL5.6 (Eric Sandeen) [457153] - [infiniband] sync iser driver with upstream for RHEL5.6 (Mike Christie) [623595] - [net] cxgb3: dont flush workqueue if called from wq (Doug Ledford) [630124] - [net] cxgb3: get fatal parity error status on interrupt (Doug Ledford) [630124] - [net] cxgb3: clear fatal parity error register on init (Doug Ledford) [630124] - [net] cxgb3: add define for fatal parity error bit (Doug Ledford) [630124] - [net] qlge: update driver version to 1.00.00.25 (Chad Dupuis) [567402] - [net] qlge: fix a eeh handler to not add a pending timer (Chad Dupuis) [567402] - [net] qlge: update driver version to 1.00.00.24 (Chad Dupuis) [567402] - [net] qlge: remove error pkt flags, enable net csum error (Chad Dupuis) [567402] - [net] qlge: restore promiscuous setting in ql_adapter_up (Chad Dupuis) [567402] - [net] qlge: change cpu_to_be16 to htons for udp checksum (Chad Dupuis) [567402] - [net] qlge: remove firmware dependency for MPI coredump (Chad Dupuis) [567402] - [net] qlge: adding ndev->last_rx = jiffies (Chad Dupuis) [567402] - [net] qlge: fix pktgen issue reported by Cisco (Chad Dupuis) [567402] - [virtio] fix balloon without VIRTIO_BALLOON_F_STATS_VQ (Amit Shah) [601692] - [virtio] fix sched while atomic in virtio_balloon stats (Amit Shah) [601692] - [virtio] add memory stat reporting to balloon driver (Amit Shah) [601692] [2.6.18-216.el5] - [net] hashlimit: check allocation before freeing memory (Wade Mealing) [615229] - [net] clusterip: check allocation before freeing memory (Wade Mealing) [615227] - [ia64] mca: save I-resources when INIT is sent (Takao Indoh) [471136] - [scsi] mpt2sas: update to 05.101.00.02 (Tomas Henzl) [568281] - [scsi] ipr: bump the version number and date (Steve Best) [626566] - [scsi] ipr: fix resource type update and add attributes (Steve Best) [626566] - [scsi] ipr: fix transition to operational on new adapters (Steve Best) [626566] - [scsi] ipr: change endian swap key for hw spec change (Steve Best) [626566] - [scsi] ipr: add support for Obsidian-E embedded adapter (Steve Best) [626566] - [scsi] ipr: add MMIO write for BIST on 64-bit adapters (Steve Best) [626566] - [scsi] ipr: move setting of allow_restart flag (Steve Best) [626566] - [scsi] ipr: add writeq definition if needed (Steve Best) [626566] - [scsi] ipr: add endian swap enable for 64-bit adapters (Steve Best) [626566] - [scsi] ipr: fix resource path display and formatting (Steve Best) [626566] - [scsi] ipr: improve interrupt service routine performance (Steve Best) [626566] - [scsi] ipr: set data list length in request control block (Steve Best) [626566] - [scsi] ipr: fix register read address on 64-bit adapters (Steve Best) [626566] - [scsi] ipr: add resource path to IOA status area struct (Steve Best) [626566] - [scsi] ipr: implement fixes for 64-bit adapter support (Steve Best) [626566] - [scsi] ipr: fix compile warning (Steve Best) [626566] - [fs] ext4: allocate ->s_blockgroup_lock separately (Eric Sandeen) [614957] - [pci] xen: disable broken msi/msix on ia64 xen (Radim Krcmar) [518463] - [misc] fix non-CONFIG_NUMA x86_64 compile (Prarit Bhargava) [583673] - [pnp] ignore both UNSET and DISABLED ioresources (Prarit Bhargava) [560540] - [pnp] reserve system board iomem and ioport resources (Prarit Bhargava) [560540] - [net] ipv4: add IP_NODEFRAG option for IPv4 socket (Jiri Olsa) [562220] - [nfs] sunrpc: cancel task_cleanup work in xprt_destroy (Jeff Layton) [611938] - [fs] nfs: fix file create failure with HPUX client (Jeff Layton) [605720] - [net] ixgbe: update to upstream version 2.0.84-k2 (Andy Gospodarek) [568602] - [net] vlan: add VLAN bitfield defines (Andy Gospodarek) [566027] - [net] igb: actually support self_test ethtool command (Andy Gospodarek) [593862] - [net] ixgbe: actually support self_test ethtool command (Andy Gospodarek) [593862] - [net] ixgbevf: update to version 1.0.0-k1 (Andy Gospodarek) [566027] - [net] bonding: fix ALB mode to balance traffic on VLANs (Andy Gospodarek) [578531] - [net] igb: do register dump just before resetting adapter (Andy Gospodarek) [568602] - [kernel] nmi_watchdog: output count during check on boot (Don Zickus) [613667] - [misc] nmi: fix bogus nmi watchdog stuck messages (Don Zickus) [455323] - [virt] nmi: dont print NMI stuck messages on guests (Don Zickus) [455323] - [misc] nmi_watchdog: add /proc/sys/kernel/nmi_watchdog (Don Zickus) [455323] - [misc] scripts: use system python instead of env (Don Zickus) [521878] - [pci] sr-iov: fix broken resource alignment calculations (Don Dutile) [523341] - [pci] clean up resource alignment management (Don Dutile) [523341] - [pci] sr-iov: assign pci resources earlier (Don Dutile) [523341] - [net] vxge: update version to reflect RHEL5.6 changes (Bob Picco) [580413] - [net] vxge: set func_id 0 as privileged for normal func (Bob Picco) [580413] - [net] vxge: fix MSIX interrupt configuration (Bob Picco) [580413] - [net] vxge: fix ethtool -d output (Bob Picco) [580413] - [net] vxge: align tmemory only if misaligned (Bob Picco) [580413] - [net] vxge: fix hw buffer starvation from short packets (Bob Picco) [580413] - [net] vxge: fix receive stall w/ driver/chip out-of-sync (Bob Picco) [580413] - [cpufreq] add APERF/MPERF support for AMD processors (Bhavna Sarathy) [621335] - [xen] vmx: fix handling of FS/GS base MSRs (Michal Novotny) [613187] - [xen] hv: improve backtrace support on ia64 (Andrew Jones) [499553] - [xen] support new AMD family 0x15 CPU and NB hardware (Bhavna Sarathy) [619092] - [xen] allow dom0 to control core performance boost (Bhavna Sarathy) [568771] - [xen] add support for dom0 to access APERF/MPERF for AMD (Bhavna Sarathy) [568772] [2.6.18-215.el5] - [sound] ALSA HDA driver update for RHEL5.6 (Jaroslav Kysela) [592199] - [net] igbvf: update to latest upstream for RHEL5.6 (Stefan Assmann) [566028] - [net] igb: update igb driver to support Portville ACS (Stefan Assmann) [566024] - [net] igb: fix error in igb AER code (Stefan Assmann) [612212] - [ata] libata: fix suspend/resume for ATA SEMB devices (David Milburn) [622559] - [ata] sata_mv: msi masking fix (David Milburn) [554872] - [ata] sata_mv: Properly initialize main irq mask (David Milburn) [554872] - [ata] sata_mv: remove bogus nsect restriction (David Milburn) [554872] - [ata] sata_mv: dont read hc_irq_cause (David Milburn) [554872] - [ata] sata_mv: add the Gen IIE flag to the SoC devices (David Milburn) [554872] - [ata] sata_mv: dont issue two DMA commands concurrently (David Milburn) [554872] - [ata] sata_mv: safer logic for limit warnings (David Milburn) [554872] - [ata] sata_mv: warn on PIO with multiple DRQs (David Milburn) [554872] - [ata] sata_mv: enable async_notify for 60x1 Rev.C0 and up (David Milburn) [554872] - [s390] zfcp: Do not print bit mask as link speed (Hendrik Brueckner) [619857] - [s390] dasd: force online does not work (Hendrik Brueckner) [619466] - [s390] dasd: allocate fallback cqr for reserve/release (Hendrik Brueckner) [619465] - [s390] qeth: wait for finished recovery (Hendrik Brueckner) [619456] - [s390] qeth: avoid loop if ipa command response missing (Hendrik Brueckner) [619451] - [s390] zfcp: no force close when port is already closed (Hendrik Brueckner) [612263] - [s390] zfcp: Do not unblock rport from REOPEN_PORT_FORCED (Hendrik Brueckner) [612266] - [s390] zfcp: Fail erp after timeout (Hendrik Brueckner) [612261] - [message] fusion: update to 3.4.15 (Tomas Henzl) [568292] - [net] ipv6: reroute packets after netfilter mangling (Thomas Graf) [517327] - [scsi] lpfc: update driver from 8.2.0.76.1p to 8.2.0.77 (Rob Evers) [603806] - [virt] xenbus: avoid deadlock unregistering xenbus watch (Paolo Bonzini) [429102] - [ia64] kdump: prevent hang on INIT interrupt during boot (Neil Horman) [506694] - [net] qla3xxx: fix oops on too-long netdev priv structure (Neil Horman) [620508] - [kprobes] kretprobe: set status to fix fault handling (Josh Stone) [615121] - [net] bonding: fix a race in calls to slave MII ioctls (Flavio Leitner) [621280] - [virt] xen-kernel: improve backtrace support on ia64 (Andrew Jones) [499553] - [acpi] thinkpad-acpi: lock down video output state access (Don Howard) [607037] - [fs] xfs: fix untrusted inode number lookup (Dave Chinner) [624862] [2.6.18-214.el5] - [mm] accept an abutting stack segment (Jiri Pirko) [607858] {CVE-2010-2240} - [fs] fix dcache accounting bug (Josef Bacik) [596548] - [scsi] mptsas: enable TLR for SSP TAPE drives (Tomas Henzl) [599420] - [scsi] sas: add transport layer retry support (Tomas Henzl) [599420] - [scsi] fix potential kmalloc failure in scsi_get_vpd_page (Tomas Henzl) [599420] - [scsi] fix bugs in scsi_vpd_inquiry (Tomas Henzl) [599420] - [scsi] add VPD helper (Tomas Henzl) [599420] - [x86_64] implement vDSO randomization (Danny Feng) [459763] - [virt] xen: dont adjust time for ntp clock slowing (Bretislav Kabele) [553407] - [net] ibmveth: fix lost IRQ that leads to service loss (Steve Best) [626841] - [scsi] cxgb3i: sync driver with upstream for RHEL5.6 (Mike Christie) [567444] - [net] sched: fix some kernel memory leaks (Jiri Pirko) [624638] {CVE-2010-2942} - [tpm] autoload tpm_tis driver (John Feeney) [530123] - [usb] fix usbfs information leak (Eugene Teo) [566629] {CVE-2010-1083} - [virtio] console: Backport driver for RHEL 5.6 (Amit Shah) [620037] - [virtio] add virtqueue_ vq_ops wrappers (Amit Shah) [620037] - [virtio] initialize vq->data entries to NULL (Amit Shah) [620037] - [virtio] add ability to detach unused buffers from vrings (Amit Shah) [620037] - [virtio] make add_buf return capacity remaining (Amit Shah) [620037] - [virtio] find_vqs/del_vqs virtio operations (Amit Shah) [620037] - [virtio] add names to virtqueue struct (Amit Shah) [620037] - [virtio] more neatening of virtio_ring macros (Amit Shah) [620037] - [virtio] fix BAD_RING, START_US and END_USE macros (Amit Shah) [620037] [2.6.18-213.el5] - [mm] pass correct mm when growing stack (Jiri Pirko) [607858] {CVE-2010-2240} - [mm] fix up some user-visible effects of stack guard page (Jiri Pirko) [607858] {CVE-2010-2240} - [mm] fix page table unmap for stack guard page properly (Jiri Pirko) [607858] {CVE-2010-2240} - [mm] fix missing unmap for stack guard page failure case (Jiri Pirko) [607858] {CVE-2010-2240} - [mm] keep a guard page below a grow-down stack segment (Jiri Pirko) [607858] {CVE-2010-2240} - [net] tcp: fix div by zero in congestion control protos (Neil Horman) [608641] - [net] tcp: tcp_vegas ssthresh bug fix (Thomas Graf) [612709] - [net] tcp: tcp_vegas cong avoid fix (Thomas Graf) [612709] - [net] tcp: fix overflow bug in Vegas (Thomas Graf) [612709] - [net] tcp: fix Vegas bug in disabling slow start (Thomas Graf) [612709] - [net] tcp: increase Vegas default alpha and beta params (Thomas Graf) [612709] - [net] tcp: tcp_hybla zero congestion window growth fix (Thomas Graf) [612709] - [net] tcp: htcp last_cong bug fix (Thomas Graf) [612709] - [net] tcp: TCP cubic v2.2 (Thomas Graf) [612709] - [net] tcp: faster cube root (Thomas Graf) [612709] - [net] tcp: backport cubic update for net-2.6.22 (Thomas Graf) [612709] - [net] tcp: set Cubic and BIC default thresholds to zero (Thomas Graf) [612709] - [net] tcp: congestion control initialization (Thomas Graf) [612709] - [net] tcp: uninline tcp_is_cwnd_limited (Thomas Graf) [612709] - [net] tcp: move prior_in_flight collect to better spot (Thomas Graf) [612709] - [fs] ext4: consolidate in_range definitions (Eric Sandeen) [624332] {CVE-2010-3015} - [net] dont double count UDP_INERRORS (Neil Horman) [618818] - [scsi] be2iscsi: sync with upstream for RHEL5.6 (Mike Christie) [569643] - [mmc] sdhci: fix system cannot enter S4 with SD card (Matthew Garrett) [606899] - [cpufreq] powernow-k8: support AMD Core Performance Boost (Matthew Garrett) [568751] - [fs] cifs: remove force parm from cifs_unix_info_to_inode (Jeff Layton) [619112] - [fs] nfs: fix NFS4ERR_FILE_OPEN handling in Linux/NFS (Jeff Layton) [604044] - [usb] fix test of wrong variable in create_by_name (Don Howard) [594635] - [s390] cio: fix cause of unexpected recovery actions (Hendrik Brueckner) [621330] [2.6.18-212.el5] - [ipmi] add parameter to limit CPU usage in kipmid (Takao Indoh) [494680] - [net] bnx2x: Added GRO support (Stanislaw Gruszka) [573114] - [net] bnx2x: fix memory barriers (Stanislaw Gruszka) [569370] - [ppc] partition hibernation support (Steve Best) [565570] - [ppc] Add resume handler to powerpc time management code (Steve Best) [565570] - [scsi] ibmvscsi: Fix soft lockup on resume (Steve Best) [565570] - [scsi] ibmvfc: Fix soft lockup on resume (Steve Best) [565570] - [scsi] ibmvfc: Add suspend/resume support (Steve Best) [565570] - [scsi] ibmvscsi: Add suspend/resume support (Steve Best) [565570] - [net] ibmveth: Add suspend/resume support (Steve Best) [565570] - [ppc] vio: add power management support (Steve Best) [565570] - [ppc] add hooks to put CPU in appropriate offline state (Steve Best) [565570] - [virt] xen: fix passthrough of SR-IOV VF (Paolo Bonzini) [582886] - [mm] add option to skip ZERO_PAGE mmap of /dev/zero (Larry Woodman) [619541] - [net] bonding: check if clients MAC addr has changed (Flavio Leitner) [610234] - [virt] xen: fix pud_present compile warnings (Don Zickus) [590760] - [xen] CPU synchronization during MTRR register update (Don Dugger) [594546] [2.6.18-211.el5] - [pci] fix remove of proc entry for hotplug devices (Wade Mealing) [618114] - [ide]: atiixp: no pio autotune on AMD Hudson2 (Prarit Bhargava) [618075] - [pci] msi: add option for lockless interrupt mode (Prarit Bhargava) [599295] - [virt] xenbus: implement O_NONBLOCK (Paolo Bonzini) [470801] - [net] ip4v/tcp: no additional reset on closed sockets (Neil Horman) [605259] - [misc] xen: fix migration using xen-vnif in smp hvm guest (Miroslav Rezanina) [555910] - [edac] fix i7core_edac in multi-socket systems (Mauro Carvalho Chehab) [468877] - [net] arp_tables: fix unaligned accesses (Jiri Pirko) [582268] - [fs] ext3: handle journal_start failure properly (Josef Bacik) [588599] - [misc] handle dead hung uninterruptible tasks correctly (Jerome Marchand) [582237] - [fs] ecryptfs: fix ecryptfs_uid_hash buffer overflow (Jerome Marchand) [611387] {CVE-2010-2492} - [infiniband] check local reserved ports (Jerome Marchand) [557884] - [infiniband] randomize local port allocation (Jerome Marchand) [557884] - [net] reserve ports for apps using fixed port numbers (Jerome Marchand) [557884] - [kernel] sysctl: add proc_do_large_bitmap (Jerome Marchand) [557884] - [scsi] lpfc: use kernel-provided random32 (Jarod Wilson) [605816] - [lib] make tausworthe random32 generator available to all (Jarod Wilson) [605816] - [net] be2net: increase POST timeout for EEH recovery (Ivan Vecera) [616512] - [hwmon] coretemp: get TjMax value from MSR (Dean Nelson) [580699] - [hwmon] coretemp: detect the thermal sensors by CPUID (Dean Nelson) [580699] - [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) [607032] - [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) [607032] - [fs] xfs: always use iget in bulkstat (Dave Chinner) [607032] - [s390] qeth: support for OSA CHPID types OSX and OSM (Hendrik Brueckner) [599644] - [s390] qeth: dont allow layer switch with open interface (Hendrik Brueckner) [612195] - [s390] zfcp: fix reference counting on adisc (Hendrik Brueckner) [610089] - [s390] kernel: initrd vs bootmem bitmap (Hendrik Brueckner) [610837] - [s390] hypfs: fix high cpu time output (Hendrik Brueckner) [589282] - [s390] dasd: fix race between tasklet and dasd_sleep_on (Hendrik Brueckner) [593756] - [s390] cmm: fix module unload handling (Hendrik Brueckner) [598549] - [fs] gfs: clean up stuffed file data copy handling (Abhijith Das) [580867] [2.6.18-210.el5] - [scsi] ips driver sleeps while holding spin_lock (Steve Best) [616961] - [net] fix lockups and dupe addresses w/bonding and ipv6 (Shyam Iyer) [516985] - [scsi] megaraid_sas: update driver to version 4.31 (Tomas Henzl) [564249] - [scsi] megaraid_sas: update driver to version 4.27 (Rob Evers) [564249] - [net] nat: avoid rerouting packets if only key changed (Jiri Pirko) [566144] - [fs] cifs: remove bogus check in NTLM session setup code (Jeff Layton) [479418] - [ata] ahci: add em_buffer attribute for AHCI hosts (David Milburn) [568364] - [scsi] qla4xxx: add support for ISP82XX (Chad Dupuis) [546592] - [scsi] qla4xxx: Fixes from upstream for 5.6 (Chad Dupuis) [546592] - [scsi] qla2xxx: more upstream updates for RHEL 5.6 (Chad Dupuis) [567428] - [scsi] qla2xxx: add support for ISP82XX (Chad Dupuis) [567428] - [scsi] qla2xxx: more updates from upstream for RHEL 5.6 (Chad Dupuis) [567428] - [scsi] qla2xxx: update to 8.03.01.05.05.06-k (Chad Dupuis) [567428] - [xen] correct bitsize calculation for 32-on-64 (Andrew Jones) [616827] [2.6.18-209.el5] - [net] r8169: fix for broken register writes (Ivan Vecera) [581654] - [serial] remove contact info for ite887x chip support (Dean Nelson) [563271] - [serial] fix modpost warning in ite887x driver (Dean Nelson) [563271] - [serial] add support for ite887x chips (Dean Nelson) [563271] - [parport] increase ite887xs I/O port range (Dean Nelson) [563271] - [scsi] qla2xxx: update firmware to version 5.03.02 (Chad Dupuis) [578444 598946] - [fs] cifs: reject DNS upcall add_key req from userspace (Jeff Layton) [612171] {CVE-2010-2524} - [security] keys: new key flag for add_key from userspace (Jeff Layton) [612171] {CVE-2010-2524} [2.6.18-208.el5] - [fs] gfs2: fix rename causing kernel oops (Robert S Peterson) [602025] - [misc] io_apic: skip timer_irq_works check when on VMware (Prarit Bhargava) [575309] - [scsi] be2iscsi: fix for 64k data length sge (Mike Christie) [608801] - [mm] fix excessive memory reclaim from zones w/lots free (Larry Woodman) [604779] - [mm] properly release all hugepages on database shutdown (Larry Woodman) [593131] - [net] fix accept_local handling for dev with no xattrs (Jiri Olsa) [601370] - [fs] nfs: i_nlinks changes must set NFS_INO_INVALID_ATTR (Jeff Layton) [601800] - [fs] nfs: fix resolution in nfs_inode_attrs_need_update (Jeff Layton) [601800] - [fs] nfs: fix compiler warnings introduced recently (Jeff Layton) [601800] - [fs] nfs: fix attribute updates even more (Jeff Layton) [601800] - [fs] nfs: fix the NFS attribute update (Jeff Layton) [601800] - [fs] nfs: clean up inode handling functions (Jeff Layton) [601800] - [fs] nfs: nfs_refresh_inode should clear cache_validity (Jeff Layton) [601800] - [fs] nfs: use nfs_refresh_inode in __nfs_revalidate_inode (Jeff Layton) [601800] - [ata] ahci, pata_marvell: fixup competition for PATA port (David Milburn) [237372] - [net] qlcnic: Add QLCNIC to Kconfig and Makefile (Chad Dupuis) [562723] - [net] qlcnic: enable building driver module (Chad Dupuis) [562723] - [net] qlcnic: remove extra space from board names (Chad Dupuis) [562723] - [net] qlcnic: fix bios version check (Chad Dupuis) [562723] - [net] qlcnic: validate unified fw image (Chad Dupuis) [562723] - [net] qlcnic: fix multicast handling (Chad Dupuis) [562723] - [net] qlcnic: additional driver statistics. (Chad Dupuis) [562723] - [net] qlcnic: fix tx csum status (Chad Dupuis) [562723] - [net] qlcnic: add loopback diagnostic test (Chad Dupuis) [562723] - [net] qlcnic: add interrupt diagnostic test (Chad Dupuis) [562723] - [net] qlcnic: support LED blink for device identification (Chad Dupuis) [562723] - [net] qlcnic: protect resoruce cleanup by rtnl lock (Chad Dupuis) [562723] - [net] qlcnic: clear device reset state after fw recovery (Chad Dupuis) [562723] - [net] qlcnic: add ethernet identifier in board info (Chad Dupuis) [562723] - [net] qlcnic: use DEFINE_PCI_DEVICE_TABLE (Chad Dupuis) [562723] - [net] qlcnic: add Qlogic ethernet driver for CNA devices (Chad Dupuis) [562723] - Revert: [fs] cifs: reject DNS upcall add_key req from userspace (Jeff Layton) [612171] {CVE-2010-2524} - Revert: [security] keys: new key flag for add_key from userspace (Jeff Layton) [612171] {CVE-2010-2524} [2.6.18-207.el5] - [usb] uhci: fix oops in uhci_scan_schedule (Pete Zaitcev) [516851] - [wireless] rtl818x: use cancel_work_sync (Stanislaw Gruszka) [582191] - [wireless] iwlwifi: use cancel_work_sync (Stanislaw Gruszka) [582191] - [wireless] ath9k: use cancel_work_sync (Stanislaw Gruszka) [582191] - [wireless] rt2x00: use cancel_work_sync (Stanislaw Gruszka) [582191] - Revert: [wireless] rt2x00: fix work cancel race condition (Stanislaw Gruszka) [582191] - [wireless] use cancel_work_sync in mac80211 and core (Stanislaw Gruszka) [582191] - [misc] workqueue: add cancel_work_sync to include (Stanislaw Gruszka) [582191] - [net] igb: drop support for UDP hashing w/ RSS (Stefan Assmann) [613780] - [misc] signals: avoid unnecessary credentials check (Oleg Nesterov) [459901] - [acpi] tell platformthat we support fixed hw T-states (Matthew Garrett) [569590] - [edac] i7core_edac: Backport driver to RHEL5 (Mauro Carvalho Chehab) [468877] - [edac] i7core_edac: add driver for new Nehalem (Mauro Carvalho Chehab) [468877] - [x86_64] mce: fix misplaced 'continue' in mce.c (Mauro Carvalho Chehab) [468877] - [pci] Add a probing code that seeks for an specific bus (Mauro Carvalho Chehab) [468877] - [edac] add support for DDR3 at EDAC core (Mauro Carvalho Chehab) [468877] - [wireless] Kconfig: select WIRELESS_COMPAT as needed (John Linville) [583767] - [i386] oprofile: fix detection of Intel CPU family 6 (John Villalovos) [581919] - [misc] intel: support for Intel Cougar Point Chipset (John Villalovos) [566854] - [fs] xfs: dont let swapext operate on write-only files (Jiri Pirko) [605161] {CVE-2010-2226} - [fs] nfs: fix bug in nfsd4 read_buf (Jiri Olsa) [612035] {CVE-2010-2521} - [fs] nfsd: add lockdep annotation to nfsd4 recover code (Jeff Layton) [567092] - [fs] nfs: wait for close before silly-renaming (Jeff Layton) [565974] - [fs] cifs: enable CONFIG_CIFS_STATS (Jeff Layton) [574795] - [net] sunrpc: translate an -ENETUNREACH to -ENOTCONN (Jeff Layton) [481372] - [fs] cifs: merge CIFSSMBQueryEA with CIFSSMBQAllEAs (Jeff Layton) [527268] - [fs] cifs: verify lengths of QueryAllEAs reply (Jeff Layton) [527268] - [fs] cifs: increase maximum buffer size in CIFSSMBQAllEAs (Jeff Layton) [527268] - [fs] cifs: rename name_len to list_len in CIFSSMBQAllEAs (Jeff Layton) [527268] - [fs] cifs: clean up indentation in CIFSSMBQAllEAs (Jeff Layton) [527268] - [fs] cifs: reject DNS upcall add_key req from userspace (Jeff Layton) [612171] {CVE-2010-2524} - [fs] cifs: add parens around smb_var in BCC macros (Jeff Layton) [527268] - [security] keys: new key flag for add_key from userspace (Jeff Layton) [612171] {CVE-2010-2524} - [specfile] skip xen tarball and patching if building w/o xen (Jarod Wilson) - [specfile] replace ancient and deprecated rpm syntax (Jarod Wilson) - [virt] xen: remove sysdata hack from irq-xen.c (Paolo Bonzini) [561390] - [xen] msi fixmap cleanup and vector teardown (Don Dugger) [516236] [2.6.18-206.el5] - [x86] kprobes: introduce kprobes jump optimization (Masami Hiramatsu) [516313] - [x86] add x86_64 alternatives_text_reserved interface (Masami Hiramatsu) [516313] - [x86_64] kprobes: upstream update for rhel5.6 (Masami Hiramatsu) [516313] - [x86_64] add instruction decoder API (Masami Hiramatsu) [516313] - [fusion] mpt: fix deregister calls in exit path (hiro muneda) [581523] - [net] cxgb3: wait longer for control packets on init (Steve Best) [587670] - [scsi] scsi_dh_alua: add IBM Power Virtual SCSI ALUA dev (Steve Best) [567292] - [fs] gfs2: fix stuck in inode wait, no glocks stuck (Robert S Peterson) [595397] - [message] mptsas: fix disk add failing due to timeout (Rob Evers) [542892] - [scsi] lpfc: update from 8.2.0.73.1p to 8.2.0.76.1p (Rob Evers) [591674] - [scsi] lpfc: update from 8.2.0.63.p3 to 8.2.0.73.1p (Rob Evers) [571862] - [i2c] fix exports types for recently added i2c symbols (Prarit Bhargava) [611774] - [virt] xen: fix 32-bit syscalls on 64-bit kernel (Paolo Bonzini) [561394] - [virt] xen: add tracepoint for kernel pagefault event (Paolo Bonzini) [561385] - [security] selinux: fix race with re-parenting (Oleg Nesterov) [556675] - [net] sctp: fix length checks (Neil Horman) [605305] - [acpi] intel: avoid skipping ARB_DISABLE on model 0x0e (Matthew Garrett) [602846] - [block] cfq-iosched: fix bad locking in changed_ioprio (Jeff Moyer) [582435] - [block] cfq-iosched: kill cfq_exit_lock (Jeff Moyer) [582435] - [fs] cifs: fix kernel BUG with remote OS/2 server (Jeff Layton) [608588] {CVE-2010-2248} - [fs] cifs: dont try busy-file rename unless in same dir (Jeff Layton) [603706] - [fs] nfsd: dont break lease while servicing COMMIT call (Jeff Layton) [575817] - [fs] force target reval when following LAST_BIND symlinks (Jeff Layton) [571518] - [net] be2net: update to v2.102.348r with SR-IOV support (Ivan Vecera) [568388] - [net] virtio_net: add set_multicast_list (Herbert Xu) [552574] - [net] gro: fix bogus gso_size on the first fraglist entry (Herbert Xu) [588015] - [time] fix softlockups in RHEL5 virt guests (Glauber Costa) [607443] - [time] count ticks when loss gt cycle_accounted_limit (Glauber Costa) [584679] - [net] e1000e: dont inadvertently re-set INTX_DISABLE (Dean Nelson) [496127] - [scsi] fixup size on read capacity failure (David Milburn) [569654] - [s390] smsgiucv: add missing check for z/VM (Hendrik Brueckner) [590737] - [s390] zcore: fix reipl device detection (Hendrik Brueckner) [587027] - [s390] zcrypt: print error message for 8/72 error (Hendrik Brueckner) [563545] - [s390] kernel: fix dump indicator (Hendrik Brueckner) [546288] - [net] bluetooth: fix possible bad memory access via sysfs (Mauro Carvalho Chehab) [576021] {CVE-2010-1084} [2.6.18-205.el5] - [scsi] ipr: adds PCI ID definitions for new adapters (Steve Best) [563589] - [scsi] ipr: add support for new IOASCs (Steve Best) [563589] - [scsi] ipr: add support for multiple stages of init (Steve Best) [563589] - [scsi] ipr: implement shutdown changes (Steve Best) [563589] - [scsi] ipr: hardware assisted smart dump functionality (Steve Best) [563589] - [scsi] ipr: add error handling updates for next gen chip (Steve Best) [563589] - [scsi] ipr: update the config table for next gen chip (Steve Best) [563589] - [scsi] ipr: define register offsets for next gen chip (Steve Best) [563589] - [scsi] ipr: add command structures for next gen chip (Steve Best) [563589] - [scsi] ipr: differentiate pci-x and pci-e based adapters (Steve Best) [563589] - [scsi] ipr: add test for MSI interrupt support (Steve Best) [563589] - [scsi] ipr: add message to error table (Steve Best) [563589] - [scsi] ipr: handle logically bad block write errors (Steve Best) [563589] - [scsi] ipr: convert to use the data buffer accessors (Steve Best) [563589] - [scsi] ipr: add some defines that are missing in RHEL5.5 (Steve Best) [563589] - [scsi] ipr: add workaround for MSI interrupts on P7 (Steve Best) [572333] - [net] tcp: fix rcv mss estimate for lro (Stanislaw Gruszka) [593801] - [virt] xen netback: copy skbuffs if head crosses pages (Paolo Bonzini) [578259] - [virt] xen: handle softirqs at end of event processing (Paolo Bonzini) [564523] - [virt] fix tsccount clocksource under kvm guests (Glauber Costa) [581396] - [net] benet: compat header cleanups, part 2 (Ivan Vecera) [546740] - [net] benet: compat header cleanups, part 1 (Prarit Bhargava) [546740] - [net] bnx2: compat header cleanups (Prarit Bhargava) [546740] - [net] e1000/e1000e: compat header cleanup (Prarit Bhargava) [546740] - [net] enic: compat header cleanup (Prarit Bhargava) [546740] - [net] forcedeth: compat header cleanup (Prarit Bhargava) [546740] - [net] igb: compat header cleanups (Prarit Bhargava) [546740] - [net] ixgbe: compat header cleanups (Prarit Bhargava) [546740] - [net] myri10ge: compat header cleanups (Prarit Bhargava) [546740] - [net] netxen: compat header cleanup (Prarit Bhargava) [546740] - [net] niu: compat header cleanup (Prarit Bhargava) [546740] - [net] qlge: compat header cleanup (Prarit Bhargava) [546740] - [net] r8169: compat header cleanups, part 2 (Ivan Vecera) [546740] - [net] r8169: compat header cleanups, part 1 (Prarit Bhargava) [546740] - [net] sfc: compat header cleanups (Prarit Bhargava) [546740] - [net] sky2: compat header cleanup (Prarit Bhargava) [546740] - [net] tg3: compat header cleanup (Prarit Bhargava) [546740] - [net] bonding: compat header cleanup (Prarit Bhargava) [546740] - [net] move compat header file contents to proper includes (Prarit Bhargava) [546740] - [net] ethernet: compat header cleanups (Prarit Bhargava) [546740] - [net] chelsio: compat header cleanups (Prarit Bhargava) [546740] - [net] s2io: compat header cleanups (Prarit Bhargava) [546740] - [net] vxge: compat header cleanup (Prarit Bhargava) [546740] - [infiniband] compat header cleanups (Prarit Bhargava) [546740] - [scsi] compat header cleanups (Prarit Bhargava) [546740] - [misc] readq/writeq compat header cleanup (Prarit Bhargava) [546740] - [pci] compat header cleanups (Prarit Bhargava) [546740] - [misc] compat.h cleanup: add cancel_delayed_work_sync (Prarit Bhargava) [546740] - [i2c] compat header cleanups (Prarit Bhargava) [546740] - [fs] nfs: fix memory leak when using -onolock on nfs v2/3 (Jeff Layton) [592908] [2.6.18-204.el5] - [fs] gfs2: fix ordering of ordered writes (Steven Whitehouse) [581013] - [net] cnic: fix bnx2x panic w/multiple interfaces enabled (Stanislaw Gruszka) [602402] - [x86_64] unify apic mapping code (Prarit Bhargava) [573858] - [virt] xen: fix Connected state after netback dev closed (Paolo Bonzini) [591548] - [net] ipv4: add sysctl to accept packets w/local source (Jiri Olsa) [601370] - [nfs] fix unitialized list head on error exit in recovery (Jeff Layton) [569342] - [virt] virtio_blk: add support for cache flushes (Christoph Hellwig) [571735] - [xen] ia64: unset be from the task psr (Andrew Jones) [587477] {CVE-2010-2070} [2.6.18-203.el5] - [misc] permit larger than 2TB USB and FW drives (Pete Zaitcev) [503864] - [net] cnic: fix panic when nl msg rcvd when device down (Stanislaw Gruszka) [595862] - [infiniband] ehca: require in_wc in process_mad (Steve Best) [571517] - [net] igb: Add support for pci-e Advanced Error Reporting (Stefan Assmann) [568221] - [fs] ext4: MOVE_EXT cant overwrite append-only files (Eric Sandeen) [601008] {CVE-2010-2066} - [net] wireless: convert reg_regdb_search_lock to mutex (John Linville) [597334] - [net] tcp: dont send keepalive probes if receiving data (Flavio Leitner) [593040] - [hwmon] add support for additional CPU models to coretemp (Dean Nelson) [559228] - [fs] gfs2: use -EUSERS when mounting w/o enough journals (Abhijith Das) [600387] - [misc] workqueue: make cancel_work_sync EXPORT_SYMBOL_GPL (Oleg Nesterov) [596626] [2.6.18-202.el5] - [fs] gfs2: fix permissions checking for setflags ioctl (Steven Whitehouse) [595399] {CVE-2010-1641} - [mm] clear page errors when issuing a fresh read of page (Rik van Riel) [590763] - [misc] keys: do not find already freed keyrings (Vitaly Mayatskikh) [585100] {CVE-2010-1437} - [misc] workqueue: silence kabi checker (Stanislaw Gruszka) [596626] - [misc] workqueue: implement cancel_work_sync (Oleg Nesterov) [596626] - [misc] workqueue: implement try_to_grab_pending (Oleg Nesterov) [596626] - [misc] workqueue: prep flush_cpu_workqueue for additions (Oleg Nesterov) [596626] - [misc] workqueue: implement wait_on_work (Oleg Nesterov) [596626] - [misc] workqueue: add set_wq_data and get_wq_data helpers (Oleg Nesterov) [596626] - [misc] workqueue: cwq instead of wq where appropriate (Oleg Nesterov) [596626] - [misc] workqueue: initial prep for cancel_work_sync (Oleg Nesterov) [596626] - [net] sctp: file must be valid before setting timeout (Jiri Pirko) [578261] - [net] tg3: fix panic in tg3_interrupt (John Feeney) [569106] - [net] e1000/e1000e: implement simple interrupt moderation (Andy Gospodarek) [586416] - [virt] dont compute pvclock adjustments if we trust tsc (Glauber Costa) [570824] - [virt] add a global synchronization point for pvclock (Glauber Costa) [570824] - [virt] enable pvclock flags in vcpu_time_info structure (Glauber Costa) [570824] - [misc] add atomic64_cmpxcgh to x86_64 include files (Glauber Costa) [570824] - [x86] grab atomic64 types from upstream (Glauber Costa) [570824] - [pci] cleanup error return for pcix get/set mmrbc calls (Dean Nelson) [578492] - [pci] fix pcix access of PCI_X_CMD get/set mmrbc calls (Dean Nelson) [578492] - [pci] fix return value from pcix_get_max_mmrbc() (Dean Nelson) [578492] - [pci] prepare for backport of upstream fixes and cleanup (Dean Nelson) [578492] - [net] ipv6: fix more memory leaks when ndisc_init fails (Amerigo Wang) [555338] - [xen] bring back VMXE/SVME flags (Andrew Jones) [570091] [2.6.18-201.el5] - [s390] qdio: continue polling for buffer state ERROR (Hendrik Brueckner) [565531] - [pci] acpiphp: fix missing acpiphp_glue_exit (Prarit Bhargava) [515556] - [net] cnic: Fix crash during bnx2x MTU change (Stanislaw Gruszka) [582367] - [net] bxn2x: add dynamic lro disable support (Stanislaw Gruszka) [582367] - [net] implement dev_disable_lro api for RHEL5 (Stanislaw Gruszka) [582367] [2.6.18-200.el5] - [fs] getrusage: fill ru_maxrss value (Amerigo Wang) [466157] - [net] bonding: fix broken multicast with round-robin mode (Andy Gospodarek) [570645] - [usb] input: fix keyboard LEDs on all the time (Pete Zaitcev) [513934] - [x86_64] fix time drift due to faulty lost tick tracking (Ulrich Obergfell) [579711] - [cciss] remove extraneous printk (Tomas Henzl) [582465] - [sunrpc] fix AUTH_SYS using sec=sys export option (Sachin Prabhu) [573652] - [misc] fix itimers periodic tics precision (Stanislaw Gruszka) [441134] - [net] tg3: fix INTx fallback when MSI fails (Steve Best) [587666] - [fs] quota: fix possible infinite loop in quota code (Eric Sandeen) [546060] - [misc] add {thread,core}_siblings_list to /sys (Prarit Bhargava) [570610] - [misc] add /sys/devices/system/node/nodeX/cpulist files (Prarit Bhargava) [572285] - [net] tun: orphan an skb on tx (Michael S. Tsirkin) [584412] - [edac] fix panic when a corrected error happens on i5000 (Mauro Carvalho Chehab) [533391] - [net] iwlwifi: re-enable IWLWIFI_LEDS (John Linville) [582003] - [net] calc TCPs connection closethreshold as time value (Jiri Pirko) [582722] - [net] sched: fix SFQ qdisc crash w/limit of 2 packets (Jiri Pirko) [579774] - [net] missed and reordered checks in {arp,ip,ip6}_tables (Jiri Pirko) [554563] - [net] neigh: fix state transitions via Netlink request (Jiri Pirko) [485903] - [net] route: fix BUG_ON in rt_secret_rebuild_oneshot (Jiri Olsa) [566104] - [net] netfilter: fix vmalloc ENOMEM caused by iptables (Jiri Olsa) [570491] - [block] cciss: fix multi-line printk log level (Jerome Marchand) [556921] - [nfs] revert retcode check in nfs_revalidate_mapping() (Jeff Layton) [557423] - [nfs] dont decode GETATTR if DELEGRETURN returned error (Jeff Layton) [551028] - [md] dm-log: fix bad log status after failure (Jonathan E Brassow) [570583] - [net] igmp: fix ip_mc_sf_allow race (Flavio Leitner) [552886] - [hwmon] add 0x prefix to hex coretemp module output (Dean Nelson) [571864] - [net] e1000e: fix WoL init when WoL disabled in EEPROM (Dean Nelson) [568562] - [ata] libata: handle semb signature (David Milburn) [533093] - [ata] libata-acpi: missing _SDD is not an error (David Milburn) [559815] - [scsi] sg: rate limit warning (Doug Ledford) [536937] - [net] tun: check supplemental groups in TUN/TAP driver (Danny Feng) [540786] - [s390] nss: add missing .previous call to asm function (Hendrik Brueckner) [581522] - [misc] lockdep: dump stack when hitting a limit (Amerigo Wang) [546554] - [net] ipv6: dont panic when kmem_cache_create fails (Amerigo Wang) [555338] - [misc] ipc: HARD_MSGMAX should be higher on 64bit (Amerigo Wang) [548334] - [fs] gfs2: make quota file size a multiple of gfs2_quota (Abhijith Das) [546455] [2.6.18-199.el5] - [mm] fix hugepage corruption using vm.drop_caches (Larry Woodman) [579469] - [misc] taskstats: enable CONFIG_TASK_XACCT (Jiri Olsa) [516961] - [misc] taskstats: new structure/cmd to avoid KABI break (Jiri Olsa) [516961] - [misc] taskstats: common fix for KABI breakage (Jiri Olsa) [516961] - [misc] taskstats: upgrade to version 4 (Jiri Olsa) [516961] - [misc] futex: handle futex value corruption gracefully (Jerome Marchand) [480396] {CVE-2010-0622} - [misc] futex: handle user space corruption gracefully (Jerome Marchand) [480396] {CVE-2010-0622} - [misc] futex: fix fault handling in futex_lock_pi (Jerome Marchand) [480396] {CVE-2010-0622} - [x86] utrace: block-step fix (Jerome Marchand) [463950] - [nfs] dont unhash dentry in nfs_lookup_revalidate (Jeff Layton) [582321] - [net] sunrpc: fix panic when reloading rpcsec_gss_krb5 (Harshula Jayasuriya) [570044] - [net] bonding: fix updating of speed/duplex changes (Andy Gospodarek) [567604] - [net] e1000: fix WoL init when WoL disabled in EEPROM (Dean Nelson) [568561] - [ata] ahci: support FIS-based switching (David Milburn) [474294] - [audit] make sure filterkey rules are reported (Alexander Viro) [579479] - [audit] clean up rule ordering, part 2 (Alexander Viro) [579479] - [audit] clean up rule ordering, part 1 (Alexander Viro) [579479] - [audit] fix selinux_audit_rule_update w/audit_inode_hash (Alexander Viro) [579479] - [virtio] fix GFP flags passed by virtio balloon driver (Amit Shah) [584683] - [net] sctp: fix skb_over_panic w/too many unknown params (Neil Horman) [584658] {CVE-2010-1173} - [xen] arpl on MMIO area crashes the guest (Paolo Bonzini) [572982] {CVE-2010-0730} [2.6.18-198.el5] - [acpi] warn on hot-add of memory exceeding 4G boundary (Prarit Bhargava) [571544] - [net] tipc: fix various oopses in uninitialized code (Neil Horman) [558693] {CVE-2010-1187} - [acpi] fix WARN on unregister in power meter driver (Matthew Garrett) [576246] - [block] cfq-iosched: fix IOPRIO_CLASS_IDLE accounting (Jeff Moyer) [574285] - [block] cfq-iosched: async queue allocation per priority (Jeff Moyer) [574285] - [block] cfq-iosched: fix async queue behaviour (Jeff Moyer) [574285] - [block] cfq-iosched: propagate down request sync flag (Jeff Moyer) [574285] - [block] introduce the rq_is_sync macro (Jeff Moyer) [574285] - [fs] vfs: fix LOOKUP_FOLLOW on automount symlinks (Jeff Layton) [567816] {CVE-2010-1088} - [nfs] fix an oops when truncating a file (Jeff Layton) [567195] {CVE-2010-1087} - [net] bnx2: fix lost MSI-X problem on 5709 NICs (John Feeney) [511368] - [misc] make the keyring quotas controllable via /proc/sys (Amerigo Wang) [441243] - [fs] fix kernel oops while copying from ext3 to gfs2 (Abhijith Das) [555754] {CVE-2010-1436} [2.6.18-197.el5] - [cpu] fix boot crash in 32-bit install on AMD cpus (Bhavna Sarathy) [575799] [2.6.18-196.el5] - [mm] fix boot on s390x after bootmem overlap patch (Amerigo Wang) [550974] - [net] bnx2: avoid restarting cnic in some contexts (Andy Gospodarek) [554706] - [misc] add missing CVE labels for entries in 2.6.18-195.el5 (Jarod Wilson) [2.6.18-195.el5] - [redhat] make sha512hmac sig failure more obvious (Jarod Wilson) - [mm] keep get_unmapped_area_prot functional (Danny Feng) [556710] {CVE-2010-0291} - [mm] switch do_brk to get_unmapped_area (Danny Feng) [556710] {CVE-2010-0291} - [mm] take arch_mmap_check into get_unmapped_area (Danny Feng) [556710] {CVE-2010-0291} - [mm] get rid of open-coding in ia64_brk (Danny Feng) [556710] {CVE-2010-0291} - [mm] unify sys_mmap* functions (Danny Feng) [556710] {CVE-2010-0291} - [mm] kill ancient cruft in s390 compat mmap (Danny Feng) [556710] {CVE-2010-0291} - [mm] fix pgoff in have to relocate case of mremap (Danny Feng) [556710] {CVE-2010-0291} - [mm] fix the arch checks in MREMAP_FIXED case (Danny Feng) [556710] {CVE-2010-0291} - [mm] fix checks for expand-in-place mremap (Danny Feng) [556710] {CVE-2010-0291} - [mm] add new vma_expandable helper function (Danny Feng) [556710] {CVE-2010-0291} - [mm] move MREMAP_FIXED into its own header (Danny Feng) [556710] {CVE-2010-0291} - [mm] move locating vma code and checks on it (Danny Feng) [556710] {CVE-2010-0291} - [iscsi] fix slow failover times (Mike Christie) [570681] - [misc] kernel: fix elf load DoS on x86_64 (Danny Feng) [560553] {CVE-2010-0307} - [netlink] connector: delete buggy notification code (Jiri Olsa) [561685] {CVE-2010-0410} - [sound] hda_intel: avoid divide by zero in azx devices (Jaroslav Kysela) [567172] {CVE-2010-1085} - [dvb] fix endless loop when decoding ULE at dvb-core (Mauro Carvalho Chehab) [569242] {CVE-2010-1086} - [scsi] fnic: fix tx queue handling (Mike Christie) [576709] - [fusion] mptsas: fix event_data alignment (Tomas Henzl) [570000] - [edac] fix internal error message in amd64_edac driver (Bhavna Sarathy) [569938] - [fs] remove unneccessary f_ep_lock from fasync_helper (Lachlan McIlroy) [567479] - [x86_64] fix floating point state corruption after signal (Oleg Nesterov) [560891] - [mm] dont let reserved memory overlap bootmem_map (Amerigo Wang) [550974] - [s390] kernel: correct TLB flush of page table entries (Hendrik Brueckner) [545527] - [xen] iommu: clear IO-APIC pins on boot and shutdown (Paolo Bonzini) [548201] - [xen] vtd: fix ioapic pin array (Don Dugger) [563546] - [xen] set hypervisor present CPUID bit (Paolo Bonzini) [573771] [2.6.18-194.el5] - [net] mlx4: pass attributes down to vlan interfaces (Doug Ledford) [573098] - [block] cfq-iosched: fix sequential read perf regression (Jeff Moyer) [571818] [2.6.18-193.el5] - [fs] gfs2: locking fix for potential dos (Steven Whitehouse) [572390] {CVE-2010-0727} - [acpi] power_meter: avoid oops on driver load (Matthew Garrett) [566575] - [net] r8169: fix assignments in backported net_device_ops (Ivan Vecera) [568040] - [net] virtio_net: refill rx buffer on out-of-memory (Herbert Xu) [554078] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-3296 CVE-2010-4072 CVE-2010-4073 CVE-2010-4075 CVE-2010-4080 CVE-2010-4081 CVE-2010-4158 CVE-2010-4238 CVE-2010-4243 CVE-2010-4255 CVE-2010-4263 CVE-2010-4343 CVE-2010-3877 cpe:/a:oracle:linux:5:6:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 [4.1.2-50.el5] - fix up fastjar directory traversal bugs (CVE-2010-0831) [4.1.2-49.el5] - fix ICE in set_uids_in_ptset (#605803) - fix ICE in make_rtl_for_nonlocal_decl (#582682, #508735, #503565, PR c++/33094) - dont build gcjwebplugin (#596097) - fix IPP handling in libgcj (#578382) - document -print-multi-os-directory (#529659, PR other/25507) - fix ICE in output_die with function local types (#527510, PR debug/41063) - speed up locale::locale() ctor if _S_global hasnt been changed (#635708, PR libstdc++/40088) LOW Copyright 2011 Oracle, Inc. CVE-2010-0831 CVE-2010-2322 cpe:/a:oracle:linux:5:6:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 [2.4.3-43] - add missing patch 206 Related: rhbz#549372 [2.4.3-42] - fix test_pyclbr to match the urllib change in patch 204 (patch 206) - allow the 'no_proxy' environment variable to override 'ftp_proxy' in urllib2 (patch 207) - fix typos in names of patches 204 and 205 Related: rhbz#549372 [2.4.3-41] - backport support for the 'no_proxy' environment variable to the urllib and urllib2 modules (patches 204 and 205, respectively) Resolves: rhbz#549372 [2.4.3-40] - backport fixes for arena allocator from 2.5a1 - disable arena allocator when run under valgrind on x86, x86_64, ppc, ppc64 (patch 203) - add patch to add sys._debugmallocstats() hook (patch 202) Resolves: rhbz#569093 [2.4.3-39] - fix various flaws in the 'audioop' module - Resolves: CVE-2010-1634 CVE-2010-2089 - backport the new PySys_SetArgvEx libpython entrypoint from 2.6 - Related: CVE-2008-5983 - restrict creation of the .relocation-tag files to i386 builds - Related: rhbz#644761 - move the python-optik metadata from the core subpackage to the python-libs subpackage - Related: rhbz#625372 [2.4.3-38] - add metadata to ensure that 'yum install python-libs' works - Related: rhbz#625372 [2.4.3-37] - create dummy ELF file '.relocation-tag' to force RPM directory coloring, fixing i386 on ia64 compat - Resolves: rhbz#644761 [2.4.3-36] - Backport fix for http://bugs.python.org/issue7082 to 2.4.3 - Resolves: rhbz#644147 [2.4.3-35] - Rework rgbimgmodule fix for CVE-2008-3143 - Resolves: rhbz#644425 CVE-2009-4134 CVE-2010-1449 CVE-2010-1450 [2.4.3-34] - fix stray 'touch' command - Related: rhbz#625372 [2.4.3-33] - Preserve timestamps when fixing shebangs (patch 104) and when installing, to minimize .pyc/.pyo differences across architectures (due to the embedded mtime in .pyc/.pyo headers) - Related: rhbz#625372 [2.4.3-32] - introduce libs subpackage as a dependency of the core package, moving the shared libraries and python standard libraries there - Resolves: rhbz#625372 [2.4.3-31] - dont use -b when applying patch 103 - Related: rhbz#263401 [2.4.3-30] - add missing patch - Resolves: rhbz#263401 [2.4.3-29] - Backport Python 2.5s tarfile module (0.8.0) to 2.4.3 - Resolves: rhbz#263401 [2.4.3-28] - Backport fix for leaking filedescriptors in subprocess error-handling path from Python 2.6 - Resolves: rhbz#609017 - Backport usage of 'poll' within the subprocess module to 2.4.3 - Resolves: rhbz#609020 LOW Copyright 2011 Oracle, Inc. CVE-2008-5983 CVE-2009-4134 CVE-2010-1449 CVE-2010-1450 CVE-2010-1634 CVE-2010-2089 cpe:/a:oracle:linux:5:6:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 [kvm-83-224.0.1] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-224.el5] - kvm-kernel-KVM-x86-zero-kvm_vcpu_events-interrupt.pad.patch [bz#665407] - Resolves: bz#665407 (kvm_vcpu_events.interrupt.pad must be zeroed) - CVE: CVE-2010-4525 [kvm-83-223.el5] - Updated kversion to 2.6.18-237.el to match build root - Reverting patches for bz#608709 as they are not complete - kvm-kernel-Revert-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#608709] - kvm-kernel-Revert-KVM-Don-t-spin-on-virt-instruction-faults-dur.patch [bz#608709] - bz#608709: reboot(RB_AUTOBOOT) fails if kvm instance is running - Related: bz#661117 [kvm-83-222.el5] - kvm-kernel-kvm-change-signed-int-to-unsigned-in-mmu_shrink.patch [bz#661117] - Resolves: bz#661117 ([RHEL5.6 CC] mmu_shrink patch) [kvm-83-221.el5] - Updated kversion to 2.6.18-236.el to match build root - kvm-kernel-KVM-Don-t-spin-on-virt-instruction-faults-during-reb.patch [bz#608709] - kvm-kernel-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#608709] - Resolves: bz#608709 (reboot(RB_AUTOBOOT) fails if kvm instance is running) [kvm-83-220.el5] - Updated kversion to 2.6.18-235.el to match build root - kvm-load-registers-after-restoring-pvclock-msrs.patch [bz#655990] - Resolves: bz#655990 (clock drift when migrating a guest between mis-matched CPU clock speed) [kvm-83-219.el5] - kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems-additional-f.patch [bz#642659] - Resolves: bz#642659 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-218.el5] - kvm-vnc-fix-key-event-processing.patch [bz#643317] - Resolves: bz#643317 ('sendkey ctrl-alt-delete' dont work via VNC) [kvm-83-217.el5] - kvm-kernel-fix-null-pointer-dereference.patch [bz#570532] - Resolves: bz#570532 (CVE-2010-0435 kvm: vmx null pointer dereference) - CVE: CVE-2010-0435 [kvm-83-216.el5] - Updated kversion to 2.6.18-233.el to match build root - kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems.patch [bz#642659] - Resolves: bz#642659 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-215.el5] - Reverts previous patch (it doesnt build) - kvm-kernel-Revert-KVM-fix-AMD-initial-TSC-bugs.patch [bz#642659] - Related: bz#642659 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-214.el5] - kvm-kernel-KVM-fix-AMD-initial-TSC-bugs.patch [bz#642659] - Resolves: bz#642659 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-213.el5] - kvm-No-need-to-iterate-if-we-already-are-over-the-limit.patch [bz#513765 bz#589017] - kvm-don-t-care-about-TLB-handling.patch [bz#513765 bz#589017] - kvm-Fix-transferred-memory-calculation.patch [bz#513765 bz#589017] - kvm-Maintaing-number-of-dirty-pages.patch [bz#513765 bz#589017] - kvm-Exit-loop-if-we-have-been-there-too-long.patch [bz#513765 bz#589017] - kvm-Change-calculation-to-exit-live-migration.patch [bz#513765 bz#589017] - Resolves: bz#513765 (Large guest ( 256G RAM + 16 vcpu ) hang during live migration) - Resolves: bz#589017 ([rhel5.5] [kvm] dead lock in qemu during off-line migration) [kvm-83-212.el5] - kvm-implement-dummy-PnP-support.patch [bz#652671] - Resolves: bz#652671 (If VM boot seq. is set up as nc (PXE then disk) the VM is always stuck on trying to PXE boot) [kvm-83-211.el5] - Dont try build kvmctl - Resolves: bz#632707 [kvm-83-210.el5] - Adding load_gs_index to kmod symbol greylist - Related: bz#639887 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.6]) [kvm-83-209.el5] - kvm-kernel-KVM-Fix-fs-gs-reload-oops-with-invalid-ldt.patch [bz#639887] - Resolves: bz#639887 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.6]) [kvm-83-208.el5] - Updated kversion to 2.6.18-232.el5 to match build root - kvm-kernel-KVM-x86-fix-information-leak-to-userland.patch [bz#649929] - Resolves: bz#649929 (CVE-2010-3881 kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory [5.6]) - kvm-usb-linux-increase-buffer-for-USB-control-requests.patch [bz#627343] - kvm-e1000-Fix-TCP-checksum-overflow-with-TSO.patch [bz#648328] - kvm-fix-help-string-to-reflect-the-fact-that-cpu-topolog.patch [bz#611785] - kvm-VGA-Don-t-register-deprecated-VBE-range.patch [bz#651715] - Resolves: bz#611785 ([RFE] Support cores/sockets/threads topology configuration) - Resolves: bz#627343 (husb: ctrl buffer too small error received for passthrough usb device, fixed upstream) - Resolves: bz#648328 (TCP checksum overflows in qemus e1000 emulation code when TSO is enabled in guest OS) - Resolves: bz#651715 (qemu-kvm aborted when installing the driver for the newly hotplugged rtl8139 nic) [kvm-83-207.el5] - kvm-Add-drive-readonly-option-to-help-output.patch [bz#645798] - Resolves: bz#645798 (Add drive readonly option to help output) [kvm-83-206.el5] - Updated kversion to 2.6.18-227.el5 to match build root - spec: fix/hack dependencies of kvm-kmod-debug - Resolves: bz#643272 - create qemu user/group on %post - Resolves: bz#643525 [kvm-83-205.el5] - Require right gcrypt version - Resolves: bz#503118 - spec: fix the kmod kernel version checking code - Resolves: bz#637267 - spec: fix module dir name on %install - Resolves: bz#517565 - Build kmod-kvm for kernel-debug too - Resolves: bz#517565 [kvm-83-204.el5] - kvm-don-t-link-qemu-tools-against-spice-libs.patch [bz#514578] - kvm-block-Fix-image-re-open-in-bdrv_commit.patch [bz#640949] - Resolves: bz#514578 (kvm-qemu-img subpackage has dependency on qspice-libs) - Resolves: bz#640949 (Can not commit copy-on-write images data to raw backing-image) [kvm-83-203.el5] - Updated kversion to 2.6.18-226.el5 to match build root - Add pci_get_domain_bus_and_slot to kmod symbol greylist - Related: bz#539642 (use native pci_get_bus_and_slot function) [kvm-83-202.el5] - kvm-fix-and-on-russian-keymap.patch [bz#580637] - Resolves: bz#580637 (Incorrect russian vnc keymap) [kvm-83-201.el5] - kvm-kernel-KVM-Fix-reboot-on-Intel-hosts.patch [bz#608709] - Resolves: bz#608709 (reboot(RB_AUTOBOOT) fails if kvm instance is running) - kvm-kmod-move-cancel_work_sync-availability-test-to-conf.patch [bz#539642] - kvm-kmod-use-native-pci_get_bus_and_slot-if-available.patch [bz#539642] - Resolves: bz#539642 (use native pci_get_bus_and_slot function) [kvm-83-200.el5] - Updated kversion to 2.6.18-225.el5 to match build root - kvm-qemu-fix-unsafe-ring-handling.patch [bz#568817] - CVE: CVE-2010-0431 - Resolves: bz#568817 (CVE-2010-0431 qemu: Insufficient guest provided pointers validation) [kvm-83-199.el5] - Updated kversion to 2.6.18-221.el5 to match build root - kvm-kernel-KVM-Prevent-kvm_init-from-corrupting-debugfs-structu.patch [bz#619268] - Resolves: bz#619268 (rmmod kvm modules cause host kernel panic) [kvm-83-198.el5] - run 'make sync' before final ./configure line on build - Resolves: bz#632707 (fix kvm build warnings and enable -Werror) [kvm-83-197.el5] - Updated kversion to 2.6.18-219.el5 to match build root - kvm-kill-bogus-return-ret-on-spawn_thread.patch [bz#632707] - kvm-virtio-net-fix-format-strings-on-virtio_net_receive2.patch [bz#632707] - kvm-kvmtrace-check-for-ftruncate-errors.patch [bz#632707] - Add --enable-werror to ./configure command-line [bz#632707] - Add ./configure arguments: --enable-kvm-cap-pit --enable-kvm-cap-device-assignment - Remove duplicate --enable-spice arg from ./configure - Resolves: bz#632707 (fix kvm build warnings and enable -Werror) [kvm-83-196.el5] - Updated kversion to 2.6.18-215.el5 to match build root - kvm-introduce-__rhel5-marker-into-the-migration-save-dat.patch [bz#603026] - kvm-block-raw-posix-Factor-out-cdrom_probe_device.patch [bz#609472] - kvm-raw-posix-Detect-CDROM-via-ioctl-on-linux.patch [bz#609472] - kvm-raw-posix-Don-t-use-file-name-for-host_cdrom-detecti.patch [bz#609472] - Resolves: bz#603026 (CPU save version is now 9, but the format is _very_ different from non-RHEL5 version 9) - Resolves: bz#609472 (qemu-kvm misclassifies a /dev/cd*/* disk device as a CD-ROM) [kvm-83-195.el5] - Updated kversion to 2.6.18-211.el5 to match build root - kvm-use-native-cancel_work_sync-function-if-available.patch [bz#629334] - Resolves: bz#629334 (use native cancel_work_sync() function) [kvm-83-194.el5] - Updated kversion to 2.6.18-212.el5 to match build root - kvm-Add-cache-unsafe-parameter-to-drive.patch [bz#623484] - kvm-qemu-img-convert-Use-cache-unsafe-for-output-image.patch [bz#623484] - kvm-fix-cancel_work_sync-conflict-on-compat-code.patch [bz#629333] - kvm-bz-547276-e1000-secrc-support.patch [bz#547276] - kvm-Use-native-smp_call_function_single-on-RHEL-5.5.patch [bz#533078] - kvm-use-native-smp_call_function_many.patch [bz#533078] - kvm-qemu-don-t-strip-qemu-img-and-qemu-io-in-make-instal.patch [bz#606394] - Resolves: bz#533078 (use native smp_call_function_many/single functions) - Resolves: bz#547276 (Vmcore cannot be captured by netdump when RHEL3.9 was installed as guest OS on KVM.) - Resolves: bz#606394 ([kvm] debug-info missing from kvm-qemu-img-83-164.el5_5.12) - Resolves: bz#623484 (KVM: qemu-img convert poor performance ( on NFS storage )) - Resolves: bz#629333 (fix build against kernel-devel-2.6.18-214.el5.x86_64: (cancel_work_sync() conflict)) [kvm-83-193.el5] - kvm-virtio-net-correct-packet-length-checks.patch [bz#606238] - kvm-Fix-segfault-in-mmio-subpage-handling-code.patch [bz#619413] - Resolves: bz#606238 (Virtio: Transfer file caused guest in same vlan abnormally quit) - Resolves: bz#619413 (CVE-2010-2784 qemu: insufficient constraints checking in exec.c:subpage_register() [rhel-5.6]) [kvm-83-192.el5] - kvm-Fix-changing-password-using-monitor-over-VNC.patch [bz#569743] - kvm-qcow2-Fix-qemu-img-check-segfault-on-corrupted-image.patch [bz#606434] - kvm-qcow2-Don-t-try-to-check-tables-that-couldn-t-be-loa.patch [bz#606434] - kvm-qemu-img-check-Distinguish-different-kinds-of-errors.patch [bz#606651] - kvm-qcow2-Change-check-to-distinguish-error-cases.patch [bz#606651] - Resolves: bz#569743 (Change vnc password caused 'Segmentation fault') - Resolves: bz#606434 ([kvm] segmentation fault when running qemu-img check on faulty image) - Resolves: bz#606651 ([kvm] qemu image check returns cluster errors when using virtIO block (thinly provisioned) during e_no_space events (along with EIO errors)) [kvm-83-191.el5] - kvm-kernel-KVM-MMU-fix-conflict-access-permissions-in-direct-sp.patch [bz#615225] - Resolves: bz#615225 (KVM uses wrong permissions for large guest pages) [kvm-83-190.el5] - kvm-New-slots-need-dirty-tracking-enabled-when-migrating.patch [bz#567046] - Resolves: bz#567046 (SPICE - race in KVM/Spice would cause migration to fail (slots are not registered properly?)) [kvm-83-189.el5] - kvm-Monitor-Check-for-error-in-do_change.patch [bz#611982] - Resolves: bz#611982 (Monitor doesnt check for 'change' command failure) [kvm-83-188.el5] - kvm-qcow2-Fix-access-after-end-of-array.patch [bz#605701] - kvm-qcow2-Don-t-ignore-immediate-read-write-failures.patch [bz#605701] - kvm-qcow2-Return-0-errno-in-write_l2_entries.patch [bz#605701] - kvm-qcow2-Fix-error-return-code-in-qcow2_alloc_cluster_l.patch [bz#605701] - kvm-qcow2-Return-0-errno-in-write_l1_entry.patch [bz#605701] - kvm-qcow2-Return-0-errno-in-l2_allocate.patch [bz#605701] - kvm-qcow2-Allow-qcow2_get_cluster_offset-to-return-error.patch [bz#605701] - kvm-qcow2-Change-l2_load-to-return-0-errno.patch [bz#605701] - kvm-qcow2-Return-right-error-code-in-write_refcount_bloc.patch [bz#605701] - kvm-qcow2-Fix-corruption-after-error-in-update_refcount.patch [bz#605701] - kvm-qcow2-Clear-L2-table-cache-after-write-error.patch [bz#605701] - kvm-qcow2-Fix-error-handling-in-l2_allocate.patch [bz#605701] - kvm-qcow2-Restore-L1-entry-on-l2_allocate-failure.patch [bz#605701] - kvm-qcow2-Allow-get_refcount-to-return-errors.patch [bz#605701] - kvm-qcow2-Allow-alloc_clusters_noref-to-return-errors.patch [bz#605701] - kvm-qcow2-Return-real-error-code-in-load_refcount_block.patch [bz#605701] - kvm-block-Add-bdrv_-p-write_sync.patch [bz#572825] - kvm-qcow2-Use-bdrv_-p-write_sync-for-metadata-writes.patch [bz#572825] - Resolves: bz#572825 (qcow2 image corruption when using cache=writeback) - Resolves: bz#605701 (Backport qcow2 fixes to RHEL 5) [kvm-83-187.el5] - kvm-Error-checking.patch [bz#587049] - kvm-Avoid-thundering-herd-problem.patch [bz#587049] - Resolves: bz#587049 (qemu posix_aio use pthread_cond_signal instead of broadcast to prevent lock storm) [kvm-83-186.el5] - Updated kversion to 2.6.18-203.el5 to match build root - kvm-kernel-KVM-Keep-slot-ID-in-memory-slot-structure.patch [bz#606953] - kvm-kernel-KVM-Prevent-internal-slots-from-being-COWed.patch [bz#606953] - Resolves: bz#606953 (fork causes trouble for vcpu threads) [kvm-83-185.el5] - kvm-turn-off-kvmclock-when-resetting-cpu.patch [bz#588878] - kvm-raw-posix-Use-pread-pwrite-instead-of-lseek-read-wri.patch [bz#600375] - kvm-block-Cache-total_sectors-to-reduce-bdrv_getlength-c.patch [bz#600375] - Resolves: bz#588878 (Rebooting a kernel with kvmclock enabled, into a kernel with kvmclock disabled, causes random crashes) - Resolves: bz#600375 (Excessive lseek() causes severe performance issues with vm disk images over NFS) [kvm-83-184.el5] - kvm-virtio-net-truncating-packet.patch [bz#606238] - Resolves: bz#606238 (Virtio: Transfer file caused guest in same vlan abnormally quit) [kvm-83-183.el5] - kvm-virtio-blk.c-avoid-zero-every-request-structure.patch [bz#598042] - kvm-qemu-io-Open-files-read-write-again.patch [bz#601494] - Resolves: bz#598042 (virtio-blk: Avoid zeroing every request structure) - Resolves: bz#601494 (qemu-io: No permission to write image) [kvm-83-182.el5] - kvm-kernel-KVM-Fix-wallclock-version-writing-race.patch [bz#592021] - Resolves: bz#592021 (race condition in pvclock wallclock calculation) - kvm-qcow2-Fix-corruption-after-refblock-allocation.patch [bz#598488] - Resolves: bz#598488 (qcow2 corruption bug in refcount table growth) [kvm-83-181.el5] - kvm-kernel-KVM-MMU-bail-out-pagewalk-on-kvm_read_guest-error.patch [bz#588251] - Resolves: bz#588251 (kvm spinning updating a guest pte, unkillable) - kvm-qemu-img-rebase-Fix-output-image-corruption.patch [bz#587278] - kvm-block-Fix-bdrv_commit.patch [bz#587604] - Resolves: bz#587278 (After re-base snapshot, the file in the snapshot disappeared) - Resolves: bz#587604 (Qcow2 snapshot got corruption after commit using block device) [kvm-83-180.el5] - kvm-qemu-img-open-file-to-be-rebased-with-read-write-per.patch [bz#587605] - Resolves: bz#587605 (Failed to re-base qcow2 snapshot) [kvm-83-179.el5] - Renumber kvm module patches from 501-625 to 1501-1625 (so the userspace patch numbers can use slots 501 to 1500) - kvm-qcow2-Export-synchronous-qcow_read-write-to-avoid-br.patch [bz#542954] - Resolves: bz#542954 (Guest suffers kernel panic when save snapshot then restart guest) [kvm-83-178.el5] - Remove bios-nohotplug.bin from package - Related: bz#498774 (QEMU: Too many devices are available for unplug in Windows XP (and we dont support that)) [kvm-83-177.el5] - kvm-Bail-out-when-VCPU_CREATE-fails.patch [bz#587661] - Resolves: bz#587661 (Fix segfault when creating more vcpus than allowed.) [kvm-83-176.el5] - kvm-Revert-fix-wrong-acpi-mapping-rhel5.x-kvm-userspace.patch [bz#576554] - patch causes issues when using Spice without QXL on some guest OSes [bz#581758 comment 8] - Related: bz#576554 (Win7/32 stuck on 100% CPU (in testing VDI driver unclassified WHQL tests)) [kvm-83-175.el5] - kvm-kernel-EPT-accessed-bit-emulation-fixed.patch [bz#582038] - Resolves: bz#582038 (backport EPT accessed bit emulation) [kvm-83-174.el5] - kvm-kernel-Revert-EPT-accessed-bit-emulation.patch [bz#582038] (patch fails to build) - Related: bz#582038 (backport EPT accessed bit emulation) [kvm-83-173.el5] - kvm-kernel-EPT-accessed-bit-emulation.patch [bz#582038] - Resolves: bz#582038 (backport EPT accessed bit emulation) [kvm-83-172.el5] - kvm-qcow2-Remove-abort-on-free_clusters-failure.patch [bz#583947] - Resolves: bz#583947 (Guest aborted when make guest stop on write error) [kvm-83-171.el5] - kvm-pcnet-make-subsystem-vendor-id-match-hardware.patch [bz#521247] - kvm-read-only-add-RO-feature-macro.patch [bz#510630] - kvm-read-only-Pass-the-read-only-attribute-to-the-Guest.patch [bz#510630] - kvm-read-only-BDRV_O_FLAGS-changes-default-now-is-read-o.patch [bz#510630] - kvm-read-only-qemu-img-Allow-opening-an-image-with-read-.patch [bz#510630] - kvm-read-only-Added-readonly-option-to-drive-s-command-l.patch [bz#510630] - kvm-read-only-Make-CDROM-a-read-only-drive.patch [bz#510630] - kvm-read-only-Disable-fall-back-to-read-only.patch [bz#510630] - kvm-read-only-Open-backing-file-read-only-where-possible.patch [bz#510630] - kvm-read-only-don-t-rely-on-CDROM-hint-for-read_only-att.patch [bz#510630] - kvm-read-only-open-for-read-only-where-possible.patch [bz#510630] - kvm-read-only-allow-read-only-CDROM-with-any-interface.patch [bz#510630] - Resolves: bz#510630 (-drive arg has no way to request a read only disk) - Resolves: bz#521247 (emulated pcnet nic in qemu-kvm has wrong PCI subsystem ID for Windows XP driver) [kvm-83-170.el5] - kvm-fix-wrong-acpi-mapping-rhel5.x-kvm-userspace.patch [bz#576554] - Resolves: bz#576554 (Win7/32 stuck on 100% CPU (in testing VDI driver unclassified WHQL tests)) [kvm-83-169.el5] - kvm-qcow2-Factor-next_refcount_table_size-out.patch [bz#577225] - kvm-qcow2-Rewrite-alloc_refcount_block-grow_refcount_tab.patch [bz#577225] - kvm-qcow2-More-checks-for-qemu-img-check.patch [bz#577225] - Resolves: bz#577225 (qcow2 corruption with I/O error during refcount block allocation) - Added register_kprobe and unregister_kprobe to the ignored ksyms list - Resolves: bz#580410 (Failed to install kvm for failed dependencies: ksym) [kvm-83-168.el5] - Fix build warnings: - kvm-Revert-avoid-leaving-orphaned-swapcache-in-ksm.patch [bz#575585] - Related: bz#575585 (memory reported as used (by SwapCache and by Cache) though no process holds it.) - kvm-avoid-leaving-orphaned-swapcache-in-ksm-v2.patch.patch [bz#575585] - Resolves: bz#575585 (memory reported as used (by SwapCache and by Cache) though no process holds it.) [kvm-83-167.el5] - kvm-avoid-leaving-orphaned-swapcache-in-ksm.patch [bz#575585] - Resolves: bz#575585 (memory reported as used (by SwapCache and by Cache) though no process holds it.) [kvm-83-166.el5] - kvm-Build-an-additional-bios-without-hotplug-support.patch [bz#498774] - Resolves: bz#498774 (QEMU: Too many devices are available for unplug in Windows XP (and we dont support that)) [kvm-83-165.el5] - Updated kversion to 2.6.18-194.el5 to match build root - kvm-kernel-account-only-for-IRQ-injected-into-vcpu0.patch [bz#555727] - kvm-kernel-Backport-KVM-fix-irq_source_id-size-verification.patch [bz#520572] - kvm-kernel-KVM-x86-disable-paravirt-mmu-reporting.patch [bz#574621] - Resolves: bz#520572 (SR-IOV -- Guest exit and host hang on if boot VM with 8 VFs assigned) - Resolves: bz#555727 (Time drift in win2k3-64bit and win2k8-64bit smp guest) - Resolves: bz#574621 (Linux pvmmu guests (FC11, FC12, etc) crash on boot on AMD hosts with NPT disabled) - kvm-kbd-leds-infrastructure.patch [bz#517814] - kvm-kbd-leds-ps-2-kbd.patch [bz#517814] - kvm-kbd-leds-usb-kbd.patch [bz#517814] - kvm-kbd-keds-vnc.patch [bz#517814] - Resolves: bz#517814 (Caps Lock the keys appearance of guest is not synchronous as hosts --view kvm with vnc) LOW Copyright 2011 Oracle, Inc. CVE-2010-4525 cpe:/a:oracle:linux:5:6:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 [4.63-5.el5_6.2] - fix privilege escalation (CVE-2010-4345, #662012) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4345 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [3.9.8-33:.1] - Applied patch to fix CVE-2010-4267, remote stack overflow vulnerability (bug #662740). MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4267 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:linux:5:8:base Oracle Linux 5 [2.6.18-238.1.1.0.1.el5] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-238.1.1.el5] - [scsi] megaraid: give FW more time to recover from reset (Tomas Henzl) [667141 665427] - [fs] gfs2: fix statfs error after gfs2_grow (Robert S Peterson) [666792 660661] - [mm] prevent file lock corruption using popen(3) (Larry Woodman) [667050 664931] - [net] sctp: fix panic from bad socket lock on icmp error (Neil Horman) [665476 665477] {CVE-2010-4526} IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4526 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [5.1.52-1.1] - Update to MySQL 5.1.52, for various fixes described at http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html including numerous small security issues Resolves: #652553 - Sync with current Fedora package; this includes: - Duplicate COPYING and EXCEPTIONS-CLIENT in -libs and -embedded subpackages, to ensure they are available when any subset of mysql RPMs are installed, per revised packaging guidelines - Allow init script's STARTTIMEOUT/STOPTIMEOUT to be overridden from sysconfig MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3683 CVE-2010-3839 CVE-2010-3836 CVE-2010-3679 CVE-2010-3680 CVE-2010-3833 CVE-2010-3835 CVE-2010-3837 CVE-2010-3838 CVE-2010-3678 CVE-2010-3677 CVE-2010-3681 CVE-2010-3682 CVE-2010-3840 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6:2:base Oracle Linux 5 Oracle Linux 6 [0.56.13-4] - Correctly mark the LDAP default password value as encrypted (CVE-2011-0002) Resolves: #668020 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0002 cpe:/a:oracle:exadata_dbserver:11.2.3.2.2::ol5 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:11.2.3.2.1::ol5 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:exadata_dbserver:11.2.3.2.0::ol5 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest cpe:/a:oracle:exadata_dbserver:11.2::ol5 cpe:/a:oracle:linux:5:6:patch Oracle Linux 5 [1:1.6.0.0-1.17.b17.0.1.el5] - Add oracle-enterprise.patch [1:1.6.0.0-1.17.b17.el5] - Updated to 1.7.7 tarball - Resolves: bz668487 - Also resolves bz668488 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3860 CVE-2010-4351 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.2.6-2] - Added fix for js regression [1.2.6-1] - Update to 1.2.6 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-1793 CVE-2010-3113 CVE-2010-3813 CVE-2010-1812 CVE-2010-1815 CVE-2010-3115 CVE-2010-3116 CVE-2010-3255 CVE-2010-3259 CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1786 CVE-2010-1787 CVE-2010-1790 CVE-2010-1814 CVE-2010-3812 CVE-2010-4577 CVE-2010-1788 CVE-2010-1807 CVE-2010-1792 CVE-2010-3114 CVE-2010-3257 CVE-2010-1785 CVE-2010-3119 CVE-2010-4197 CVE-2010-4198 CVE-2010-4204 CVE-2010-4206 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [1.28.1-3.el6_0.3] - Fix a division by zero found in testing [1.28.1-3.el6_0.2] - Use -fno-strict-aliasing for C++, too - Escape macros in %changelog [1.28.1-3.el6_0.1] - Prevent heap corruption with malformed fonts. (CVE-2011-0020) - Resolves: #671529 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0020 cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.2.1-19.3.0.1.el6_0.5] - Replaced RedHat colors with Oracle colors, OOO_VENDOR with Oracle Corp., and the filename redhat.soc with oracle.soc in specfile bug#10911 [1:3.2.1-19.6.5] - Related: rhbz#671087 set right file permissions [1:3.2.1-19.6.4] - Resolves: rhbz#671087 file locks are not created with gvfs-sftp volumes with OpenOffice.org [1:3.2.1-19.6.3] - Resolves: rhbz#642200 openoffice.org various flaws - CVE-2010-4643 heap based buffer overflow when parsing TGA files [1:3.2.1-19.6.2] - Resolves: rhbz#642200 openoffice.org various flaws - CVE-2010-4253 heap based buffer overflow in PPT import [1:3.2.1-19.6.1] - Resolves: rhbz#642200 openoffice.org various flaws - CVE-2010-3450 directory traversal flaws in handling of XSLT jar filter descriptions and OXT extension files - CVE-2010-3451 Array index error by insecure parsing of broken rtf tables - CVE-2010-3452 Integer signedness error (crash) by processing certain RTF tags - CVE-2010-3453 Heap-based buffer overflow by processing *.doc files with WW8 list styles with specially-crafted count of list levels - CVE-2010-3454 Array index error by scanning document typography information of certain *.doc files - CVE-2010-3689 soffice insecure LD_LIBRARY_PATH setting IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-3450 CVE-2010-4253 CVE-2010-3453 CVE-2010-3451 CVE-2010-3452 CVE-2010-3454 CVE-2010-4643 CVE-2010-3689 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [5.3.2-6.1] - add security fixes for CVE-2010-3709, CVE-2010-3870, CVE-2009-5016, CVE-2010-4645 (#670461) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3870 CVE-2010-4645 CVE-2010-3709 CVE-2009-5016 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [5.3.3-1.1] - add security fixes for CVE-2010-3710, CVE-2010-4156, CVE-2010-4645 (#670463) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4645 CVE-2010-3710 CVE-2010-4156 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [8.4.7-1.el6_0.1] - Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html http://www.postgresql.org/docs/8.4/static/release-8-4-6.html including the fix for CVE-2010-4015 Resolves: #672634 [8.4.5-1.el6_0.2] - Ensure we don't package any .gitignore files from the source tarball (650913) [8.4.5-1.el6_0.1] - Update to PostgreSQL 8.4.5, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-5.html including the fix for CVE-2010-3433 Resolves: #640069 - Duplicate COPYRIGHT in -libs subpackage, per revised packaging guidelines MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4015 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base Oracle Linux 5 [8.4.7-1.el5_6.1] - Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html http://www.postgresql.org/docs/8.4/static/release-8-4-6.html including the fix for CVE-2010-4015 Resolves: #672636 - Ensure we don't package any .gitignore files from the source tarball MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4015 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 - add upstream patch to fix hang or crash in the KDC when using the LDAP kdb backend (CVE-2011-0281, CVE-2011-0282, #671096) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0281 CVE-2011-0282 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.8.2-3.4] - add upstream patches to fix standalone kpropd exiting if the per-client child process exits with an error, and hang or crash in the KDC when using the LDAP kdb backend (CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, #671101) [1.8.2-3.3] - pull up crypto changes made between 1.8.2 and 1.8.3 to fix upstream #6751, assumed to already be there for the next fix - incorporate candidate patch to fix various issues from MITKRB5-SA-2010-007 (CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, #651962) [1.8.2-3.2] - fix reading of keyUsage extensions when attempting to select pkinit client certs (part of #644825, RT#6775) - fix selection of pkinit client certs when one or more don't include a subjectAltName extension (part of #644825, RT#6774) [1.8.2-3.1] - incorporate candidate patch to fix uninitialized pointer crash in the KDC (CVE-2010-1322, #636336) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0282 CVE-2011-0281 CVE-2010-1322 CVE-2010-4020 CVE-2010-1324 CVE-2010-4022 CVE-2010-1323 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [1.6.0.0-1.36.b17] - removed plugin. How it comes in?! - Resolves: rhbz#676295 [1.6.0.0-1.33.b17] - bumped release number, it was accidentaly reduced, and now lower version then last one was released. - Resolves: rhbz#676295 [1.6.0.0-1.22.b17] - Updated to 1.7.9 tarball - removed patch6, fixed upstrream - Resolves: rhbz#676295 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4476 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [12:4.1.1-12.P1.2] - CVE-2011-0413: Unexpected abort caused by a DHCPv6 decline message (#672994) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0413 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [1.6.11-7.1] - add security fixes for CVE-2010-4644, CVE-2010-4539 (#672676) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4644 CVE-2010-4539 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.6.11-2.2] - add security fixes for CVE-2010-4644, CVE-2010-4539 (#672678) [1.6.11-2.1] - add security fix for CVE-2010-3315 (#640322) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3315 CVE-2010-4539 CVE-2010-4644 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [1.6.0.0-1.39.b17] - respin of IcedTea6 1.7.10 - Resolves: rhbz#676276 [1.6.0.0-1.37.b17] - Updated to IcedTea6 1.7.10 - Resolves: rhbz#676276 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4469 CVE-2010-4472 CVE-2010-4470 CVE-2010-4465 CVE-2010-4448 CVE-2010-4450 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.6.32-71.18.1.el6] - [netdrv] ixgbe: make sure FCoE DDP user buffers are really released by the HW (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: invalidate FCoE DDP context when no error status is available (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: avoid doing FCoE DDP when adapter is DOWN or RESETTING (Frantisek Hrbata) [674002 617193] - [fcoe] libfc: remove tgt_flags from fc_fcp_pkt struct (Mike Christie) [666797 633915] - [fcoe] libfc: use rport timeout values for fcp recovery (Frantisek Hrbata) [666797 633915] - [fcoe] libfc: incorrect scsi host byte codes returned to scsi-ml (Mike Christie) [666797 633915] - [scsi] scsi_dh_alua: fix overflow in alua_rtpg port group id check (Mike Snitzer) [673978 670572] [2.6.32-71.17.1.el6] - [s390x] kdump: allow zfcpdump to mount and write to ext4 file systems (Amerigo Wang) [661667 628676] - [scsi] qla2xxx: Properly set the return value in function qla2xxx_eh_abort (Chad Dupuis) [664398 635710] - [scsi] qla2xxx: Drop srb reference before waiting for completion (Chad Dupuis) [664398 635710] - [virt] KVM: VMX: Really clear cr0.ts when giving the guest ownership of the fpu (Avi Kivity) [658891 645898] - [virt] KVM: SVM: Initialize fpu_active in init_vmcb() (Avi Kivity) [658891 645898] - [virt] KVM: x86: Use unlazy_fpu() for host FPU (Avi Kivity) [658891 645898] - [virt] KVM: Set cr0.et when the guest writes cr0 (Avi Kivity) [658891 645898] - [virt] KVM: VMX: Give the guest ownership of cr0.ts when the fpu is active (Avi Kivity) [658891 645898] - [virt] KVM: Lazify fpu activation and deactivation (Avi Kivity) [658891 645898] - [virt] KVM: VMX: Allow the guest to own some cr0 bits (Avi Kivity) [658891 645898] - [virt] KVM: Replace read accesses of vcpu->arch.cr0 by an accessor (Avi Kivity) [658891 645898] - [virt] KVM: VMX: trace clts and lmsw instructions as cr accesses (Avi Kivity) [658891 645898] [2.6.32-71.16.1.el6] - [net] ipsec: fragment locally generated tunnel-mode IPSec6 packets as needed (Herbert Xu) [670421 661113] - [net] tcp: Increase TCP_MAXSEG socket option minimum to TCP_MIN_MSS (Frantisek Hrbata) [652510 652511] {CVE-2010-4165} - [perf] perf_events: Fix perf_counter_mmap() hook in mprotect() (Oleg Nesterov) [651672 651673] {CVE-2010-4169} - [md] dm mpath: revert 'dm: Call blk_abort_queue on failed paths' (Mike Snitzer) [658854 636771] - [x86] UV: Address interrupt/IO port operation conflict (George Beshers) [662921 659480] - [mm] guard page for stacks that grow upwards (Johannes Weiner) [666796 630562] - [scsi] enable state transistions from OFFLINE to RUNNING (Mike Christie) [660590 643237] - [scsi] set queue limits no_cluster for stacked devices (Mike Snitzer) [662050 658293] - [mm] Out-of-memory under memory cgroup can call both of oom-killer-for-memcg and oom-killer-for-page-fault (Larry Woodman) [661732 592879] - [scsi] libfc: possible race could panic system due to NULL fsp->cmd (Mike Christie) [662049 638297] - [kernel] exec: copy-and-paste the fixes into compat_do_execve() paths (Oleg Nesterov) [627811 625695] {CVE-2010-4243} - [kernel] exec: make argv/envp memory visible to oom-killer (Oleg Nesterov) [627811 625695] {CVE-2010-4243} - [virt] virtio: console: Send SIGIO in case of port unplug (Amit Shah) [652720 624628] - [virt] virtio: console: Send SIGIO on new data arrival on ports (Amit Shah) [652720 624628] - [virt] virtio: console: Send SIGIO to processes that request it for host events (Amit Shah) [652720 624628] - [virt] virtio: console: Reference counting portdev structs is not needed (Amit Shah) [662721 628805] - [virt] virtio: console: Add reference counting for port struct (Amit Shah) [662721 628805] - [virt] virtio: console: Use cdev_alloc() instead of cdev_init() (Amit Shah) [662721 628805] - [virt] virtio: console: Add a find_port_by_devt() function (Amit Shah) [662721 628805] - [virt] virtio: console: Add a list of portdevs that are active (Amit Shah) [662721 628805] - [virt] virtio: console: open: Use a common path for error handling (Amit Shah) [662721 628805] - [virt] virtio: console: remove_port() should return void (Amit Shah) [662721 628805] - [virt] virtio: console: Make write() return -ENODEV on hot-unplug (Amit Shah) [662721 628805] - [virt] virtio: console: Make read() return -ENODEV on hot-unplug (Amit Shah) [662721 628805] - [virt] virtio: console: Unblock poll on port hot-unplug (Amit Shah) [662721 628805] - [virt] virtio: console: Un-block reads on chardev close (Amit Shah) [662721 628805] - [virt] virtio: console: Check if portdev is valid in send_control_msg() (Amit Shah) [662721 628805] - [virt] virtio: console: Remove control vq data only if using multiport support (Amit Shah) [662721 628805] - [virt] virtio: console: Reset vdev before removing device (Amit Shah) [662721 628805] - [fs] Fix nfsv4 client lock reclaim behaviour (Sachin Prabhu) [661730 638269] - [scsi] scsi_dh_alua: Handle all states correctly (Mike Snitzer) [659610 636994] - [kernel] execve: improve interactivity and respond to SIGKILL with large arguments (Dave Anderson) [661731 629178] - [virt] xen: handle events as edge-triggered (Andrew Jones) [661737 550724] - [virt] xen: use percpu interrupts for IPIs and VIRQs (Andrew Jones) [661737 550724] [2.6.32-71.15.1.el6] - [net] bonding: prevent oopsing on calling pskb_may_pull on shared skb (Andy Gospodarek) [671342 665110] MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4165 CVE-2010-4169 CVE-2010-4243 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [2.6.18-238.5.1.0.1.el5] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-238.5.1.el5] - [x86_64] vdso: fix gtod via export of sysctl_vsyscall (Prarit Bhargava) [678613 673616] [2.6.18-238.4.1.el5] - [net] be2net: fix missing trans_start update (Ivan Vecera) [674273 671595] - [net] fix unix socket local dos (Neil Horman) [656759 656760] {CVE-2010-4249} - [net] core: clear allocs for privileged ethtool actions (Jiri Pirko) [672432 672433] {CVE-2010-4655} - [net] limit socket backlog add operation to prevent DoS (Jiri Pirko) [657308 657309] {CVE-2010-4251} - [block] fix accounting bug on cross partition merges (Jerome Marchand) [672253 646816] - [char] virtio: Wake console outvq on host notifications (Amit Shah) [673983 673459] - [char] virtio: make console port names a KOBJ_ADD event (Amit Shah) [673984 669909] [2.6.18-238.3.1.el5] - [net] tcp: fix shrinking windows with window scaling (Jiri Pirko) [669300 627496] - [virt] xen: no enable extended PCI cfg space via IOports (Don Dutile) [671340 661478] - [net] e1000: Avoid unhandled IRQ (Dean Nelson) [670807 651512] - [net] e1000: fix screaming IRQ (Dean Nelson) [670807 651512] [2.6.18-238.2.1.el5] - [acpi] bus: check if list is empty before kfree()ing it (Matthew Garrett) [670797 670373] - [net] ipv6: fragment local tunnel IPSec6 pkts if needed (Herbert Xu) [670824 661110] - [block] cciss: fix null pointer problem in tur usage (Tomas Henzl) [668976 664592] MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4249 CVE-2010-4251 CVE-2010-4805 CVE-2010-4655 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [3.5.4-68.2] - Security Release, fixes CVE-2011-0719 - resolves: #678334 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0719 cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [3.5.4-0.70.1] - Security Release, fixes CVE-2011-0719 - resolves: #678332 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0719 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [3:2.1.9-6.1] - fix #677845 - fixed CVE-2008-0564, CVE-2010-3089 and CVE-2011-0707 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3089 CVE-2008-0564 CVE-2011-0707 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:linux:5:8:base Oracle Linux 6 [3:2.1.12-14.2] - fix #677848 - fixed build problem without brew [3:2.1.12-14.1] - fix #677848 - fixed CVE-2010-3089 and CVE-2011-0707 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3089 CVE-2011-0707 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch Oracle Linux 6 [1.28.1-3.el6_0.5] - Prevent an integer overflow in hb_buffer_ensure() Related: #679693 [1.28.1-3.el6_0.4] - Check for realloc failures in hb_buffer_ensure() (CVE-2011-0064) CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0064 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base Oracle Linux 5 Oracle Linux 6 firefox: [3.6.14-4.0.1.el6_0] - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js [3.6.14-4] - Update to build3 [3.6.14-3] - Update to build2 [3.6.14-2] - Update to 3.6.14 xulrunner: [1.9.2.14-3.0.1.el6_0] - Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one. Bug#11487 [1.9.2.14-3] - Update to build3 [1.9.2.14-2] - Update to build2 [1.9.2.14-1] - Update to 1.9.2.14 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0058 CVE-2011-0059 CVE-2010-1585 CVE-2011-0053 CVE-2011-0054 CVE-2011-0056 CVE-2011-0062 CVE-2011-0051 CVE-2011-0055 CVE-2011-0057 CVE-2011-0061 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.1.8-4.0.2.el6_0] - Replace clean.gif in tarball [3.1.8-4.0.1.el6_0] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [3.1.8-4] - Update to build3 [3.1.8-3] - Update to build2 [3.1.8-2] - Update to 3.1.8 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0061 CVE-2010-1585 CVE-2011-0053 CVE-2011-0062 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [3.9.4-1.el6_0.1] - Add fix for CVE-2011-0192 Resolves: #679298 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0192 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [0.36-6.1] - Fixed buffer overflow when parsing cgexec command line parameters. - Added checking of source of netlink messages to cgrulesengd daemon. - Resolves: CVE-2011-1006 CVE-2011-1022 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1006 CVE-2011-1022 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [7.3.6-49] - Added fix for CVE-2011-1018: Privilege escalation due improper sanitization of special characters in log file names Resolves: #680304 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1018 cpe:/a:oracle:exadata_dbserver:11.2.3.2.2::ol5 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:exadata_dbserver:11.2.3.2.1::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:exadata_dbserver:11.2.3.2.0::ol5 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:11.2::ol5 cpe:/a:oracle:linux:5:6:patch Oracle Linux 5 [1.6.11-7.3] - add fix for svnadmin hotcopy (#681522) [1.6.11-7.2] - add security fix for CVE-2011-0715 (#681171) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0715 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.6.11-2.3] - add security fix for CVE-2011-0715 (#681173) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0715 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch Oracle Linux 6 [2.6.32-71.18.2.el6] - [fs] sunrpc: Correct a misapplied patch (J. Bruce Fields) [678094 678146] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0714 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 Oracle Linux 5 [1.0.4-3.1] - fix the buffer overflow bug before iscsi login (CVE-2011-0001) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0001 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [0:6.0.24-24] - Resolves: rhbz#674601 - Removed wildcard in main %files that caused duplicate ownership - of log4j.properties [0:6.0.24-23] - Resolves: rhbz#674601 - Reverse - tomcat user requires login shell - Reverse - rhbz 611244 tomcat-juli missing symlink - PM/QE decision to include only the security fixes. The rhbzs - will be taken care of during the rebase to 6.0.33. - Did not Reverse - rhbz 676922 - additionally instancs of tomcat are broken - Too many users depend upon it. [0:6.0.24-22] - Resolves - tomcat user requires login shell [0:6.0.24-21] - Resolves: 676922 - additionally created instances of tomcat - are broken [0:6.0.24-20] - Resolves: rbz# 676922 - Resolves: init script LSB compliance - Resolves: multiple instances of tomcat. - Resolves: tomcat-juli missing symlink [0:6.0.24-18] - Resolves directory permission problems [0:6.0.24-17] - Resolves: CVE-2011-0534 rhbz#674601 [0:6.0.24-16] - Resolves rhbz#674601 JDK Double.parseDouble DoS IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0534 CVE-2010-4476 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [0:5.5.23-0jpp.17] - Resolves: rhbz 674599 JDK Double.parseDouble DoS IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4476 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.2.2-6.el6_0.1] - Resolves: #681891 - CVE-2011-0762 vsftpd: remote DoS via crafted glob pattern IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0762 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [qemu-kvm-0.12.1.2-2.113.el6_0.8] - kvm-Revert-blockdev-Fix-drive_del-not-to-crash-when-driv.patch [bz#677170] - kvm-Revert-blockdev-check-dinfo-ptr-before-using-v2.patch [bz#677170] - kvm-Revert-Implement-drive_del-to-decouple-block-removal.patch [bz#677170] - kvm-Revert-block-Catch-attempt-to-attach-multiple-device.patch [bz#677170] - kvm-Revert-qdev-Decouple-qdev_prop_drive-from-DriveInfo-.patch [bz#677170] - kvm-Revert-blockdev-Clean-up-automatic-drive-deletion-v2.patch [bz#677170] - kvm-Revert-blockdev-New-drive_get_by_blockdev-v2.patch [bz#677170] - kvm-Revert-qdev-Don-t-leak-string-property-value-on-hot-.patch [bz#677170] - kvm-Revert-ide-Split-non-qdev-code-off-ide_init2.patch [bz#677170] - kvm-Revert-ide-Change-ide_init_drive-to-require-valid-di.patch [bz#677170] - kvm-Revert-ide-Split-ide_init1-off-ide_init2-v2.patch [bz#677170] - kvm-Revert-ide-Remove-redundant-IDEState-member-conf.patch [bz#677170] - Related: bz#677170 (drive_del command to let libvirt safely remove block device from guest) [qemu-kvm-0.12.1.2-2.113.el6_0.7] - kvm-ide-Remove-redundant-IDEState-member-conf.patch [bz#677170] - kvm-ide-Split-ide_init1-off-ide_init2-v2.patch [bz#677170] - kvm-ide-Change-ide_init_drive-to-require-valid-dinfo-arg.patch [bz#677170] - kvm-ide-Split-non-qdev-code-off-ide_init2.patch [bz#677170] - kvm-qdev-Don-t-leak-string-property-value-on-hot-unplug.patch [bz#677170] - kvm-blockdev-New-drive_get_by_blockdev-v2.patch [bz#677170] - kvm-blockdev-Clean-up-automatic-drive-deletion-v2.patch [bz#677170] - kvm-qdev-Decouple-qdev_prop_drive-from-DriveInfo-v2.patch [bz#677170] - kvm-block-Catch-attempt-to-attach-multiple-devices-to-a-.patch [bz#677170] - kvm-Implement-drive_del-to-decouple-block-removal-from-d.patch [bz#677170] - kvm-blockdev-check-dinfo-ptr-before-using-v2.patch [bz#677170] - kvm-blockdev-Fix-drive_del-not-to-crash-when-drive-is-no.patch [bz#677170] - kvm-Fix-CVE-2011-0011-qemu-kvm-Setting-VNC-password-to-e.patch [bz#668598] - Resolves: bz#668598 (CVE-2011-0011 qemu-kvm: Setting VNC password to empty string silently disables all authentication [rhel-6.0.z]) - Resolves: bz#677170 (drive_del command to let libvirt safely remove block device from guest) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0011 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [2.3.43-12.7] - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success (#680484) [2.3.43-12.6] - fix: slapd concurrent access to connections causes slapd to silently die (#677611) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1024 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.4.19-15.2] - fix: security - DoS when submitting special MODRDN request (#680975) [2.4.19-15.1] - fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success - fix: CVE-2011-1025 rootpw is not verified for ndb backend MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1024 CVE-2011-1025 CVE-2011-1081 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.8.2-3.6] - add revised upstream patch to fix double-free in KDC while returning typed-data with errors (CVE-2011-0284, #681564) [1.8.2-3.5] - add upstream patches to fix double-free in KDC while returning typed-data with errors (CVE-2011-0284, #681564) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0284 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.2.15-1.0.1.el6_0.1] - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect [1.2.15-1] - upgrade to 1.2.15 - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.14.html - see http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html - Resolves: CVE-2011-0444 CVE-2011-0538 CVE-2011-0713 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0444 CVE-2011-1139 CVE-2011-0538 CVE-2011-0713 CVE-2011-1140 CVE-2011-1141 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch Oracle Linux 5 [1.0.15-1.0.1.el5_6.4] - Added oracle-ocfs2-network.patch [1.0.15-1.4] - fix few security issues - Resolves: CVE -2011-0024 CVE-2011-0538 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143 #612240 [1.0.15-1.3] - recompile with -fno-strict-aliasing [1.0.15-1.2] - fix buffer overflow in ENTTEC dissector - Resolves: #667335 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1140 CVE-2011-0538 CVE-2011-1139 CVE-2011-1141 CVE-2011-1143 CVE-2011-0024 CVE-2010-3445 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [1.9.2.15-2.0.1.el6_0] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.15-2] - Fixed mozbz#642395 IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.1.9-3.0.1.el6_0] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.9-3] - Added fixes for mozbz#642395 - ignore bogus Comodo certificates [3.1.9-2] - Update to 3.1.9 IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch Oracle Linux 5 Oracle Linux 6 [1:1.2.24-4] - Apply patch for CVE-2010-4352 - Resolves: #684852 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4352 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [3.0.6-5.1] - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary file_extra_cnt increments Resolves: #684932 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1097 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6:2:base Oracle Linux 6 Oracle Linux 5 [0.8.1-27.0.1.el6_0.5] - Replace docs/et.png in tarball with blank image [0.8.1-27.el6_0.5] - Properly report error in virConnectDomainXMLToNative (CVE-2011-1146) [0.8.1-27.el6_0.4] - Add missing checks for read-only connections (CVE-2011-1146) [0.8.1-27.el6_0.3] - Remove patches not suitable for proper Z-stream: - Export host information through SMBIOS to guests (rhbz#652678) - Support forcing a CDROM eject (rhbz#658147) - Plug several memory leaks (rhbz#672549) - Avoid memory overhead of matchpathcon (rhbz#672554) - Do not start libvirt-guests if that service is off (rhbz#668694) [0.8.1-27.el6_0.2] - spec file cleanups (rhbz#662045) - Fix deadlock on concurrent multiple bidirectional migration (rhbz#662043) - Fix off-by-one error in clock-variable (rhbz#662046) - Export host information through SMBIOS to guests (rhbz#652678) - Ensure device is deleted from guest after unplug (rhbz#662041) - Distinguish between QEMU domain shutdown and crash (rhbz#662042) [0.8.1-27.el6_0.1] - Fix JSON migrate_set_downtime command (rhbz#658143) - Make SASL work over UNIX domain sockets (rhbz#658144) - Let qemu group look below /var/lib/libvirt/qemu/ (rhbz#656972) - Fix save/restore on root_squashed NFS (rhbz#656355) - Fix race on multiple migration (rhbz#658141) - Export host information through SMBIOS to guests (rhbz#652678) - Support forcing a CDROM eject (rhbz#658147) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1146 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [3.9.4-1.el6_0.2] - Fix incorrect fix for CVE-2011-0192 Resolves: #688829 - Add fix for CVE-2011-1167 Resolves: #688742 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1167 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch Oracle Linux 5 [0.12.2-24.0.1.el5_6.1] - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Recreated Data.fs in luci_db.tar.gz - Replaced redhat logo image in conga-0.12.2.tar.gz [0.12.2-24.1] - Fix bz680515 (CVE-2011-0720 plone: unauthorized remote administrative access) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0720 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.30.4-21.0.2.el6_0.1] - Added oracle-enterprise.patch to show oracle-release contents. [2.30.4-21.1] - Fix CVE-2011-0727 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0727 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch Oracle Linux 6 [0.99.15-5_el6_0.2] - Resolves: #684750 - CVE-2010-1674 CVE-2010-1675 quagga various flaws MODERATE Copyright 2011 Oracle, Inc. CVE-2010-1674 CVE-2010-1675 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base Oracle Linux 6 [3.7.8-12.1] - fix #688518 - fixed CVE-2011-1154, CVE-2011-1155 and CVE-2011-1098 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6:2:base Oracle Linux 5 [2.5-58.el5_6.2] - Avoid too much stack use in fnmatch (#681054, CVE-2011-1071) - Properly quote output of locale (#625893, CVE-2011-1095) - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged (#667974, CVE-2011-0536) - Fix handling of newline in addmntent (#559579, CVE-2010-0296) [2.5-58.el5_6.1] - Don't ignore in libraries (#682991) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-0296 CVE-2011-1095 CVE-2011-1659 CVE-2011-1071 CVE-2011-0536 CVE-2011-1658 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.12-1.7.el6_0.5] - Avoid too much stack use in fnmatch (#681054, CVE-2011-1071) - Properly quote output of locale (#625893, CVE-2011-1095) - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged (#667974, CVE-2011-0536) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1071 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 CVE-2011-0536 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 policycoreutils: [2.0.83-19.8] - Fix seunshare to work with /tmp content when SELinux context is not provided Resolves: #679689 [2.0.83-19.7] - put back correct chcon - Latest fixes for seunshare [2.0.83-19.6] - Fix rsync command to work if the directory is old. - Fix all tests Resolves: #679689 [2.0.83-19.5] - Add requires rsync and fix man page for seunshare [2.0.83-19.4] - fix to sandbox - Fix seunshare to use more secure handling of /tmp - Rewrite seunshare to make sure /tmp is mounted stickybit owned by root - Change to allow sandbox to run on nfs homedirs, add start python script - change default location of HOMEDIR in sandbox to /tmp/.sandbox_home_* - Move seunshare to sandbox package - Fix sandbox to show correct types in usage statement selinux-policy: [3.7.19-54.0.1.el6_0.5] - Allow ocfs2 to be mounted with file_t type. [3.7.19-54.el6_0.5] - seunshare needs to be able to mounton nfs/cifs/fusefs homedirs Resolves: #684918 [3.7.19-54.el6_0.4] - Fix to sandbox * selinux-policy fixes for policycoreutils sandbox changes - Fix seunshare to use more secure handling of /tmp - Change to allow sandbox to run on nfs homedirs, add start python script IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1011 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch Oracle Linux 6 [2.6.32-71.24.1.el6] - [fs] Revert '[fs] inotify: stop kernel memory leak on file creation failure' (Eric Paris) [656831 656832] {CVE-2010-4250} [2.6.32-71.23.1.el6] - [x86] Revert '[x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs' (Frank Arnold) [683813 652208] [2.6.32-71.22.1.el6] - rebuild [2.6.32-71.21.1.el6] - [netdrv] ixgbe: limit VF access to network traffic (Frantisek Hrbata) [684129 678717] - [netdrv] ixgbe: work around for DDP last buffer size (Frantisek Hrbata) [684129 678717] - [net] gro: reset dev and skb_iff on skb reuse (Andy Gospodarek) [688311 681970] - [x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs (Frank Arnold) [683813 652208] - [virt] virtio_net: Add schedule check to napi_enable call (Michael S. Tsirkin) [684268 676579] - [s390x] mm: add devmem_is_allowed() for STRICT_DEVMEM checking (Hendrik Brueckner) [684267 647365] - [powerpc] Don't use kernel stack with translation off (Steve Best) [684266 628951] - [powerpc] Initialise paca->kstack before early_setup_secondary (Steve Best) [684266 628951] [2.6.32-71.20.1.el6] - [dvb] kernel: av7110 negative array offset (Mauro Carvalho Chehab) [672403 672404] {CVE-2011-0521} - [fs] sunrpc: Correct a misapplied patch (J. Bruce Fields) [678094 678146] {CVE-2011-0714} - [netdrv] orinoco: fix TKIP countermeasure behaviour (Stanislaw Gruszka) [667908 667909] {CVE-2010-4648} - [kernel] /proc/vmcore: speed up access to vmcore file (Neil Horman) [683442 672937] - [netdrv] cnic: Fix big endian bug (Steve Best) [678484 676640] - [scsi] fcoe: drop FCoE LOGO in FIP mode (Mike Christie) [683814 668114] - [s390x] remove task_show_regs (Danny Feng) [677854 677855] {CVE-2011-0710} - [ib] cm: Bump reference count on cm_id before invoking callback (Doug Ledford) [676190 676191] {CVE-2011-0695} - [rdma] cm: Fix crash in request handlers (Doug Ledford) [676190 676191] {CVE-2011-0695} - [net] bridge: Fix mglist corruption that leads to memory corruption (Herbert Xu) [678172 659421] {CVE-2011-0716} - [netdrv] r8169: use RxFIFO overflow workaround and prevent RxFIFO induced infinite loops (Ivan Vecera) [680080 630810] - [s390x] kernel: nohz vs cpu hotplug system hang (Hendrik Brueckner) [683815 668470] - [netdrv] cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory (Doug Ledford) [633156 633157] {CVE-2010-3296} - [configs] redhat: added CONFIG_SECURITY_DMESG_RESTRICT option (Frantisek Hrbata) [683822 653245] - [kernel] restrict unprivileged access to kernel syslog (Frantisek Hrbata) [683822 653245] - [fs] cifs: allow matching of tcp sessions in CifsNew state (Jeff Layton) [683812 629085] - [fs] cifs: fix potential double put of TCP session reference (Jeff Layton) [683812 629085] - [fs] cifs: prevent possible memory corruption in cifs_demultiplex_thread (Jeff Layton) [683812 629085] - [fs] cifs: eliminate some more premature cifsd exits (Jeff Layton) [683812 629085] - [fs] cifs: prevent cifsd from exiting prematurely (Jeff Layton) [683812 629085] - [fs] CIFS: Make cifs_convert_address() take a const src pointer and a length (Jeff Layton) [683812 629085] - [kdump] kexec: accelerate vmcore copies by marking oldmem in /proc/vmcore as cached (Neil Horman) [683445 641315] - [virt] KVM: VMX: Disallow NMI while blocked by STI (Avi Kivity) [683783 616296] - [virt] kvm: write protect memory after slot swap (Michael S. Tsirkin) [683781 647367] [2.6.32-71.19.1.el6] - [crypto] sha-s390: Reset index after processing partial block (Herbert Xu) [678996 626515] - [net] clear heap allocations for privileged ethtool actions (Jiri Pirko) [672434 672435] {CVE-2010-4655} - [usb] iowarrior: don't trust report_size for buffer size (Don Zickus) [672421 672422] {CVE-2010-4656} - [virt] virtio: console: Wake up outvq on host notifications (Amit Shah) [678558 643750] - [fs] inotify: stop kernel memory leak on file creation failure (Eric Paris) [656831 656832] {CVE-2010-4250} - [net] sctp: fix kernel panic resulting from mishandling of icmp dest unreachable msg (Neil Horman) [667028 667029] {CVE-2010-4526} - [mm] install_special_mapping skips security_file_mmap check (Frantisek Hrbata) [662198 662199] {CVE-2010-4346} - [kdump] vt-d: Handle previous faults after enabling fault handling (Takao Indoh) [678485 617137] - [kdump] Enable the intr-remap fault handling after local apic setup (Takao Indoh) [678485 617137] - [kdump] vt-d: Fix the vt-d fault handling irq migration in the x2apic mode (Takao Indoh) [678485 617137] - [kdump] vt-d: Quirk for masking vtd spec errors to platform error handling logic (Takao Indoh) [678485 617137] - [virt] virtio: console: Don't block entire guest if host doesn't read data (Amit Shah) [678562 643751] - [virt] virtio: console: Prevent userspace from submitting NULL buffers (Amit Shah) [678559 635535] - [virt] virtio: console: Fix poll blocking even though there is data to read (Amit Shah) [678561 634232] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4526 CVE-2011-0521 CVE-2011-0716 CVE-2010-4656 CVE-2011-0710 CVE-2010-4346 CVE-2010-4648 CVE-2011-0695 CVE-2011-1478 CVE-2010-4655 CVE-2010-3296 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [2:2.3.3-2.2] - fix CVE-2011-0411 (#683387) - fix CVE-2008-2937 (#683387) - defuzzification of patches MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0411 CVE-2008-2937 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2:2.6.6-2.1] - fix CVE-2011-0411 (#682978) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0411 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch Oracle Linux 6 [2.4-1.el6_0.2] - Fix security vulnerability CVE-2011-0012 (rhbz#639869) Resolves: rhbz#639870 [2.4-1.el6_0.1] - Fix security vulnerability CVE-2011-1179 (rhbz#689931) Resolves: rhbz#689932 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0012 CVE-2011-1179 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [12:4.1.1-12.P1.4] - Better fix for CVE-2011-0997: making domain-name check more lenient (#690578) [12:4.1.1-12.P1.3] - dhclient: insufficient sanitization of certain DHCP response values (CVE-2011-0997, #690578) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0997 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [2.6.18-238.9.1.0.1.el5] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-238.9.1.el5] - [md] dm-mpath: fix NULL deref when path parameter missing (Mike Snitzer) [683443 673058] - [md] dm-mpath: wait for pg_init completion on suspend (Mike Snitzer) [683443 673058] - [md] dm-mpath: hold io until all pg_inits completed (Mike Snitzer) [683443 673058] - [md] dm-mpath: skip activate_path for failed paths (Mike Snitzer) [683443 673058] - [md] dm-mpath: pass struct pgpath to pg init done (Mike Snitzer) [683443 673058] - [md] dm-mpath: prevent io from work queue while suspended (Mike Snitzer) [683443 673058] - [md] dm-mpath: add mutex to sync adding and flushing work (Mike Snitzer) [683443 673058] - [md] dm-mpath: flush workqueues before suspend completes (Mike Snitzer) [683443 673058] [2.6.18-238.8.1.el5] - [message] mptfusion: fix msgContext in mptctl_hp_hostinfo (Tomas Henzl) [684128 646513] - [fs] nfs: fix use of slab alloc'd pages in skb frag list (Neil Horman) [682642 682643] {CVE-2011-1090} - [s390] remove task_show_regs (Danny Feng) [677852 677853] {CVE-2011-0710} - [misc] vdso: export wall_to_monotonic (Prarit Bhargava) [688312 675727] - [x86_64] Use u32, not long, to set reset vector back to 0 (Don Zickus) [682673 675258] - [misc] vmware: increase apic_calibration_diff to 10000 (Prarit Bhargava) [680350 665197] [2.6.18-238.7.1.el5] - [fs] partitions: Validate map_count in Mac part tables (Danny Feng) [679283 679284] {CVE-2011-1010} - [x86] fix AMD family 0x15 guest boot issue on 64-bit host (Frank Arnold) [679747 667234] - [sound] alsa: cache mixer values on usb-audio devices (Don Zickus) [680043 678074] - [media] dvb: fix av7110 negative array offset (Mauro Carvalho Chehab) [672401 672402] {CVE-2011-0521} - [message] mptfusion: add required mptctl_release call (Tomas Henzl) [677173 660871] - [fs] nfs: pure nfs client performance using odirect (Jeff Layton) [677172 643441] - [mm] fix install_special_mapping skips security_file_mmap (Frantisek Hrbata) [662196 662197] {CVE-2010-4346} - [scsi] device_handler: fix alua_rtpg port group id check (Mike Snitzer) [681795 669961] - [net] cnic: fix big endian bug with device page tables (Steve Best) [674774 669527] - [net] gro: reset dev pointer on reuse (Andy Gospodarek) [674588 600350] - [misc] add ignore_loglevel kernel parameter (Amerigo Wang) [675665 662102] - [misc] add bootmem_debug kernel parameter (Amerigo Wang) [675665 662102] - [fs] gfs2: remove iopen glocks from cache on delete fail (Benjamin Marzinski) [675909 666080] [2.6.18-238.6.1.el5] - [net] bonding: convert netpoll tx blocking to a counter (Neil Horman) [675664 659594] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1010 CVE-2010-4346 CVE-2011-0521 CVE-2011-1478 CVE-2011-1090 CVE-2011-0710 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [7.4-15.el6_0.1] - cve-2011-0465: Sanitize cpp macro expansion. (CVE 2011-0465) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0465 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [0.6.16-10] - Fix for CVE-2011-1002 - Resolves: #684884 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1002 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:linux:5:8:base Oracle Linux 6 [1.8.2-3.7] - kadmind: add upstream patch to fix free() on an invalid pointer (#696341, MITKRB5-SA-2011-004, CVE-2011-0285) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0285 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [3.9.4-1.el6_0.3] - Add fix for CVE-2009-5022 Resolves: #696143 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2009-5022 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [0.96-2.el6_0.1] - Include fixes for CVE-2011-1485 - Resolves: #692941 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1485 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [6:4.3.4-11.2] - rebase the fix for CVE-2011-1094 [6:4.3.4-11.1] - fixes CVE-2011-1094, CVE-2011-1168 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1168 CVE-2011-1094 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch Oracle Linux 6 [7:4.3.4-11.1] - CVE-2010-1000, improper sanitization of metalink attribute for downloading files IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1586 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:9:base cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:6:7:base cpe:/a:oracle:linux:6::latest cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:8:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6:10:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base Oracle Linux 5 Oracle Linux 6 firefox: [3.6.17-1.0.1.el6_0] - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js [3.6.17-1] - Update to 3.6.17 xulrunner: [1.9.2.17-4.0.1.el6_0] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.17-4] - Rebuild [1.9.2.17-3] - Update to 1.9.2.17 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0069 CVE-2011-0070 CVE-2011-0077 CVE-2011-0066 CVE-2011-0071 CVE-2011-0073 CVE-2011-0074 CVE-2011-0075 CVE-2011-0078 CVE-2011-0067 CVE-2011-0081 CVE-2011-1202 CVE-2011-0072 CVE-2011-0065 CVE-2011-0080 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 Oracle Linux 5 [3.12.8-3.0.1.el6_0] - Use blank image instead of clean.gif in nss-3.12.8-stripped.tar.bz2 - Update expired PayPalEE.cert to fix build failure [3.12.8-3] - Update builtin certs to NSS_3.12.9_WITH_CKBI_1_82_RTM via a patch [3.12.8-2] - Update to builtin certs from NSS_3.12.9_WITH_CKBI_1_82_RTM IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.1.10-1.0.1.el6_0] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.10-1] - Update to 3.1.10 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0078 CVE-2011-0081 CVE-2011-0071 CVE-2011-0073 CVE-2011-0077 CVE-2011-0074 CVE-2011-0080 CVE-2011-0075 CVE-2011-0070 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [0.8.2-15.0.1.el5_6.4] - Replaced docs/et.png in tarball [0.8.2-15.el5_6.4] - Make error reporting in libvirtd thread safe (CVE-2011-1486) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1486 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [0.8.1-27.0.1.el6_0.6] - Replace docs/et.png in tarball with blank image [0.8.1-27.el6_0.6] - Properly initialize supplementary groups for qemu process (rhbz#668692) - Make error reporting in libvirtd thread safe (CVE-2011-1486) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1486 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [1.2.9-8.1.2] - disable xslt i/o support in library, tools and examples, CVE-2011-1425 - Resolves: rhbz#694124 - limit the paths used for searching the security library loaded dynamically MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1425 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:linux:5:8:base Oracle Linux 5 [2.4.3-44] - add patch adapted from upstream (patch 208) to add support for building against system expat; add --with-system-expat to configure invocation; remove embedded copy of expat-1.95.8 from the source tree during prep - ensure pyexpat.so gets built by explicitly listing all C modules in the payload in %files, rather than using dynfiles Resolves: CVE-2009-3720 - backport three security fixes to 2.4 (patches 209, 210, 211): Resolves: CVE-2011-1521 Resolves: CVE-2011-1015 Resolves: CVE-2010-3493 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3493 CVE-2009-3720 CVE-2011-1015 CVE-2011-1521 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 [3.0.3-120.el5_6.2] - Fix logic and integer overflow in xc_try_bzip2_decode() (rhbz 696938) - Fix logic and integer overflow in xc_try_lzma_decode() (rhbz 696938) - Fix integer and buffer overflows in xc_dom_probe_bzimage_kernel() (rhbz 696938) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1583 CVE-2011-3262 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.6.32-71.29.1.el6] - [mm] Revert '[mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode' (Larry Woodman) [695256 691310] [2.6.32-71.28.1.el6] - [net] bonding: fix jiffy comparison issues (Andy Gospodarek) [698109 696337] - [drm] radeon/kms: check AA resolve registers on r300 + regression fix (Dave Airlie) [680001 680002] {CVE-2011-1016} - [infiniband] uverbs: Handle large number of entries in poll CQ (Eugene Teo) [688429 696137] {CVE-2011-1044 CVE-2010-4649} - [net] sctp: fix the INIT/INIT-ACK chunk length calculation (Thomas Graf) [695386 690743] {CVE-2011-1573} - [net] CAN: Use inode instead of kernel address for /proc file (Danny Feng) [664560 664561] {CVE-2010-4565} - [fs] inotify: fix double free/corruption of stuct user (Eric Paris) [656831 656832] {CVE-2010-4250} - [net] netfilter: ipt_CLUSTERIP: fix buffer overflow (Jiri Pirko) [689341 689342] - [net] bonding: change test for presence of VLANs (Jiri Pirko) [696487 683496] - [scsi] scsi_dh: fix reference counting in scsi_dh_activate error path (Mike Snitzer) [696889 680140] - [net] enable VLAN NULL tagging (Neil Horman) [683810 633571] - [scsi] scsi_dh: propagate SCSI device deletion (Mike Snitzer) [698114 669411] - [fs] inotify: stop kernel memory leak on file creation failure (Eric Paris) [656831 656832] {CVE-2010-4250} [2.6.32-71.27.1.el6] - [scsi] megaraid: give FW more time to recover from reset (Tomas Henzl) [695322 692673] - [netdrv] ixgbe: fix for 82599 erratum on Header Splitting (Andy Gospodarek) [683820 669231] - [sound] ALSA: hda - nvhdmi: Add missing codec IDs, unify names (Jaroslav Kysela) [683817 636922] - [mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Larry Woodman) [695256 691310] - [net] fix ebtables stack infoleak (Eugene Teo) [681322 681323] {CVE-2011-1080} - [drm] fix unsigned vs signed comparison issue in modeset ctl ioctl (Don Howard) [679927 679928] {CVE-2011-1013} - [pci] Enable ASPM state clearing regardless of policy (Alex Williamson) [694073 681017] - [pci] Disable ASPM if BIOS asks us to (Alex Williamson) [694073 681017] - [mm] do not keep kswapd awake for an unreclaimable zone (Johannes Weiner) [694186 633825] [2.6.32-71.26.1.el6] - [net] bnep: fix buffer overflow (Don Howard) [681315 681316] {CVE-2011-1079} - [scsi] aic94xx: world-writable sysfs update_bios file (Don Howard) [679306 679307] - [x86] tc1100-wmi: world-writable sysfs wireless and jogdial files (Don Howard) [679306 679307] - [x86] acer-wmi: world-writable sysfs threeg file (Don Howard) [679306 679307] - [mfd] ab3100: world-writable debugfs *_priv files (Don Howard) [679306 679307] - [v4l] sn9c102: world-wirtable sysfs files (Don Howard) [679306 679307] - [x86] Fix EFI pagetable to map whole memory (Takao Indoh) [670850 664364] - [kernel] CAP_SYS_MODULE bypass via CAP_NET_ADMIN (Phillip Lougher) [681772 681773] {CVE-2011-1019} - [kernel] failure to revert address limit override in OOPS error path (Dave Anderson) [659572 659573] {CVE-2010-4258} - [fs] xfs: zero proper structure size for geometry calls (Phillip Lougher) [677267 677268] {CVE-2011-0711} - [fs] xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 (Phillip Lougher) [677267 677268] {CVE-2011-0711} - [tty] tty_audit: fix tty_audit_add_data live lock on audit disabled (Danny Feng) [684275 680126] - [kernel] proc: protect mm start_code/end_code in /proc/pid/stat (Eugene Teo) [684572 684573] {CVE-2011-0726} - [net] dccp oops (Eugene Teo) [682957 682958] {CVE-2011-1093} - [firmware] dcdbas: force SMI to happen when expected (Shyam Iyer) [683440 664832] - [security] ima: fix add LSM rule bug (Eric Paris) [667914 667915] {CVE-2011-0006} - [sound] caiaq: Fix possible string buffer overflow (Jaroslav Kysela) [678475 678476] {CVE-2011-0712} - [net] ixgbe: add option to control interrupt mode (Andy Gospodarek) [670114 670110 622640 637332] [2.6.32-71.25.1.el6] - [net] bridge: do not learn from exact matches (Jiri Pirko) [691777 623199] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4649 CVE-2011-0712 CVE-2011-0726 CVE-2011-1080 CVE-2011-1016 CVE-2011-1573 CVE-2011-0006 CVE-2011-0711 CVE-2011-1093 CVE-2011-1013 CVE-2010-4250 CVE-2010-4565 CVE-2011-1019 CVE-2011-1044 CVE-2011-1079 cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [1.6.0-8.1] - Prevent remote file access (#676252) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1595 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [1.3.9-3.1] - add fix for CVE-2011-0419 (#703520) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0419 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [qemu-kvm-0.12.1.2-2.160.el6] - kvm-virtio-blk-fail-unaligned-requests.patch [bz#698910] - kvm-Ignore-pci-unplug-requests-for-unpluggable-devices.patch [bz#699789] - Resolves: bz#698910 (CVE-2011-1750 virtio-blk: heap buffer overflow caused by unaligned requests [rhel-6.1]) - Resolves: bz#699789 (CVE-2011-1751 acpi_piix4: missing hotplug check during device removal [rhel-6.1]) [qemu-kvm-0.12.1.2-2.159.el6] - kvm-acpi_piix4-Maintain-RHEL6.0-migration.patch [bz#694095] - Resolves: bz#694095 (Migration fails when migrate guest from RHEL6.1 host to RHEL6 host with the same libvirt version) [qemu-kvm-0.12.1.2-2.158.el6] - kvm-bz-691704-vhost-skip-VGA-memory-regions.patch [bz#691704] - kvm-ide-atapi-add-support-for-GET-EVENT-STATUS-NOTIFICAT.patch [bz#558256] - kvm-atapi-Allow-GET_EVENT_STATUS_NOTIFICATION-after-medi.patch [bz#558256] - kvm-atapi-Move-GET_EVENT_STATUS_NOTIFICATION-command-han.patch [bz#558256] - kvm-atapi-GESN-Use-structs-for-commonly-used-field-types.patch [bz#558256] - kvm-atapi-GESN-Standardise-event-response-handling-for-f.patch [bz#558256] - kvm-atapi-GESN-implement-media-subcommand.patch [bz#558256] - Resolves: bz#558256 (rhel6 disk not detected first time in install) - Resolves: bz#691704 (Failed to boot up windows guest with huge memory and cpu and vhost=on within 30 mins) [qemu-kvm-0.12.1.2-2.157.el6] - kvm-qemu-img-rebase-Fix-read-only-new-backing-file.patch [bz#693741] - kvm-floppy-save-and-restore-DIR-register.patch [bz#681777] - kvm-block-Do-not-cache-device-size-for-removable-media.patch [bz#687900] - kvm-cdrom-Allow-the-TEST_UNIT_READY-command-after-a-cdro.patch [bz#683877] - kvm-cdrom-Make-disc-change-event-visible-to-guests.patch [bz#683877] - Resolves: bz#681777 (floppy I/O error after live migration while floppy in use) - Resolves: bz#683877 (RHEL6 guests fail to update cdrom block size on media change) - Resolves: bz#687900 (qemu host cdrom support not properly updating guests on media changes at physical CD/DVD drives) - Resolves: bz#693741 (qemu-img re-base fail with read-only new backing file) [qemu-kvm-0.12.1.2-2.156.el6] - kvm-Revert-net-socket-allow-ipv6-for-net_socket_listen_i.patch [bz#680356] - kvm-Revert-Use-getaddrinfo-for-migration.patch [bz#680356] - Related: bz#680356 (Live migration failed in ipv6 environment) - Fixes bz#694196 (RHEL 6.1 qemu-kvm: Specifying ipv6 addresses breaks migration) [qemu-kvm-0.12.1.2-2.155.el6] - kvm-configure-fix-out-of-tree-build-with-enable-spice.patch [bz#641833] - kvm-ccid-card-emulated-replace-DEFINE_PROP_ENUM-with-DEF.patch [bz#641833] - kvm-Revert-qdev-properties-add-PROP_TYPE_ENUM.patch [bz#641833] - kvm-Revert-qdev-add-data-pointer-to-Property.patch [bz#641833] - kvm-Revert-qdev-add-print_options-callback.patch [bz#641833] - kvm-ccid-v18_upstream-v25-cleanup.patch [bz#641833] - kvm-libcacard-vscard_common.h-upstream-v18-v25-diff.patch [bz#641833] - kvm-ccid-card-passthru-upstream-v18-upstream-v25-diff.patch [bz#641833] - kvm-qemu-thread-add-qemu_mutex-cond_destroy-and-qemu_mut.patch [bz#641833] - kvm-adding-qemu-thread.o-to-obj-y.patch [bz#641833] - kvm-ccid-card-emulated-v18-v25.patch [bz#641833] - kvm-libcacard-v18-upstream-v25.patch [bz#641833] - Resolves: bz#641833 (Spice CAC support - qemu) [qemu-kvm-0.12.1.2-2.154.el6] - kvm-add-a-service-to-reap-zombies-use-it-in-SLIRP.patch [bz#678524] - kvm-Don-t-allow-multiwrites-against-a-block-device-witho.patch [bz#654682] - kvm-Do-not-delete-BlockDriverState-when-deleting-the-dri.patch [bz#654682] - kvm-virtio-serial-don-t-crash-on-invalid-input.patch [bz#690174] - Resolves: bz#678524 (Exec based migration randomly fails, particularly under high load) - Resolves: bz#690174 (virtio-serial qemu-kvm crash on invalid input in migration) - Resolves: bz#654682 (drive_del command to let libvirt safely remove block device from guest) [qemu-kvm-0.12.1.2-2.153.el6] - kvm-Revert-spice-qxl-locking-fix-for-qemu-kvm.patch [bz#678208] - kvm-qxl-spice-display-move-pipe-to-ssd.patch [bz#678208] - kvm-qxl-implement-get_command-in-vga-mode-without-locks.patch [bz#678208] - kvm-qxl-spice-remove-qemu_mutex_-un-lock_iothread-around.patch [bz#678208] - kvm-hw-qxl-render-drop-cursor-locks-replace-with-pipe.patch [bz#678208] - kvm-spice-qemu-char.c-add-throttling.patch [bz#672191] - kvm-spice-qemu-char.c-remove-intermediate-buffer.patch [bz#672191] - kvm-spice-qemu-char-Fix-flow-control-in-client-guest-dir.patch [bz#672191] - kvm-chardev-Allow-frontends-to-notify-backends-of-guest-.patch [bz#688572] - kvm-virtio-console-notify-backend-of-guest-open-close.patch [bz#688572] - kvm-spice-chardev-listen-to-frontend-guest-open-close.patch [bz#688572] - kvm-Fix-performance-regression-in-qemu_get_ram_ptr.patch [bz#690267] - kvm-virtio-pci-fix-bus-master-work-around-on-load.patch [bz#682243] - kvm-Use-getaddrinfo-for-migration.patch [bz#680356] - kvm-net-socket-allow-ipv6-for-net_socket_listen_init-and.patch [bz#680356] - kvm-block-Fix-serial-number-assignment.patch [bz#688058] - Resolves: bz#672191 (spicevmc: flow control on the spice agent channel is missing in both directions) - Resolves: bz#678208 (qemu-kvm hangs when installing guest with -spice option) - Resolves: bz#680356 (Live migration failed in ipv6 environment) - Resolves: bz#682243 ([KVM] pci hotplug after migration breaks virtio_net.) - Resolves: bz#688058 (Drive serial number gets truncated) - Resolves: bz#688572 (spice-server does not switch back to server mouse mode if guest spice-agent dies.) - Resolves: bz#690267 (Backport qemu_get_ram_ptr() performance improvement) - Related: bz#672191 (spicevmc: flow control on the spice agent channel is missing in both directions) [qemu-kvm-0.12.1.2-2.152.el6] - kvm-device-assignment-register-a-reset-function.patch [bz#685147] - kvm-device-assignment-Reset-device-on-system-reset.patch [bz#685147] - Resolves: bz#685147 (guest with assigned nic got kernel panic when send system_reset signal in QEMU monitor) [qemu-kvm-0.12.1.2-2.151.el6] - kvm-net-Add-the-missing-option-declaration-of-vhostforce.patch [bz#683295] - kvm-vhost-fix-dirty-page-handling.patch [bz#684076] - kvm-block-qcow2.c-rename-qcow_-functions-to-qcow2_.patch [bz#688119] - kvm-Add-proper-errno-error-return-values-to-qcow2_open.patch [bz#688119] - kvm-QCOW2-bug-fix-read-base-image-beyond-its-size.patch [bz#688147] - kvm-qcow2-Fix-error-handling-for-immediate-backing-file-.patch [bz#688146] - kvm-qcow2-Fix-error-handling-for-reading-compressed-clus.patch [bz#688146] - kvm-qerror-Add-QERR_UNKNOWN_BLOCK_FORMAT_FEATURE.patch [bz#688119] - kvm-qcow2-Report-error-for-version-2.patch [bz#688119] - kvm-qcow2-Fix-order-in-L2-table-COW.patch [bz#688146] - kvm-pci-assign-Catch-missing-KVM-support.patch [bz#688428] - Resolves: bz#683295 (qemu-kvm: Invalid parameter 'vhostforce') - Resolves: bz#684076 (Segfault occurred during migration) - Resolves: bz#688119 (qcow2: qcow2_open doesn't return useful errors) - Resolves: bz#688146 (qcow2: Some paths fail to handle I/O errors) - Resolves: bz#688147 (qcow2: Reads fail with backing file smaller than snapshot) - Resolves: bz#688428 (qemu-kvm -no-kvm segfaults on pci_add) [qemu-kvm-0.12.1.2-2.150.el6] - kvm-Improve-error-handling-in-do_snapshot_blkdev.patch [bz#676529] - Resolves: bz#676529 (core dumped when save snapshot to non-exist disk) [qemu-kvm-0.12.1.2-2.149.el6] - kvm-Fix-error-message-in-drive_init.patch [bz#607598] - kvm-block-Use-error-codes-from-lower-levels-for-error-me.patch [bz#607598] - kvm-device-assignment-Don-t-skip-closing-unmapped-resour.patch [bz#680058] - Resolves: bz#607598 (Incorrect & misleading error reporting when failing to open a drive due to block driver whitelist denial) - Resolves: bz#680058 (can't hotplug second vf successful with message 'Too many open files') [qemu-kvm-0.12.1.2-2.148.el6] - kvm-ide-Make-ide_init_drive-return-success.patch [bz#655735] - kvm-ide-Reject-readonly-drives-unless-CD-ROM.patch [bz#655735] - kvm-ide-Reject-invalid-CHS-geometry.patch [bz#655735] - kvm-Move-KVM-and-Xen-global-flags-to-vl.c.patch [bz#662701] - kvm-qemu-kvm-Switch-to-upstream-enable-kvm-semantics.patch [bz#662701] - Update BuildRequire for newer spice-server [bz#672035] - Resolves: bz#655735 (qemu-kvm (or libvirt?) permission denied errors when exporting readonly IDE disk to guest) - Resolves: bz#662701 (Option -enable-kvm should exit when KVM is unavailable) - Related: bz#672035 (spice-server: rebase to upstream 0.8 for RHEL-6.1) [qemu-kvm-0.12.1.2-2.147.el6] - kvm-e1000-clear-EOP-for-multi-buffer-descriptors.patch [bz#678338] - kvm-e1000-verify-we-have-buffers-upfront.patch [bz#678338] - kvm-tracetool-Add-optional-argument-to-specify-dtrace-pr.patch [bz#672441] - kvm-Specify-probe-prefix-to-make-dtrace-probes-use-qemu-.patch [bz#672441] - Resolves: bz#672441 (Tracetool autogenerate qemu-kvm.stp with wrong qemu-kvm path) - Resolves: bz#678338 (e1000 behaving out of spec after increasing MTU) [qemu-kvm-0.12.1.2-2.146.el6] - kvm-USB-HID-does-not-support-Set_Idle.patch [bz#665025] - kvm-add-event-queueing-to-USB-HID.patch [bz#665025] - Spec patch to reenable CONFIG_VMMOUSE and CONFIG_VMPORT [bz#616187 (the original feature-disable bug) bz#677712 bz#677712 (the new broken migration bug)] - Resolves: bz#665025 (lost double clicks on slow connections) - Resolves: bz#677712 (disabling vmware device emulation breaks old->new migration) [qemu-kvm-0.12.1.2-2.145.el6] - kvm-make-tsc-stable-over-migration-and-machine-start.patch [bz#662386] - kvm-qemu-kvm-Close-all-block-drivers-on-quit.patch [bz#635527] - kvm-net-notify-peer-about-link-status-change.patch [bz#676015] - kvm-vhost-disable-on-tap-link-down.patch [bz#676015] - kvm-Add-config-devices.h-again.patch [bz#616187] - kvm-Add-CONFIG_VMWARE_VGA-v2.patch [bz#616187] - kvm-add-CONFIG_VMMOUSE-option-v2.patch [bz#616187] - kvm-add-CONFIG_VMPORT-option-v2.patch [bz#616187] - kvm-blockdev-Fix-drive_del-not-to-crash-when-drive-is-no.patch [bz#677222] - Resolves: bz#616187 (vmware device emulation enabled but not supported) - Resolves: bz#635527 (KVM:qemu-img re-base poor performance(on local storage) when snapshot to a new disk) - Resolves: bz#662386 (tsc clock breaks migration result stability) - Resolves: bz#676015 [off not working with vhost-net)] - Resolves: bz#677222 (segment fault happens after hot drive add then drive delete) - Related: bz#635527 (KVM:qemu-img re-base poor performance(on local storage) when snapshot to a new disk) [qemu-kvm-0.12.1.2-2.144.el6] - kvm-V3-Bug-619259-qemu-cpu-check-enforce-should-work-eve.patch [bz#619259] - kvm-Bug-675229-Install-of-cpu-x86_64.conf-bombs-for-an-o.patch [bz#675229] - kvm-e1000-multi-buffer-packet-support.patch [bz#602205] - Resolves: bz#602205 (Could not ping guest successfully after changing e1000 MTU) - Resolves: bz#619259 (qemu '-cpu [check | enforce ]' should work even when a model name is not specified on the command line) - Resolves: bz#675229 (Install of cpu-x86_64.conf bombs for an out of tree build..) [qemu-kvm-0.12.1.2-2.143.el6] - kvm-fix-syntax-error-introduced-by-virtio-serial-Disable.patch [bz#588916] - Resolves: bz#588916 (qemu char fixes for nonblocking writes, virtio-console flow control) [qemu-kvm-0.12.1.2-2.142.el6] - kvm-ide-Remove-redundant-IDEState-member-conf.patch [bz#654682] - kvm-ide-Split-ide_init1-off-ide_init2-v2.patch [bz#654682] - kvm-ide-Change-ide_init_drive-to-require-valid-dinfo-arg.patch [bz#654682] - kvm-ide-Split-non-qdev-code-off-ide_init2.patch [bz#654682] - kvm-qdev-Don-t-leak-string-property-value-on-hot-unplug.patch [bz#654682] - kvm-blockdev-New-drive_get_by_blockdev-v2.patch [bz#654682] - kvm-blockdev-Clean-up-automatic-drive-deletion-v2.patch [bz#654682] - kvm-qdev-Decouple-qdev_prop_drive-from-DriveInfo-v2.patch [bz#654682] - kvm-block-Catch-attempt-to-attach-multiple-devices-to-a-.patch [bz#654682] - kvm-Implement-drive_del-to-decouple-block-removal-from-d.patch [bz#654682] - kvm-blockdev-check-dinfo-ptr-before-using-v2.patch [bz#654682] - kvm-qcow2-Add-full-image-preallocation-option.patch [bz#634652] - kvm-savevm-fix-corruption-in-vmstate_subsection_load.patch [bz#671100] - kvm-virtio-serial-Disable-flow-control-for-RHEL-5.0-mach.patch [bz#588916] - Resolves: bz#588916 (qemu char fixes for nonblocking writes, virtio-console flow control) - Resolves: bz#634652 ([RFE] qemu-img qcow2 'pre-allocation' should not only pre-allocate meta-data, but also data) - Resolves: bz#654682 (drive_del command to let libvirt safely remove block device from guest) - Resolves: bz#671100 (possible migration failure due to erroneous interpretation of subsection) [qemu-kvm-0.12.1.2-2.141.el6] - spec file: symlink to stdvga and vmware vgabios images [bz#638468] - Related: bz#638468 ([qemu-kvm] bochs vga lfb @ 0xe0000000 causes trouble for hot-plug) [qemu-kvm-0.12.1.2-2.140.el6] - spec file: require new vgabios images (stdvga and vmware) [bz#638468] - Related: bz#638468 ([qemu-kvm] bochs vga lfb @ 0xe0000000 causes trouble for hot-plug) [qemu-kvm-0.12.1.2-2.139.el6] - kvm-Revert-Drop-qemu_mutex_iothread-during-migration.patch [bz#643970] - Related: bz#643970 (guest migration turns failed by the end (16G + stress load)) [qemu-kvm-0.12.1.2-2.138.el6] - kvm-virtio-console-Factor-out-common-init-between-consol.patch [bz#588916] - kvm-virtio-console-Remove-unnecessary-braces.patch [bz#588916] - kvm-virtio-serial-Use-a-struct-to-pass-config-informatio.patch [bz#588916] - kvm-Fold-send_all-wrapper-unix_write-into-one-function.patch [bz#588916] - kvm-char-Add-a-QemuChrHandlers-struct-to-initialise-char.patch [bz#588916] - kvm-virtio-serial-move-out-discard-logic-in-a-separate-f.patch [bz#588916] - kvm-virtio-serial-Make-sure-virtqueue-is-ready-before-di.patch [bz#588916] - kvm-virtio-serial-Don-t-copy-over-guest-buffer-to-host.patch [bz#588916] - kvm-virtio-serial-Let-virtio-serial-bus-know-if-all-data.patch [bz#588916] - kvm-virtio-serial-Add-support-for-flow-control.patch [bz#588916] - kvm-virtio-serial-Add-rhel6.0.0-compat-property-for-flow.patch [bz#588916] - kvm-virtio-serial-save-restore-new-fields-in-port-struct.patch [bz#588916] - kvm-Convert-io-handlers-to-QLIST.patch [bz#588916] - kvm-iohandlers-Add-enable-disable_write_fd_handler-funct.patch [bz#588916] - kvm-char-Add-framework-for-a-write-unblocked-callback.patch [bz#588916] - kvm-char-Update-send_all-to-handle-nonblocking-chardev-w.patch [bz#588916] - kvm-char-Equip-the-unix-tcp-backend-to-handle-nonblockin.patch [bz#588916] - kvm-char-Throttle-when-host-connection-is-down.patch [bz#588916 bz#621484] - kvm-virtio-console-Enable-port-throttling-when-chardev-i.patch [bz#588916] - kvm-Add-spent-time-to-migration.patch [bz#643970] - kvm-No-need-to-iterate-if-we-already-are-over-the-limit.patch [bz#643970] - kvm-don-t-care-about-TLB-handling.patch [bz#643970] - kvm-Only-calculate-expected_time-for-stage-2.patch [bz#643970] - kvm-Count-nanoseconds-with-uint64_t-not-doubles.patch [bz#643970] - kvm-Exit-loop-if-we-have-been-there-too-long.patch [bz#643970] - kvm-Maintaing-number-of-dirty-pages.patch [bz#643970] - kvm-Drop-qemu_mutex_iothread-during-migration.patch [bz#643970] - Resolves: bz#588916 (qemu char fixes for nonblocking writes, virtio-console flow control) - Resolves: bz#621484 (Broken pipe when working with unix socket chardev) - Resolves: bz#643970 (guest migration turns failed by the end (16G + stress load)) [qemu-kvm-0.12.1.2-2.137.el6] - kvm-Add-support-for-o-octet-bytes-format-as-monitor-para.patch [bz#515775] - kvm-block-add-block_resize-monitor-command.patch [bz#515775] - kvm-block-tell-drivers-about-an-image-resize.patch [bz#515775] - kvm-virtio-blk-tell-the-guest-about-size-changes.patch [bz#515775] - kvm-qdev-add-print_options-callback.patch [bz#641833] - kvm-qdev-add-data-pointer-to-Property.patch [bz#641833] - kvm-qdev-properties-add-PROP_TYPE_ENUM.patch [bz#641833] - kvm-usb-ccid-add-CCID-bus.patch [bz#641833] - kvm-introduce-libcacard-vscard_common.h.patch [bz#641833] - kvm-ccid-add-passthru-card-device.patch [bz#641833] - kvm-libcacard-initial-commit.patch [bz#641833] - kvm-ccid-add-ccid-card-emulated-device-v2.patch [bz#641833] - kvm-ccid-add-docs.patch [bz#641833] - kvm-ccid-configure-fix-enable-disable-flags.patch [bz#641833] - Note: smartcard spec patch applied by hand [bz#641833] - Resolves: bz#515775 ([RFE] Include support for online resizing of storage and network block devices) - Resolves: bz#641833 (Spice CAC support - qemu) [qemu-kvm-0.12.1.2-2.136.el6] - kvm-Introduce-fw_name-field-to-DeviceInfo-structure.patch [bz#643687] - kvm-Introduce-new-BusInfo-callback-get_fw_dev_path.patch [bz#643687] - kvm-Keep-track-of-ISA-ports-ISA-device-is-using-in-qdev.patch [bz#643687] - kvm-Add-get_fw_dev_path-callback-to-ISA-bus-in-qdev.patch [bz#643687] - kvm-Store-IDE-bus-id-in-IDEBus-structure-for-easy-access.patch [bz#643687] - kvm-Add-get_fw_dev_path-callback-to-IDE-bus.patch [bz#643687] - kvm-Add-get_fw_dev_path-callback-for-system-bus.patch [bz#643687] - kvm-Add-get_fw_dev_path-callback-for-pci-bus.patch [bz#643687] - kvm-Record-which-USBDevice-USBPort-belongs-too.patch [bz#643687] - kvm-Add-get_fw_dev_path-callback-for-usb-bus.patch [bz#643687] - kvm-Add-get_fw_dev_path-callback-to-scsi-bus.patch [bz#643687] - kvm-Add-bootindex-parameter-to-net-block-fd-device.patch [bz#643687] - kvm-Change-fw_cfg_add_file-to-get-full-file-path-as-a-pa.patch [bz#643687] - kvm-Add-bootindex-for-option-roms.patch [bz#643687] - kvm-Add-notifier-that-will-be-called-when-machine-is-ful.patch [bz#643687] - kvm-Pass-boot-device-list-to-firmware.patch [bz#643687] - kvm-close-all-the-block-drivers-before-the-qemu-process-.patch [bz#635527] - kvm-qemu-img-snapshot-Use-writeback-caching.patch [bz#635527] - kvm-qcow2-Add-QcowCache.patch [bz#635527] - kvm-qcow2-Use-QcowCache.patch [bz#635527] - kvm-qcow2-Batch-flushes-for-COW.patch [bz#635527] - Commited 'Remove vhost blacklisting' by hand [bz#665299] - kvm-add-bootindex-parameter-to-assigned-device.patch [bz#643687] - kvm-tap-safe-sndbuf-default.patch [bz#674539] - kvm-do-not-pass-NULL-to-strdup.patch [bz#643687] - kvm-Use-Makefile-to-install-qemu-kvm-in-correct-location.patch [bz#672441] - kvm-Fix-CVE-2011-0011-qemu-kvm-Setting-VNC-password-to-e.patch [bz#667976] - kvm-vhost-force-vhost-off-for-non-MSI-guests.patch [bz#674562] - Resolves: bz#635527 (KVM:qemu-img re-base poor performance(on local storage) when snapshot to a new disk) - Resolves: bz#643687 (Allow to specify boot order on qemu command line.) - Resolves: bz#665299 (load vhost-net by default) - Resolves: bz#667976 (CVE-2011-0011 qemu-kvm: Setting VNC password to empty string silently disables all authentication [rhel-6.1]) - Resolves: bz#672441 (Tracetool autogenerate qemu-kvm.stp with wrong qemu-kvm path) - Resolves: bz#674539 (slow guests block other guests on the same lan) - Resolves: bz#674562 (disable vhost-net for rhel5 and older guests) [qemu-kvm-0.12.1.2-2.135.el6] - kvm-Bug-625333-qemu-treatment-of-nodefconfig-and-readcon.patch [bz#625333] - kvm-ide-Factor-ide_flush_cache-out.patch [bz#670539] - kvm-ide-Handle-flush-failure.patch [bz#670539] - kvm-virtio-blk-Respect-werror-option-for-flushes.patch [bz#670539] - kvm-block-Allow-bdrv_flush-to-return-errors.patch [bz#670539] - kvm-ide-Handle-immediate-bdrv_aio_flush-failure.patch [bz#670539] - kvm-virtio-blk-Handle-immediate-flush-failure-properly.patch [bz#670539] - kvm-vhost-error-code.patch [bz#633394] - kvm-vhost-fix-up-irqfd-support.patch [bz#633394] - kvm-virtio-pci-mask-notifier-error-handling-fixups.patch [bz#633394] - kvm-test-for-ioeventfd-support-on-old-kernels.patch [bz#633394] - kvm-virtio-pci-Rename-bugs-field-to-flags.patch [bz#633394] - kvm-virtio-move-vmstate-change-tracking-to-core.patch [bz#633394] - kvm-virtio-pci-Use-ioeventfd-for-virtqueue-notify.patch [bz#633394] - kvm-ioeventfd-error-handling-cleanup.patch [bz#633394] - kvm-remove-redhat-disable-THP.patch [bz#635418] - kvm-PATCH-RHEL6.1-qemu-kvm-acpi_piix4-qdevfy.patch [bz#498774] - kvm-PATCH-RHEL6.1-qemu-kvm-pci-allow-devices-being-tagge.patch [bz#498774] - kvm-PATCH-RHEL6.1-qemu-kvm-piix-tag-as-not-hotpluggable.patch [bz#498774] - kvm-PATCH-RHEL6.1-qemu-kvm-vga-tag-as-not-hotplugable-v3.patch [bz#498774] - kvm-PATCH-RHEL6.1-qemu-kvm-qxl-tag-as-not-hotpluggable.patch [bz#498774] - kvm-PATCH-RHEL6.1-qemu-kvm-acpi_piix4-expose-no_hotplug-.patch [bz#498774] - kvm-char-Split-out-tcp-socket-close-code-in-a-separate-f.patch [bz#621484] - kvm-char-mark-socket-closed-if-write-fails-with-EPIPE.patch [bz#621484] - Resolves: bz#498774 (QEMU: Too many devices are available for unplug in Windows XP (and we don't support that)) - Resolves: bz#621484 (Broken pipe when working with unix socket chardev) - Resolves: bz#625333 (qemu treatment of -nodefconfig and -readconfig problematic for debug) - Resolves: bz#633394 ([6.1 FEAT] virtio-blk ioeventfd support) - Resolves: bz#635418 (Allow enable/disable ksm per VM) - Resolves: bz#670539 (Block devices don't implement correct flush error handling) - Related: bz#635418 (Allow enable/disable ksm per VM) [qemu-kvm-0.12.1.2-2.134.el6] - kvm-switch-stdvga-to-pci-vgabios.patch [bz#638468] - kvm-switch-vmware_vga-to-pci-vgabios.patch [bz#638468] - kvm-add-rhel6.1.0-machine-type.patch [bz#638468] - kvm-vgabios-update-handle-compatibility-with-older-qemu-.patch [bz#638468] - kvm-qemu-io-Fix-error-messages.patch [bz#672187] - kvm-wdt_i6300esb-register-a-reset-function.patch [bz#637180] - kvm-Watchdog-disable-watchdog-timer-when-hard-rebooting-.patch [bz#637180] - kvm-usb-linux-increase-buffer-for-USB-control-requests.patch [bz#672720] - kvm-device-assignment-Cap-number-of-devices-we-can-have-.patch [bz#670787] - kvm-clear-vapic-after-reset.patch [bz#669268] - kvm-add-support-for-protocol-driver-create_options.patch [bz#637701] - kvm-qemu-img-avoid-calling-exit-1-to-release-resources-p.patch [bz#637701] - kvm-Use-qemu_mallocz-instead-of-calloc-in-img_convert.patch [bz#637701] - kvm-img_convert-Only-try-to-free-bs-entries-if-bs-is-val.patch [bz#637701] - kvm-Consolidate-printing-of-block-driver-options.patch [bz#637701] - kvm-Fix-formatting-and-missing-braces-in-qemu-img.c.patch [bz#637701] - kvm-Fail-if-detecting-an-unknown-option.patch [bz#637701] - kvm-Make-error-handling-more-consistent-in-img_create-an.patch [bz#637701] - kvm-qemu-img-Deprecate-obsolete-6-and-e-options.patch [bz#637701] - kvm-qemu-img-Free-option-parameter-lists-in-img_create.patch [bz#637701] - kvm-qemu-img-Fail-creation-if-backing-format-is-invalid.patch [bz#637701] - kvm-Introduce-strtosz-library-function-to-convert-a-stri.patch [bz#637701] - kvm-Introduce-strtosz_suffix.patch [bz#637701] - kvm-qemu-img.c-Clean-up-handling-of-image-size-in-img_cr.patch [bz#637701] - kvm-qemu-img.c-Re-factor-img_create.patch [bz#637701] - kvm-Introduce-do_snapshot_blkdev-and-monitor-command-to-.patch [bz#637701] - kvm-Prevent-creating-an-image-with-the-same-filename-as-.patch [bz#637701] - kvm-qemu-option-Fix-uninitialized-value-in-append_option.patch [bz#637701] - kvm-bdrv_img_create-use-proper-errno-return-values.patch [bz#637701] - kvm-block-Use-backing-format-driver-during-image-creatio.patch [bz#637701] - kvm-Make-strtosz-return-int64_t-instead-of-ssize_t.patch [bz#637701] - kvm-strtosz-use-unsigned-char-and-switch-to-qemu_isspace.patch [bz#637701] - kvm-strtosz-use-qemu_toupper-to-simplify-switch-statemen.patch [bz#637701] - kvm-strtosz-Fix-name-confusion-in-use-of-modf.patch [bz#637701] - kvm-strtosz-Use-suffix-macros-in-switch-statement.patch [bz#637701] - kvm-do_snapshot_blkdev-error-on-missing-snapshot_file-ar.patch [bz#637701] - kvm-pci-memory-leak-of-PCIDevice-rom_file.patch [bz#672229] - Resolves: bz#637180 (watchdog timer isn't reset when qemu resets) - Resolves: bz#637701 (RFE - support live snapshot of a subset of disks without RAM) - Resolves: bz#638468 ([qemu-kvm] bochs vga lfb @ 0xe0000000 causes trouble for hot-plug) - Resolves: bz#669268 (WinXP hang when reboot after setup copies files to the installation folders) - Resolves: bz#670787 (Hot plug the 14st VF to guest causes guest shut down) - Resolves: bz#672187 (Improper responsive message when shrinking qcow2 image) - Resolves: bz#672229 (romfile memory leak) - Resolves: bz#672720 (getting 'ctrl buffer too small' error on USB passthrough) [qemu-kvm-0.12.1.2-2.133.el6] - kvm-spice-rip-out-all-the-old-non-upstream-spice-bits.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-Use-display-types-for-local-display-only.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-add-pflib-PixelFormat-conversion-library.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-Add-support-for-generic-notifier-lists.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-Rewrite-mouse-handlers-to-use-QTAILQ-and-to-have-an-.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-Add-kbd_mouse_has_absolute.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-Add-notifier-for-mouse-mode-changes.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-sdl-use-mouse-mode-notifier.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-input-make-vnc-use-mouse-mode-notifiers.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-vnc-make-sure-to-send-pointer-type-change-event-on-S.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-vmmouse-adapt-to-mouse-handler-changes.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-wacom-tablet-activate-event-handlers.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-cursor-add-cursor-functions.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-use-new-cursor-struct-functions-for-vmware-vga-and-s.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-add-spice-into-the-configure-file-again.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-core-bits-again.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-keyboard-again.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-mouse-again.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-simple-display-again.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-tablet-support.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-tls-support-again.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-make-compression-configurable.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-config-options-for-channel-security.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-config-options-for-the-listening-address.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-misc-config-options.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-audio.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-add-copyright-to-spiceaudio.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-core-fix-watching-for-write-events.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-core-fix-warning-when-building-with-spice-0.6..patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-display-replace-private-lock-with-qemu-mutex.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-qxl-device-again.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-connection-events.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-spice-add-qmp-query-spice-and-hmp-info-spice-command.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-Revert-vnc-support-password-expire.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-vnc-auth-reject-cleanup.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-vnc-support-password-expire-again.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-vnc-spice-add-set_passwd-monitor-command.patch [bz#642131 bz#634153 bz#615947 bz#632458 bz#631832 bz#647865] - kvm-qdev-Track-runtime-machine-modifications.patch [bz#653591] - kvm-rtl8139-Use-subsection-to-restrict-migration-after-h.patch [bz#653591] - kvm-add-migration-state-change-notifiers.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - kvm-spice-vnc-client-migration.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - kvm-vnc-spice-fix-never-and-now-expire_time.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - kvm-spice-qxl-zap-spice-0.4-migration-compatibility-bits.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - kvm-spice-add-chardev-v4.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - kvm-qxl-locking-fix.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - kvm-spice-qxl-locking-fix-for-qemu-kvm.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - kvm-spice-qmp-events-restore-rhel6.0-compatibility.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - kvm-spice-monitor-commands-restore-rhel6.0-compatibility.patch [bz#615947 bz#631832 bz#632458 bz#634153 bz#642131 bz#647865] - Resolves: bz#615947 (RFE QMP: support of query spice for guest) - Resolves: bz#631832 (manpage is missing spice options) - Resolves: bz#632458 (Guest may core dump when booting with spice and qxl.) - Resolves: bz#634153 (coredumped when enable qxl without spice) - Resolves: bz#642131 (qemu-kvm aborts of 'qemu_spice_display_create_update: unhandled depth: 0 bits') - Resolves: bz#647865 (support 2560x1440 in qxl) - Resolves: bz#653591 ([RHEL6 Snap13]: Hot-unplugging issue noticed with rtl8139nic after migration of KVM guest.) [qemu-kvm-0.12.1.2-2.132.el6] - kvm-BZ-636494-cpu-check-does-not-correctly-enforce-CPUID.patch [bz#636494] - kvm-QDict-Introduce-qdict_get_qdict.patch [bz#647447] - kvm-monitor-QMP-Drop-info-hpet-query-hpet.patch [bz#647447] - kvm-QMP-Teach-basic-capability-negotiation-to-python-exa.patch [bz#647447] - kvm-QMP-Fix-python-helper-wrt-long-return-strings.patch [bz#647447] - kvm-QMP-update-query-version-documentation.patch [bz#647447] - kvm-Revert-QMP-Remove-leading-whitespace-in-package.patch [bz#647447] - kvm-QMP-monitor-update-do_info_version-to-output-broken-.patch [bz#647447] - kvm-QMP-Remove-leading-whitespace-in-package-again.patch [bz#647447] - kvm-QMP-doc-Add-Stability-Considerations-section.patch [bz#647447] - kvm-QMP-Update-README-file.patch [bz#647447] - kvm-QMP-Revamp-the-Python-class-example.patch [bz#647447] - kvm-QMP-Revamp-the-qmp-shell-script.patch [bz#647447] - kvm-QMP-Drop-vm-info-example-script.patch [bz#647447] - kvm-qemu-char-Introduce-Memory-driver.patch [bz#647447] - kvm-QMP-Introduce-Human-Monitor-passthrough-command.patch [bz#647447] - kvm-QMP-qmp-shell-Introduce-HMP-mode.patch [bz#647447] - kvm-PCI-Export-pci_map_option_rom.patch [bz#667188] - kvm-device-assignment-Allow-PCI-to-manage-the-option-ROM.patch [bz#667188] - kvm-virtio-serial-bus-bump-up-control-vq-size-to-32.patch [bz#656198] - kvm-Move-stdbool.h.patch [bz#635954] - kvm-savevm-Fix-no_migrate.patch [bz#635954] - kvm-device-assignment-Properly-terminate-vmsd.fields.patch [bz#635954] - Resolves: bz#635954 (RFE: Assigned device should block migration) - Resolves: bz#636494 (-cpu check does not correctly enforce CPUID items) - Resolves: bz#647447 (QMP: provide a hmp_passthrough command to allow execution of non-converted commands) - Resolves: bz#656198 (Can only see 16 virtio ports while assigned 30 virtio serial ports on commandLine) - Resolves: bz#667188 (device-assignment leaks option ROM memory) [qemu-kvm-0.12.1.2-2.131.el6] - fix spec file to require systemtap, or configure won't enable the systemtap tapset - Resolves: bz#632722 ([6.1 FEAT] QEMU static tracing framework) [qemu-kvm-0.12.1.2-2.130.el6] - kvm-Bug-632257-Duplicate-CPU-fea.tures-in-cpu-x86_64.con.patch [bz#632257] - kvm-BZ-647308-Support-Westmere-as-a-CPU-model-or-include.patch [bz#647308] - kvm-trace-Add-trace-events-file-for-declaring-trace-even.patch [bz#632722] - kvm-trace-Support-disabled-events-in-trace-events.patch [bz#632722] - kvm-trace-Add-user-documentation.patch [bz#632722] - kvm-trace-Trace-qemu_malloc-and-qemu_vmalloc.patch [bz#632722] - kvm-trace-Trace-virtio-blk-multiwrite-and-paio_submit.patch [bz#632722] - kvm-trace-Trace-virtqueue-operations.patch [bz#632722] - kvm-trace-Trace-port-IO.patch [bz#632722] - kvm-trace-Trace-entry-point-of-balloon-request-handler.patch [bz#632722] - kvm-trace-fix-a-typo.patch [bz#632722] - kvm-trace-fix-a-regex-portability-problem.patch [bz#632722] - kvm-trace-avoid-unnecessary-recompilation-if-nothing-cha.patch [bz#632722] - kvm-trace-Use-portable-format-strings.patch [bz#632722] - kvm-trace-Don-t-strip-lines-containing-arbitrarily.patch [bz#632722] - kvm-trace-Trace-bdrv_aio_-readv-writev.patch [bz#632722] - kvm-trace-remove-timestamp-files-when-cleaning-up.patch [bz#632722] - kvm-trace-Format-strings-must-begin-end-with-double-quot.patch [bz#632722] - kvm-apic-convert-debug-printf-statements-to-tracepoints.patch [bz#632722] - kvm-Add-a-DTrace-tracing-backend-targetted-for-SystemTAP.patch [bz#632722] - kvm-Add-support-for-generating-a-systemtap-tapset-static.patch [bz#632722] - kvm-trace-Trace-vm_start-vm_stop.patch [bz#632722] - spec file changes to enable trace support [bz#632722] - Resolves: bz#632257 (Duplicate CPU fea.tures in cpu-x86_64.conf) - Resolves: bz#632722 ([6.1 FEAT] QEMU static tracing framework) - Resolves: bz#647308 (Support Westmere as a CPU model or included within existing models..) [qemu-kvm-0.12.1.2-2.129.el6] - kvm-let-management-choose-whether-transparent-huge-pages.patch [bz#628308] - kvm-tap-generalize-code-for-different-vnet-header-len.patch [bz#616659] - kvm-tap-add-APIs-for-vnet-header-length.patch [bz#616659] - kvm-vhost_net-mergeable-buffers-support.patch [bz#616659] - kvm-vhost-Fix-address-calculation-in-vhost_dev_sync_regi.patch [bz#623552] - Resolves: bz#616659 (mrg buffers: migration breaks between systems with/without vhost) - Resolves: bz#623552 (SCP image fails from host to guest with vhost on when do migration) - Resolves: bz#628308 ([RFE] let management choose whether transparent huge pages are used) [qemu-kvm-0.12.1.2-2.128.el6] - kvm-virtio-invoke-set_status-callback-on-reset.patch [bz#623735] - kvm-virtio-net-unify-vhost-net-start-stop.patch [bz#623735] - kvm-tap-clear-vhost_net-backend-on-cleanup.patch [bz#623735] - kvm-tap-make-set_offload-a-nop-after-netdev-cleanup.patch [bz#623735] - Resolves: bz#623735 (hot unplug of vhost net virtio NIC causes qemu segfault) [qemu-kvm-0.12.1.2-2.127.el6] - kvm-pci-import-Linux-pci_regs.h.patch [bz#624790] - kvm-pci-s-PCI_SUBVENDOR_ID-PCI_SUBSYSTEM_VENDOR_ID-g.patch [bz#624790] - kvm-pci-use-pci_regs.h.patch [bz#624790] - kvm-pci-add-API-to-add-capability-at-a-known-offset.patch [bz#624790] - kvm-pci-consolidate-pci_add_capability_at_offset-into-pc.patch [bz#624790] - kvm-pci-pci_default_cap_write_config-ignores-wmask.patch [bz#624790] - kvm-pci-Remove-pci_enable_capability_support.patch [bz#624790] - kvm-device-assignment-Use-PCI-capabilities-support.patch [bz#624790] - kvm-pci-Replace-used-bitmap-with-config-byte-map.patch [bz#624790] - kvm-pci-Remove-cap.length-cap.start-cap.supported.patch [bz#624790] - kvm-device-assignment-Move-PCI-capabilities-to-match-phy.patch [bz#624790] - kvm-pci-Remove-capability-specific-handlers.patch [bz#624790] - kvm-device-assignment-Make-use-of-config_map.patch [bz#624790] - kvm-device-assignment-Fix-off-by-one-in-header-check.patch [bz#624790] - kvm-pci-Remove-PCI_CAPABILITY_CONFIG_.patch [bz#624790] - kvm-pci-Error-on-PCI-capability-collisions.patch [bz#624790] - kvm-device-assignment-Error-checking-when-adding-capabil.patch [bz#624790] - kvm-device-assignment-pass-through-and-stub-more-PCI-cap.patch [bz#624790] - Resolves: bz#624790 (pass through fails with KVM using Neterion Inc's X3100 Series 10GbE PCIe I/O Virtualized Server Adapter in Multifunction mode.) [qemu-kvm-0.12.1.2-2.126.el6] - kvm-Fix-build-problem-with-recent-compilers.patch [bz#662633] - kvm-vhost-fix-infinite-loop-on-error-path.patch [bz#628634] - Resolves: bz#628634 (vhost_net: untested error handling in vhost_net_start) - Resolves: bz#662633 (Fix build problem with recent compilers) [qemu-kvm-0.12.1.2-2.125.el6] - kvm-New-option-fake-machine.patch [bz#658288] - spec file code for --enable-fake-machine [bz#658288] - Resolves: bz#658288 (Include (disabled by default) -fake-machine patch on qemu-kvm RPM spec) [qemu-kvm-0.12.1.2-2.124.el6] - kvm-Fix-compilation-error-missing-include-statement.patch [bz#608548] - kvm-use-qemu_blockalign-consistently.patch [bz#608548] - kvm-raw-posix-handle-512-byte-alignment-correctly.patch [bz#608548] - kvm-virtio-blk-propagate-the-required-alignment.patch [bz#608548] - kvm-scsi-disk-propagate-the-required-alignment.patch [bz#608548] - kvm-ide-propagate-the-required-alignment.patch [bz#608548] - kvm-Support-marking-a-device-as-non-migratable.patch [bz#635954] - kvm-device-assignment-Register-as-un-migratable.patch [bz#635954] - Resolves: bz#608548 (QEMU doesn't respect hardware sector size of underlying block device when doing O_DIRECT) - Resolves: bz#635954 (RFE: Assigned device should block migration) [qemu-kvm-0.12.1.2-2.123.el6] - kvm-qcow2-Implement-bdrv_truncate-for-growing-images.patch [bz#613893] - kvm-qemu-img-Add-resize-command-to-grow-shrink-disk-imag.patch [bz#613893] - kvm-qemu-img-Fix-copy-paste-bug-in-documentation.patch [bz#613893] - Resolves: bz#613893 ([RFE] qemu-io enable truncate function for qcow2.) [qemu-kvm-0.12.1.2-2.122.el6] - kvm-cleanup-block-driver-option-handling-in-vl.c.patch [bz#653536] - kvm-Add-cache-unsafe-parameter-to-drive.patch [bz#653536] - kvm-move-unsafe-to-end-of-caching-modes-in-help.patch [bz#653536] - kvm-qemu-img-Eliminate-bdrv_new_open-code-duplication.patch [bz#653536] - kvm-qemu-img-Fix-BRDV_O_FLAGS-typo.patch [bz#653536] - kvm-qemu-img-convert-Use-cache-unsafe-for-output-image.patch [bz#653536] - kvm-block-Fix-virtual-media-change-for-if-none.patch [bz#625319] - kvm-Check-for-invalid-initrd-file.patch [bz#624721] - kvm-qcow-qcow2-implement-bdrv_aio_flush.patch [bz#653972] - kvm-block-Remove-unused-s-hd-in-various-drivers.patch [bz#653972] - kvm-qcow2-Remove-unnecessary-flush-after-L2-write.patch [bz#653972] - kvm-qcow2-Move-sync-out-of-write_refcount_block_entries.patch [bz#653972] - kvm-qcow2-Move-sync-out-of-update_refcount.patch [bz#653972] - kvm-qcow2-Move-sync-out-of-qcow2_alloc_clusters.patch [bz#653972] - kvm-qcow2-Get-rid-of-additional-sync-on-COW.patch [bz#653972] - kvm-cutils-qemu_iovec_copy-and-qemu_iovec_memset.patch [bz#653972] - kvm-qcow2-Avoid-bounce-buffers-for-AIO-read-requests.patch [bz#653972] - kvm-qcow2-Avoid-bounce-buffers-for-AIO-write-requests.patch [bz#653972] - kvm-kill-empty-index-on-qemu-doc.texi.patch [bz#604992] - kvm-add-VMSTATE_BOOL.patch [bz#645342] - kvm-Add-Intel-HD-Audio-support-to-qemu.patch [bz#645342] - Resolves: bz#604992 (index is empty in qemu-doc.html) - Resolves: bz#624721 ([qemu] [rhel6] bad error handling when qemu has no 'read' permissions over {kernel,initrd} files [pass boot options]) - Resolves: bz#625319 (Failed to update the media in floppy device) - Resolves: bz#645342 (Implement QEMU driver for modern sound device like Intel HDA) - Resolves: bz#653536 (qemu-img convert poor performance) - Resolves: bz#653972 (qcow2: Backport performance related patches) [qemu-kvm-0.12.1.2-2.121.el6] - kvm-monitor-Rename-argument-type-b-to-f.patch [bz#625681] - kvm-monitor-New-argument-type-b-bool.patch [bz#625681] - kvm-monitor-Use-argument-type-b-for-set_link.patch [bz#625681] - kvm-monitor-Convert-do_set_link-to-QObject-QError.patch [bz#625681] - Resolves: bz#625681 (RFE QMP: should have command to disconnect and connect network card for whql testing) [qemu-kvm-0.12.1.2-2.120.el6] - kvm-Fix-snapshot-deleting-images-on-disk-change.patch [bz#653582] - Resolves: bz#653582 (Changing media with -snapshot deletes image file) [qemu-kvm-0.12.1.2-2.119.el6] - kvm-bz-603413-e1000-secrc-support.patch [bz#603413] - kvm-net-properly-handle-illegal-fd-vhostfd-from-command-.patch [bz#581750] - kvm-Enable-non-page-boundary-BAR-device-assignment.patch [bz#647307] - kvm-Fix-build-failure-with-DEVICE_ASSIGNMENT_DEBUG.patch [bz#647307] - kvm-slow_map-minor-improvements-to-ROM-BAR-handling.patch [bz#647307] - kvm-device-assignment-Always-use-slow-mapping-for-PCI-op.patch [bz#647307] - kvm-e1000-Fix-TCP-checksum-overflow-with-TSO.patch [bz#648333] - kvm-device-assignment-Fix-slow-option-ROM-mapping.patch [bz#647307] - Resolves: bz#581750 (Vhost: Segfault when assigning a none vhostfd) - Resolves: bz#603413 (RHEL3.9 guest netdump hung with e1000) - Resolves: bz#647307 (Support slow mapping of PCI Bars) - Resolves: bz#648333 (TCP checksum overflows in qemu's e1000 emulation code when TSO is enabled in guest OS) [qemu-kvm-0.12.1.2-2.118.el6] - kvm-net-delay-freeing-peer-host-device.patch [bz#634661] - kvm-QMP-Improve-debuggability-of-the-BLOCK_IO_ERROR-even.patch [bz#624607] - Resolves: bz#624607 ([qemu] [rhel6] guest installation stop (pause) on 'eother' event over COW disks (thin-provisioning)) - Resolves: bz#634661 ([RHEL6 Snap13]: Hot-unplugging of virtio nic issue in Windows2008 KVM guest.) [qemu-kvm-0.12.1.2-2.117.el6] - kvm-savevm-Really-verify-if-a-drive-supports-snapshots.patch [bz#599307] - kvm-drop-boot-on-from-help-string.patch [bz#643681] - kvm-Fix-parameters-of-prctl.patch [bz#585910] - kvm-Ignore-SRAO-MCE-if-another-MCE-is-being-processed.patch [bz#585910] - kvm-Add-RAM-physical-addr-mapping-in-MCE-simulation.patch [bz#585910] - kvm-Add-savevm-loadvm-support-for-MCE.patch [bz#585910] - kvm-Fix-SRAO-SRAR-MCE-injecting-on-guest-without-MCG_SER.patch [bz#585910] - Resolves: bz#585910 ([Intel 6.1 Bug] SRAO MCE in guest kills QEMU-KVM (qemu-kvm component)) - Resolves: bz#599307 (info snapshot return 'bdrv_snapshot_list: error -95') - Resolves: bz#643681 (Do not advertise boot=on capability to libvirt) [qemu-kvm-0.12.1.2-2.116.el6] - ksmtuned: committed_memory of 0 qemus [bz#609016] - kvm-Fix-underflow-error-in-device-assignment-size-check.patch [bz#632054] - kvm-check-for-close-errors-on-qcow2_create.patch [bz#641127] - Resolves: bz#609016 (incorrect committed memory on idle host) - Resolves: bz#632054 ([Intel 6.0 Virt] guest bootup fail with intel 82574L NIC assigned) - Resolves: bz#641127 (qemu-img ignores close() errors) [qemu-kvm-0.12.1.2-2.115.el6] - kvm-spice-qxl-update-modes-ptr-in-post_load.patch [bz#631522] - kvm-spice-qxl-make-draw_area-and-vgafb-share-memory.patch [bz#631522] - Give a nicer message if retune is called while ksmtuned is off [bz#637976] - Resolves: bz#631522 (spice: prepare qxl for 6.1 update.) - Resolves: bz#637976 (ksmtuned: give a nicer message if retune is called while ksmtuned is off) [qemu-kvm-0.12.1.2-2.114.el6] - fix ksmd.init 'status' [bz#570467] - kvm-virtio-net-Make-tx_timer-timeout-configurable.patch [bz#624767] - kvm-virtio-net-Limit-number-of-packets-sent-per-TX-flush.patch [bz#624767] - kvm-virtio-net-Rename-tx_timer_active-to-tx_waiting.patch [bz#624767] - kvm-virtio-net-Introduce-a-new-bottom-half-packet-TX.patch [bz#624767] - kvm-spice-qxl-enable-some-highres-modes.patch [bz#482427] - kvm-add-MADV_DONTFORK-to-guest-physical-memory-v2.patch [bz#633699] - kvm-virtio-serial-Check-if-virtio-queue-is-ready-before-.patch [bz#596610] - kvm-virtio-serial-Assert-for-virtio-queue-ready-before-v.patch [bz#596610] - kvm-virtio-serial-Check-if-more-max_ports-specified-than.patch [bz#616703] - kvm-virtio-serial-Cleanup-on-device-hot-unplug.patch [bz#624396] - kvm-block-Fix-image-re-open-in-bdrv_commit.patch [bz#635354] - kvm-qxl-clear-dirty-rectangle-on-resize.patch [bz#617119] - kvm-VGA-Don-t-register-deprecated-VBE-range.patch [bz#625948] - kvm-BZ-619168-qemu-should-more-clearly-indicate-internal.patch [bz#619168] - kvm-fix-and-on-russian-keymap.patch [bz#639437] - Resolves: bz#482427 (support high resolutions) - Resolves: bz#570467 ([RHEL 6] Initscripts improvement for ksm and ksmtuned) - Resolves: bz#596610 ('Guest moved used index from 0 to 61440' if remove virtio serial device before virtserialport) - Resolves: bz#616703 (qemu-kvm core dump with virtio-serial-pci max-port greater than 31) - Resolves: bz#617119 (Qemu becomes unresponsive during unattended_installation) - Resolves: bz#619168 (qemu should more clearly indicate internal detection of this host out-of-memory condition at startup..) - Resolves: bz#624396 (migration failed after hot-unplug virtserialport - Unknown savevm section or instance '0000:00:07.0/virtio-console' 0) - Resolves: bz#624767 (Replace virtio-net TX timer mitigation with bottom half handler) - Resolves: bz#625948 (qemu exits when hot adding rtl8139 nic to win2k8 guest) - Resolves: bz#633699 (Cannot hot-plug nic in windows VM when the vmem is larger) - Resolves: bz#635354 (Can not commit copy-on-write image's data to raw backing-image) - Resolves: bz#639437 (Incorrect russian vnc keymap) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1751 CVE-2011-1750 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.6.32-131.0.15.el6] - [build] disable Werr for external modules (Aristeu Rozanski) [703504] [2.6.32-131.0.14.el6] - [scsi] hpsa: fix reading a write only register causes a hang (Rob Evers) [703262] - [scsi] mpt2sas: remove the use of writeq, since writeq is not atomic (Tomas Henzl) [701947] [2.6.32-131.0.13.el6] - [scsi] hpsa: fix lost command problem (Tomas Henzl) [700430] - [scsi] cciss: fix lost command problem (Tomas Henzl) [700430] - [scsi] ibft: fix oops during boot (Mike Christie) [698737] [2.6.32-131.0.12.el6] - [scsi] beiscsi: update version (Mike Christie) [674340] - [scsi] be2iscsi: fix chip cleanup (Mike Christie) [674340] - [scsi] be2iscsi: fix boot hang due to interrupts not getting rearmed (Mike Christie) [674340] - [scsi] bnx2fc: fix regression due to incorrect setup of em for npiv port (Mike Christie) [700672] - [ppc] pseries: Use a kmem cache for DTL buffers (Steve Best) [695678] [2.6.32-131.0.11.el6] - [kdump] revert commit 8f4ec27fc to keep crashkernel=auto (Amerigo Wang) [605786] [2.6.32-131.0.10.el6] - [netdrv] cnic: fix hang due to rtnl_lock (Mike Christie) [694874] - [netdrv] firmware: re-add the recently deleted bnx2x fw 6.2.5.0 (Michal Schmidt) [690470] - [netdrv] firmware/bnx2x: add 6.2.9.0 fw, remove unused fw (Michal Schmidt) [690470] - [netdrv] bnx2x, cnic: Disable iSCSI if DCBX negotiation is successful (Michal Schmidt) [690470] - [netdrv] bnx2x: don't write dcb/llfc fields in STORM memory (Michal Schmidt) [690470] - [netdrv] bnx2x: Update firmware to 6.2.9 (Michal Schmidt) [690470] [2.6.32-131.0.9.el6] - [net] limit socket backlog add operation to prevent possible DoS (Jiri Pirko) [694396] {CVE-2010-4251} - [scsi] mpt2sas: prevent heap overflows and unchecked (Tomas Henzl) [694023] {CVE-2011-1494 CVE-2011-1495} - [fs] epoll: prevent creating circular epoll structures (Don Howard) [681683] {CVE-2011-1082} - [mm] Prevent page_fault at do_mm_track_pte+0xc when Stratus dirty page tracking is active (Larry Woodman) [693786] - [fs] GFS2 causes kernel panic in spectator mode (Steven Whitehouse) [696535] - [net] bonding: interface doesn't issue IGMP report on slave interface during failover (Flavio Leitner) [640690] - [scsi] isci: validate oem parameters early, and fallback (David Milburn) [698016] - [scsi] isci: fix oem parameter header definition (David Milburn) [698016] [2.6.32-131.0.8.el6] - [scsi] mark bfa fc adapters tech preview (Rob Evers) [698384] - [virt] Revert pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Aristeu Rozanski) [691310] - [i686] nmi watchdog: Enable panic on hardlockup (Don Zickus) [677532] - [netdrv] Adding Chelsio Firmware for cxgb4 (Neil Horman) [691929] [2.6.32-131.0.7.el6] - [virt] x86: better fix for race between nmi injection and enabling nmi window (Aristeu Rozanski) - [virt] x86: revert 'fix race between nmi injection and enabling nmi window' (Aristeu Rozanski) [2.6.32-131.0.6.el6] - [net] bonding: fix jiffy comparison issues (Andy Gospodarek) [696337] [2.6.32-131.0.5.el6] - [kernel] perf: add script command help (Jiri Olsa) [693050] - [drm] radeon/kms: make radeon i2c put/get bytes less noisy (Frank Arnold) [693829] - [drm] radeon/kms: fix hardcoded EDID handling (Frank Arnold) [693829] - [x86] Revert '[x86] perf: P4 PMU - Fix unflagged overflows handling' (Don Zickus) [688547] - [x86] perf: let everyone share counters on a P4 machine (Don Zickus) [688547] - [fs] nfs: Ensure that NFS4 acl requests don't use slab in skb fraglist (Neil Horman) [682645] {CVE-2011-1090} - [fs] partitions: Validate map_count in Mac partition tables (Danny Feng) [679286] {CVE-2011-1010} [2.6.32-131.0.4.el6] - [scsi] ibft: search for broadcom specific ibft sign (Mike Christie) [696275] - [fs] Fix corrupted OSF partition table parsing (Danny Feng) [688025] {CVE-2011-1163} - [netdrv] ixgbe: DCB, X540 devices do not respond to pause frames (Andy Gospodarek) [694930] - [netdrv] ixgbe: DCB, misallocated packet buffer size with X540 device (Andy Gospodarek) [694930] - [netdrv] ixgbe: refactor common start_hw code for 82599 and x54 (Andy Gospodarek) [694930] - [netdrv] ixgbe: balance free_irq calls with request_irq calls (Andy Gospodarek) [692988] [2.6.32-131.0.3.el6] - [net] sctp: fix the INIT/INIT-ACK chunk length calculation (Thomas Graf) [690743] {CVE-2011-1573} - [kernel] sched: Fix granularity of task_u/stime() (Jerome Marchand) [690998] - [pci] Call PCIe _OSC methods earlier (Matthew Garrett) [693974] - [fs] nfs: use unstable writes for groups of small DIO writes (Jeff Layton) [694309] - [net] CAN: Use inode instead of kernel address for /proc file (Danny Feng) [664561] {CVE-2010-4565} - [x86] mce: reject CEs on Westmere EX MCE bank 6 (Prarit Bhargava) [694891] - [scsi] libfcoe: Incorrect CVL handling for NPIV ports (Mike Christie) [694906] - [x86] perf: Complain louder about BIOSen corrupting CPU/PMU state and continue (Don Zickus) [694913] - [fs] inotify: fix double free/corruption of stuct user (Eric Paris) [656832] {CVE-2010-4250} - [netdrv] netxen: limit skb frags for non tso packet (Chad Dupuis) [695478] - [fs] nfsd4: fix oops on lock failure (J. Bruce Fields) [696376] - [netdrv] Return bnx2 firmware files to Makefile (John Feeney) [696365] - [scsi] be2iscsi: fix be2iscsi rmmod (Mike Christie) [695585] - [netdrv] qlcnic: limit skb frags for non tso packet (Bob Picco) [695488] - [md] Cleanup after raid45->raid0 takeover (Dean Nelson) [694106] - [md] revert 'Cleanup after raid45->raid0 takeover patch' (Dean Nelson) [694106] - [net] bonding: fix incorrect tx queue offset (Andy Gospodarek) [695548] {CVE-2011-1581} - [netdrv] igb: for 82576 EEPROMs reporting invalid size default to 16kB (Stefan Assmann) [695751] - [pci] return correct value when writing to the 'reset' attribute (Alex Williamson) [690291] - [kernel] Initalize call_single_queue during boot to handle left over ipi (Neil Horman) [680478] [2.6.32-131.0.2.el6] - [virt] x86: better fix for race between nmi injection and enabling nmi window (Marcelo Tosatti) [684719] - [virt] x86: revert 'fix race between nmi injection and enabling nmi window' (Marcelo Tosatti) [684719] [2.6.32-131.0.1.el6] - [mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Larry Woodman) [691310] - [drm] i915: backports from stable to fix some regressions (Dave Airlie) [690865] - [fs] svcrpc: complete svsk processing on cb receive failure (J. Bruce Fields) [629030] - [ppc] pseries: fix hang caused by missing spin_unlock in dtl_disable (Steve Best) [694327] - [ppc] pseries: Disable VPNH feature (Steve Best) [694266] - [netdrv] bna: Avoid kernel panic in case of FW heartbeat failure (Ivan Vecera) [694115] - [input] wacom: Move the cintiq initialization down (Peter Hutterer) [693573] - [input] wacom: specify Cinitq supported tools (Peter Hutterer) [693573] - [input] wacom: fix pressure in Cintiq 21UX2 (Peter Hutterer) [693573] - [input] wacom: fix serial number handling on Cintiq 21UX2 (Peter Hutterer) [693573] - [input] wacom: add Cintiq 21UX2 and Intuos4 WL (Peter Hutterer) [693573] - [kernel] spec: strip note and comment from ppc64's vmlinux before checksum is calculated (Aristeu Rozanski) [692515] - [scsi] fcoe: have fcoe log off and lport destroy before ndo_fcoe_disable (Mike Christie) [691611] - [scsi] libfc: rec tov value and REC_TOV_CONST units usages is incorrect (Mike Christie) [691611] - [scsi] libfcoe: fix wrong comment in fcoe_transport_detach (Mike Christie) [691611] - [scsi] libfcoe: clean up netdev mapping properly when the transport goes away (Mike Christie) [691611] - [scsi] fcoe: remove unnecessary module state check (Mike Christie) [691611] - [scsi] fcoe: Remove mutex_trylock/restart_syscall checks (Mike Christie) [691611] - [scsi] libfcoe: Remove mutex_trylock/restart_syscall checks (Mike Christie) [691611] - [scsi] fcoe: correct checking for bonding (Mike Christie) [691611] - [scsi] fcoe: fix broken fcoe interface reset (Mike Christie) [691611] - [scsi] fcoe: precedence bug in fcoe_filter_frames() (Mike Christie) [691611] - [scsi] libfcoe: Move FCOE_MTU definition from fcoe.h to libfcoe.h (Mike Christie) [691611] - [scsi] libfc: remove duplicate ema_list init (Mike Christie) [691611] - [scsi] fcoe, libfc: initialize EM anchors list and then update npiv EMs (Mike Christie) [691611] - [scsi] libfc: Fixing a memory leak when destroying an interface (Mike Christie) [691611] - [scsi] fc: Add GSPN_ID request to header file (Mike Christie) [691611] - [scsi] hpsa: fix pci_device_id table (Tomas Henzl) [684997] - [netdrv] ixgbe: only enable WoL for magic packet by default (Andy Gospodarek) [632598] - [mm] zram: disable zram on ppc64 (Jerome Marchand) [661293] - [mm] zram: update config file (Jerome Marchand) [661293] - [mm] zram: initialize device on first read (Jerome Marchand) [661293] - [mm] zram: fix data corruption issue (Jerome Marchand) [661293] - [mm] zram: xvmalloc: combine duplicate block delete code (Jerome Marchand) [661293] - [mm] zram: Return zero'd pages on new reads (Jerome Marchand) [661293] - [mm] zram: xvmalloc: Close 32byte hole on 64bit CPUs (Jerome Marchand) [661293] - [mm] zram: xvmalloc: create CONFIG_ZRAM_DEBUG for debug code (Jerome Marchand) [661293] - [mm] zram: xvmalloc: free bit block insertion optimization (Jerome Marchand) [661293] - [mm] zram: Prevent overflow in logical block size (Jerome Marchand) [661293] - [mm] zram: vmalloc: Correct tunings to enable use with 64K pages (Jerome Marchand) [661293] - [mm] zram: xvmalloc.c: Fix a typo (Jerome Marchand) [661293] - [mm] zram: Fix sparse warning 'Using plain integer as NULL pointer' (Jerome Marchand) [661293] [2.6.32-131.el6] - [tracing] t_start: reset FTRACE_ITER_HASH in case of seek/pread (Jiri Olsa) [631626] {CVE-2010-3079} - [scsi] scsi_dh_rdac: fix for lun_table update for rdac (Rob Evers) [687878] - [usb] EHCI: unlink unused QHs when the controller is stopped (Don Zickus) [680987] - [fs] Revert '[fs] sunrpc: Use static const char arrays' (Steve Dickson) [690754] - [fs] sunrpc: Propagate errors from xs_bind() through xs_create_sock() (Steve Dickson) [689777] - [net] netfilter: ipt_CLUSTERIP: fix buffer overflow (Jiri Pirko) [689342] - [net] ipv6: netfilter: ip6_tables: fix infoleak to userspace (Jiri Pirko) [689351] {CVE-2011-1172} - [net] netfilter: ip_tables: fix infoleak to userspace (Jiri Pirko) [689334] {CVE-2011-1171} - [net] netfilter: arp_tables: fix infoleak to userspace (Jiri Pirko) [689325] {CVE-2011-1170} - [kernel] remove kernel-debuginfo-common requires from perf-debuginfo (Jason Baron) [682012] - [drm] radeon/kms: check AA resolve registers on r300 + regression fix (Dave Airlie) [680002] {CVE-2011-1016} - [net] fix ebtables stack infoleak (Eugene Teo) [681323] {CVE-2011-1080} - [drm] fix unsigned vs signed comparison issue in modeset ctl ioctl (Don Howard) [679928] {CVE-2011-1013} - [fs] svcrpc: take advantage of tcp autotuning (J. Bruce Fields) [629030] - [fs] SUNRPC: Don't wait for full record to receive tcp data (J. Bruce Fields) [629030] - [net] svcrpc: copy cb reply instead of pages (J. Bruce Fields) [629030] - [fs] svcrpc: close connection if client sends short packet (J. Bruce Fields) [629030] - [fs] svcrpc: note network-order types in svc_process_calldir (J. Bruce Fields) [629030] - [fs] SUNRPC: svc_tcp_recvfrom cleanup (J. Bruce Fields) [629030] - [fs] SUNRPC: requeue tcp socket less frequently (J. Bruce Fields) [629030] - [fs] rpc: move sk_bc_xprt to svc_xprt (J. Bruce Fields) [629030] - [acpi] ACPICA: Truncate I/O addresses to 16 bits for Windows compatibility (Frank Arnold) [593766] [2.6.32-130.el6] - [kernel] kcore: restrict access to the whole memory (Amerigo Wang) [663864] - [scsi] libsas: flush initial device discovery before completing ->scan_finished (David Milburn) [682265] - [md] Cleanup after raid45->raid0 takeover (Doug Ledford) [688725] - [md] partition detection when array becomes active (Doug Ledford) [688725] - [md] avoid spinlock problem in blk_throtl_exit (Doug Ledford) [679096 688725] - [md] correctly handle probe of an 'mdp' device (Doug Ledford) [688725] - [md] don't set_capacity before array is active (Doug Ledford) [688725] - [md] Fix raid1->raid0 takeover (Doug Ledford) [688725] - [md] process hangs at wait_barrier after 0->10 takeover (Doug Ledford) [688725] - [md] md_make_request: don't touch the bio after calling make_request (Doug Ledford) [688725] - [md] Don't allow slot_store while resync/recovery is happening (Doug Ledford) [688725] - [md] don't clear curr_resync_completed at end of resync (Doug Ledford) [688725] - [md] Don't use remove_and_add_spares to remove failed devices from a read-only array (Doug Ledford) [688725] - [md] Add raid1->raid0 takeover support (Doug Ledford) [688725] - [md] Remove the AllReserved flag for component devices (Doug Ledford) [688725] - [md] don't abort checking spares as soon as one cannot be added (Doug Ledford) [688725] - [md] fix the test for finding spares in raid5_start_reshape (Doug Ledford) [688725] - [md] simplify some 'if' conditionals in raid5_start_reshape (Doug Ledford) [688725] - [md] revert change to raid_disks on failure (Doug Ledford) [688725] - [md] Fix removal of extra drives when converting RAID6 to RAID5 (Doug Ledford) [688725] - [md] range check slot number when manually adding a spare (Doug Ledford) [688725] - [md] raid5: handle manually-added spares in start_reshape (Doug Ledford) [688725] - [md] fix sync_completed reporting for very large drives (>2TB) (Doug Ledford) [688725] - [md] allow suspend_lo and suspend_hi to decrease as well as increase (Doug Ledford) [688725] - [md] Don't let implementation detail of curr_resync leak out through sysfs (Doug Ledford) [688725] - [md] separate meta and data devs (Doug Ledford) [688725] - [md] add new param to_sync_page_io() (Doug Ledford) [688725] - [md] new param to calc_dev_sboffset (Doug Ledford) [688725] - [md] Be more careful about clearing flags bit in ->recovery (Doug Ledford) [688725] - [md] md_stop_writes requires mddev_lock (Doug Ledford) [688725] - [md] raid5: use sysfs_notify_dirent_safe to avoid NULL pointer (Doug Ledford) [688725] - [md] Ensure no IO request to get md device before it is properly initialised (Doug Ledford) [688725] - [md] Fix single printks with multiple KERN_<level>s (Doug Ledford) [688725] - [md] fix regression resulting in delays in clearing bits in a bitmap (Doug Ledford) [688725] - [md] fix regression with re-adding devices to arrays with no metadata (Doug Ledford) [688725] - [md] pick some changes from commits to match upstream (Doug Ledford) [688725] - [md] raid1: add takeover support for raid5->raid1 (Doug Ledford) [688725] - [md] pick up some percpu annotations that upstream has (Doug Ledford) [688725] - [md] update includes to match upstream (Doug Ledford) [688725] - [scsi] isci: fix fragile/conditional isci_host lookups (David Milburn) [691591] - [scsi] isci: cleanup isci_remote_device[_not]_ready interface (David Milburn) [691591] - [scsi] isci: Qualify when the host lock is managed for STP/SATA callbacks (David Milburn) [691591] - [scsi] isci: Fix use of SATA soft reset state machine (David Milburn) [691591] - [scsi] isci: Free host lock for SATA/STP abort escalation at submission time (David Milburn) [691591] - [scsi] isci: Properly handle requests in the 'aborting' state (David Milburn) [691591] - [scsi] isci: Remove 'screaming' data types (David Milburn) [691591] - [scsi] isci: remove unused 'remote_device_started' (David Milburn) [691591] - [scsi] isci: namespacecheck cleanups (David Milburn) [691591] - [scsi] isci: kill some long macros (David Milburn) [691591] - [scsi] isci: reorder init to cleanup unneeded declarations (David Milburn) [691591] - [scsi] isci: Remove event_* calls as they are just wrappers (David Milburn) [691591] - [netdrv] iwlagn: Support new 5000 microcode (Stanislaw Gruszka) [682742] - [netdrv] iwlwifi: fix dma mappings and skbs leak (Stanislaw Gruszka) [682726] - [netdrv] iwl3945: remove plcp check (Stanislaw Gruszka) [679002] - [netdrv] iwlwifi: add {ack,plpc}_check module parameters (Stanislaw Gruszka) [620501] - [fs] ext4: Fix ext4_quota_write cross block boundary behaviour (Lukas Czerner) [680105] - [fs] quota: Don't write quota info in dquot_commit() (Lukas Czerner) [680105] - [netdrv] be2net: Change f/w command versions for Lancer (Ivan Vecera) [685027] - [netdrv] be2net: Remove ERR compl workaround for Lancer (Ivan Vecera) [685027] - [netdrv] be2net: fix to ignore transparent vlan ids wrongly indicated by NIC (Ivan Vecera) [685027] - [netdrv] be2net: pass proper hdr_size while flashing redboot (Ivan Vecera) [685027] - [netdrv] be2net: Allow VFs to call be_cmd_reset_function (Ivan Vecera) [685027] - [netdrv] be2net: pass domain numbers for pmac_add/del functions (Ivan Vecera) [685027] - [netdrv] be2net: Initialize and cleanup sriov resources only if pci_enable_sriov has succeeded (Ivan Vecera) [685027] - [netdrv] be2net: Use domain id when be_cmd_if_destroy is called (Ivan Vecera) [685027] - [netdrv] be2net: While configuring QOS for VF, pass proper domain id (Ivan Vecera) [685027] - [netdrv] benet: Avoid potential null deref in be_cmd_get_seeprom_data() (Ivan Vecera) [685027] - [netdrv] benet: fix be_cmd_multicast_set() memcpy bug (Ivan Vecera) [685027] - [ppc] kdump: Override crash_free_reserved_phys_range to avoid freeing RTAS (Steve Best) [672983] - [kernel] kdump: Allow shrinking of kdump region to be overridden (Steve Best) [672983] - [scsi] bnx2fc: Bumped version to 1.0.2 (Mike Christie) [683153] - [scsi] bnx2fc: Fix kernel panic when deleting NPIV ports (Mike Christie) [683153] - [scsi] bnx2fc: scsi_dma_unmap() not invoked on IO completions (Mike Christie) [683153] - [scsi] bnx2fc: host stats show the link speed 'unknown' on NIC partitioned interfaces (Mike Christie) [683153] - [scsi] bnx2fc: IO completion not processed due to missed wakeup (Mike Christie) [683153] - [scsi] bnx2fc: Bump version to 1.0.1 (Mike Christie) [683153] - [scsi] bnx2fc: Remove unnecessary module state checks (Mike Christie) [683153] - [scsi] bnx2fc: Fix MTU issue by using static MTU (Mike Christie) [683153] - [scsi] bnx2fc: Remove network bonding checking (Mike Christie) [683153] - [scsi] bnx2fc: Call bnx2fc_return_rqe and bnx2fc_get_next_rqe with tgt lock held (Mike Christie) [683153] - [scsi] bnx2fc: common free list for cleanup commands (Mike Christie) [683153] - [scsi] bnx2fc: Remove rtnl_trylock/restart_syscall checks (Mike Christie) [683153] - [netdrv] cnic: Fix lost interrupt on bnx2x (Mike Christie) [683153] - [netdrv] cnic: Prevent status block race conditions with hardware (Mike Christie) [683153] - [kernel] ring-buffer: Use sync sched protection on ring buffer resizing (Jiri Olsa) [676583] - [kernel] tracing: avoid soft lockup in trace_pipe (Jiri Olsa) [676583] - [kernel] tracing: Fix a race in function profile (Jiri Olsa) [676583] - [block] cfq-iosched: Don't update group weights when on service tree (Vivek Goyal) [689551] - [block] cfq-iosched: Get rid of on_st flag (Vivek Goyal) [689551] - [net] tcp_cubic: fix low utilization of CUBIC with HyStart (Thomas Graf) [616985] - [net] tcp_cubic: make the delay threshold of HyStart less sensitive (Thomas Graf) [616985] - [net] tcp_cubic: enable high resolution ack time if needed (Thomas Graf) [616985] - [net] tcp_cubic: fix clock dependency (Thomas Graf) [616985] - [net] tcp_cubic: make ack train delta value a parameter (Thomas Graf) [616985] - [net] tcp_cubic: fix comparison of jiffies (Thomas Graf) [616985] - [net] tcp: fix RTT for quick packets in congestion control (Thomas Graf) [616985] - [fs] fix GFS2 filesystem hang caused by incorrect lock order (Robert S Peterson) [651584] - [fs] btrfs: bring us up to date with .38 (Josef Bacik) [684667] - [ppc] add dynamic dma window support minor updates (Steve Best) [691952] - [ppc] ptrace: Remove BUG_ON when full register set not available (Steve Best) [678099] - [ppc] pseries: Disable MSI using new interface if possible (Steve Best) [684961] - [ppc] kexec: Fix orphaned offline CPUs across kexec (Steve Best) [682875] - [net] ipsec: Disable granular bundles (Herbert Xu) [631833] - [scsi] libsas: fix runaway error handler problem (David Milburn) [691527] - [scsi] mpt2sas: Added customer specific display support (Tomas Henzl) [684841] - [scsi] Add next gen Dell Powervault controller MD36xxf into RDAC device list (Shyam Iyer) [688979] - [kernel] perf: Fix task context scheduling (Jiri Olsa) [688065] - [drm] nouveau: disable acceleration on NVA3/NVA5/NVA8/NVAF by default (Ben Skeggs) [684816] - [kernel] radix: don't tag the root if we didn't tag within our range (Josef Bacik) [681439] - [block] blk-throttle: Do not use kblockd workqueue for throtl work (Vivek Goyal) [681360] - [sound] ALSA: HDA hdmi related fixes (Jaroslav Kysela) [671501] - [pci] Preserve Existing pci sort whitelists for Dell systems (Shyam Iyer) [688954] - [x86] perf: Add support for AMD family 15h core counters family 15h core counters (Robert Richter) [635671] - [x86] hpwdt: fix section mismatch warning (Prarit Bhargava) [689837] - [x86] UV: Correct kABI from upstream (George Beshers) [684957] - [x86] When cleaning MTRRs, do not fold WP into UC (Prarit Bhargava) [682758] - [virt] xen-blkfront: handle Xen major numbers other than XENVBD (Andrew Jones) [691339] - [virt] Fix regression with SMP guests (Zachary Amsden) [681133] - [netdrv] enic: update to version 2.1.1.13 (Andy Gospodarek) [684865] - [netdrv] igb: full support for i350 devices (Stefan Assmann) [687932] - [fs] NFS: Fix a hang/infinite loop in nfs_wb_page() (Steve Dickson) [672305] - [fs] nfsd: fix auth_domain reference leak on nlm operations (J. Bruce Fields) [690900] - [fs] svcrpc: ensure cache_check caller sees updated entry (J. Bruce Fields) [690900] - [fs] svcrpc: take lock on turning entry NEGATIVE in cache_check (J. Bruce Fields) [690900] - [fs] svcrpc: modifying valid sunrpc cache entries is racy (J. Bruce Fields) [690900] - [fs] sunrpc: extract some common sunrpc_cache code from nfsd (Steve Dickson) [690900] - [infiniband] RDMA/cxgb4: Initialization errors can cause crash (Steve Best) [647013] - [infiniband] RDMA/cxgb4: Don't change QP state outside EP lock (Steve Best) [647013] - [infiniband] RDMA/cxgb4: Remove db_drop_task (Steve Best) [647013] - [infiniband] RDMA/cxgb4: Do CIDX_INC updates every 1/16 CQ depth CQE reaps (Steve Best) [647013] - [infiniband] RDMA/cxgb4: Dispatch FATAL event on EEH errors (Steve Best) [647013] - [infiniband] RDMA/cxgb4: Set the correct device physical function for iwarp connections (Steve Best) [647013] - [infiniband] RDMA/cxgb4: limit MAXBURST EQ context field to 256B (Steve Best) [647013] - [infiniband] RDMA/cxgb4: Don't re-init wait object in init/fini paths (Steve Best) [647013] - [infiniband] RMDA/cxgb4 kfifo changes (Steve Best) [647013] - [netdrv] cxgb4 driver update (Neil Horman) [647006] - [tracing] Add unstable sched clock note to the warning (Jiri Olsa) [666264] - [x86] Reevaluate T-states on CPU hot-add (Matthew Garrett) [673442] - [scsi] libsas: fix/amend device gone notification in sas_deform_port (David Milburn) [682315] - [kdump] kexec: move the crashkernel=auto logic into kernel spec file (Amerigo Wang) [605786] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4251 CVE-2011-1171 CVE-2010-3881 CVE-2011-1023 CVE-2011-1170 CVE-2010-4805 CVE-2011-1090 CVE-2011-1494 CVE-2011-1495 CVE-2011-0999 CVE-2011-1581 CVE-2011-1010 CVE-2011-1163 CVE-2011-1082 CVE-2011-1172 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [3.1.10-1] - Resolves: #639365 - Rebase squid to version 3.1.10 - Resolves: #666533 - small memleak in squid-3.1.4 LOW Copyright 2011 Oracle, Inc. CVE-2010-3072 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 python: [2.6.6-20] Resolves: CVE-2010-3493 [2.6.6-19] Resolves: CVE-2011-1015 [2.6.6-18] Resolves: CVE-2011-1521 [2.6.6-17] - recompile against systemtap 1.4 Related: rhbz#569695 [2.6.6-16] - recompile against systemtap 1.4 Related: rhbz#569695 [2.6.6-15] - fix race condition that sometimes breaks the build with parallel make Resolves: rhbz#690315 [2.6.6-14] - backport pre-canned ways of salting a password to the 'crypt' module Resolves: rhbz#681878 [2.6.6-13] - move lib2to3/tests to the python-test subpackage Related: rhbz#625395 [2.6.6-12] - fix a new test in 2.6.6 that was failing on 64-bit big-endian architectures Resolves: rhbz#677392 [2.6.6-11] - fix incompatibility between 2.6.6 and our non-standard M2Crypto.SSL.SSLTimeoutError Resolves: rhbz#681811 [2.6.6-10] - add workaround for bug in rhythmbox-0.12 exposed by python 2.6.6 Resolves: rhbz#684991 [2.6.6-9] - prevent tracebacks for the 'py-bt' gdb command on x86_64 Resolves: rhbz#639392 [2.6.6-8] - fix a regression in 2.6.6 relative to 2.6.5 in urllib2 Resolves: rhbz#669847 [2.6.6-7] - add an optional 'timeout' argument to the subprocess module (patch 131) Resolves: rhbz#567229 [2.6.6-6] - prevent _sqlite3.so being built with a redundant RPATH of _libdir (patch 130) - remove DOS batch file 'idle.bat' - remove shebang lines from .py files that aren't executable, and remove executability from .py files that don't have a shebang line Related: rhbz#634944 - add 'Obsoletes: python-ssl' to core package, as 2.6 contains the ssl module Resolves: rhbz#529274 [2.6.6-5] - allow the 'no_proxy' environment variable to override 'ftp_proxy' in urllib2 (patch 128) Resolves: rhbz#637895 - make garbage-collection assertion failures more informative (patch 129) Resolves: rhbz#614680 [2.6.6-4] - backport subprocess fixes to use the 'poll' system call, rather than 'select' Resolves: rhbz#650588 [2.6.6-3] - use an ephemeral port for IDLE, enabling multiple instances to be run Resolves: rhbz#639222 - add systemtap static markers, tapsets, and example scripts Resolves: rhbz#569695 [2.6.6-2] - fix dbm.release on ppc64/s390x Resolves: rhbz#626756 - fix missing lib2to3 test files Resolves: rhbz#625395 - fix test.test_commands SELinux incompatibility Resolves: rhbz#625393 - make 'pydoc -k' more robust in the face of broken modules Resolves: rhbz#603073 [2.6.6-1] - rebase to 2.6.6: (which contains the big whitespace cleanup of r81031) http://www.python.org/download/releases/2.6.6/ - fixup patch 102, patch 11, patch 52, patch 110 - drop upstreamed patches: patch 113 (CVE-2010-1634), patch 114 (CVE-2010-2089), patch 115 (CVE-2008-5983), patch 116 (rhbz598564), patch 118 (rhbz540518) - add fix for upstream bug in test_posix.py introduced in 2.6.6 (patch 120) Resolves: rhbz#627301 python-docs: [2.6.6-2] - rebuild [2.6.6-1] - rebase to 2.6.6 to track the main python package Related: rhbz#627301 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1521 CVE-2010-3493 CVE-2011-1015 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:9:base cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:6:7:base cpe:/a:oracle:linux:6::latest cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:8:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6:10:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base cpe:/a:oracle:linux:6::unsupported Oracle Linux 6 [5.10.1-119] - 692862 - lc launders tainted flag, CVE-2011-1487 - make SOURCE1 executable, because it missed +x in brew - Resolves: rhbz#692862 [5.10.1-118] - Correct perl-5.10.1-rt77352.patch - Related: rhbz#640720 [5.10.1-117] - 671352 CGI-3.51 security update - Resolves: rhbz#671352 [5.10.1-116] - require Digest::SHA 640716 - remove removal of NDBM 640729 - remove unsupported option fork from prove's documentation 609492 - Thread desctructor leaks 640720 - update threads to 1.82 (bugfixes releases) 626330 - remove unused patches from cvs - Resolves: rhbz#640729, rhbz#640716, rhbz#609492, rhbz#640720, rhbz#626330 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-2761 CVE-2010-4410 CVE-2011-1487 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.5.1-34] - Resolves: rhbz#701700 - sssd client libraries use select() but should use - poll() instead [1.5.1-33] - Related: rhbz#693818 - Automatic TGT renewal overwrites cached password - Fix segfault in TGT renewal [1.5.1-32] - Related: rhbz#693818 - Automatic TGT renewal overwrites cached password - Fix typo causing build breakage [1.5.1-31] - Resolves: rhbz#693818 - Automatic TGT renewal overwrites cached password [1.5.1-30] - Resolves: rhbz#696972 - Filters not honoured against fully-qualified users [1.5.1-29] - Resolves: rhbz#694146 - SSSD consumes GBs of RAM, possible memory leak LOW Copyright 2011 Oracle, Inc. CVE-2010-4341 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 eclipse: [1:3.6.1-6.13] - Drop patch to remove ant-trax (needed by test runs). [1:3.6.1-6.12] - Add two upstream patches to allow for running SDK JUnit tests. [1:3.6.1-6.11] - Bring in line with Fedora. - Remove some stuff that is now done in eclipse-build. - Fix sources URL. - Add PDE dependency on zip for pdebuild script. - Use new eclipse-build targets. - Increase minimum required memory in eclipse.ini. [1:3.6.1-6.10] - Put ant.launching into JDT's dropins directory. [1:3.6.1-6.9] - Use apache-tomcat-apis JARs. - Version objectweb-asm BR/R. [1:3.6.1-6.8] - Fix JSP API symlinks. [1:3.6.1-6.7] - Install o.e.jdt.junit.core in jdt (rhbz#663207). [1:3.6.1-6] - Add Eclipse help XSS vulnerability fix (RH Bz #661901). [1:3.6.1-5] - Remove work around for openjdk bug#647737 as openjdk has posted its own work around and will shortly be fixing problem correctly. [1:3.6.1-4] - Work around for openjdk bug#647737. [1:3.6.1-3] - Add missing Requires on tomcat5-jsp-api (bug#650145). [1:3.6.1-2] - Add prepare-build-dir.sh patch. [1:3.6.1-1] - Update to 3.6.1. [1:3.6.0-3] - Increasing min versions for jetty, icu4j-eclipse and sat4j. [1:3.6.0-2] - o.e.core.net.linux is no longer x86 only. [1:3.6.0-1] - Update to 3.6.0. - Based on eclipse-build 0.6.1 RC0. [1:3.5.2-10] - Rebuild for new jetty. [1:3.5.2-9] - Fix typo in symlinking. [1:3.5.2-8] - No need to link jasper. [1:3.5.2-7] - Fix servlet and jsp apis symlinks. [1:3.5.2-6] - Fix jetty symlinks. eclipse-birt: [2.6.0-1.1] - RHEL 6.1 rebase to Helios. [2.6.0-1] - Update to 2.6.0. - Build rhino plugin as part of BIRT chart feature. - Remove unnecessary dependencies. eclipse-callgraph: [0.6.1-1] - Update to upstream 0.6.1 release. - Add reasonable required dependency versions. [0.6.0-2] - Update tag to correct version [0.6.0-1] - Update to version 0.6 of Linux Tools Proect. [0.5.0-1] - Resolves: #575108 - Rebase to Linux tools 0.5 release. [0.4.0-2] - Resolves: #553288 - Only support i686, x86_64 for RHEL6 and above. [0.4.0-1] - Update to version 0.4 of Linux Tools Project and remove tests feature [0.0.1-3] - Added ExcludeArch for ppc64 because eclipse-cdt is not present [0.0.1-2] - Some more changes to spec file [0.0.1-1] - Make minor changes to spec file [0.0.1-1] - Initial creation of eclipse-callgraph eclipse-cdt: [1:7.0.1-4] - Resolves: #678364 - Modify a version of copy-platform so it does not add wild-cards when looking in the dropins folder. [1:7.0.1-3] - Resolves: #679543, #678364 - Fix libhover local patch to change location specifiers in glibc and libstdc++ plug-ins. - Fix build so that it still works if eclipse-cdt-parsers is currently installed. [1:7.0.1-2] - Resolves: #622713 - Resolves: #668890 - Fix problems with applying autotools and libhover local patches [1:7.0.1-1] - Resolves: #656333 - Rebase to 7.0.1 (Helios SR1) including gdb hardware support fix - Rebase to Autotools/Libhover 0.7 - Fix Eclipse bug 286162 eclipse-changelog: [1:2.7.0-1] - Resolves: #669499 - Update to 2.7.0. - Update requires. eclipse-dtp: [1.8.1-1.1] - RHEL 6.1 rebase. [1.8.1-1] - Update to 1.8.1 (Helios SR1). [1.8.0-1] - Update to 1.8.0 (Helios). - Clarify get-dtp.sh a bit. - Re-generate Java 6 patch. eclipse-emf: [2.6.0-1] - Resolves: #656344 - Rebase to 2.6.0 (Helios SR1) eclipse-gef: [3.6.1-3] - Fix patch that disables examples source plugin. [3.6.1-2] - Remove example source JARs. - Don't build debuginfo. [3.6.1-1] - Update to 3.6.1. [3.6.0-1] - Update to 3.6.0. eclipse-linuxprofilingframework: [0.6.1-1] - Resolves: #669461 - Rebase to Linux Tools 0.6.1 version. eclipse-mylyn: [3.4.2-9] - Fix incorrect install_loc path. - Resolves: rhbz#673174. [3.4.2-8] - Add back missing changelog entries. - Fix mixed tabs and spaces. [3.4.2-7] - Fix qualifier to match upstream. - Resolves: rhbz#669819. [3.4.2-6] - Put back in %{_libdir} due to multilib issues. [3.4.2-5] - Fix symlink to updated jdom 1.1.1 jar. [3.4.2-4] - Fix symlink to non-existing versioned jar. [3.4.2-3] - Really fix FTBFS. [3.4.2-2] - Fix FTBFS RH Bz #660784 [3.4.2-1] - Update to 3.4.2. [3.4.1-3] - Fix obsoletes/provides for eclipse-cdt-mylyn using an epoch of 2. [3.4.1-2] - Backport patch for wikitext to work with Fedora wiki. [3.4.1-1] - Update to 3.4.1. [3.4.0-4] - Add Wikitext SDK to eclipse-mylyn [3.4.0-3] - Relax cdt requires, remove extraneous links, fix xmlrpc split [3.4.0-2] - Add required jar links to mylyn dropins directory [3.4.0-1] - Update to 3.4.0. Add mylyn-commons feature, remove commons.soap eclipse-oprofile: [0.6.1-1] - Rebase to Linux tools 0.6.1. [0.5.0-1] - Resolves: #575107 - Rebase to Linux tools 0.5.0. [0.4.0-2] - Only build on x86 and x86_64. [0.4.0-1] - 0.4.0 (long overdue) [0.2.0-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild [0.2.0-2] - Add -Dconfigs to fix compile. [0.2.0-1] - 0.2.0 [0.1.0-4] - Rebuild for new pdebuild. [0.1.0-3] - Refined patch for gcc build failures. [0.1.0-2] - Add patch for gcc build failure. [0.1.0-1] - Initial packaging. eclipse-rse: [3.2-1] - Resolves: #656338 - Rebase to 3.2 (Helios) [3.1.2-1] - Resolves: #566766 - Rebase to 3.1.2 (Galileo SR2 version) - Remove oro requirement as it is not needed. [3.1.1-2.2] - Don't build debuginfo if building arch-specific packages. [3.1.1-2.1] - Only build on x86 and x86_64 since we only have eclipse on those arches [3.1.1-2] - Update plugin and feature version property files. [3.1.1-1] - Move to 3.1.1 tarball. [3.1-2] - Add BuildArch noarch. [3.1-1] - Move to 3.1 tarball. [3.0.3-4] - Resolves #514630 [3.0.3-3] - Restrict arch support to those supported by prereq CDT. [3.0.3-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild [3.0.3-1] - Initial release. eclipse-valgrind: [0.6.1-1] - Upstream 0.6.1 release. [0.6.0-1] - Upstream 0.6.0 release. [0.5.0-2] - Match upstream qualifier. [0.5.0-1] - Rebase to 0.5.0. [0.4.1-1] - Upstream 0.4.1 release. [0.4.0-0.2] - Make it Exclusive i386 i486 i586 i686 pentium3 pentium4 athlon geode x86_64. [0.4.0-0.1] - Pre-release of 0.4.0. [0.3.0-1] - Upstream 0.3.0 release. [0.2.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild [0.2.1-2] - Fix Massif parsing for unknown symbols (Eclipse#281417). [0.2.1-1] - Upstream 0.2.1 release. [0.2.0-2] - Adding cachegrind plugin to fetch script. [0.2.0-1] - Upstream 0.2.0 release. [0.1.0-6] - Don't generate debuginfo (rhbz#494719). [0.1.0-5] - Rebuild for changes in pdebuild to not ship p2 metadata. [0.1.0-4] - Fixed Massif parser crashing on other locales. [0.1.0-3] - Changing to arch dependent for CDT dependency. - Setting minimum Valgrind requirement to 3.3.0. [0.1.0-2] - No eclipse-cdt on ppc64 -> ExcludeArch. [0.1.0-1] - Initial package. icu4j: [1:4.2.1-5] - Remove maven bits. - Restore missing changelog entries. [1:4.2.1-4] - Bring back epoch. [1:4.2.1-3] - fix arch-related statements so we build on s390 variants. [1:4.2.1-1] - Update to 4.2.1. jetty-eclipse: [6.1.24-2] - Resolves: #661845 - Bump version to allow make tag to work. [6.1.24-1] - Resolves: #661845 - Rebase to release based on jetty-6.1.24. objectweb-asm: [0:3.2-2.1] - Rebuild for RHEL 6.1. [0:3.2.1-2] - Change depmap parent id to asm (bug #606659) [0:3.2.1] - Upgrade to 3.2 sat4j: [2.2.0-4] - update to 2.2.0 and move to RHEL 6.1 - removed ecj dependency - fixed to run against Java 1.5+ LOW Copyright 2011 Oracle, Inc. CVE-2010-4647 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:9:base cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:6:7:base cpe:/a:oracle:linux:6::latest cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:8:base cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6:10:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base cpe:/a:oracle:linux:6::unsupported Oracle Linux 6 [1.7.17-17] - Remove dependency on gfs2-utils. resolves: rhbz#695138 [1.7.17-16] - Canonicalize /dev/vd* paths in virt-inspector code. resolves: rhbz#691724 [1.7.17-15] - Fix trace segfault for non-daemon functions. resolves: rhbz#676788 [1.7.17-14] - Add explicit BuildRequires for latest augeas. (RHBZ#677616) [1.7.17-13] - Rebuild to pick up new augeas lens (RHBZ#677616) [1.7.17-12] - Fix typo in virt-make-fs manual page. resolves: rhbz#673721 - Add a grep-friendly string to LIBGUESTFS_TRACE output. resolves: rhbz#673477 [1.7.17-11] - Only runtime require febootstrap-supermin-helper (not whole of febootstrap) (RHBZ#669840). [1.7.17-10] - Remove external hexedit script and make guestfish users set . This is because requiring emacs pulls in all of X (RHBZ#641494). [1.7.17-9] - Fix: guestfish fails when guest fstab entry does not exist (RHBZ#668611). [1.7.17-8] - Backport patches up to upstream 1.8.1. (RHBZ#613593) - Fixes: * guestfish: fails to tilde expand '~' when /home/ksharma unset (RHBZ#617440) * libguestfs: unknown filesystem /dev/fd0 (RHBZ#666577) * libguestfs: unknown filesystem label SWAP-sda2 (RHBZ#666578) * libguestfs: unknown filesystem /dev/hd{x} (cdrom) (RHBZ#666579) * virt-filesystems fails on guest with corrupt filesystem label (RHBZ#668115) * emphasize 'libguestfs-winsupport' in error output (RHBZ#627468) [1.7.17-4] - Backport patches up to upstream 1.8.0 _except_ for: * changes which require febootstrap 3.x * changes which were only relevant for other distros [1.7.17-3] - New upstream version 1.7.17, rebase for RHEL 6.1 (RHBZ#613593). - Require febootstrap >= 2.11. - Split out new libguestfs-tools-c package from libguestfs-tools. . This is so that the -tools-c package can be pulled in by people wanting to avoid a dependency on Perl, while -tools pulls in everything as before. . The C tools currently are: cat, df, filesystems, fish, inspector, ls, mount, rescue. . libguestfs-tools no longer pulls in guestfish. - guestfish no longer requires pod2text, hence no longer requires perl. - guestfish also depends on: less, man, vi, emacs. - Add BR db4-utils (although since RPM needs it, it not really necessary). - Runtime requires on db4-utils should be on core lib, not tools package. - Change all 'Requires: perl-Foo' to 'Requires: perl(Foo)'. - New manual pages containing example code. - Ship examples for C, OCaml, Ruby, Python. - Don't ship HTML versions of man pages. - Rebase no-fuse-test patch to latest version. - New tool: virt-filesystems. - Rename perl-libguestfs as perl-Sys-Guestfs (RHBZ#652587). - Remove guestfs-actions.h and guestfs-structs.h. Libguestfs now [header file.] - Add AUTHORS file from tarball. [1.6.2-4] - New upstream stable version 1.6.2, rebase for RHEL 6.1 (RHBZ#613593). - Remove previous patches which are now all upstream and in this new version. - BR febootstrap 2.10 (RHBZ#628849). - BR cryptsetup-luks for new LUKS encryption support. - ocaml-xml-light{,-devel} is no longer required to build. - guestfish is no longer dependent on virt-inspector. - Require the ruby package. - Disable PHP and Haskell bindings in configure (they wouldn't build anyway, but this will help people building from source). - Set sysconfdir in configure. - --enable-debug-command is no longer required by configure script. - New command 'virt-make-fs'. - Include virt-inspector2, upstream replacement for virt-inspector. - Provide hexedit replacement script for guestfish. - BR autotools, and rerun after applying patches. LOW Copyright 2011 Oracle, Inc. CVE-2010-3851 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.7.4p5-5] - patch: log failed user role changes Resolves: rhbz#665131 [1.7.4p5-4] - added #includedir /etc/sudoers.d to sudoers Resolves: rhbz#615087 [1.7.4p5-3] - added !visiblepw option to sudoers Resolves: rhbz#688640 [1.7.4p5-2] - added patch for rhbz#665131 Resolves: rhbz#665131 [1.7.4p5-1] - rebase to latest stable version - sudo now uses /var/db/sudo for timestamps - new command available: sudoreplay - use native audit support - sync configuration paths with the nss_ldap package Resolves: rhbz#615087 Resolves: rhbz#652726 Resolves: rhbz#634159 Resolves: rhbz#603823 LOW Copyright 2011 Oracle, Inc. CVE-2011-0010 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.0.9-2] - fix issues and assert crashes found in 2.0.9 (lmtp,dotlock,zlib) [2.0.9-1] - dovecot updated to 2.0.9 - fixed a high system CPU usage / high context switch count performance problem - lda: Fixed a crash when trying to send 'out of quota' reply [2.0.8-1] - dovecot updated to 2.0.8 (fixes #654226), pigeonhole updated to 0.2.2 - IMAP: Fixed SELECT QRESYNC not to crash on mailbox close if a lot of changes w ere being sent. - Fixed leaking fds when writing to dovecot.mailbox.log. - Fixed rare dovecot.index.cache corruption - zlib: Fixed several crashes, which mainly showed up with mbox. - acl: Fixed crashing when sometimes listing shared mailboxes via dict proxy. - mdbox: Fixed potential assert-crash when saving multiple messages in one transaction - dsync: a lot of fixes - fixed lda + sieve crash MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3707 CVE-2010-3780 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.7.9-3.el6] - Add patch for RH bug #684685 (zero-out crypto keys before freeing). [2.7.9-2.el6] - Add patch for CVE-2011-1091 (RH bug #683031). [2.7.9-1.el6] - Update to 2.7.9 (RH bug #616917). - Remove patches now included upstream: pidgin-2.6.6-clientLogin-proxy-fix.patch pidgin-2.6.6-clientLogin-use-https.patch pidgin-2.6.6-CVE-2010-1624.patch pidgin-2.6.6-CVE-2010-3711.patch - Disable the translation updates patch. It doesn't apply anymore and will have to be redone. Saving the patch for now in case some parts are still useful to translators. LOW Copyright 2011 Oracle, Inc. CVE-2011-1091 CVE-2011-4922 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [1.0.0-10] - fix OCSP stapling vulnerability - CVE-2011-0014 (#676063) - correct the README.FIPS document [1.0.0-8] - add -x931 parameter to openssl genrsa command to use the ANSI X9.31 key generation method - use FIPS-186-3 method for DSA parameter generation - add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable to allow using MD5 when the system is in the maintenance state even if the /proc fips flag is on - make openssl pkcs12 command work by default in the FIPS mode [1.0.0-7] - listen on ipv6 wildcard in s_server so we accept connections from both ipv4 and ipv6 (#601612) - fix openssl speed command so it can be used in the FIPS mode with FIPS allowed ciphers (#619762) [1.0.0-6] - disable code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - CVE-2010-3864 (#649304) [1.0.0-5] - fix race in extension parsing code - CVE-2010-3864 (#649304) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0014 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [0.6.25-11] - Fix for CVE-2011-1002 - Resolves: #684886 - Actually apply the patch [0.6.25-10] - Fix for CVE-2011-1002 - Resolves: #684886 [0.6.25-9] - Don't stomp on rpm's default CFLAGS when building MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1002 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base Oracle Linux 6 [6.0.24-33] - resolves: rhbz 695284 - multiple instances logging fiasco [6.0.24-32] - Resolves: rhbz 698624 - inet4address can't be cast to String [6.0.24-31] - Resolves: rhbz 656403 - cve-2010-4172 jsp syntax error [6.0.24-30] - Resolves: rhbz#697504 initscript logging location [6.0.24-29] - Resolves: rhbz#656403, rhbz#675926, rhbz#676011 - CVE-2010-4172, CVE-2010-3718, CVE-2011-0013, CVE-2010-4476, - CVE-2011-0534 [6.0.24-28] - Resovles rhbz#695284 - wrapper logs to different locations - CVE-2010-4172, CVE-2011-0013, CVE-2010-3718 commented out - until needed. [6.0.24-27] - naming-factory-dbcp missing fix in tomcat6.conf - Add Obsoletes for log4j [6.0.24-26] - Add log4j to package lib. Corrected typo in log4 Provides - epock versus epoch [6.0.24-25] - Installed permissions do not allow tomcat to start - incrementing NVR so yum won't get confused with the zstream MODERATE Copyright 2011 Oracle, Inc. CVE-2011-0013 CVE-2010-4172 CVE-2010-3718 cpe:/a:oracle:linux:6:1:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 5 [2.6.18-238.12.1.0.1.el5] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-238.12.1.el5] - [x86_64] Ignore spurious IPIs left over from crash kernel (Myron Stowe) [699610 692921] - [i386] Ignore spurious IPIs left over from crash kernel (Myron Stowe) [699610 692921] - [xen] fix MAX_EVTCHNS definition (Laszlo Ersek) [701242 701240] - [net] ixgbe: fix for link failure on SFP+ DA cables (Don Howard) [696181 653236] - [net] netxen: limit skb frags for non tso packet (Phillip Lougher) [699609 672368] - [block] cciss: fix lost command problem (Phillip Lougher) [696503 696153] - [fs] gfs2: fix filesystem hang caused by incorrect lock order (Robert S Peterson) [688855 656032] - [fs] gfs2: restructure reclaim of unlinked dinodes (Phillip Lougher) [688855 656032] - [fs] gfs2: unlock on gfs2_trans_begin error (Robert S Peterson) [688855 656032] - [scsi] mpt2sas: prevent heap overflows and unchecked access (Tomas Henzl) [694526 694527] {CVE-2011-1495 CVE-2011-1494} - [net] bridge/netfilter: fix ebtables information leak (Don Howard) [681325 681326] {CVE-2011-1080} - [net] bluetooth: fix sco information leak to userspace (Don Howard) [681310 681311] {CVE-2011-1078} - [fs] fix corrupted GUID partition table kernel oops (Jerome Marchand) [695979 695980] {CVE-2011-1577} - [xen] x86/domain: fix error checks in arch_set_info_guest (Laszlo Ersek) [688581 688582] {CVE-2011-1166} - [net] bridge: fix initial packet flood if !STP (Jiri Pirko) [701222 695369] - [fs] nfsd: fix auth_domain reference leak on nlm operations (J. Bruce Fields) [697448 589512] - [scsi] qla2xxx: no reset/fw-dump on CT/ELS pt req timeout (Chad Dupuis) [689700 660386] - [mm] set barrier and send tlb flush to all affected cpus (Prarit Bhargava) [696908 675793] [2.6.18-238.11.1.el5] - [s390] dasd: fix race between open and offline (Hendrik Brueckner) [699808 695357] [2.6.18-238.10.1.el5] - [fs] gfs2: creating large files suddenly slow to a crawl (Robert S Peterson) [690239 683155] - [virt] hypervisor: Overflow fix for clocks > 4GHz (Zachary Amsden) [690134 673242] - [usb] fix usbfs isochronous data transfer regression (Don Zickus) [696136 688926] - [fs] partitions: Fix corrupted OSF partition table parsing (Danny Feng) [688022 688023] {CVE-2011-1163} - [misc] pm: add comment explaining is_registered kabi work-around (Don Zickus) [689699 637930] - [media] sn9c102: fix world-wirtable sysfs files (Don Howard) [679304 679305] - [scsi] scsi_dh_rdac: Add two new IBM devices to rdac_dev_list (Rob Evers) [692370 691460] - [fs] block: fix submit_bh discarding barrier flag on sync write (Lukas Czerner) [690795 667673] - [net] netfilter/ipt_CLUSTERIP: fix buffer overflow (Jiri Pirko) [689339 689340] - [net] netfilter: ip6_tables: fix infoleak to userspace (Jiri Pirko) [689348 689349] {CVE-2011-1172} - [net] netfilter/ip_tables: fix infoleak to userspace (Jiri Pirko) [689331 689332] {CVE-2011-1171} - [net] netfilter/arp_tables: fix infoleak to userspace (Jiri Pirko) [689322 689323] {CVE-2011-1170} - [base] Fix potential deadlock in driver core (Don Zickus) [689699 637930] - [net] forcedeth/r8169: call netif_carrier_off at end of probe (Ivan Vecera) [689808 689805 664705 664707] - [net] ixgbe: fix for 82599 erratum on Header Splitting (Andy Gospodarek) [693751 680531] - [net] ixgbe: limit VF access to network traffic (Andy Gospodarek) [693751 680531] - [fs] lockd: make lockd_down wait for lockd to come down (Jeff Layton) [688156 653286] - [fs] proc: protect mm start_/end_code in /proc/pid/stat (Eugene Teo) [684570 684571] {CVE-2011-0726} - [net] dccp: fix oops in dccp_rcv_state_process (Eugene Teo) [682955 682956] {CVE-2011-1093} - [net] bluetooth: fix bnep buffer overflow (Don Howard) [681318 681319] {CVE-2011-1079} - [fs] nfs: break nfsd v4 lease on unlink, link, and rename (J. Bruce Fields) [693755 610093] - [fs] nfs: break lease on nfsd v4 setattr (J. Bruce Fields) [693755 610093] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1079 CVE-2011-1494 CVE-2011-1495 CVE-2011-1080 CVE-2011-1093 CVE-2011-1166 CVE-2011-1171 CVE-2011-1577 CVE-2011-0726 CVE-2011-1078 CVE-2011-1163 CVE-2011-1172 CVE-2011-1170 CVE-2011-1763 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.6.32-131.2.1.el6] - [kernel] lib/vsprintf.c: add %pU to print UUID/GUIDs (Frantisek Hrbata) [704280 700299] - [scsi] megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [704601 619422] [2.6.32-131.1.1.el6] - [net] dccp: handle invalid feature options length (Jiri Pirko) [703012 703013] {CVE-2011-1770} - [fs] cifs: check for private_data before trying to put it (Jeff Layton) [703017 702642] {CVE-2011-1771} - [net] can: add missing socket check in can/raw and can/bcm release (Jiri Pirko) [698482 698483] {CVE-2011-1748 CVE-2011-1598} - [netdrv] ixgbe: do not clear FCoE DDP error status for received ABTS (Andy Gospodarek) [704011 695966] - [netdrv] ixgbe: DCB remove ixgbe_fcoe_getapp routine (Andy Gospodarek) [704002 694358] - [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645228 645229] {CVE-2010-3858} - [scsi] bfa: change tech-preview to cover all cases (Rob Evers) [704014 703251] - [scsi] bfa: driver version update (Rob Evers) [704282 703265] - [scsi] bfa: kdump fix (Rob Evers) [704282 703265] - [scsi] bfa: firmware download fix (Rob Evers) [704282 703265] - [netdrv] bna: fix memory leak during RX path cleanup (Ivan Vecera) [704000 698625] - [netdrv] bna: fix for clean fw re-initialization (Ivan Vecera) [704000 698625] - [scsi] ipr: improve interrupt service routine performance (Steve Best) [704009 696754] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-3858 CVE-2011-1598 CVE-2011-1748 CVE-2011-1770 CVE-2011-1771 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [2:2.2.13-2.0.7.2] - fix various overflows (#537356, #666793, #689831, #703403, #703405, #703407, - unfuzz gimphelpmissing, icontheme patches MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4541 CVE-2010-4543 CVE-2011-1178 CVE-2009-1570 CVE-2010-4540 CVE-2010-4542 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2:2.6.9-4.1] - fix various overflows (#666793, #703403, #703405, #703407, #704512) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4542 CVE-2010-4540 CVE-2010-4541 CVE-2010-4543 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base Oracle Linux 5 [1.3-4.1] - bz702687 (patch) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1769 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.4.6.0.1.el6_1.1] - remove doc/SystemTap_Beginners_Guide/en-US in tarball - comment bz683569.patch in specfile [1.3-4.1] - bz702687 (patch) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1781 CVE-2011-1769 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [2:2.6.6-2.2] - fix CVE-2011-1720 (#704136) Resolves: rhbz#704136 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1720 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base cpe:/a:oracle:linux:5:6:patch Oracle Linux 5 Oracle Linux 6 [1.3.9-3.2] - add fix for apr_fnmatch() regression (CVE-2011-1928, #706352) LOW Copyright 2011 Oracle, Inc. CVE-2011-1928 cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:exadata_dbserver:11.2.3.3.1::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.2.2::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.2.1::ol5 cpe:/a:oracle:exadata_dbserver:12.1.1.1.0::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.2.0::ol5 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:exadata_dbserver:11.2.3.3.0::ol5 cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:exadata_dbserver:12.1::ol5 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:exadata_dbserver:12.1.1.1.2::ol5 cpe:/a:oracle:exadata_dbserver:12.1.1.1.1::ol5 cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 6 Oracle Linux 5 [32:9.7.3-2.1.P1] - update to 9.7.3-P1 (CVE-2011-1910) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1910 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.6.0.0-1.39.1.9.8] - Resolves: rhbz#709375 - Bumped to IcedTea6 1.9.8 - Copy fontconfig files to match names for current and next release - RH706250, S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) - RH706106, S6618658, CVE-2011-0865: Vulnerability in deserialization - RH706111, S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() - RH706139, S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code - RH706153, S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings - RH706234, S7013971, CVE-2011-0869: Vulnerability in SAAJ - RH706239, S7016340, CVE-2011-0870: Vulnerability in SAAJ - RH706241, S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero - RH706248, S7020198, CVE-2011-0871: ImageIcon creates Component with null acc - RH706245, S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size variables CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0867 CVE-2011-0868 CVE-2011-0869 CVE-2011-0871 CVE-2011-0862 CVE-2011-0865 CVE-2011-0864 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [1:1.6.0.0-1.22.1.9.8.0.1.el5_6] - Add oracle-enterprise.patch [1:1.6.0.0-1.22.1.9.8] - Resolves: rhbz#668488 - Bumped to IcedTea6 1.9.8 - RH706250, S6213702, CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win) - RH706106, S6618658, CVE-2011-0865: Vulnerability in deserialization - RH706111, S7012520, CVE-2011-0815: Heap overflow vulnerability in FileDialog.show() - RH706139, S7013519, CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code - RH706153, S7013969, CVE-2011-0867: NetworkInterface.toString can reveal bindings - RH706234, S7013971, CVE-2011-0869: Vulnerability in SAAJ - RH706239, S7016340, CVE-2011-0870: Vulnerability in SAAJ - RH706241, S7016495, CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero - RH706248, S7020198, CVE-2011-0871: ImageIcon creates Component with null acc - RH706245, S7020373, CVE-2011-0864: JSR rewriting can overflow memory address size variables [1:1.6.0.0-1.22.1.9.7] - Resolves bz690289 - Import from RHEL-5_6-Z - Updated to IcedTea6 1.9.7 - Removed all plugin/webstart related commented lines - Modified bz entry format in previous logs to get around cvs ack checking bug IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0862 CVE-2011-0867 CVE-2011-0864 CVE-2011-0869 CVE-2011-0871 CVE-2011-0865 CVE-2011-0868 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest Oracle Linux 6 [0:2.7.1-12.6] - Add xerces-j2-CVE-2009-2625.patch - Resolves: rhbz#690931 CVE-2009-2625 MODERATE Copyright 2011 Oracle, Inc. CVE-2009-2625 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base Oracle Linux 6 Oracle Linux 5 [2.3.16-6.2] - do not use strict aliasing [2.3.16-6.1] - fix CVE-2011-1926: STARTTLS plaintext command injection vulnerability MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1926 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 Oracle Linux 5 [1.6.11-2.4] - add security fixes for CVE-2011-1752, CVE-2011-1783, CVE-2011-1921 (#709220) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1921 CVE-2011-1752 CVE-2011-1783 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:6:patch Oracle Linux 6 [1.0.90-0.15.20110314svn4359.1] - viewer can send password without proper validation of X.509 certs (CVE-2011-1775) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1775 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 firefox: [3.6.18-1.0.1.el6_1] - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js [3.6.18-1] - Update to 3.6.18 xulrunner: [1.9.2.18-2.0.1.el6_1] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.18-2] - Update to 1.9.2.18 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0085 CVE-2011-2362 CVE-2011-2363 CVE-2011-2364 CVE-2011-2373 CVE-2011-2377 CVE-2011-2605 CVE-2011-2376 CVE-2011-2374 CVE-2011-2371 CVE-2011-2365 CVE-2011-2375 CVE-2011-0083 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.1.11-1.0.1.el6_1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.11-2] - Update to 3.1.11 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0085 CVE-2011-2374 CVE-2011-2362 CVE-2011-2364 CVE-2011-2375 CVE-2011-2376 CVE-2011-2363 CVE-2011-2605 CVE-2011-2365 CVE-2011-0083 CVE-2011-2377 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [1.8.5-19.el5_6.1] - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' * ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' * ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in BigDecimal on 64bit platforms' * ruby-1.8.7-CVE-2011-0188.patch - Address CVE-CVE-2010-0541 'Ruby WEBrick javascript injection flaw' * ruby-1.8.7-CVE-2010-0541.patch - Address CVE-CVE-2009-4492 'ruby WEBrick log escape sequence' * ruby-1.8.6-CVE-2009-4492.patch - Resolves: rhbz#709957 MODERATE Copyright 2011 Oracle, Inc. CVE-2009-4492 CVE-2011-0188 CVE-2011-1004 CVE-2011-1005 CVE-2010-0541 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.8.7.299-7.1] - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' * ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' * ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in BigDecimal on 64bit platforms' * ruby-1.8.7-CVE-2011-0188.patch - Resolves: rhbz#709963 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1005 CVE-2011-1004 CVE-2011-0188 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [7.19.7-26.el6_1.1] - do not delegate GSSAPI credentials (CVE-2011-2192) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2192 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [qemu-kvm-0.12.1.2-2.160.el6_1.2] - kvm-virtio-guard-against-negative-vq-notifies.patch [bz#717403] - Resolves: bz#717403 (qemu-kvm: OOB memory access caused by negative vq notifies [rhel-6.1.z]) [qemu-kvm-0.12.1.2-2.160.el6_1] - kvm-Fix-phys-memory-client-pass-guest-physical-address-n.patch [bz#701771] - kvm-virtio-prevent-indirect-descriptor-buffer-overflow.patch [bz#713592] - Resolves: bz#701771 (Fix phys memory client for vhost) - Resolves: bz#713592 (EMBARGOED CVE-2011-2212 virtqueue: too-large indirect descriptor buffer overflow [rhel-6.1.z]) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-2212 CVE-2011-2512 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.0.1-2.1] - ftpd: add candidate patch to detect setegid/setregid/setresgid and check for errors when calling them (MITKRB5-SA-2011-005, CVE-2011-1526, #713341) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1526 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 Oracle Linux 5 [32:9.7.3-2.2.P3] - update to 9.7.3-P3 (CVE-2011-2464) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-2464 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [2.6.18-238.19.1.0.1.el5] - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702] - [nfs] too many getattr and access calls after direct I/O [orabug 9348191] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-238.19.1.el5] - Revert: [xen] hvm: svm support cleanups (Andrew Jones) [703715 702657] {CVE-2011-1780} - Revert: [xen] hvm: secure svm_cr_access (Andrew Jones) [703715 702657] {CVE-2011-1780} - Revert: [xen] let __get_instruction_length always read into own buffer (Paolo Bonzini) [719066 717742] - Revert: [xen] remove unused argument to __get_instruction_length (Phillip Lougher) [719066 717742] - Revert: [xen] prep __get_instruction_length_from_list for partial buffers (Paolo Bonzini) [719066 717742] - Revert: [xen] disregard trailing bytes in an invalid page (Paolo Bonzini) [719066 717742] [2.6.18-238.18.1.el5] - [xen] disregard trailing bytes in an invalid page (Paolo Bonzini) [719066 717742] - [xen] prep __get_instruction_length_from_list for partial buffers (Paolo Bonzini) [719066 717742] - [xen] remove unused argument to __get_instruction_length (Phillip Lougher) [719066 717742] - [xen] let __get_instruction_length always read into own buffer (Paolo Bonzini) [719066 717742] [2.6.18-238.17.1.el5] - [net] bluetooth: l2cap and rfcomm: fix info leak to userspace (Thomas Graf) [703020 703021] {CVE-2011-2492} - [net] inet_diag: fix inet_diag_bc_audit data validation (Thomas Graf) [714538 714539] {CVE-2011-2213} - [misc] signal: fix kill signal spoofing issue (Oleg Nesterov) [690030 690031] {CVE-2011-1182} - [fs] proc: fix signedness issue in next_pidmap (Oleg Nesterov) [697826 697827] {CVE-2011-1593} - [char] agp: fix OOM and buffer overflow (Jerome Marchand) [699009 699010] {CVE-2011-1746} - [char] agp: fix arbitrary kernel memory writes (Jerome Marchand) [699005 699006] {CVE-2011-2022 CVE-2011-1745} - [infiniband] core: Handle large number of entries in poll CQ (Jay Fenlason) [668370 668371] {CVE-2011-1044 CVE-2010-4649} - [infiniband] core: fix panic in ib_cm:cm_work_handler (Jay Fenlason) [679995 679996] {CVE-2011-0695} - [fs] validate size of EFI GUID partition entries (Anton Arapov) [703027 703028] {CVE-2011-1776} [2.6.18-238.16.1.el5] - [xen] hvm: secure vmx cpuid (Andrew Jones) [706324 706323] {CVE-2011-1936} - [xen] hvm: secure svm_cr_access (Andrew Jones) [703715 702657] {CVE-2011-1780} - [xen] hvm: svm support cleanups (Andrew Jones) [703715 702657] {CVE-2011-1780} [2.6.18-238.15.1.el5] - [block] cciss: reading a write only register causes a hang (Phillip Lougher) [713948 696153] - [fs] gfs2: fix resource group bitmap corruption (Robert S Peterson) [711519 690555] - [net] sctp: fix calc of INIT/INIT-ACK chunk length to set (Thomas Graf) [695384 695385] {CVE-2011-1573} - [fs] xfs: prevent leaking uninit stack memory in FSGEOMETRY_V1 p2 (Phillip Lougher) [677265 677266] {CVE-2011-0711} - [fs] xfs: prevent leaking uninit stack memory in FSGEOMETRY_V1 (Phillip Lougher) [677265 677266] {CVE-2011-0711} - [net] core: Fix memory leak/corruption on VLAN GRO_DROP (Herbert Xu) [695174 691565] {CVE-2011-1576} - [pci] SRIOV: release VF BAR resources when device is hot unplug (Don Dutile) [707899 698879] - [scsi] iscsi_tcp: fix iscsi's sk_user_data access (Mike Christie) [703056 677703] - [message] mptfusion: add ioc_reset_in_progress reset in SoftReset (Tomas Henzl) [712034 662160] [2.6.18-238.14.1.el5] - [input] evdev: implement proper locking (Marc Milgram) [710426 680561] - [input] evdev: rename list to client in handlers (Marc Milgram) [710426 680561] [2.6.18-238.13.1.el5] - [fs] gfs2: fix processes waiting on already-available inode glock (Phillip Lougher) [709767 694669] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0711 CVE-2011-2213 CVE-2011-2492 CVE-2011-1746 CVE-2011-1936 CVE-2010-4649 CVE-2011-1182 CVE-2011-1576 CVE-2011-1593 CVE-2011-1044 CVE-2011-1573 CVE-2011-1745 CVE-2011-1776 CVE-2011-2022 CVE-2011-0695 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.6.32-131.6.1.el6] - [audit] ia32entry.S sign extend error codes when calling 64 bit code (Eric Paris) [713831 703935] - [audit] push audit success and retcode into arch ptrace.h (Eric Paris) [713831 703935] - [x86] intel-iommu: Flush unmaps at domain_exit (Alex Williamson) [713458 705441] - [x86] intel-iommu: Only unlink device domains from iommu (Alex Williamson) [713458 705441] - [virt] x86: Mask out unsupported CPUID features if running on xen (Igor Mammedov) [711546 703055] - [block] fix accounting bug on cross partition merges (Jerome Marchand) [682989 669363] - [net] vlan: remove multiqueue ability from vlan device (Neil Horman) [713494 703245] - [net] Fix netif_set_real_num_tx_queues (Neil Horman) [713492 702742] - [scsi] mpt2sas: move event handling of MPT2SAS_TURN_ON_FAULT_LED in process context (Tomas Henzl) [714190 701951] - [mm] thp: simple fix for /dev/zero THP mprotect bug (Andrea Arcangeli) [714762 690444] [2.6.32-131.5.1.el6] - [kernel] cgroupfs: use init_cred when populating new cgroupfs mount (Eric Paris) [713135 700538] - [netdrv] ixgbe: adding FdirMode module option (Andy Gospodarek) [711550 707287] - [crypto] testmgr: add xts-aes-256 self-test (Jarod Wilson) [711548 706167] - [fs] ext3: Fix lost extented attributes for inode with ino == 11 (Eric Sandeen) [712413 662666] - [mm] Prevent Disk IO throughput degradation due to memory allocation stalls (Larry Woodman) [711540 679526] - [net] sock: adjust prot->obj_size always (Jiri Pirko) [709381 704231] - [fs] GFS2: resource group bitmap corruption resulting in panics and withdraws (Robert S Peterson) [711528 702057] - [x86] kprobes: Disable irqs during optimized callback (Jiri Olsa) [711545 699865] - [mm] slab, kmemleak: pass the correct pointer to kmemleak_erase() (Steve Best) [712414 698023] - [net] fix netns vs proto registration ordering (Wade Mealing) [702305 702306] {CVE-2011-1767 CVE-2011-1768} - [ppc] Fix oops if scan_dispatch_log is called too early (Steve Best) [711524 696777] - [virt] i8259: initialize isr_ack (Avi Kivity) [711520 670765] - [virt] VMX: Save and restore tr selector across mode switches (Gleb Natapov) [711535 693894] - [virt] VMX: update live TR selector if it changes in real mode (Gleb Natapov) [711535 693894] MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1767 CVE-2011-2479 CVE-2011-1768 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [0.8.1-9_el6_1.1] - core: CVE-2011-2176: check for authorization when activating shared wifi connections (rh #705806) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2176 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 system-config-firewall: [1.2.27-3.3] - fixed possible privilege escalation flaw via use of python pickle (CVE-2011-2520), replaced pickle by json (rhbz#717985) - stop D-BUS firewall mechanism on update system-config-printer: [1.1.16-17:.2] - Build pycups with -fno-strict-aliasing compiler option to avoid compiler warnings. [1.1.16-17:.1] - Adapted to system-config-firewall API change (bug #717985, CVE-2011-2520). MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2520 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.5.20-2.20091214hg736b6a.el6_1.1] - Fixed hostname verification of x.509 certificates. Resolves: #716889 (CVE-2011-1429) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1429 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base Oracle Linux 5 [1.5.1-37] - Reverts: rhbz#680443 - Dynamic DNS update fails if multiple servers are - given in ipa_server config option [1.5.1-36] - Resolves: rhbz#709333 - sssd. should require sssd-client. [1.5.1-35] - Resolves: rhbz#707340 - latest sssd fails if ldap_default_authtok_type is - not mentioned - Resolves: rhbz#707574 - SSSD's async resolver only tries the first - nameserver in /etc/resolv.conf [1.5.1-34] - Resolves: rhbz#701702 - sssd client libraries use select() but should use - poll() instead [1.5.1-33] - Related: rhbz#700858 - Automatic TGT renewal overwrites cached password - Fix segfault in TGT renewal [1.5.1-32] - Resolves: rhbz#700858 - Automatic TGT renewal overwrites cached password [1.5.1-30] - Resolves: rhbz#696979 - Filters not honoured against fully-qualified users [1.5.1-29] - Resolves: rhbz#694149 - SSSD consumes GBs of RAM, possible memory leak [1.5.1-28] - Related: rhbz#691900 - SSSD needs to fall back to 'cn' for GECOS - information [1.5.1-27] - Related: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-26] - Resolves: rhbz#695476 - Unable to resolve SRV record when called with [in ldap_uri] - Related: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-25] - Resolves: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-24] - Resolves: rhbz#692960 - Process /usr/libexec/sssd/sssd_be was killed by - signal 11 (SIGSEGV) - Fix is to not attempt to resolve nameless servers [1.5.1-23] - Resolves: rhbz#691900 - SSSD needs to fall back to 'cn' for GECOS - information [1.5.1-21] - Resolves: rhbz#690867 - Groups with a zero-length memberuid attribute can - cause SSSD to stop caching and responding to - requests [1.5.1-20] - Resolves: rhbz#690287 - Traceback messages seen while interrupting - sss_obfuscate using ctrl+d - Resolves: rhbz#690814 - [abrt] sssd-1.2.1-28.el6_0.4: _talloc_free: Process - /usr/libexec/sssd/sssd_be was killed by signal 11 - (SIGSEGV) [1.5.1-19] - Related: rhbz#690096 - SSSD should skip over groups with multiple names [1.5.1-18] - Resolves: rhbz#690093 - SSSD breaks on RDNs with a comma in them - Resolves: rhbz#690096 - SSSD should skip over groups with multiple names - Resolves: rhbz#689887 - group memberships are not populated correctly during - IPA provider initgroups - Resolves: rhbz#688697 - Skip users and groups that have incomplete contents - Resolves: rhbz#688694 - authconfig fails when access_provider is set as krb5 - in sssd.conf [1.5.1-17] - Resolves: rhbz#688677 - Build SSSD in RHEL 5.7 against openldap24-libs - Adds support for following LDAP referrals and using Mozilla NSS for crypto - support [1.5.1-16] - Resolves: rhbz#683260 - sudo/ldap lookup via sssd gets stuck for 5min - waiting on netgroup - Resolves: rhbz#683585 - sssd consumes 100% CPU - Related: rhbz#680441 - sssd does not handle kerberos server IP change [1.5.1-15] - Related: rhbz#680441 - sssd does not handle kerberos server IP change - SSSD was staying with the old server if it was still online [1.5.1-14] - Resolves: rhbz#682853 - IPA provider should use realm instead of ipa_domain - for base DN [1.5.1-13] - Resolves: rhbz#682803 - sssd-be segmentation fault - ipa-client on - ipa-server - Resolves: rhbz#680441 - sssd does not handle kerberos server IP change - Resolves: rhbz#680443 - Dynamic DNS update fails if multiple servers are - given in ipa_server config option - Resolves: rhbz#680933 - Do not delete sysdb memberOf if there is no memberOf - attribute on the server - Resolves: rhbz#682808 - sssd_nss core dumps with certain lookups [1.5.1-12] - Related: rhbz#679087 - SSSD IPA provider should honor the krb5_realm option - Related: rhbz#678615 - SSSD needs to look at IPA's compat tree for netgroups [1.5.1-11] - Resolves: rhbz#679087 - SSSD IPA provider should honor the krb5_realm option - Resolves: rhbz#679097 - Does not read renewable ccache at startup [1.5.1-10] - Resolves: rhbz#678606 - User information not updated on login for secondary - domains - Resolves: rhbz#678778 - IPA provider does not update removed group - memberships on initgroups [1.5.1-9] - Resolves: rhbz#678780 - sssd crashes at the next tgt renewals it tries - Resolves: rhbz#678412 - name service caches names, so id command shows - recently deleted users - Resolves: rhbz#678615 - SSSD needs to look at IPA's compat tree for - netgroups [1.5.1-8] - Related: rhbz#665314 - Rebase SSSD to 1.5 in RHEL 5.7 - Fix generation of translated manpages [1.5.1-7] - Resolves: rhbz#665314 - Rebase SSSD to 1.5 in RHEL 5.7 - Resolves: rhbz#676027 - sssd segfault when first entry of ldap_uri is - unreachable - Resolves: rhbz#678032 - Remove HBAC time rules from SSSD - Resolves: rhbz#675007 - sssd corrupts group cache - Resolves: rhbz#608864 - [RFE] Support obfuscated passwords in the SSSD - configuration LOW Copyright 2011 Oracle, Inc. CVE-2010-4341 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:7:base Oracle Linux 5 [3.0.6-4] - fix #700450 - free parsed hostnames - fix #575022 - set TZ variable after chroot [3.0.6-3] - Add upstream patch to fix CVE-2011-1097 - Incremental file-list corruption due to temporary file_extra_cnt increments Resolves: #688923 [3.0.6-2] - Remove BuildRequires dependency on popt-devel, until the package is being shipped with RHEL-5 (resolve build issues) [3.0.6-1] - Rebase to upstream version 3.0.6 Resolves: #339971, #471182, #575022, #616093 - Make '-d, --dirs options' behaviour backward-compatible with 2.6.8 Resolves: #339971 (comment #5) - Truncate a copied sparse file at the end of transaction (-S, --sparse option) Resolves: #530866 - Add -fno-strict-aliasing to CFLAGS - Remove obsolete rsync-2.6.8-xattr_bug.patch - Switch license to GPLv3+ (upstream change beginning with 3.0.0) MODERATE Copyright 2011 Oracle, Inc. CVE-2007-6200 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:7:base Oracle Linux 5 [2.0.52-21] - rgmanager: Fix bad passing of SFL_FAILURE up (fix_bad_passing_of_sfl_failure_up.patch) Resolves: rhbz#711521 [2.0.52-20] - resource-agents: Improve LD_LIBRARY_PATH handling by SAP* (resource_agents_improve_ld_library_path_handling_by_sap*.patch) Resolves: rhbz#710637 [2.0.52-19] - Fix changelog format - rgmanager: Fix reference count handling (fix_reference_count_handling.patch) Resolves: rhbz#692771 [2.0.52-18] - resource-agents: postgres-8 resource agent does not detect a failed start of postgres server (postgres-8-Fix_pid_files.patch) Resolves: rhbz#663827 [2.0.52-16] - rgmanager: Allow non-root clustat (allow_non_root_clustat.patch) Resolves: rhbz#510300 - rgmanager: Initial commit of central proc + migration support (central_proc_+_migration_support.patch) Resolves: rhbz#525271 - rgmanager: Make clufindhostname -i predictable (make_clufindhostname_i_predictable.patch) Resolves: rhbz#592613 - resource-agents: Trim trailing slash for nfs clients (trim_trailing_slash_for_nfs_clients.patch) Resolves: rhbz#592624 - rgmanager: Update last_owner on failover (update_last_owner_on_failover.patch) Resolves: rhbz#610483 - rgmanager: Pause during exit if we stopped services (pause_during_exit_if_we_stopped_services.patch) Resolves: rhbz#619468 - rgmanager: Fix quotaoff handling (fix_quotaoff_handling.patch) Resolves: rhbz#637678 - resource-agents: Try force-unmount before fuser for netfs.sh (try_force_unmount_before_fuser_for_netfs_sh.patch) Resolves: rhbz#678494 - rgmanager: Improve rgmanager's exclusive prioritization handling (improve_rgmanager_s_exclusive_prioritization_handling.patch) Resolves: rhbz#680256 [2.0.52-15] - resource-agents: postgres-8 resource agent does not detect a failed start of postgres server (postgres-8-Do-not-send-TERM-signal-when-killing-post.patch) (postgres-8-Improve-testing-if-postgres-started-succe.patch) Resolves: rhbz#663827 [2.0.52-14] - resource-agents: Fix problems when generating XML configuration file (rgmanager-Fix-problems-in-generated-XML-config-file.patch) Resolves: rhbz#637802 [2.0.52-13] - resource-agents: Use literal quotes for tr calls (resource_agents_use_literal_quotes_for_tr_calls.patch) Resolves: rhbz#637154 [2.0.52-12] - resource-agents: Use shutdown immediate in oracledb.sh (use_shutdown_immediate_in_oracledb_sh.patch) Resolves: rhbz#633992 - rgmanager: Add path to rhev-check.sh (add_path_to_rhev_check_sh.patch) Resolves: rhbz#634225 - rgmanager: Make clustat report correct version (make_clustat_report_correct_version.patch) Resolves: rhbz#654160 [2.0.52-11] - resource-agents: Listen line in generated httpd.conf incorrect (resource-agents-Remove-netmask-from-IP-address-when.patch) Resolves: rhbz#675739 - resource-agents: Disable updates to static routes by RHCS IP tooling (resource-agents-Add-option-disable_rdisc-to-ip.sh.patch) Resolves: rhbz#620700 [2.0.52-10.1] - rgmanager: Fix nofailback when service is in 'starting' state (fix_nofailback_when_service_is_in_starting_state.patch) Resolves: rhbz#669440 [2.0.52-10] - resource-agents: Problem with whitespace in mysql resource name (resource_agents_fix_whitespace_in_names.patch) Resolves: rhbz#632704 LOW Copyright 2011 Oracle, Inc. CVE-2010-3389 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:7:base Oracle Linux 5 [7.0.2-11] - Related: #716959 fix cve-2007-3852 - sysstat insecure temporary file usage [7.0.2-10] - Resolves: #716959 fix cve-2007-3852 - sysstat insecure temporary file usage [7.0.2-9] - Related: #622557 sar interrupt count goes backward [7.0.2-8] - Resolves: #694767 iostat doesn't report statistics for shares with long names - Related: #703095 iostat -n - values in output overflows - problem with long device names on i386 [7.0.2-7] - Resolves: #706095 iostat -n - values in output overflows [7.0.2-6] - Resolves: #696672 cifsstat resource leak [7.0.2-5] - Resolves: #604637 extraneous newline in iostat report for long device names - Resolves: #630559 'sar -P ALL -f xxxx' does not display activity information - Resolves: #591530 add cifsiostat tool - Resolves: #598794 Enable parametrization of sadc arguments - Resolves: #675058 iostat: bogus value appears when device is unmounted/mounted - Resolves: #622557 sar interrupt count goes backward [7.0.2-4] - Resolves: #454617 Though function write() executed sucessful, sadc end with an error - Resolves: #468340 The output of sar -I ALL/XALL is wrong in ia64 machine of RHEL5 - Resolves: #517490 The 'sar -d ' command outputs invalid data - Resolves: #578929 March sar data was appended to February data - Resolves: #579409 The sysstat's programs such as mpstat shows one extra cpu - Resolves: #484439 iostat -n enhancement not report NFS client stats correctly LOW Copyright 2011 Oracle, Inc. CVE-2007-3852 cpe:/a:oracle:exadata_dbserver:11.2.3.2.2::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.2.1::ol5 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:exadata_dbserver:11.2.3.2.0::ol5 cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 5 [0.8.2-22.0.1.el5] - Replaced docs/et.png in tarball [libvirt-0.8.2-22.el5] - Fix auditing of disk hotunplug operations (rhbz#710151) [libvirt-0.8.2-21.el5] - remote: Protect against integer overflow (rhbz#717207) [0.8.2-20.el5] - Support enabling or disabling the HPET for Xen domains (rhbz#703193) - SMBIOS support (rhbz#661365) [0.8.2-19.el5] - xen: Plug memory leak in multiple serial ports support (rhbz#670789) - Manually kill gzip if restore fails before starting qemu (rhbz#681623) - qemu: Avoid double close on domain restore (rhbz#681623) - virterror: Avoid API breakage with vmware (rhbz#665075) - nwfilter: Resolve deadlock between VM ops and filter update (rhbz#697749) [0.8.2-18.el5] - xen: Prevent updating device when attaching a device (rhbz#662908) - Add PCI sysfs reset access (rhbz#689880) - xencapstest: Don't fail when Xen is installed (rhbz#690459) - Make error reporting in libvirtd thread safe (rhbz#690733) [0.8.2-17.el5] - Fix event-handling data race (rhbz#671569) - Add support for multiple serial ports into the Xen driver (rhbz#670789) - Add missing checks for read only connections (CVE-2011-1146) - Guess rhel macro based on dist macro (rhbz#665325) [0.8.2-16.el5] - Fix possible crash in virExec (rhbz#665549) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2511 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:7:base Oracle Linux 5 [2.6.18-274.el5] - [xen] svm: fix invlpg emulator regression (Paolo Bonzini) [719894] [2.6.18-273.el5] - Revert: [fs] proc: Fix rmmod/read/write races in /proc entries (Jarod Wilson) [717068] - [xen] disregard trailing bytes in an invalid page (Paolo Bonzini) [717742] - [xen] prep __get_instruction_length_from_list for partial buffers (Paolo Bonzini) [717742] - [xen] remove unused argument to __get_instruction_length (Paolo Bonzini) [717742] - [xen] let __get_instruction_length always read into own buffer (Paolo Bonzini) [717742] [2.6.18-272.el5] - [xen] x86: spinlock support for up to 255 CPUs (Laszlo Ersek) [713123] - [xen] remove block scope mtrr identifiers shadowing file scope (Laszlo Ersek) [713123] - [xen] Actually hold back MTRR init while booting secondary CPUs (Laszlo Ersek) [713123] - [xen] remove unused mtrr_bp_restore (Laszlo Ersek) [713123] - [xen] x86: Fix crash on amd iommu systems (Igor Mammedov) [714275] [2.6.18-271.el5] - [net] igmp: ip_mc_clear_src only when we no users of ip_mc_list (Veaceslav Falico) [707179] - [scsi] cxgb3i: fix programing of dma page sizes (Neil Horman) [710498] - [xen] hvm: secure vmx cpuid (Andrew Jones) [706325] {CVE-2011-1936} - [xen] hvm: secure svm_cr_access (Andrew Jones) [703716] {CVE-2011-1780} - [xen] hvm: svm support cleanups (Andrew Jones) [703716] {CVE-2011-1780} [2.6.18-270.el5] - [fs] proc: fix compile warning in pdeaux addition (Jarod Wilson) [675781] - [net] bluetooth: l2cap and rfcomm: fix info leak to userspace (Thomas Graf) [703021] - [net] inet_diag: fix inet_diag_bc_audit data validation (Thomas Graf) [714539] {CVE-2011-2213} - [misc] signal: fix kill signal spoofing issue (Oleg Nesterov) [690031] {CVE-2011-1182} - [fs] proc: fix signedness issue in next_pidmap (Oleg Nesterov) [697827] {CVE-2011-1593} - [char] agp: fix OOM and buffer overflow (Jerome Marchand) [699010] {CVE-2011-1746} - [char] agp: fix arbitrary kernel memory writes (Jerome Marchand) [699006] {CVE-2011-1745 CVE-2011-2022} - [net] be2net: fix queue creation order and pci error recovery (Ivan Vecera) [711653] - [infiniband] core: Handle large number of entries in poll CQ (Jay Fenlason) [668371] {CVE-2010-4649 CVE-2011-1044} - [infiniband] core: fix panic in ib_cm:cm_work_handler (Jay Fenlason) [679996] {CVE-2011-0695} - [fs] validate size of EFI GUID partition entries (Anton Arapov) [703026] {CVE-2011-1776} [2.6.18-269.el5] - [mm] only throttle page dirtying for specially marked BDIs (Jeff Layton) [711450] - Revert: [base] Fix potential deadlock in driver core (Don Zickus) [703084] - [fs] proc: Fix rmmod/read/write races in /proc entries (David Howells) [675781] - [scsi] qla4xxx: Update driver version to V5.02.04.01.05.07-d0 (Chad Dupuis) [704153] - [scsi] qla4xxx: clear SCSI COMPLETION INTR bit during F/W init (Chad Dupuis) [704153] - [usb] wacom: add support for DTU-2231 (Aristeu Rozanski) [683549] - [xen] fix MAX_EVTCHNS definition (Laszlo Ersek) [701243] {CVE-2011-1763} [2.6.18-268.el5] - [net] sctp: fix calc of INIT/INIT-ACK chunk length to set (Thomas Graf) [695385] {CVE-2011-1573} - [scsi] ibmvfc: Fix Virtual I/O failover hang (Steve Best) [710477] - [kernel] irq: Note and disable spurious interrupts on kexec (Prarit Bhargava) [611407] - [net] bnx2x: Update firmware to 6.2.9 (Michal Schmidt) [711079] - [net] bnx2x: Update bnx2x_firmware.h to version 6.2.9 (Michal Schmidt) [711079] - [net] xt_hashlimit: fix race between htable_destroy and htable_gc (Jiri Pirko) [705905] - [fs] cifs: clear write bits if ATTR_READONLY is set (Justin Payne) [700263] - [net] bna: clear some statistics before filling them (Ivan Vecera) [711990] - [net] ixgbe: Disable RSC by default (Herbert Xu) [703416] - [scsi] isci: fix scattergather list handling for smp commands (David Milburn) [710584] - [net] netconsole: prevent setup netconsole on a slave device (Amerigo Wang) [698873] [2.6.18-267.el5] - [fs] xfs: prevent leaking uninit stack memory in FSGEOMETRY_V1 p2 (Phillip Lougher) [677266] {CVE-2011-0711} - [fs] xfs: prevent leaking uninit stack memory in FSGEOMETRY_V1 (Phillip Lougher) [677266] {CVE-2011-0711} - [net] core: Fix memory leak/corruption on VLAN GRO_DROP (Herbert Xu) [691565] {CVE-2011-1576} [2.6.18-266.el5] - [scsi] megaraid: update to driver version 5.38-rh1 (Tomas Henzl) [706244] - [block] cciss: fix mapping of config table (Tomas Henzl) [695493] - [block] cciss: fix dev_info null pointer deref after freeing h (Tomas Henzl) [695493] - [block] cciss: do not call request_irq with spinlocks held (Tomas Henzl) [695493] - [block] cciss: prototype cciss_sent_reset to fix error (Tomas Henzl) [695493] - [block] cciss: mark functions as dev_init to clean up warnings (Tomas Henzl) [695493] - [block] cciss: timeout if soft reset fails (Tomas Henzl) [695493] - [block] cciss: use cmd_alloc for kdump (Tomas Henzl) [695493] - [block] cciss: Use cciss not hpsa in init_driver_version (Tomas Henzl) [695493] - [block] cciss: reduce stack usage a reset verifying code (Tomas Henzl) [695493] - [block] cciss: do not store pci state on stack (Tomas Henzl) [695493] - [block] cciss: no PCI power management reset method if known bad (Tomas Henzl) [695493] - [block] cciss: increase timeouts for post-reset no-ops (Tomas Henzl) [695493] - [block] cciss: remove superfluous sleeps around reset code (Tomas Henzl) [695493] - [block] cciss: do soft reset if hard reset is broken (Tomas Henzl) [695493] - [block] cciss: flush writes in interrupt mask setting code (Tomas Henzl) [695493] - [block] cciss: clarify messages around reset behavior (Tomas Henzl) [695493] - [block] cciss: increase time to wait for board reset to start (Tomas Henzl) [695493] - [block] cciss: get rid of message related magic numbers (Tomas Henzl) [695493] - [block] cciss: factor out irq request code (Tomas Henzl) [695493] - [block] cciss: factor out scatterlist allocation functions (Tomas Henzl) [695493] - [block] cciss: factor out command pool allocation functions (Tomas Henzl) [695493] - [block] cciss: Define print_cmd even without tape support (Tomas Henzl) [695493] - [block] cciss: do not use bit 2 doorbell reset (Tomas Henzl) [695493] - [block] cciss: use new doorbell-bit-5 reset method (Tomas Henzl) [695493] - [block] cciss: improve controller reset failure detection (Tomas Henzl) [695493] - [block] cciss: wait longer after resetting controller (Tomas Henzl) [695493] - [infiniband] cxgb4: Use completion objects for event blocking (Steve Best) [708081] - [fs] ext4: fix quota deadlock (Eric Sandeen) [702197] - [fs] ext3, ext4: update ctime when changing permission by setfacl (Eric Sandeen) [709224] - [scsi] bfa: properly reinitialize adapter during kdump (Rob Evers) [710300] - [scsi] lpfc: Update for 8.2.0.96.2p release (Rob Evers) [707336] - [scsi] lpfc: Fix back to back Flogis sent without logo (Rob Evers) [707336] - [scsi] lpfc: Fix not updating wwnn and wwpn after name change (Rob Evers) [707336] - [scsi] lpfc: Fix CT command never completing on Big Endian host (Rob Evers) [707336] - [scsi] lpfc: Revert fix that introduced a race condition (Rob Evers) [707336] - [scsi] lpfc: Fix crash in rpi clean when driver load fails (Rob Evers) [707336] - [scsi] lpfc: fix limiting RPI Count to a minimum of 64 (Rob Evers) [707336] - [scsi] lpfc: fix overriding CT field for SLI4 IF type 2 (Rob Evers) [707336] - [scsi] lpfc: force retry in queuecommand when port transitioning (Rob Evers) [707336] - [scsi] lpfc: Update version for 8.2.0.96.1p release (Rob Evers) [698432] - [scsi] lpfc: Fix double byte swap on received RRQ (Rob Evers) [698432] - [scsi] lpfc: Fix Vports not sending FDISC after lips (Rob Evers) [698432] - [scsi] lpfc: Fix system crash during driver unload (Rob Evers) [698432] - [scsi] lpfc: Fix FCFI incorrect on received unsolicited frames (Rob Evers) [698432] - [scsi] lpfc: Fix driver sending FLOGI to a disconnected FCF (Rob Evers) [698432] - [scsi] lpfc: Fix bug with incorrect BLS Response to BLS Abort (Rob Evers) [698432] - [scsi] lpfc: Fix adapter on Powerpc unable to login into Fabric (Rob Evers) [698432] - [pci] export msi_desc struct and msi_desc array (Prarit Bhargava) [697666] - [net] bonding: prevent deadlock on slave store with alb mode (Neil Horman) [706414] - [net] mlx4: Fix dropped promiscuity flag (Michael S. Tsirkin) [592370] - [edac] amd64_edac: Fix NULL pointer on Interlagos (Mauro Carvalho Chehab) [705040 709529] - [scsi] ses: fix ses_set_fault() to set the fault LED function (James Takahashi) [682351] - [redhat] configs: config file changes for SES Enablement (James Takahashi) [682351] - [misc] enclosure: return ERR_PTR() on error (James Takahashi) [682351] - [misc] enclosure: fix oops while iterating enclosure_status array (James Takahashi) [682351] - [scsi] ses: fix VPD inquiry overrun (James Takahashi) [682351] - [scsi] ses: Fix timeout (James Takahashi) [682351] - [scsi] ses: fix data corruption (James Takahashi) [682351] - [scsi] ses: fix memory leaks (James Takahashi) [682351] - [scsi] ses: add new Enclosure ULD (James Takahashi) [682351] - [misc] enclosure: add support for enclosure services (James Takahashi) [682351] - [net] tg3: Include support for Broadcom 5719/5720 (John Feeney) [654956 696182 707299] - [misc] module: remove over-zealous check in __module_get() (Jon Masters) [616125] - [redhat] kabi: Add pci_ioremap_bar and pci_reset_function to kABI (Jon Masters) [677683] - [redhat] kabi: Add dm_put to kABI (Jon Masters) [707003] - [redhat] kabi: Add compat_alloc_user_space to kABI (Jon Masters) [703167] - [redhat] kabi: Add random32 and srandom32 to kABI (Jon Masters) [668815] - [redhat] kabi: Add cancel_work_sync to kABI (Jon Masters) [664991] - [net] bna: add r suffix to the driver version (Ivan Vecera) [709951] - [net] bna: fix for clean fw re-initialization (Ivan Vecera) [709951] - [net] bna: fix memory leak during RX path cleanup (Ivan Vecera) [709951] - [net] bridge: Disable multicast snooping by default (Herbert Xu) [506630] - [net] bonding: fix block_netpoll_tx imbalance (Andy Gospodarek) [704426] - [scsi] qla2xxx: Fix virtual port login failure after chip reset (Chad Dupuis) [703879] - [scsi] qla2xxx: fix dsd_list_len for dsd_chaining in cmd type 6 (Chad Dupuis) [703879] - [net] force new skbs to allocate a minimum of 16 frags (Amerigo Wang) [694308] - [pci] intel-iommu: Flush unmaps at domain_exit (Alex Williamson) [705455] - [pci] intel-iommu: Only unlink device domains from iommu (Alex Williamson) [705455] [2.6.18-265.el5] - [scsi] be2iscsi: Fix MSIX interrupt names (Prarit Bhargava) [704735] - [misc] signal: fix SIGPROF keeps large task from completing fork (Oleg Nesterov) [645528] - [fs] gfs2: fix processes waiting on already-available inode glock (Robert S Peterson) [694669] - Revert: [pci] msi: remove infiniband compat code (Prarit Bhargava) [636260] - Revert: [pci] msi: use msi_desc save areas in drivers/pci code (Prarit Bhargava) [636260] - Revert: [pci] msi: use msi_desc save areas in msi state functions (Prarit Bhargava) [636260] - Revert: [pci] msi: remove pci_save_msi|x_state() functions (Prarit Bhargava) [636260] - [s390] mm: diagnose 10 does not release memory above 2GB (Hendrik Brueckner) [701275] - [input] evdev: implement proper locking (Marc Milgram) [680561] - [input] evdev: rename list to client in handlers (Marc Milgram) [680561] - [net] netpoll: disable netpoll when enslave a device (Amerigo Wang) [698873] - [net] disable lro on phys device when dev is a vlan (Neil Horman) [696374] - [scsi] qla2xxx: Update version number to 8.03.07.03.05.07-k (Chad Dupuis) [686462] - [scsi] qla2xxx: Free firmware PCB on logout request (Chad Dupuis) [686462] - [scsi] qla2xxx: dump registers for more info about ISP82xx errors (Chad Dupuis) [686462] - [scsi] qla2xxx: Updated the reset sequence for ISP82xx (Chad Dupuis) [686462] - [scsi] qla2xxx: Update copyright banner (Chad Dupuis) [686462] - [scsi] qla2xxx: Perform FCoE context reset before adapter reset (Chad Dupuis) [686462] - [scsi] qla2xxx: Limit logs in case device state does not change (Chad Dupuis) [686462] - [scsi] qla2xxx: Abort pending commands for faster reset recovery (Chad Dupuis) [686462] - [scsi] qla2xxx: Check for match before setting FCP-priority info (Chad Dupuis) [686462] - [scsi] qla2xxx: Display PortID info during FCP command-status (Chad Dupuis) [686462] [2.6.18-264.el5] - [misc] Introduce pci_map_biosrom, kernel-xen variant (David Milburn) [651837] [2.6.18-263.el5] - [misc] vsyscall: remove code changing syscall instructions to nop (Ulrich Obergfell) [689546] - [scsi] mpt2sas: move fault event handling into process context (Tomas Henzl) [705398] - [scsi] ibmvscsi: Improve CRQ reset reliability (Steve Best) [704963] - [infiniband] cxgb4: Reset wait condition atomically (Steve Best) [703925] - [infiniband] cxgb4: fix driver hang on EEH error (Steve Best) [703925] - [fs] xfs: serialise unaligned direct IOs (Eric Sandeen) [689830] - [fs] ext4: serialize unaligned asynchronous DIO (Eric Sandeen) [689830] - [misc] Add printk_timed_ratelimit (Eric Sandeen) [689830] - [fs] set stats st_blksize to fs blocksize not page size (Eric Sandeen) [695168] - [pci] Disable PCI MSI/X on portable hardware (Prarit Bhargava) [703340] - [usb] ehci: Disable disconnect/connect wakeups (Matthew Garrett) [703344] - [fs] cifs: fix cifsConvertToUCS for the mapchars case (Jeff Layton) [705324] - [fs] nfs: set d_op on newly allocated dentries in nfs_rename (Jeff Layton) [702533] - [fs] nfs: Fix build break with CONFIG_NFS_V4=n (Harshula Jayasuriya) [702355] - [scsi] isci: enable building driver (David Milburn) [651837] - [scsi] libsas: flush initial device discovery before completing (David Milburn) [651837] - [scsi] libsas: fix up device gone notification in sas_deform_port (David Milburn) [651837] - [scsi] libsas: fix runaway error handler problem (David Milburn) [651837] - [scsi] isci: validate oem parameters early, and fallback (David Milburn) [651837] - [scsi] isci: fix oem parameter header definition (David Milburn) [651837] - [scsi] isci: fix fragile/conditional isci_host lookups (David Milburn) [651837] - [scsi] isci: cleanup isci_remote_device[_not]_ready interface (David Milburn) [651837] - [scsi] isci: Qualify when lock managed for STP/SATA callbacks (David Milburn) [651837] - [scsi] isci: Fix use of SATA soft reset state machine (David Milburn) [651837] - [scsi] isci: Free lock for abort escalation at submit time (David Milburn) [651837] - [scsi] isci: Properly handle requests in aborting state (David Milburn) [651837] - [scsi] isci: Remove screaming data types (David Milburn) [651837] - [scsi] isci: remove unused remote_device_started (David Milburn) [651837] - [scsi] isci: namespacecheck cleanups (David Milburn) [651837] - [scsi] isci: kill some long macros (David Milburn) [651837] - [scsi] isci: reorder init to cleanup unneeded declarations (David Milburn) [651837] - [scsi] isci: Remove event_* calls as they are just wrappers (David Milburn) [651837] - [scsi] isci: fix apc mode definition (David Milburn) [651837] - [scsi] isci: Revert task gating change handled by libsas (David Milburn) [651837] - [scsi] isci: reset hardware at init (David Milburn) [651837] - [scsi] isci: Revert unneeded error path fixes (David Milburn) [651837] - [scsi] isci: misc fixes (David Milburn) [651837] - [scsi] isci: add firmware support (David Milburn) [651837] - [scsi] isci: lldd support (David Milburn) [651837] - [scsi] isci: add core common definitions and utility functions (David Milburn) [651837] - [scsi] isci: add core base state machine and memory descriptors (David Milburn) [651837] - [scsi] isci: add core unsolicited frame handling and registers (David Milburn) [651837] - [scsi] isci: add core request support (David Milburn) [651837] - [scsi] isci: add core stp support (David Milburn) [651837] - [scsi] isci: add core remote node context support (David Milburn) [651837] - [scsi] isci: add core remote device support (David Milburn) [651837] - [scsi] isci: add core port support (David Milburn) [651837] - [scsi] isci: add core phy support (David Milburn) [651837] - [scsi] isci: add core controller support (David Milburn) [651837] - [scsi] isci: BZ 651837 Introduce pci_map_biosrom() (David Milburn) [651837] - [scsi] qla4xxx: update version to V5.02.04.00.05.07-d0 (Chad Dupuis) [660388] - [scsi] qla4xxx: set status_srb NULL if sense_len is 0 (Chad Dupuis) [660388] - [scsi] qla4xxx: Initialize host fw_ddb_index_map list (Chad Dupuis) [660388] - [scsi] qla4xxx: reuse qla4xxx_mailbox_premature_completion (Chad Dupuis) [660388] - [scsi] qla4xxx: check for all reset flags (Chad Dupuis) [660388] - [scsi] qla4xxx: added new function qla4xxx_relogin_all_devices (Chad Dupuis) [660388] - [scsi] qla4xxx: add support for ql4xkeepalive module parameter (Chad Dupuis) [660388] - [scsi] qla4xxx: Add support for ql4xmaxqdepth module parameter (Chad Dupuis) [660388] - [scsi] qla4xxx: skip core clock so firmware can increase clock (Chad Dupuis) [660388] - [scsi] qla4xxx: copy ipv4 opts and address state to host struct (Chad Dupuis) [660388] - [scsi] qla4xxx: check AF_FW_RECOVERY flag for 8022 adapter only (Chad Dupuis) [660388] - [scsi] qla4xxx: Change hard coded values to macros (Chad Dupuis) [660388] - [scsi] qla4xxx: Change hard coded value of Sense buffer (Chad Dupuis) [660388] - [scsi] qla4xxx: Remove stale references to ISP3031 and NetXen (Chad Dupuis) [660388] - [scsi] qla4xxx: Correct file header for iscsi (Chad Dupuis) [660388] - [scsi] qla4xxx: Add scsi_{,un}block_request while reading flash (Chad Dupuis) [660388] - [scsi] qla4xxx: Remove unused code from qla4xxx_send_tgts (Chad Dupuis) [660388] - [scsi] qla4xxx: Add proper locking around cmd->host_scribble (Chad Dupuis) [660388] - [scsi] qla4xxx: use return status DID_TRANSPORT_DISRUPTED (Chad Dupuis) [660388] - [scsi] qla4xxx: remove unused functions and struct parameters (Chad Dupuis) [660388] - [scsi] qla4xxx: change char string to static char (Chad Dupuis) [660388] - [scsi] qla4xxx: change spin_lock to spin_lock_irqsave (Chad Dupuis) [660388] - [scsi] qla4xxx: change hard coded value to a macro (Chad Dupuis) [660388] - [scsi] qla4xxx: move qla4xxx_free_ddb_list and scsi_remove_host (Chad Dupuis) [660388] - [scsi] qla4xxx: get status from initialize_adapter (Chad Dupuis) [660388] - [scsi] qla4xxx: remove extra pci_disable_device call (Chad Dupuis) [660388] - [scsi] qla4xxx: Remove unused argument from function prototype (Chad Dupuis) [660388] - [scsi] qla4xxx: call qla4xxx_mark_all_devices_missing (Chad Dupuis) [660388] - [scsi] qla4xxx: call scsi_scan_target only if AF_ONLINE set (Chad Dupuis) [660388] - [scsi] qla4xxx: call scsi_block_request before clearing AF_ONLINE (Chad Dupuis) [660388] - [scsi] qla4xxx: Add timer debug print (Chad Dupuis) [660388] - [scsi] qla4xxx: use iscsi class session state check ready (Chad Dupuis) [660388] - [scsi] qla4xxx: set device state missing only if non-dead state (Chad Dupuis) [660388] - [scsi] libiscsi: fix shutdown (Chad Dupuis) [660388] - [scsi] qla4xxx: Change function prototype to static (Chad Dupuis) [660388] - [scsi] qla4xxx: Fix panic while loading with corrupted 4032 card (Chad Dupuis) [660388] - [scsi] qla4xxx: no other port reinit during remove_adapter (Chad Dupuis) [660388] - [scsi] qla4xxx: unblock iscsi session before scsi_scan_target (Chad Dupuis) [660388] - [scsi] qla4xxx: Fix for dropping of AENs during init time (Chad Dupuis) [660388] - [scsi] qla4xxx: Free allocated memory only once (Chad Dupuis) [660388] - [scsi] qla4xxx: ignore existing interrupt during mailbox command (Chad Dupuis) [660388] - [scsi] qla4xxx: Check connection active before unblocking session (Chad Dupuis) [660388] - [scsi] qla4xxx: Poll for Disable Interrupt Mailbox Completion (Chad Dupuis) [660388] - [scsi] qla4xxx: fix request_irq to avoid spurious interrupts (Chad Dupuis) [660388] - [net] bridge: make bridge address settings sticky (Amerigo Wang) [705997] - [net] bridge: allow changing hardware addr to any valid address (Amerigo Wang) [705997] - [xen] hvm: build guest timers on monotonic system time (Paolo Bonzini) [705725] - [xen] hvm: explicitly use the TSC as the base for the hpet (Paolo Bonzini) [705725] - [xen] x86: allow Dom0 to drive PC speaker (Igor Mammedov) [501314] - [xen] vtd: Fix resource leaks on error paths in intremap code (Igor Mammedov) [704497] [2.6.18-262.el5] - [block] cciss: reading a write only register causes a hang (Tomas Henzl) [696153] [2.6.18-261.el5] - [message] mptfusion: inline data padding support for TAPE drives (Tomas Henzl) [698073] - [powerpc] fix VDSO gettimeofday called with NULL struct timeval (Steve Best) [700203] - [fs] gfs2: fix resource group bitmap corruption (Robert S Peterson) [690555] - [fs] gfs2: Add dlm callback owed glock flag (Robert S Peterson) [703213] - [net] cxgb4: fix some backport bugs (Neil Horman) [700947] - [scsi] fnic: fix stats memory leak (Mike Christie) [688459] - [block]: fix missing bio back/front segment size setting (Milan Broz) [700546] - [net] mlx4: Add CX3 PCI IDs (Jay Fenlason) [660671] - [pci] SRIOV: release VF BAR resources when device is hot unplug (Don Dutile) [698879] - [virtio] virtio_ring: Decrement avail idx on buffer detach (Amit Shah) [699426] - [virtio] virtio_pci: fix double-free of pci regions on unplug (Amit Shah) [701918] - Revert: [virtio] console: no device_destroy on port device (Amit Shah) [701918] - [xen] hvm: provide param to disable HPET in HVM guests (Paolo Bonzini) [702652] - [xen] vtd: Free unused interrupt remapping table entry (Don Dugger) [571410] [2.6.18-260.el5] - [scsi] mpt2sas: prevent heap overflows and unchecked access (Tomas Henzl) [694527] {CVE-2011-1494 CVE-2011-1495} - [block] cciss: fix export resettable host attribute fix (Tomas Henzl) [690511] - [fs] gfs2: Tag all metadata with jid of last node to change it (Steven Whitehouse) [701577] - [fs] nfsd: permit unauthenticated stat of export root (Steve Dickson) [491740] - [net] myri10ge: add dynamic LRO disabling (Stanislaw Gruszka) [688897] - [wireless] ath5k: disable ASPM L0s for all cards (Stanislaw Gruszka) [666866] - [net] igb: work-around for 82576 EEPROMs reporting invalid size (Stefan Assmann) [693934] - [pci] aerdrv: use correct bits and add delay to aer_root_reset (Stefan Assmann) [700386] - [fs] jbd: fix write_metadata_buffer and get_write_access race (Eric Sandeen) [494927 696843] - [x86_64] Disable Advanced RAS/MCE on newer Intel processors (Prarit Bhargava) [697508] - [x86_64] vdso: fix gettimeofday segfault when tv == NULL (Prarit Bhargava) [700782] - [x86_64] Ignore spurious IPIs left over from crash kernel (Myron Stowe) [692921] - [i386] Ignore spurious IPIs left over from crash kernel (Myron Stowe) [692921] - [scsi] iscsi_tcp: fix iscsis sk_user_data access (Mike Christie) [677703] - [edac] i7core_edac: return -ENODEV if no MC is found (Mauro Carvalho Chehab) [658418] - [char] vcs: hook sysfs devices to object lifetime (Mauro Carvalho Chehab) [622542] - [char] vt_ioctl: fix VT ioctl race (Mauro Carvalho Chehab) [622542] - [fs] avoid vmalloc space error opening many files on x86 (Larry Woodman) [681586] - [fs] nfs: Tighten up the attribute update code (Jeff Layton) [672981] - [net] bna: Avoid kernel panic in case of FW heartbeat failure (Ivan Vecera) [700488] - [net] benet: increment work_counter in be_worker (Ivan Vecera) [695197] - [net] benet: be_poll_tx_mcc_compat should always return zero (Ivan Vecera) [690755] - [net] benet: Fix be_get_stats_count return value (Ivan Vecera) [690755] - [net] tcp: Fix tcp_prequeue to get correct rto_min value (Herbert Xu) [696411] - [net] bonding: unshare skbs prior to calling pskb_may_pull (Andy Gospodarek) [607114] - [misc] x86: Sync CPU feature flag additions from Xen (Frank Arnold) [687994] - [misc] mark various drivers/features as tech preview (Don Zickus) [701722] - [hwmon] i5k_amb: Fix compile warning (Dean Nelson) [603345] - [hwmon] i5k_amb: Load automatically on all 5000/5400 chipsets (Dean Nelson) [603345] - [hwmon] i5k_amb: provide labels for temperature sensors (Dean Nelson) [603345] - [hwmod] i5k_amb: support Intel 5400 chipset (Dean Nelson) [603345] - [net] bridge/netfilter: fix ebtables information leak (Don Howard) [681326] {CVE-2011-1080} - [net] bluetooth: fix sco information leak to userspace (Don Howard) [681311] {CVE-2011-1078} - [fs] gfs2: make sure fallocate bytes is a multiple of blksize (Benjamin Marzinski) [699741] - [fs] fix corrupted GUID partition table kernel oops (Jerome Marchand) [695980] {CVE-2011-1577} - [xen] x86: Enable K8 NOPS for future AMD CPU Families (Frank Arnold) [687994] - [xen] x86: Blacklist new AMD CPUID bits for PV domains (Frank Arnold) [687994] - [xen] x86: Handle new AMD CPUID bits for HVM guests (Frank Arnold) [687994] - [xen] x86: Update AMD CPU feature flags (Frank Arnold) [687994] - [xen] x86/domain: fix error checks in arch_set_info_guest (Laszlo Ersek) [688582] {CVE-2011-1166} [2.6.18-259.el5] - [net] bridge: fix initial packet flood if !STP (Jiri Pirko) [695369] - [edac] amd64_edac: Fix potential memleak (Mauro Carvalho Chehab) [610235] - [edac] amd64_edac, amd64_mce: Revert printk changes (Mauro Carvalho Chehab) [610235] - [x86] amd: Fix init_amd build warnings (Frank Arnold) [610235] - [edac] amd64_edac: Enable PCI dev detection on F15h (Frank Arnold) [610235] - [edac] amd64_edac: Fix decode_syndrome types (Frank Arnold) [610235] - [edac] amd64_edac: Fix DCT argument type (Frank Arnold) [610235] - [edac] amd64_edac: Fix ranges signedness (Frank Arnold) [610235] - [edac] amd64_edac: Drop local variable (Frank Arnold) [610235] - [edac] amd64_edac: Fix PCI config addressing types (Frank Arnold) [610235] - [edac] amd64_edac: Fix DRAM base macros (Frank Arnold) [610235] - [edac] amd64_edac: Fix node id signedness (Frank Arnold) [610235] - [edac] amd64_edac: Enable driver on F15h (Frank Arnold) [610235] - [edac] amd64_edac: Adjust ECC symbol size to F15h (Frank Arnold) [610235] - [edac] amd64_edac: Improve DRAM address mapping (Frank Arnold) [610235] - [edac] amd64_edac: Sanitize ->read_dram_ctl_register (Frank Arnold) [610235] - [edac] amd64_edac: fix up chip select conversion routine to F15h (Frank Arnold) [610235] - [edac] amd64_edac: Beef up early exit reporting (Frank Arnold) [610235] - [edac] amd64_edac: Revamp online spare handling (Frank Arnold) [610235] - [edac] amd64_edac: Fix channel interleave removal (Frank Arnold) [610235] - [edac] amd64_edac: Correct node interleaving removal (Frank Arnold) [610235] - [edac] amd64_edac: Add support for interleaved region swapping (Frank Arnold) [610235] - [edac] amd64_edac: Unify get_error_address (Frank Arnold) [610235] - [edac] amd64_edac: Simplify decoding path (Frank Arnold) [610235] - [edac] amd64_edac: Adjust channel counting to F15h (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup old defines cruft (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup NBSH cruft (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup NBCFG handling (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup NBCTL code (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup DCT Select Low/High code (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup Dram Configuration registers handling (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup DBAM handling (Frank Arnold) [610235] - [edac] amd64_edac: Replace huge bitmasks with a macro (Frank Arnold) [610235] - [edac] amd64_edac: Sanitize f10_get_base_addr_offset (Frank Arnold) [610235] - [edac] amd64_edac: Sanitize channel extraction (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup chipselect handling (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup DHAR handling (Frank Arnold) [610235] - [edac] amd64_edac: Remove DRAM base/limit subfields caching (Frank Arnold) [610235] - [edac] amd64_edac: Add support for F15h DCT PCI config accesses (Frank Arnold) [610235] - [edac] amd64_edac: Fix DIMMs per DCTs output (Frank Arnold) [610235] - [edac] amd64_edac: Remove two-stage initialization (Frank Arnold) [610235] - [edac] amd64_edac: Check ECC capabilities initially (Frank Arnold) [610235] - [edac] amd64_edac: Carve out ECC-related hw settings (Frank Arnold) [610235] - [edac] amd64_edac: Allocate driver instances dynamically (Frank Arnold) [610235] - [edac] amd64_edac: Rework printk macros (Frank Arnold) [610235] - [edac] amd64_edac: Rename CPU PCI devices (Frank Arnold) [610235] - [edac] amd64_edac: Concentrate per-family init even more (Frank Arnold) [610235] - [edac] amd64_edac: Cleanup the CPU PCI device reservation (Frank Arnold) [610235] - [edac] amd64_edac: Add per-family init function (Frank Arnold) [610235] - [edac] amd64_edac: Remove F11h support (Frank Arnold) [610235] - [edac] amd64_edac: Fix interleaving check (Frank Arnold) [610235] - [edac] amd64_edac: Fix DCT base address selector (Frank Arnold) [610235] - [edac] amd64_edac: Sanitize syndrome extraction (Frank Arnold) [610235] - [edac] amd64_edac: fix forcing module load/unload (Frank Arnold) [610235] - [edac] amd64_edac: add memory types strings for debugging (Frank Arnold) [610235] - [edac] amd64_edac: remove unneeded extract_error_address wrapper (Frank Arnold) [610235] - [edac] amd64_edac: rename StinkyIdentifier (Frank Arnold) [610235] - [edac] amd64_edac: remove superfluous dbg printk (Frank Arnold) [610235] - [edac] amd64_edac: cleanup f10_early_channel_count (Frank Arnold) [610235] - [edac] amd64_edac: dump DIMM sizes on K8 too (Frank Arnold) [610235] - [edac] amd64_edac: cleanup rest of amd64_dump_misc_regs (Frank Arnold) [610235] - [edac] amd64_edac: cleanup DRAM cfg low debug output (Frank Arnold) [610235] - [edac] amd64_edac: wrap-up pci config read error handling (Frank Arnold) [610235] - [edac] amd64_edac: make DRAM regions output more human-readable (Frank Arnold) [610235] - [edac] amd64_edac: clarify DRAM CTL debug reporting (Frank Arnold) [610235] - [edac] mce_amd: Fix NB error formatting (Frank Arnold) [659693] - [edac] mce_amd: Use BIT_64() to eliminate warnings on 32-bit (Frank Arnold) [659693] - [edac] mce_amd: Enable MCE decoding on F15h (Frank Arnold) [659693] - [edac] mce_amd: Shorten error report formatting (Frank Arnold) [659693] - [edac] mce_amd: Overhaul error fields extraction macros (Frank Arnold) [659693] - [edac] mce_amd: Add F15h FP MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Add F15 EX MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Add an F15h NB MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: No F15h LS MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Add F15h CU MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Add F15h IC MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Add F15h DC MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Select extended error code mask (Frank Arnold) [659693] - [edac] mce_amd: Fix shift warning on 32-bit (Frank Arnold) [659693] - [edac] mce_amd: Add a BIT_64() macro (Frank Arnold) [659693] - [edac] mce_amd: Enable MCE decoding on F12h (Frank Arnold) [659693] - [edac] mce_amd: Add F12h NB MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Add F12h IC MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Add F12h DC MCE decoder (Frank Arnold) [659693] - [edac] mce_amd: Add support for F11h MCEs (Frank Arnold) [659693] - [edac] mce_amd: Enable MCE decoding on F14h (Frank Arnold) [659693] - [edac] mce_amd: Fix FR MCEs decoding (Frank Arnold) [659693] - [edac] mce_amd: Complete NB MCE decoders (Frank Arnold) [659693] - [edac] mce_amd: Warn about LS MCEs on F14h (Frank Arnold) [659693] - [edac] mce_amd: Adjust IC decoders to F14h (Frank Arnold) [659693] - [edac] mce_amd: Adjust DC decoders to F14h (Frank Arnold) [659693] - [edac] mce_amd: Rename files (Frank Arnold) [659693] - [edac] mce_amd: Pass complete MCE info to decoders (Frank Arnold) [659693] - [edac] mce_amd: Sanitize error codes (Frank Arnold) [659693] - [edac] mce_amd: Remove unused function parameter (Frank Arnold) [659693] - [edac] mce_amd: Do not report error overflow as a separate error (Frank Arnold) [659693] - [edac] mce_amd: Limit MCE decoding to current families for now (Frank Arnold) [659693] - [edac] mce_amd: Fix wrong mask and macro usage (Frank Arnold) [659693] - [edac] mce_amd: Filter out invalid values (Frank Arnold) [659693] - [edac] mce_amd: silence GART TLB errors (Frank Arnold) [659693] - [edac] mce_amd: correct corenum reporting (Frank Arnold) [659693] - [edac] mce_amd: update AMD F10h revD check (Frank Arnold) [659693] - [edac] mce_amd: Use an atomic notifier for MCEs decoding (Frank Arnold) [659693] - [edac] mce_amd: carve out AMD MCE decoding logic (Frank Arnold) [659693] - [edac] mce_amd: Fix MCE decoding callback logic (Frank Arnold) [659693] [2.6.18-258.el5] - [block] cciss: fix lost command problem (Tomas Henzl) [696153] - [block] cciss: export resettable host attribute (Tomas Henzl) [690511] - [powerpc] mm/numa: Disable VPNH feature on pseries (Steve Best) [696328] - [wireless] iwlagn: re-enable MSI on resume (Prarit Bhargava) [694672] - [fs] cifs: clean up various nits in unicode routines (Jeff Layton) [659715] - [fs] cifs: fix unaligned accesses in cifsConvertToUCS (Jeff Layton) [659715] - [fs] cifs: clean up unaligned accesses in cifs_unicode.c (Jeff Layton) [659715] - [fs] cifs: fix unaligned access in check2ndT2 and coalesce_t2 (Jeff Layton) [659715] - [fs] cifs: clean up unaligned accesses in validate_t2 (Jeff Layton) [659715] - [fs] cifs: use get/put_unaligned functions to access ByteCount (Jeff Layton) [659715] - [net] bridge: fix build warning in br_device (Jarod Wilson) [556811] - [scsi] arcmsr: fix broken CONFIG_XEN conditional (Jarod Wilson) [635992] - [net] cxgb4: clean up dma_mapping_error usage (Jarod Wilson) [567446] - [fs] dcache: Close a race-opportunity in d_splice_alias (David Howells) [646359] - [md] dm-crypt: support more encryption modes (Milan Broz) [660368] - [crypto] add XTS blockcipher mode support (Danny Feng) [553411] - [s390] dasd: fix race between open and offline (Hendrik Brueckner) [695357] - [net] netxen: limit skb frags for non tso packet (Chad Dupuis) [672368] - [net] qlcnic: limit skb frags for non tso packet (Bob Picco) [695490] [2.6.18-257.el5] - [char] ipmi: dont poll non-existant IPMI Event Message Buffer (Tony Camuso) [578913] - [char] ipmi: fix platform return check (Tony Camuso) [578913] - [fs] gfs: Never try to deallocate an inode on a read-only mount (Steven Whitehouse) [689943] - [infiniband] cxgb4: Initial import of driver to RHEL5 (Steve Best) [567449] - [net] cxgb4: Initial import of driver to RHEL5 (Neil Horman) [567446] - [net] bond: fix link up after restart (Neil Horman) [659558] - [infiniband] cxgb3: Dont free skbs on NET_XMIT_* from LLD (Neil Horman) [516956] - [infiniband] cxgb3: Wait 1+ schedule cycle during device removal (Neil Horman) [516956] - [infiniband] cxgb3: Mark device with CXIO_ERROR_FATAL on remove (Neil Horman) [516956] - [infiniband] cxgb3: Dont allocate the SW queue for user mode CQs (Neil Horman) [516956] - [infiniband] cxgb3: Increase the max CQ depth (Neil Horman) [516956] - [infiniband] cxgb3: Doorbell overflow avoidance and recovery (Neil Horman) [516956] - [infiniband] cxgb3: Remove BUG_ON() on CQ rearm failure (Neil Horman) [516956] - [infiniband] cxgb3: Fix error paths in post_send and post_recv (Neil Horman) [516956] - [infiniband] cxgb3: Handle NULL inetdev ptr in iwch_query_port (Neil Horman) [516956] - [infiniband] cxgb3: Clean up properly on FW mismatch failures (Neil Horman) [516956] - [infiniband] cxgb3: Dont ignore insert_handle() failures (Neil Horman) [516956] - [infiniband] cxgb3: Wake up any waiters on peer close/abort (Neil Horman) [516956] - [infiniband] cxgb3: Dont free endpoints early (Neil Horman) [516956] - [net] cxgb3: Handle port events properly (Mike Christie) [516956] - [fs] cifs: prevent infinite recursion in cifs_reconnect_tcon (Jeff Layton) [667454] - [fs] cifs: consolidate reconnect logic in smb_init routines (Jeff Layton) [667454] - [fs] dcache: allow __d_obtain_alias to return unhashed dentries (J. Bruce Fields) [613736] [2.6.18-256.el5] - [scsi] mpt2sas: fix _scsih_is_raid test in _scsih_qcmd (Tomas Henzl) [683806] - [scsi] megaraid_sas: add a reset_devices condition (Tomas Henzl) [692099] - [net] add socket API recvmmsg, receive multiple messages (Thomas Graf) [582653] - [scsi] device_handler: fix ref counting in error path (Mike Snitzer) [645343] - [scsi] device_handler: propagate SCSI device deletion (Mike Snitzer) [645343] - [net] 8021q: fix VLAN RX stats counting (Stefan Assmann) [579858] - [x86_64] vdso: Fix typo in vclock_gettime code (Prarit Bhargava) [691735] - [firmware] dmi_scan: Display system information in dmesg (Prarit Bhargava) [692860] - [fs] debugfs: Implement debugfs_remove_recursive (Neil Horman) [692946] - [redhat] configs: enable building CXGB4_ISCSI (Mike Christie) [567452] - [scsi] cxgbi: get rid of gl_skb in cxgbi_ddp_info (Mike Christie) [567452] - [scsi] cxgbi: set ulpmode only if digest is on (Mike Christie) [567452] - [scsi] cxgb4i: ignore informational act-open-rpl message (Mike Christie) [567452] - [scsi] cxgb4i: connection and ddp setting update (Mike Christie) [567452] - [scsi] cxgb3i: fixed connection over vlan (Mike Christie) [567452] - [scsi] libcxgbi: pdu read fixes (Mike Christie) [567452] - [scsi] cxgbi: rename alloc_cpl to alloc_wr (Mike Christie) [567452] - [scsi] cxgb3i: change cxgb3i to use libcxgbi (Mike Christie) [567452] - [scsi] cxgbi: add cxgb4i iscsi driver (Mike Christie) [567452] - [net] bonding: re-read speed and duplex when interface goes up (Andy Gospodarek) [677902] - [net] ipv4/tcp_timer: honor sysctl tcp_syn_retries (Flavio Leitner) [688989] - [usb] fix usbfs isochronous data transfer regression (Don Zickus) [688926] - [fs] partitions: Fix corrupted OSF partition table parsing (Danny Feng) [688023] - [misc] add param to change default coredump_filter setup (Dave Anderson) [488840] - Revert: [md] dm-crypt: support more encryption modes (Jarod Wilson) [660368] - [xen] allow delivery of timer interrupts to VCPU != 0 (Paolo Bonzini) [418501] - [xen] x86/hvm: Enable delivering 8259 interrupts to VCPUs != 0 (Paolo Bonzini) [418501] - [xen] get rid of the vcpu state in HPET (Paolo Bonzini) [418501] - [xen] add accessors for arch/x86/hvm/hpet.c (Paolo Bonzini) [418501] [2.6.18-255.el5] - [net] htb: Make HTB scheduler work with TSO (Thomas Graf) [481546] - [fs] cifs: map NT_STATUS_ERROR_WRITE_PROTECTED to -EROFS (Jeff Layton) [516102] - [pci] Ensure devices are resumed on system resume (Matthew Garrett) [644440] - [fs] ext2, ext3: copy i_flags to inode flags on write (Eric Sandeen) [431738] - [fs] gfs2: fix filesystem hang caused by incorrect lock order (Robert S Peterson) [656032] - [fs] gfs2: restructure reclaiming of unlinked dinodes (Robert S Peterson) [656032] - [fs] gfs2: unlock on gfs2_trans_begin error (Robert S Peterson) [656032] - [pci] Add HP BL620c G7 to pci=bfsort whitelist (Prarit Bhargava) [680946] - [pci] msi: simplify the msi irq limit policy (Prarit Bhargava) [652799] - [scsi] scsi_dh: allow scsi_dh_detach to detach when attached (Mike Christie) [666304] - [net] bonding: fix test for presence of VLANs (Jiri Pirko) [654878] - [net] 8021q: VLAN 0 should be treated as no vlan tag (Jiri Pirko) [654878] - [kernel] module: add sysctl to block module loading (Jerome Marchand) [645221] - [fs] nfs: Make close(2) async when closing O_DIRECT files (Jeff Layton) [626977] - [fs] nfs: Optimise NFS close() (Jeff Layton) [626977] - [fs] nfs: Fix nfsv4 atomic open for execute... (Jeff Layton) [626977] - [misc] pm: add comment explaining is_registered kabi work-around (Don Zickus) [637930] - [misc] sunrpc: only call get_seconds once in sunrpc_invalidate (David Howells) [589512] [2.6.18-254.el5] - [scsi] mpt2sas: Added customer specific display support (Tomas Henzl) [684842] - [scsi] mpt2sas: Add support for WarpDrive SSS-6200 (Tomas Henzl) [683806] - [scsi] megaraid: update driver to v5.34 (Tomas Henzl) [660728] - [scsi] arcmsr: driver update for RHEL5.7 (Tomas Henzl) [635992] - [scsi] scsi_dh_alua: add scalable ONTAP lun to dev list (Mike Snitzer) [667660] - [pci] Enable pci=bfsort by default on future Dell systems (Shyam Iyer) [689047] - [net] enic: update driver to 2.1.1.9 (Stefan Assmann) [661306] - [scsi] bfa: rebase for RHEL5.7 to current scsi-misc version (Rob Evers) [660545] - [pci] Enable PCI bus rescan for PPC64 only (Prarit Bhargava) [683461] - [net] enable VLAN SG on additional drivers (Paolo Bonzini) [668934] - [net] add ethtool -k sg off support for vlans (Paolo Bonzini) [668934] - [net] explicitly enable VLAN SG when already in use (Paolo Bonzini) [668934] - [net] enable SG on vlan devices if supported on the NIC (Paolo Bonzini) [668934] - [net] fix NETIF_F_GSO_MASK to exclude VLAN features (Paolo Bonzini) [668934] - [ata] ata_piix: honor ide=disable (Paolo Bonzini) [460821] - [scsi] be2iscsi: update driver version string (Mike Christie) [691899] - [scsi] be2iscsi: fix null ptr when accessing task hdr (Mike Christie) [660392] - [scsi] be2iscsi: fix gfp use in alloc_pdu (Mike Christie) [660392] - [scsi] be2iscsi: allow more time for FW to respond (Mike Christie) [660392] - [net] ixgbe: restore erratum 45 fix and whitespace (Andy Gospodarek) [568312 568557 570366 571254 651467 653236 653359 653469 655022] - [usb] ehci: AMD periodic frame list table quirk (Don Zickus) [651333] - [scsi] qla2xxx: Upgrade 24xx and 25xx firmware to 5.03.16 (Chad Dupuis) [682305] - [fs] nfsd: fix auth_domain reference leak on nlm operations (J. Bruce Fields) [589512] - [net] sunrpc: ensure cache_check caller sees updated entry (J. Bruce Fields) [589512] - [net] sunrpc: take lock on turning entry NEGATIVE in cache_check (J. Bruce Fields) [589512] - [net] sunrpc: move cache validity check into helper function (J. Bruce Fields) [589512] - [net] sunrpc: modifying valid sunrpc cache entries is racy (J. Bruce Fields) [589512] - [fs] nfs: extract some common sunrpc_cache code from nfsd (J. Bruce Fields) [589512] - [pci] return correct value when writing to reset attribute (Alex Williamson) [689860] - [pci] expose function reset capability in sysfs (Alex Williamson) [689860] [2.6.18-253.el5] - [media] sn9c102: fix world-wirtable sysfs files (Don Howard) [679305] - [scsi] scsi_dh_rdac: Add two new IBM devices to rdac_dev_list (Rob Evers) [691460] - [misc] support for marking code as tech preview (Don Zickus) [645431] - [misc] taint: Add taint padding (Don Zickus) [645431] - [scsi] lpfc: Update version for 8.2.0.96 driver release (Rob Evers) [660396] - [scsi] lpfc: Update version for 8.2.0.95 driver release (Rob Evers) [660396] - [scsi] lpfc: Fix rrq cleanup for vport delete (Rob Evers) [660396] - [scsi] lpfc: dont ignore lpfc_suppress_link_up on SLI-4 (Rob Evers) [660396] - [scsi] lpfc: LOGO completion must invalidate both RPI and D_ID (Rob Evers) [660396] - [scsi] lpfc: adds a comment (Rob Evers) [660396] - [scsi] lpfc: Do not take lock when clearing rrq active (Rob Evers) [660396] - [scsi] lpfc: Fix non-empty nodelist after sli3 driver remove (Rob Evers) [660396] - [scsi] lpfc: Save IRQ level when taking host_lock in findnode_did (Rob Evers) [660396] - [scsi] lpfc: Fixed hang in lpfc_get_scsi_buf_s4 (Rob Evers) [660396] - [scsi] lpfc: Fix xri lookup for received rrq (Rob Evers) [660396] - [scsi] lpfc: Fix setting of RRQ active for target aborted IOs (Rob Evers) [660396] - [scsi] lpfc: Modified lpfc_delay_discovery implementation (Rob Evers) [660396] - [scsi] lpfc: Fix bug with fc_vport symbolic_name not being generated (Rob Evers) [660396] - [scsi] lpfc: Update lpfc for 8.2.0.94 driver release (Rob Evers) [660396] - [scsi] lpfc: Fixed fdisc sent with invalid VPI (Rob Evers) [660396] - [scsi] lpfc: warn if the link_speed is not supported by this adapter (Rob Evers) [660396] - [scsi] lpfc: Fixed UE error on UCNA BE2 hba during reboot (Rob Evers) [660396] - [scsi] lpfc: Update version for 8.2.0.93 driver release (Rob Evers) [660396] - [scsi] lpfc: Added support for clean address bit (Rob Evers) [660396] - [scsi] lpfc: Fixed XRI reuse issue (Rob Evers) [660396] - [scsi] lpfc: Update version for 8.2.0.92 driver release (Rob Evers) [660396] - [scsi] lpfc: Unreg login when PLOGI received from logged in port (Rob Evers) [660396] - [scsi] lpfc: Fixed crashes for NULL vport dereference (Rob Evers) [660396] - [scsi] lpfc: Update version for 8.2.0.91 driver release (Rob Evers) [660396] - [scsi] lpfc: Fix for kmalloc failures in lpfc_workq_post_event (Rob Evers) [660396] - [scsi] lpfc: Adjust lengths for sli4_config mailbox commands (Rob Evers) [660396] - [scsi] lpfc: set parity and serr bits on after performing sli4 reset (Rob Evers) [660396] - [scsi] lpfc: VPI for ALL ELS commands and alloc RPIs at node creation (Rob Evers) [660396] - [scsi] lpfc: Correct bit-definitions in SLI4 data structures (Rob Evers) [660396] - [scsi] lpfc: Update version for 8.2.0.90 driver release (Rob Evers) [660396] - [scsi] lpfc: new SLI4 initialization procedures based on if_type (Rob Evers) [660396] - [scsi] lpfc: Implement FC and SLI async event handlers (Rob Evers) [660396] - [scsi] lpfc: Fix management command context setting (Rob Evers) [660396] - [scsi] lpfc: Fix panic in __lpfc_sli_get_sglq (Rob Evers) [660396] - [scsi] lpfc: Update version for 8.2.0.89 driver release (Rob Evers) [660396] - [scsi] lpfc: Fix compiler warning (Rob Evers) [660396] - [scsi] lpfc: Added support for ELS RRQ command (Rob Evers) [660396] - [scsi] lpfc: Init VFI and VPI for physical port (Rob Evers) [660396] - [scsi] lpfc: Update version for 8.2.0.88 driver release (Rob Evers) [660396] - [scsi] lpfc: add READ_TOPOLOGY mailbox command and new speed definition (Rob Evers) [660396] - [scsi] lpfc: Modified return status of unsupport ELS commands (Rob Evers) [660396] - [scsi] lpfc: Implement doorbell register changes for new hardware (Rob Evers) [660396] - [scsi] lpfc: Implement new SLI 4 SLI_INTF register definitions (Rob Evers) [660396] - [scsi] lpfc: Add PCI ID definitions for new hardware support (Rob Evers) [660396] - [scsi] lpfc: Add new SLI4 WQE support (Rob Evers) [660396] - [net] myri10ge: update to 1.5.2 (Stanislaw Gruszka) [481629] - [pci] make pcie_get_readrq visible in pci.h (Stanislaw Gruszka) [481629] - [net] igb: AER fix recover from PCIe Uncorrectable Error (Stefan Assmann) [568211] - [net] igb: driver update for RHEL5.7 (Stefan Assmann) [653238] - [fs] quota: do not allow setting quota limits too high (Eric Sandeen) [594609] - [fs] block: fix submit_bh discarding barrier flag on sync write (Lukas Czerner) [667673] - [net] netfilter/ipt_CLUSTERIP: fix buffer overflow (Jiri Pirko) [689340] - [net] netfilter: ip6_tables: fix infoleak to userspace (Jiri Pirko) [689349] {CVE-2011-1172} - [net] netfilter/ip_tables: fix infoleak to userspace (Jiri Pirko) [689332] {CVE-2011-1171} - [net] netfilter/arp_tables: fix infoleak to userspace (Jiri Pirko) [689323] {CVE-2011-1170} - [sound] alsa: hda driver update for RHEL5.7 (Jaroslav Kysela) [688539] - [sound] alsa: add snd-aloop driver (Jaroslav Kysela) [647094] - [mmc] sdhci: Add support for O2Micro Card Reader (John Feeney) [659318] - [base] Fix potential deadlock in driver core (Don Zickus) [637930] - Revert: [crypto] add XTS blockcipher mode support (Jarod Wilson) [553411] [2.6.18-252.el5] - [scsi] add new Dell Powervault controllers to RDAC device list (Shyam Iyer) [688981] - [ata] ahci: AHCI mode for Intel Patsburg SATA RAID controller (David Milburn) [684361] - [md] dm-crypt: support more encryption modes (Milan Broz) [660368] - [crypto] add XTS blockcipher mode support (Danny Feng) [553411] - [virt] hypervisor: Overflow fix for clocks > 4GHz (Zachary Amsden) [673242] - [net] tg3: Restrict phy ioctl access (John Feeney) [660397] - [net] tg3: Update version to 3.116 (John Feeney) [660397] - [net] tg3: Minor EEE code tweaks (John Feeney) [660397] - [net] tg3: Relax EEE thresholds (John Feeney) [660397] - [net] tg3: Fix 57765 EEE support (John Feeney) [660397] - [net] tg3: Move EEE definitions into mdio.h (John Feeney) [660397] - [net] tg3: Enable phy APD for 5717 and later asic revs (John Feeney) [660397] - [net] tg3: use dma_alloc_coherent() instead of pci_alloc_consistent() (John Feeney) [660397] - [net] tg3: Reenable TSS for 5719 (John Feeney) [660397] - [net] tg3: Enable mult rd DMA engine on 5719 (John Feeney) [660397] - [net] tg3: Always turn on APE features in mac_mode reg (John Feeney) [660397] - [net] tg3: Dont check for vlan group before vlan_tx_tag_present (John Feeney) [660397] - [net] tg3: Update version to 3.115 (John Feeney) [660397] - [net] tg3: Report invalid link from tg3_get_settings() (John Feeney) [660397] - [net] tg3: Dont allocate jumbo ring for 5780 class devs (John Feeney) [660397] - [net] tg3: Cleanup tg3_alloc_rx_skb() (John Feeney) [660397] - [net] tg3: Add EEE support (John Feeney) [660397] - [net] tg3: Add clause 45 register accessor methods (John Feeney) [660397] - [net] tg3: Disable unused transmit rings (John Feeney) [660397] - [net] tg3: Add support for selfboot format 1 v6 (John Feeney) [660397] - [net] tg3: Update version to 3.114 (John Feeney) [660397] - [net] tg3: Add extend rx ring sizes for 5717 and 5719 (John Feeney) [660397] - [net] tg3: Prepare for larger rx ring sizes (John Feeney) [660397] - [net] tg3: Futureproof the loopback test (John Feeney) [660397] - [net] tg3: Cleanup missing VPD partno section (John Feeney) [660397] - [net] tg3: Remove 5724 device ID (John Feeney) [660397] - [net] tg3: return operator cleanup (John Feeney) [660397] - [net] tg3: phy tmp variable roundup (John Feeney) [660397] - [net] tg3: Dynamically allocate VPD data memory (John Feeney) [660397] - [net] tg3: Use skb_is_gso_v6() (John Feeney) [660397] - [net] tg3: Move producer ring struct to tg3_napi (John Feeney) [660397] - [net] tg3: Clarify semantics of TG3_IRQ_MAX_VECS (John Feeney) [660397] - [net] tg3: Disable TSS (John Feeney) [660397] - [net] tg3: Update version to 3.113 (John Feeney) [660397] - [net] tg3: Migrate tg3_flags to phy_flags (John Feeney) [660397] - [net] tg3: Create phy_flags and migrate phy_is_low_power (John Feeney) [660397] - [net] tg3: Add phy-related preprocessor constants (John Feeney) [660397] - [net] tg3: Add error reporting to tg3_phydsp_write() (John Feeney) [660397] - [net] tg3: Improve small packet performance (John Feeney) [660397] - [net] tg3: Remove 5720, 5750, and 5750M (John Feeney) [660397] - [net] tg3: Restrict ASPM workaround devlist (John Feeney) [660397] - [net] tg3: Manage gphy power for CPMU-less devs only (John Feeney) [660397] - [net] tg3: Disable TSS also during tg3_close() (John Feeney) [660397] - [net] tg3: Add 5784 ASIC rev to earlier PCIe MPS fix (John Feeney) [660397] - [net] tg3: Update version to 3.112 (John Feeney) [660397] - [net] tg3: Fix some checkpatch errors (John Feeney) [660397] - [net] tg3: Revert PCIe tx glitch fix (John Feeney) [660397] - [net] tg3: Report driver version to firmware (John Feeney) [660397] - [net] tg3: Relax 5717 serdes restriction (John Feeney) [660397] - [net] tg3: Fix single MSI-X vector coalescing (John Feeney) [660397] - [net] tg3: Update version to 3.111 (John Feeney) [660397] - [net] tg3: Allow 5717 serdes link via parallel detect (John Feeney) [660397] - [net] tg3: Allow single MSI-X vector allocations (John Feeney) [660397] - [net] tg3: Update version to 3.110 (John Feeney) [660397] - [net] tg3: Remove function errors flagged by checkpatch (John Feeney) [660397] - [net] tg3: Unify max pkt size preprocessor constants (John Feeney) [660397] - [net] tg3: Re-inline VLAN tags when appropriate (John Feeney) [660397] - [net] tg3: Optimize rx double copy test (John Feeney) [660397] - [net] tg3: Update version to 3.109 (John Feeney) [660397] - [net] tg3: Remove tg3_dump_state() (John Feeney) [660397] - [net] tg3: Cleanup if codestyle (John Feeney) [660397] - [net] tg3: The case of switches (John Feeney) [660397] - [net] tg3: Whitespace, constant, and comment updates (John Feeney) [660397] - [net] tg3: Use VPD fw version when present (John Feeney) [660397] - [net] tg3: Prepare FW version code for VPD versioning (John Feeney) [660397] - [net] tg3: Fix message 80 char violations (John Feeney) [660397] - [net] tg3: netdev_err() => dev_err() (John Feeney) [660397] - [net] tg3: Replace pr_err with sensible alternatives (John Feeney) [660397] - [net] tg3: change field used with TG3_FLAG_10_100_ONLY constant (John Feeney) [660397] - [net] tg3: Remove now useless VPD code (John Feeney) [660397] - [net] tg3: use helper to search for VPD keywords (John Feeney) [660397] - [net] tg3: use VPD information field helper functions (John Feeney) [660397] - [net] tg3: use helper to find VPD resource data type (John Feeney) [660397] - [net] tg3: Add large and small resource data type code (John Feeney) [660397] - [net] tg3: Add PCI LRDT tag size and section size (John Feeney) [660397] - [net] tg3: convert to use netdev_for_each_mc_addr, part6 (John Feeney) [660397] macro helpers (John Feeney) [660397] - [net] bna: Include embedded firmware for RHEL5 (Ivan Vecera) [475690] - [net] bna: use device model DMA API (Ivan Vecera) [475690] - [net] bna: Remove unnecessary memset 0 (Ivan Vecera) [475690] - [net] bna: Update the driver version to 2.3.2.3 (Ivan Vecera) [475690] - [net] bna: IOC failure auto recovery fix (Ivan Vecera) [475690] - [net] bna: Restore VLAN filter table (Ivan Vecera) [475690] - [net] bna: Removed unused code (Ivan Vecera) [475690] - [net] bna: IOC uninit check and misc cleanup (Ivan Vecera) [475690] - [net] bna: Fix for TX queue (Ivan Vecera) [475690] - [net] bna: Enable pure priority tagged packet reception and rxf uninit cleanup fix (Ivan Vecera) [475690] - [net] bna: Fix ethtool register dump and reordered an API (Ivan Vecera) [475690] - [net] bna: Port enable disable sync and txq priority fix (Ivan Vecera) [475690] - [net] bna: TxRx and datapath fix (Ivan Vecera) [475690] - [net] bna: scope and dead code cleanup (Ivan Vecera) [475690] - [net] bna: fix interrupt handling (Ivan Vecera) [475690] - [net] bna: off by one (Ivan Vecera) [475690] - [net] bna: Check for NULL before deref in bnad_cb_tx_cleanup (Ivan Vecera) [475690] - [net] bna: fix lock imbalance (Ivan Vecera) [475690] - [net] bna: fix stats handling (Ivan Vecera) [475690] - [net] bna: Fixed build break for allyesconfig (Ivan Vecera) [475690] - [net] bna: Brocade 10Gb Ethernet device driver (Ivan Vecera) [475690] - [s390] tape: deadlock on global work queue (Hendrik Brueckner) [681329] - [s390] qeth: remove needless IPA-commands in offline (Hendrik Brueckner) [679120] - [s390] qeth: allow channel path changes in recovery (Hendrik Brueckner) [678073] - [s390] qeth: wrong MAC-address displayed in error message (Hendrik Brueckner) [675747] - [s390] dasd: Improve handling of stolen DASD reservation (Hendrik Brueckner) [651141] - [s390] dasd: provide a Sense Path Group ID ioctl (Hendrik Brueckner) [651135] - [s390] qeth: tolerate OLM-limitation (Hendrik Brueckner) [651161] - [s390] sclp_vt220: console message may cause deadlock (Hendrik Brueckner) [675751] - [s390] uaccess: missing sacf in uaccess error handling (Hendrik Brueckner) [670234] - [x86_64] nmi_watchdog: modify default to perf counter 1 (Don Zickus) [633196 659816] - [net] qlcnic: Remove validation for max tx and max rx queues (Chad Dupuis) [660390] - [net] qlcnic: fix checks for auto_fw_reset (Chad Dupuis) [660390] - [net] qlcnic: change module parameter permissions (Chad Dupuis) [660390] - [net] qlcnic: fix ethtool diagnostics test (Chad Dupuis) [660390] - [net] qlcnic: fix flash fw version read (Chad Dupuis) [660390] - [net] qlcnic: Use static const (Chad Dupuis) [660390] - [net] qlcnic: reset pci function unconditionally during probe (Chad Dupuis) [660390] - [net] qlcnic: fix ocm window register offset calculation (Chad Dupuis) [660390] - [net] qlcnic: fix LED test when interface is down. (Chad Dupuis) [660390] - [net] qlcnic: Updated driver version to 5.0.13 (Chad Dupuis) [660390] - [net] qlcnic: LICENSE file for qlcnic (Chad Dupuis) [660390] - [net] qlcnic: validate eswitch config values for PF (Chad Dupuis) [660390] - [net] qlcnic: Disable loopback support (Chad Dupuis) [660390] - [net] qlcnic: Bumped up driver version to 5.0.12 (Chad Dupuis) [660390] - [net] qlcnic: lro module parameter (Chad Dupuis) [660390] - [net] qlcnic: Fix driver hang while using qcc application (Chad Dupuis) [660390] - [net] qlcnic: lro off message log from set rx checsum (Chad Dupuis) [660390] - [net] qlcnic: Add description for CN1000Q adapter (Chad Dupuis) [660390] - [net] qlcnic: Allow minimum bandwidth of zero (Chad Dupuis) [660390] - [net] qlcnic: fix panic on load (Chad Dupuis) [660390] - [net] qlcnic: define valid vlan id range (Chad Dupuis) [660390] - [net] qlcnic: reduce rx ring size (Chad Dupuis) [660390] - [net] qlcnic: fix mac learning (Chad Dupuis) [660390] - [net] qlcnic: update ethtool stats (Chad Dupuis) [660390] - [net] qlcnic: update driver version 5.0.11 (Chad Dupuis) [660390] - [net] qlcnic: change all P3 references to P3P (Chad Dupuis) [660390] - [net] qlcnic: fix promiscous mode for VF (Chad Dupuis) [660390] - [net] qlcnic: fix board description (Chad Dupuis) [660390] - [net] qlcnic: remove private LRO flag (Chad Dupuis) [660390] - [net] qlcnic: support quiescent mode (Chad Dupuis) [660390] - [net] qlcnic: remove dead code (Chad Dupuis) [660390] - [net] qlcnic: set mtu lower limit (Chad Dupuis) [660390] - [net] qlcnic: cleanup port mode setting (Chad Dupuis) [660390] - [net] qlcnic: sparse warning fixes (Chad Dupuis) [660390] - [net] qlcnic: fix vlan TSO on big endian machine (Chad Dupuis) [660390] - [net] qlcnic: fix endianess for lro (Chad Dupuis) [660390] - [net] qlcnic: fix diag register (Chad Dupuis) [660390] - [net] qlcnic: fix eswitch stats (Chad Dupuis) [660390] - [net] qlcnic: fix internal loopback test (Chad Dupuis) [660390] - [net] qlcnic: return operator cleanup (Chad Dupuis) [660390] - [net] qlcnic: dont set skb->truesize (Chad Dupuis) [660390] - [net] qlcnic: dont assume NET_IP_ALIGN is 2 (Chad Dupuis) [660390] - [net] qlcnic: update version 5.0.10 (Chad Dupuis) [660390] - [net] qlcnic: remove fw version check (Chad Dupuis) [660390] - [net] qlcnic: vlan lro support (Chad Dupuis) [660390] - [net] qlcnic: vlan gro support (Chad Dupuis) [660390] - [net] qlcnic: support vlan rx accleration (Chad Dupuis) [660390] - [net] qlcnic: add cksum flag (Chad Dupuis) [660390] - [net] qlcnic: mac vlan learning support (Chad Dupuis) [660390] - [net] qlcnic: support mac learning (Chad Dupuis) [660390] - [net] qlcnic: fix mac override capability (Chad Dupuis) [660390] - [net] qlcnic: fix panic while using eth_hdr (Chad Dupuis) [660390] - [net] qlcnic: fix mac anti spoof policy (Chad Dupuis) [660390] - [net] qlcnic: fix for setting default eswitch config (Chad Dupuis) [660390] - [net] qlcnic: fix mac addr read (Chad Dupuis) [660390] - [net] qlcnic: add api version in reg dump (Chad Dupuis) [660390] - [net] qlcnic: backout firmware initialization update (Chad Dupuis) [660390] - [net] qlnic: fix a race in qlcnic_get_stats (Chad Dupuis) [660390] - [net] qlcnic: PCI ID addition (Chad Dupuis) [660390] - [net] qlcnic: Fix driver load issue in FW hang (Chad Dupuis) [660390] - [net] qlcnic: change reg name (Chad Dupuis) [660390] - [net] qlcnic: fix fw recovery for PF (Chad Dupuis) [660390] - [net] qlcnic: support port vlan id (Chad Dupuis) [660390] - [net] qlcnic: eswitch config fixes (Chad Dupuis) [660390] - [net] qlcnic: update version 5.0.8 (Chad Dupuis) [660390] - [net] qlcnic: rom lock recovery (Chad Dupuis) [660390] - [net] qlcnic: firmware initialization update (Chad Dupuis) [660390] - [net] qlcnic: fix endiness in eswitch statistics (Chad Dupuis) [660390] - [net] qlcnic: mark device state as failed (Chad Dupuis) [660390] - [net] qlcnic: fix npar state (Chad Dupuis) [660390] - [net] qlcnic: support anti mac spoofing (Chad Dupuis) [660390] - [net] qlcnic: configure offload setting on eswitch (Chad Dupuis) [660390] - [net] qlcnic: configure port on eswitch (Chad Dupuis) [660390] - [net] qlcnic: replace magic numbers with defines (Chad Dupuis) [660390] - [net] qlcnic: remove unused code (Chad Dupuis) [660390] - [net] qlcnic: fix inconsistent lock state (Chad Dupuis) [660390] - [net] qlcnic: Use available error codes (Chad Dupuis) [660390] - [net] qlcnic: turn off lro when rxcsum is disabled (Chad Dupuis) [660390] - [net] qlcnic: fix link diag test (Chad Dupuis) [660390] - [net] qlcnic: fix link status message (Chad Dupuis) [660390] - [net] qlcnic: add eswitch statistics support (Chad Dupuis) [660390] - [net] qlcnic: fix for setting function modes (Chad Dupuis) [660390] - [net] qlcnic: device state management fixes for virtual func (Chad Dupuis) [660390] - [net] qlcnic: fix aer for virtual func (Chad Dupuis) [660390] - [net] qlcnic: using too much stack (Chad Dupuis) [660390] - [net] qlcnic: clean up qlcnic_init_pci_info (Chad Dupuis) [660390] - [net] qlcnic: fix copyright for pci searching function (Chad Dupuis) [660390] - [net] netxen: support for GbE port settings (Chad Dupuis) [660437] - [net] netxen: Notify firmware of Flex-10 interface down (Chad Dupuis) [660437] - [net] netxen: update driver version 4.0.75 (Chad Dupuis) [660437] - [net] netxen: enable LRO based on NETIF_F_LRO (Chad Dupuis) [660437] - [net] netxen: update module description (Chad Dupuis) [660437] - [net] netxen: Use static const (Chad Dupuis) [660437] - [net] netxen: remove unused firmware exports (Chad Dupuis) [660437] - [net] netxen: Fix tx queue manipulation bug in netxen_nic_probe (Chad Dupuis) [660437] - [net] netxen: make local function static (Chad Dupuis) [660437] - [net] netxen: mask correctable error (Chad Dupuis) [660437] - [net] netxen: fix race in tx stop queue (Chad Dupuis) [660437] - [net] netxen: return operator cleanup (Chad Dupuis) [660437] - [net] netxen: dont set skb->truesize (Chad Dupuis) [660437] [2.6.18-251.el5] - [net] benet: Bump up the version number (Ivan Vecera) [660389] - [net] benet: Copyright notice change. Update to Emulex instead of ServerEngines (Ivan Vecera) [660389] - [net] benet: Fix UDP packet detected status in RX compl (Ivan Vecera) [660389] - [net] benet: changes for BE3 native mode support (Ivan Vecera) [660389] - [net] benet: Add multicast filter capability for Lancer (Ivan Vecera) [660389] - [net] benet: Disarm CQ and EQ to disable interrupt in Lancer (Ivan Vecera) [660389] - [net] benet: Remove TX Queue stop in close (Ivan Vecera) [660389] - [net] benet: Change f/w command versions for Lancer (Ivan Vecera) [660389] - [net] benet: Add error recovery during load for Lancer (Ivan Vecera) [660389] - [net] benet: Checksum field valid only for TCP/UDP (Ivan Vecera) [660389] - [net] benet: Remove ERR compl workaround for Lancer (Ivan Vecera) [660389] - [net] benet: use GFP_KERNEL allocations when possible (Ivan Vecera) [660389] - [net] benet: use hba_port_num instead of port_num (Ivan Vecera) [660389] - [net] benet: add code to display temperature of ASIC (Ivan Vecera) [660389] - [net] benet: fix to ignore transparent vlan ids wrongly indicated by NIC (Ivan Vecera) [660389] - [net] benet: variable name change (Ivan Vecera) [660389] - [net] benet: fixes in ethtool selftest (Ivan Vecera) [660389] - [net] benet: add new counters to display via ethtool stats (Ivan Vecera) [660389] - [net] benet: restrict WOL to PFs only. (Ivan Vecera) [660389] - [net] benet: detect a UE even when a interface is down. (Ivan Vecera) [660389] - [net] benet: gracefully handle situations when UE is detected (Ivan Vecera) [660389] - [net] benet: fix be_suspend/resume/shutdown (Ivan Vecera) [660389] - [net] benet: pass proper hdr_size while flashing redboot. (Ivan Vecera) [660389] - [net] benet: Fix broken priority setting when vlan tagging is enabled. (Ivan Vecera) [660389] - [net] benet: Allow VFs to call be_cmd_reset_function. (Ivan Vecera) [660389] - [net] benet: pass domain numbers for pmac_add/del functions (Ivan Vecera) [660389] - [net] benet: For the VF MAC, use the OUI from current MAC address (Ivan Vecera) [660389] - [net] benet: Cleanup the VF interface handles (Ivan Vecera) [660389] - [net] benet: call be_vf_eth_addr_config() after register_netdev (Ivan Vecera) [660389] - [net] benet: Initialize and cleanup sriov resources only if pci_enable_sriov has succeeded. (Ivan Vecera) [660389] - [net] benet: Use domain id when be_cmd_if_destroy is called. (Ivan Vecera) [660389] - [net] benet: Avoid null deref in be_cmd_get_seeprom_data (Ivan Vecera) [660389] - [net] benet: use device model DMA API (Ivan Vecera) [660389] - [net] benet: remove netif_stop_queue being called before register_netdev. (Ivan Vecera) [660389] - [net] benet: fix a crash seen during insmod/rmmod test (Ivan Vecera) [660389] - [net] benet: Use static const (Ivan Vecera) [660389] - [net] benet: use mutex instead of spin lock for mbox_lock (Ivan Vecera) [660389] - [net] benet: Handle out of buffer completions for lancer (Ivan Vecera) [660389] - [net] benet: FW init cmd fix for lancer (Ivan Vecera) [660389] - [net] benet: Fix be_dev_family_check() return value check (Ivan Vecera) [660389] - [net] benet: Fix too optimistic NETIF_F_HW_CSUM features (Ivan Vecera) [660389] - [net] benet: adding support for Lancer family of CNAs (Ivan Vecera) [660389] - [net] benet: remove dead code (Ivan Vecera) [660389] - [net] benet: Changes to use only priority codes allowed by f/w (Ivan Vecera) [660389] - [net] benet: add multiple RX queue support (Ivan Vecera) [660389] - [net] benet: fix tx completion polling (Ivan Vecera) [660389] - [net] benet: use Rx and Tx queues like upstream (Ivan Vecera) [660389] - [net] benet: return operator cleanup (Ivan Vecera) [660389] - [net] benet: fix a bug in UE detection logic (Ivan Vecera) [660389] - [net] benet: fix net-snmp error because of wrong packet stats (Ivan Vecera) [660389] - [net] benet: stats for packets received due to internal switching in ASIC. (Ivan Vecera) [660389] - [net] benet: fix to avoid sending get_stats request if one is already being processed. (Ivan Vecera) [660389] - [net] benet: change to show correct physical link status (Ivan Vecera) [660389] - [net] benet: add code to dump registers for debug (Ivan Vecera) [660389] - [net] benet: bump the driver version number (Ivan Vecera) [660389] - [net] benet: variable name changes (Ivan Vecera) [660389] - [net] benet: supress printing error when mac query fails for VF (Ivan Vecera) [660389] - [net] benet: Patch to determine if function is VF while running in guest OS. (Ivan Vecera) [660389] - [net] benet: enable ipv6 tso support (Ivan Vecera) [660389] - [net] benet: fix typos concerning management (Ivan Vecera) [660389] - [net] benet: Remove unnecessary returns from void functions (Ivan Vecera) [660389] - [net] benet: use skb_headlen() (Ivan Vecera) [660389] - [net] benet: clarify promiscuous cmd with a comment (Ivan Vecera) [660389] - [net] benet: Fix compile warnnings in drivers/net/benet/be_ethtool.c (Ivan Vecera) [660389] - [net] ixgbe: update to upstream version 3.2.9-k2 (Andy Gospodarek) [568312 568557 570366 571254 651467 653236 653359 653469 655022] - [misc] vlan: Add function to get EtherType from vlan packets (Andy Gospodarek) [568312 568557 570366 571254 651467 653236 653359 653469 655022] - [net] support for NETIF_F_HIGHDMA on vlan interfaces (Andy Gospodarek) [568312 568557 570366 571254 651467 653236 653359 653469 655022] - [scsi] bnx2i: Updated to version 2.6.2.3 (Mike Christie) [660406] - [scsi] bnx2i: Updated version to 2.6.2.2 (Mike Christie) [660406] - [scsi] bnx2i: Added iSCSI text pdu support for iSCSI offload (Mike Christie) [660406] - [scsi] bnx2i: Added jumbo MTU support for the no shost case (Mike Christie) [660406] - [scsi] bnx2i: Added support for the 57712(E) devices (Mike Christie) [660406] - [scsi] bnx2i: Added handling for unsupported iSCSI offload hba (Mike Christie) [660406] - [scsi] bnx2i: Fixed the 32-bit swapping of the LUN field for nopouts for 5771X (Mike Christie) [660406] - [scsi] bnx2i: Allow ep CONNECT_FAILED condition to go through proper cleanup (Mike Christie) [660406] - [scsi] bnx2i: Added reconnect fix connecting against Lefthand targets (Mike Christie) [660406] - [scsi] bnx2i: Cleaned up various error conditions in ep_connect/disconnect (Mike Christie) [660406] - [scsi] bnx2i: Added return code check for chip kwqe submission request (Mike Christie) [660406] - [scsi] bnx2i: Modified the bnx2i stop path to compensate for in progress ops (Mike Christie) [660406] - [scsi] bnx2i: Removed the dynamic registration of CNIC (Mike Christie) [660406] - [scsi] bnx2i: Added mutex lock protection to conn_get_param (Mike Christie) [660406] - [net] cnic: Fix lost interrupt on bnx2x (Mike Christie) [660430] - [net] cnic: Prevent status block race conditions with hardware (Mike Christie) [660430] - [net] bnx2x, cnic: Consolidate iSCSI/FCoE shared mem logic in bnx2x (Mike Christie) [660430] - [net] cnic: Fix the type field in SPQ messages (Mike Christie) [660430] - [net] cnic: Do not call bnx2i when bnx2i is calling cnic_unregister_driver() (Mike Christie) [660430] - [net] cnic: Do not allow iSCSI and FCoE on bnx2x multi-function mode (Mike Christie) [660430] - [net] cnic: fix mem leak on alloc fail in cnic_alloc_uio_rings (Mike Christie) [660430] - [net] cnic: Add FCoE support on 57712 (Mike Christie) [660430] - [net] cnic: Add kcq2 support on 57712 (Mike Christie) [660430] - [net] cnic: Call cm_connect_complete() immediately on error (Mike Christie) [660430] - [net] cnic: Check device state before reading the kcq pointer in IRQ (Mike Christie) [660430] - [net] cnic: Support NIC Partition mode (Mike Christie) [660430] - [net] cnic: Use proper client and connection IDs on iSCSI ring (Mike Christie) [660430] - [net] cnic: Improve ->iscsi_nl_msg_send() (Mike Christie) [660430] - [net] cnic: Prevent 'scheduling while atomic' when calling ->cnic_init() (Mike Christie) [660430] - [net] cnic: Fix iSCSI TCP port endian order. (Mike Christie) [660430] - [net] cnic: Remove unnecessary semicolons (Mike Christie) [660430] - [net] cnic: Add support for 57712 device (Mike Christie) [660430] - [net] cnic: Decouple uio close from cnic shutdown (Mike Christie) [660430] - [net] cnic: Add cnic_uio_dev struct (Mike Christie) [660430] - [net] cnic: Add cnic_free_uio() (Mike Christie) [660430] - [net] cnic: Defer iscsi connection cleanup (Mike Christie) [660430] - [net] cnic: Add cnic_bnx2x_destroy_ramrod() (Mike Christie) [660430] - [net] cnic: Convert ctx_flags to bit fields (Mike Christie) [660430] - [net] cnic: Add common cnic_request_irq() (Mike Christie) [660430] - [net] bnx2x, cnic: Fix SPQ return credit (Mike Christie) [660430] - [char] Enable and extend Legacy PTY support for 4096 device pairs (Mauro Carvalho Chehab) [582776] - [fs] ioctl: make fiemap map at least a blocksize amount (Josef Bacik) [663041] - [net] forcedeth/r8169: call netif_carrier_off at end of probe (Ivan Vecera) [664705 664707] - [net] ixgbevf: update to upstream version 2.0.0-k2 (Andy Gospodarek) [653237] - [net] e1000e: update to upstream version 1.3.10 (Andy Gospodarek) [653242 653548] - [x86] amd: Extend support to future families (Frank Arnold) [682835] - [x86] smpboot: Use compute unit info to determine thread siblings (Frank Arnold) [682835] - [x86] amd: Extract compute unit information for AMD CPUs (Frank Arnold) [682835] - [x86] amd: Add support for CPUID topology extension of AMD CPUs (Frank Arnold) [682835] - [x86] cpufeature: Update AMD CPUID feature bits (Frank Arnold) [682835] - [x86_64] Support NMI watchdog on newer AMD CPU families (Frank Arnold) [682835] - [net] ixgbe: fix for 82599 erratum on Header Splitting (Andy Gospodarek) [680531] - [net] ixgbe: limit VF access to network traffic (Andy Gospodarek) [680531] - [net] igbvf driver update for RHEL5.7 (Stefan Assmann) [653241] - [fs] ext3: Always set dx_nodes fake_dirent explicitly (Eric Sandeen) [662838] - [virt] xen/netback: signal front-end close event via udev (Paolo Bonzini) [661985] - [net] bnx2x: fix swap of rx-ticks and tx-ticks parameters in interrupt coalescing flow (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: fix MaxBW configuration (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: (NPAR) prevent HW access in D3 state (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: fix link notification (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: fix non-pmf device load flow (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: update driver version to 1.62.00-6 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: properly calculate lro_mss (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: perform statistics 'action' before state transition. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: properly configure coefficients for MinBW algorithm (NPAR mode). (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix ethtool -t link test for MF (non-pmf) devices. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix nvram test for single port devices. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: (NPAR mode) Fix FW initialization (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Add a missing bit for PXP parity register of 57712. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Duplication in promisc mode (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: multicasts in NPAR mode (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Update bnx2x version to 1.62.00-5 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix potential link loss in multi-function mode (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix port swap for BCM8073 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix LED blink rate on BCM84823 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Remove setting XAUI low-power for BCM8073 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Update bnx2x version to 1.62.00-4 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix AER setting for BCM57712 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix BCM84823 LED behavior (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Mark full duplex on some external PHYs (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix BCM8073/BCM8727 microcode loading (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: LED fix for BCM8727 over BCM57712 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Common init will be executed only once after POR (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Swap BCM8073 PHY polarity if required (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: fix typos (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix the race on bp->stats_pending. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Move to D0 before clearing MSI/MSI-X configuration. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: registers dump fixes (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Dont prevent RSS configuration in INT#x and MSI interrupt modes. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: adding dcbnl support (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Use static const (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: remove bogus check (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: update version to 1.62.00-2 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: update firmware to 6.2.5.0 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: bnx2x_request_firmware update for 6.2.5.0 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: replace FW to 6.2.5 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Add DCB/PFC support - link layer (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: add DCB support (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Disable FCoE ring, NETDEV_HW_ADDR_T_SAN for RHEL5.7. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: add FCoE ring (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Update version number and a date. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fixed a compilation warning (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Use dma_alloc_coherent() semantics for ILT memory allocation (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: LSO code was broken on BE platforms (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Add Nic partitioning mode (57712 devices) (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Use helpers instead of direct access to the shinfo(skb) fields (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Do interrupt mode initialization and NAPIs adding before register_netdev() (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Disable local BHes to prevent a dead-lock situation (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: fix error value sign (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Remove unnecessary semicolons (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Update version number (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Reset 8073 phy during common init (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Do not enable CL37 BAM unless it is explicitly enabled (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix resetting BCM8726 PHY during common init (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Clear latch indication on link reset (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix port selection in case of E2 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix waiting for reset complete on BCM848x3 PHYs (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Restore appropriate delay during BMAC reset (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: make local function static and remove dead code (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: remove BCM_VLAN (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Dont check for vlan group before vlan_tx_tag_present. (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: update version to 1.60.00-3 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: prevent false parity error in MSI-X memory of HC block (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: fix possible deadlock in HC hw block (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: update version to 1.60.00-2 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: remove unnecessary FUNC_FLG_RSS flag and related (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Use correct FW constant for header padding (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: do not deal with power if no capability (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: remove redundant commands during error handling (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Optimized the branching in the bnx2x_rx_int() (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fixing a typo: added a missing RSS enablement (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: update version to 1.60.00-1 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: properly initialize FW stats (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: code beautify (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix SPQ return credit (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: move msix table initialization to probe() (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: use L1_CACHE_BYTES instead of magic number (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: remove unused fields in main driver structure (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: remove unused parameter in reuse_rx_skb() (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Add 57712 support (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: change type of spq_left to atomic (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Protect statistics ramrod and sequence number (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: rename MF related fields (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: firmware naming from upstream (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: whitespaces like in upstream, remove some #if0 lines (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: use netdev_for_each_mc_addr (Michal Schmidt) [629609 651546 653357 656360] - [misc] netdevice.h: add netdev_mc_count (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: use trivial wrappers around get_sset_count (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: remove a few pointless differences from upstream (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: bnx2x_alloc_napi cleanup, caller more similar to upstream (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: remove bnx2x_init_values.h (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x, cnic, bnx2i: use new FW/HSI (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Moved enabling of MSI to the bnx2x_set_num_queues() (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Use netif_set_real_num_{rx, tx}_queues() (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: return operator cleanup (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Spread rx buffers between allocated queues (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: use ARRAY_SIZE macro in bnx2x_main.c (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Update bnx2x version to 1.52.53-6 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Change LED scheme for dual-media (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Add dual-media changes (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Organize PHY functions (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Apply logic changes for the new scheme (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Move common function into aggregated function (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Adjust flow-control with the new scheme (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Adjust alignment of split PHY functions (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Split PHY functions (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Unify PHY attributes (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: avoid skb->ip_summed initialization (Michal Schmidt) [629609 651546 653357 656360] - [net] skbuff: add skb_checksum_none_assert (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Update version to 1.52.53-5 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Add BCM84823 to the supported PHYs (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Change BCM848xx LED configuration (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Remove unneeded setting of XAUI low power to BCM8727 (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Change BCM848xx configuration according to IEEE (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Reset link before any new link settings (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix potential link issue In BCM8727 based boards (Michal Schmidt) [629609 651546 653357 656360] - [net] bnx2x: Fix potential link issue of BCM8073/BCM8727 (Michal Schmidt) [629609 651546 653357 656360] - Revert: [net] bnx2x: force interrupt mode for iscsi unset mac (Michal Schmidt) [629609 651546 653357 656360] - [net] ipv4: make accept_local writeable for loopback (Neil Horman) [672570] - [net] bnx2: Update to latest upstream for RHEL5.7 (Neil Horman) [651438 660375] - [pci] backport common vpd support functions (Neil Horman) [683978] - [net] e1000: fix sparse warning (Dean Nelson) [571889 653248 653546] - [net] e1000: add support for Marvell Alaska M88E1118R PHY (Dean Nelson) [571889 653248 653546] - [net] e1000: Add support for the CE4100 reference platform (Dean Nelson) [571889 653248 653546] - [net] e1000: fix return value not set on error (Dean Nelson) [571889 653248 653546] - [net] e1000: fix Tx hangs by disabling 64-bit DMA (Dean Nelson) [571889 653248 653546] - [net] e1000: allow option to limit number of descriptors down to 48 per ring (Dean Nelson) [571889 653248 653546] - [net] e1000: Use new function for copybreak tests (Dean Nelson) [571889 653248 653546] - [net] e1000: do not modify tx_queue_len on link speed change (Dean Nelson) [571889 653248 653546] - [net] e1000: Fix DMA mapping error handling on RX (Dean Nelson) [571889 653248 653546] - [net] e1000: call pci_save_state after pci_restore_state (Dean Nelson) [571889 653248 653546] - [net] e1000: dont use small hardware rx buffers (Dean Nelson) [571889 653248 653546] - [fs] gfs2: directly write blocks past i_size (Benjamin Marzinski) [684371] - [fs] gfs2: fix block allocation check for fallocate (Benjamin Marzinski) [684024] - [redhat] spec: trim srpm size and vastly improve prep time (Jarod Wilson) [687950] [2.6.18-250.el5] - [block] cciss: use short tags where supported (Tomas Henzl) [656343] - [block] cciss: Fix memory leak in cciss_sysfs_stat_inquiry (Tomas Henzl) [656343] - [block] cciss: do not reorder commands in internal queue (Tomas Henzl) [656343] - [block] cciss: add another controller 0x103C3356 (Tomas Henzl) [656343] - [block] cciss: fix panic in cciss_revalidate (Tomas Henzl) [656343] - [block] cciss: Do not remove /proc entry if we never created it (Tomas Henzl) [656343] - [block] cciss: do not leak stack to userland (Tomas Henzl) [656343] - [block] cciss: catch kmalloc failure of h->scatter_list (Tomas Henzl) [656343] - [block] cciss: fix missed command status value CMD_UNABORTABLE (Tomas Henzl) [656343] - [block] cciss: remove ifdefed out interrupt_not_for_us (Tomas Henzl) [656343] - [block] cciss: change printks to dev_warn (Tomas Henzl) [656343] - [block] cciss: use consistent variable names (Tomas Henzl) [656343] - [block] cciss: mark performant mode function as __devinit (Tomas Henzl) [656343] - [block] cciss: cleanup some debug ifdefs (Tomas Henzl) [656343] - [block] cciss: fix leak of ioremapped memory in init error path (Tomas Henzl) [656343] - [block] cciss: Fix panic in multipath configurations (Tomas Henzl) [656343] - [message] mptfusion: version update to 3.04.18rh (Tomas Henzl) [662160] - [message] mptfusion: Incorrect return value in mptscsih_dev_reset (Tomas Henzl) [662160] - [message] mptfusion: remove bus reset (Tomas Henzl) [662160] - [message] mptfusion: 3gbps - 6gbps (Tomas Henzl) [662160] - [message] mptfusion: sysfs sas addr handle (Tomas Henzl) [662160] - [message] mptfusion: Fix 32 bit platforms with 64 bit resources (Tomas Henzl) [662160] - [message] mptfusion: use module_param correctly (Tomas Henzl) [662160] - [message] mptfusion: Adjust confusing if indentation (Tomas Henzl) [662160] - [message] mptfusion: print Doorbell reg on hard reset and timeout (Tomas Henzl) [662160] - [message] mptfusion: Cleanup some duplicate calls in mptbase.c (Tomas Henzl) [662160] - [message] mptfusion: Extra DMD error handling debug prints (Tomas Henzl) [662160] - [message] mptfusion: block errors if deleting devices or DMD (Tomas Henzl) [662160] - [message] mptfusion: add ioc_reset_in_progress reset in SoftReset (Tomas Henzl) [662160] - [message] mptfusion: handle SATA hotplug failure (Tomas Henzl) [662160] - [message] mptfusion: schedule_target_reset from all Reset context (Tomas Henzl) [662160] - [message] mptfusion: sanity check for device before adding to OS (Tomas Henzl) [662160] - [message] mptfusion: fix declaration of device_missing_delay (Tomas Henzl) [662160] - [message] mptfusion: DID_TRANSPORT_DISRUPTED, not DID_BUS_BUSY (Tomas Henzl) [662160] - [message] mptfusion: Set fw_events_off to 1 at driver load time (Tomas Henzl) [662160] - [scsi] mpt2sas: version change to 08.101.00.00 (Tomas Henzl) [662153] - [scsi] mpt2sas: Call _scsih_ir_shutdown before reporting to OS (Tomas Henzl) [662153] - [scsi] mpt2sas: Basic Code Cleanup in mpt2sas_base (Tomas Henzl) [662153] - [scsi] mpt2sas: fix access to freed memory from port enable (Tomas Henzl) [662153] - [scsi] mpt2sas: Fix race between broadcast asyn event (Tomas Henzl) [662153] - [scsi] mpt2sas: support for Customer specific branding messages (Tomas Henzl) [662153] - [scsi] mpt2sas: Revision P MPI Header Update (Tomas Henzl) [662153] - [scsi] mpt2sas: Correct resizing calculation for max_queue_depth (Tomas Henzl) [662153] - [scsi] mpt2sas: device reset event not supported on old firmware (Tomas Henzl) [662153] - [scsi] mpt2sas: fix device removal handshake with vacant bit set (Tomas Henzl) [662153] - [scsi] mpt2sas: Debug string changes from target to device (Tomas Henzl) [662153] - [scsi] mpt2sas: Remove code for TASK_SET_FULL from driver (Tomas Henzl) [662153] - [scsi] mpt2sas: MPI2.0 Header updated (Tomas Henzl) [662153] - [scsi] mpt2sas: Modify code to support Expander switch (Tomas Henzl) [662153] - [scsi] mpt2sas: create pool of chain buffers for IO (Tomas Henzl) [662153] - [scsi] mpt2sas: add loadtime params for IOMissingDelay and params (Tomas Henzl) [662153] - [scsi] mpt2sas: add sanity check for cb_idx and smid access (Tomas Henzl) [662153] - [scsi] mpt2sas: remov compiler warnnings when logging is disabled (Tomas Henzl) [662153] - [scsi] mpt2sas: Copy message frame before releasing (Tomas Henzl) [662153] - [scsi] mpt2sas: Copy sense buffer to work on it (Tomas Henzl) [662153] - [scsi] mpt2sas: Add message to error escalation callback (Tomas Henzl) [662153] - [scsi] mpt2sas: Add check for responding volumes after Host Reset (Tomas Henzl) [662153] - [scsi] mpt2sas: add ENOMEM return type when allocation fails (Tomas Henzl) [662153] - [scsi] mpt2sas: device event handling using pd_handles per HBA (Tomas Henzl) [662153] - [scsi] mpt2sas: Tie a log info message to a specific PHY (Tomas Henzl) [662153] - [scsi] mpt2sas: print level KERN_DEBUG is replaced by KERN_INFO (Tomas Henzl) [662153] - [scsi] mpt2sas: add sysfs support for tracebuffer (Tomas Henzl) [662153] - [scsi] mpt2sas: MPI header version N is updated (Tomas Henzl) [662153] - [scsi] mpt2sas: add sysfs counter for ioc reset (Tomas Henzl) [662153] - [scsi] mpt2sas: add expander phy control support (Tomas Henzl) [662153] - [scsi] mpt2sas: add expander phy counter support (Tomas Henzl) [662153] - [scsi] mpt2sas: add disable_discovery module parameter (Tomas Henzl) [662153] - [scsi] mpt2sas: dont reset when another reset is in progress (Tomas Henzl) [662153] - [net] ip_conntrack_ftp: fix tracking of sequence numbers (Thomas Graf) [642388] - [fs] gfs2: add missing unlock_page in gfs2_write_begin (Steven Whitehouse) [684795] - [powerpc] numa: improved kABI breakage fix in paca struct (Steve Best) [651167] - [fs] gfs2: Make delayed workqueues submit immediately if delay 0 (Robert S Peterson) [650494] - [fs] gfs2: improve performance with bouncing locks in a cluster (Robert S Peterson) [650494] - [net] s2io: rx_ring_sz bounds checking (Michal Schmidt) [491786] - [net] s2io: resolve statistics issues (Michal Schmidt) [598650] - [scsi] iscsi: use kmap instead of kmap_atomic (Mike Christie) [672115] - [block] reduce stack footprint of blk_recount_segments() (Jeff Moyer) [638988] - [block] fix nr_phys_segments miscalculation bug (Jeff Moyer) [638988] - [block] raid fixups for removal of bi_hw_segments (Jeff Moyer) [638988] - [block] drop vmerge accounting (Jeff Moyer) [638988] - [block] drop virtual merging accounting (Jeff Moyer) [638988] - [block] Introduce rq_for_each_segment replacing rq_for_each_bio (Jeff Moyer) [638988] - [block] Merge blk_recount_segments into blk_recalc_rq_segments (Jeff Moyer) [638988] - [fs] Fix over-zealous flush_disk changing device size (Jeff Moyer) [678359] - [fs] lockd: make lockd_down wait for lockd to come down (Jeff Layton) [653286] - [net] sunrpc: Dont disconnect if connection in progress (Jeff Layton) [680329] - [fs] fix block based fiemap (Josef Bacik) [675986] - [fs] proc: protect mm start_/end_code in /proc/pid/stat (Eugene Teo) [684571] {CVE-2011-0726} - [net] dccp: fix oops in dccp_rcv_state_process (Eugene Teo) [682956] {CVE-2011-1093} - [scsi] libsas: fix bug for vacant phy (David Milburn) [676423] - [scsi] libsas: do not set res = 0 in sas_ex_discover_dev (David Milburn) [676423] - [scsi] libsas: fix wide port hotplug issues (David Milburn) [676423] - [scsi] libsas: fixup kABI breakage (David Milburn) [676423] - [scsi] libsas: no commands to hot-removed devices (David Milburn) [676423] - [scsi] libsas: transport-level facility to req SAS addrs (David Milburn) [676423] - [scsi] libsas: misc fixes to the eh path (David Milburn) [676423] - [scsi] libsas: correctly flush LU queue on error recovery (David Milburn) [676423] - [scsi] libsas: fix error handling (David Milburn) [676423] - [scsi] libsas: fix sense_buffer overrun (David Milburn) [676423] - [scsi] libsas: reuse orig port hotplugging phys wide port (David Milburn) [676423] - [scsi] libsas: fix NCQ mixing with non-NCQ (David Milburn) [676423] - [scsi] libsas: fix endianness bug in sas_ata (David Milburn) [676423] - [scsi] libsas: dont use made up error codes (David Milburn) [676423] - [net] bluetooth: fix bnep buffer overflow (Don Howard) [681319] {CVE-2011-1079} - [pci] intel-iommu: Fix get_domain_for_dev() error path (Alex Williamson) [688646] - [pci] intel-iommu: Unlink domain from iommu (Alex Williamson) [688646] - [redhat] spec: assorted cleanup and streamlining [2.6.18-249.el5] - [md] dm-mpath: avoid storing private suspended state (Mike Snitzer) [678670] - [md] dm-mpath: reject messages when device is suspended (Mike Snitzer) [678670] - [md] dm: export suspended state to targets (Mike Snitzer) [678670] - [md] dm: rename dm_suspended to dm_suspended_md (Mike Snitzer) [678670] - [md] dm: swap postsuspend call and setting suspended flag (Mike Snitzer) [678670] - [md] dm-ioctl: retrieve status from inactive table (Mike Snitzer) [678670] - [md] dm: rename dm_get_table to dm_get_live_table (Mike Snitzer) [678670] - [md] dm-stripe: avoid div by 0 with invalid stripe count (Mike Snitzer) [678670] - [md] dm-ioctl: forbid messages to devices being deleted (Mike Snitzer) [678670] - [md] dm: add dm_deleting_md function (Mike Snitzer) [678670] - [md] dm: dec_pending needs locking to save error value (Mike Snitzer) [678670] - [md] dm-raid1: keep retrying alloc if mempool_alloc fails (Mike Snitzer) [678670] - [md] dm-table: fix upgrade mode race (Mike Snitzer) [678670] - [md] dm-io: respect BIO_MAX_PAGES limit (Mike Snitzer) [678670] - [md] dm-ioctl: validate name length when renaming (Mike Snitzer) [678670] - [md] dm-log: fix dm_io_client leak on error paths (Mike Snitzer) [678670] - [md] dm: avoid destroying table in dm_any_congested (Mike Snitzer) [678670] - [md] dm-raid1: fix leakage (Mike Snitzer) [678670] - [md] dm-mpath: validate hw_handler argument count (Mike Snitzer) [678670] - [md] dm-mpath: validate table argument count (Mike Snitzer) [678670] - [md] dm-mpath: fix NULL deref when path parameter missing (Mike Snitzer) [673058] - [md] dm-mpath: wait for pg_init completion on suspend (Mike Snitzer) [673058] - [md] dm-mpath: hold io until all pg_inits completed (Mike Snitzer) [673058] - [md] dm-mpath: skip activate_path for failed paths (Mike Snitzer) [673058] - [md] dm-mpath: pass struct pgpath to pg init done (Mike Snitzer) [673058] - [md] dm-mpath: prevent io from work queue while suspended (Mike Snitzer) [673058] - [md] dm-mpath: add mutex to sync adding and flushing work (Mike Snitzer) [673058] - [md] dm-mpath: flush workqueues before suspend completes (Mike Snitzer) [673058] - [powerpc] numa: Fix kABI breakage in paca struct (Steve Best) [651167] - [powerpc] Disable VPHN polling during a suspend operation (Steve Best) [651167] - [powerpc] mm: Poll VPA for topo changes, update NUMA maps (Steve Best) [651167] - [powerpc] Add VPHN firmware feature (Steve Best) [651167] with external journal (Lukas Czerner) [652321] - [fs] nfs: wait for COMMIT RPC complete before task put (Jeff Layton) [441730] - [fs] nfs: ->flush and ->fsync should use FLUSH_SYNC (Jeff Layton) [441730] - [net] sunrpc: fix race in __rpc_wait_for_completion_task (Jeff Layton) [441730] - [fs] nfs: Ensure proper cleanup on rpc_run_task fail (Jeff Layton) [441730] - [fs] nfs: clean up the unstable write code (Jeff Layton) [441730] - [fs] nfs: Dont use ClearPageUptodate if writeback fails (Jeff Layton) [441730] - [fs] nfs: Fix an unstable write data integrity race (Jeff Layton) [441730] - [fs] nfs: make sure WRITE and COMMIT are uninterruptible (Jeff Layton) [441730] - [fs] nfs: change how FLUSH_STABLE flag is used (Jeff Layton) [441730] - [mm] writeback: fix queue handling in blk_congestion_wait (Jeff Layton) [516490] - [fs] nfs: clean up nfs congestion control (Jeff Layton) [516490] - [block] Add real API for dealing with blk_congestion_wait (Jeff Layton) [516490] - [fs] nfs: kswapd must not block in nfs_release_page (Jeff Layton) [516490] - [fs] nfs: Prevent another deadlock in nfs_release_page (Jeff Layton) [516490] - [fs] nfs: Try commit unstable writes in nfs_release_page (Jeff Layton) [516490] - [fs] nfs: Add debugging facility for NFS aops (Jeff Layton) [516490] - [fs] nfs: Fix race in nfs_release_page() (Jeff Layton) [516490] - [fs] nfs: Fix nfs_release_page (Jeff Layton) [516490] - [fs] nfs: reduce number of unnecessary commit calls (Jeff Layton) [516490] - [fs] nfs: nfs_writepages() cleanup (Jeff Layton) [516490] [2.6.18-248.el5] - [virt] xen: make more room for event channel IRQs (Paolo Bonzini) [650838] - [message] mptfusion: fix msgContext in mptctl_hp_hostinfo (Tomas Henzl) [646513] - [net] ipv6: Add GSO support on forwarding path (Thomas Graf) [648572] - [net] tc: Ignore noqueue_qdisc default qdisc when dumping (Thomas Graf) [627850] - [serial] 8250_pci: add support for PowerPC PLX 8250 (Steve Best) [651431] - [scsi] ibmveth: Free irq on error path (Steve Best) [651872] - [scsi] ibmveth: Cleanup error handling in ibmveth_open (Steve Best) [651872] - [scsi] ibmveth: Remove some unnecessary include files (Steve Best) [651872] - [scsi] ibmveth: Convert driver specific assert to BUG_ON (Steve Best) [651872] - [scsi] ibmveth: Return -EINVAL on all ->probe errors (Steve Best) [651872] - [scsi] ibmveth: Some formatting fixes (Steve Best) [651872] - [scsi] ibmveth: Remove redundant function prototypes (Steve Best) [651872] - [scsi] ibmveth: Convert to netdev_alloc_skb (Steve Best) [651872] - [scsi] ibmveth: Remove dupe checksum offload setup code (Steve Best) [651872] - [scsi] ibmveth: Add optional flush of rx buffer (Steve Best) [651872] - [scsi] ibmveth: Add scatter-gather support (Steve Best) [651872] - [scsi] ibmveth: Add rx_copybreak (Steve Best) [651872] - [scsi] ibmveth: Add tx_copybreak (Steve Best) [651872] - [scsi] ibmveth: Remove LLTX (Steve Best) [651872] - [scsi] ibmveth: batch rx buffer replacement (Steve Best) [651872] - [scsi] ibmveth: Remove integer divide caused by modulus (Steve Best) [651872] - [fs] gfs2: creating large files suddenly slow to a crawl (Robert S Peterson) [683155] - [virt] xen: performance improvement for 32-bit domains (Paolo Bonzini) [390451] - [fs] nfs: fix use of slab allocd pages in skb frag list (Neil Horman) [682643] {CVE-2011-1090} - [net] af_packet: allow multicast traffic on bond ORIGDEV (Jiri Pirko) [579000] - [net] af_packet: option to return orig_dev to userspace (Jiri Pirko) [579000] - [fs] nfs: back out the FS-Cache patches (Jeff Layton) [631950] - [x86_64]: fix section mismatches in kernel setup (Frank Arnold) [683078] - [char] tty_audit: fix live lock on audit disabled (Danny Feng) [679563] - [s390] remove task_show_regs (Danny Feng) [677853] {CVE-2011-0710} - [scsi] qla2xxx: Query proper reg bits to determine state (Chad Dupuis) [537277] - [scsi] qla2xxx: update version to 8.03.07.00.05.07 (Chad Dupuis) [660386] - [scsi] qla2xxx: online ISP82XX for commands completion (Chad Dupuis) [660386] - [scsi] qla2xxx: fix tagging modifier while executing IOs (Chad Dupuis) [660386] - [scsi] qla2xxx: fix FCP_RSP response-info check after TMF (Chad Dupuis) [660386] - [scsi] qla2xxx: no reset/fw-dump on CT/ELS pt req timeout (Chad Dupuis) [660386] - [scsi] qla2xxx: return all loopback mbox out regs to API (Chad Dupuis) [660386] - [scsi] qla2xxx: fix IO failure during chip reset (Chad Dupuis) [660386] - [scsi] qla2xxx: show mbox reg 4 in 8012 AEN on ISP82XX (Chad Dupuis) [660386] - [scsi] qla2xxx: show more mailbox regs during AEN handle (Chad Dupuis) [660386] - [scsi] qla2xxx: no BIG_HAMMER if 0x20 cmd fails on CNAs (Chad Dupuis) [660386] - [scsi] qla2xxx: Remove redundant modparam permission bits (Chad Dupuis) [660386] - [scsi] qla2xxx: set right ret val in qla2xxx_eh_abort (Chad Dupuis) [660386] - [scsi] qla2xxx: set FCP prio info to firmware before IOs (Chad Dupuis) [660386] - [scsi] qla2xxx: Memory wedge with peg_halt test in loop (Chad Dupuis) [660386] - [scsi] qla2xxx: populate FCP_PRIO loc for no flt case (Chad Dupuis) [660386] - [scsi] qla2xxx: avoid SCSI host_lock dep in queuecommand (Chad Dupuis) [660386] - [scsi] qla2xxx: drop srb ref before wait for completion (Chad Dupuis) [660386] - [scsi] qla2xxx: log FCP priority data messages (Chad Dupuis) [660386] - [scsi] qla2xxx: add sysfs node for board temperature (Chad Dupuis) [660386] - [scsi] qla2xxx: fix check for need quiescence state (Chad Dupuis) [660386] - [scsi] qla2xxx: clear local rport refs on timeout from FC (Chad Dupuis) [660386] - [scsi] qla2xxx: remove unwanted check for bad spd (Chad Dupuis) [660386] - [scsi] qla2xxx: no continuous log when dontreset is set (Chad Dupuis) [660386] - [scsi] qla2xxx: quiescence mode support for ISP82xx (Chad Dupuis) [660386] - [virtio] console: no device_destroy on port device (Amit Shah) [681179] - [virtio] console: dont access vqs if device unplugged (Amit Shah) [681179] - [virtio] pci: fix config change oops w/no driver loaded (Amit Shah) [681179] - [xen] hap: preserve domain context (Radim Krcmar) [678571] [2.6.18-247.el5] - [mm] set barrier and send tlb flush to all affected cpus (Prarit Bhargava) [675793] - [misc] vdso: export wall_to_monotonic (Prarit Bhargava) [675727] - [mm] add vzalloc and vzalloc_node helpers (Neil Horman) [681303] - [fs] add lockd endianness annotations (Jeff Layton) [526829] - [misc] add key_revoke() dummy for KEYS=n (Jeff Layton) [640891] - [fs] nfs: Fix a use-after-free case in nfs_async_rename() (Jeff Layton) [511901] - [fs] nfs: make sillyrename an async operation (Jeff Layton) [511901] - [fs] nfs: move nfs_sillyrename to unlink.c (Jeff Layton) [511901] - [fs] nfs: standardize the rename response container (Jeff Layton) [511901] - [fs] nfs: standardize the rename args container (Jeff Layton) [511901] - [scsi] scsi_dh_emc: Set request flags consistently (Dave Wysochanski) [670367] - [i2c] i2c-i801: Add PCI idents for Patsburg 'IDF' devices (David Milburn) [651513] - [i2c] i2c-i801: Handle multiple instances properly (David Milburn) [651513] - [i2c] i2c-i801: Dont use block buffer for block writes (David Milburn) [651513] - [i2c] i2c-i801: Fix handling of error conditions (David Milburn) [651513] - [i2c] i2c-i801: Rename local variable temp to status (David Milburn) [651513] - [i2c] i2c-i801: Properly report bus arbitration loss (David Milburn) [651513] - [i2c] i2c-i801: Remove verbose debugging messages (David Milburn) [651513] - [i2c] i2c-i801: Implement I2C block read support (David Milburn) [651513] - [i2c] i2c-i801: Clear special mode bits as needed (David Milburn) [651513] - [i2c] i2c-i801: More explicit names for chip features (David Milburn) [651513] - [i2c] i2c-i801: Use the internal 32-byte buffer on ICH4+ (David Milburn) [651513] - [i2c] i2c-i801: Various cleanups (David Milburn) [651513] - [fs] xfs: disable CONFIG_XFS_DEBUG on kernel-debug (Dave Chinner) [658012] - [fs] xfs: remove cmn_err log buffer and lock (Dave Chinner) [658012] - [fs] fix select/poll timeout overflow (Bob Picco) [591607] - [x86_64] Use u32, not long, to set reset vector back to 0 (Don Zickus) [675258] - [net] sctp: fix race allowing access before full init (Neil Horman) [465876] - [xen] gdbsx: hypervisor part backport (Radim Krcmar) [678618] - [xen] add arch/x86/debug.c, debugger routines (Radim Krcmar) [678618] - [xen] x86/vmx: making TRAP_debug and TRAP_int3 useful (Radim Krcmar) [678618] [2.6.18-246.el5] - [net] bridge: restore ebt ksym versions (Herbert Xu) [626659] - [net] bridge: Fix mglist corruption (Herbert Xu) [506630] - [net] Fix IGMP3 report parsing (Herbert Xu) [506630] - [net] bridge: Fix IGMPv3 report parsing (Herbert Xu) [506630] - [net] bridge: Fix skb leak in multicast TX parse fail (Herbert Xu) [506630] - [net] bridge: Fix OOM crash in deliver_clone (Herbert Xu) [506630] - [net] bridge: Make first arg to deliver_clone const (Herbert Xu) [506630] - [net] bridge: Fix build error w/IGMP_SNOOPING not enabled (Herbert Xu) [506630] - [net] bridge: Add multicast count/interval sysfs entries (Herbert Xu) [506630] - [net] bridge: Add hash elasticity/max sysfs entries (Herbert Xu) [506630] - [net] bridge: Add multicast_snooping sysfs toggle (Herbert Xu) [506630] - [net] bridge: Add multicast_router sysfs entries (Herbert Xu) [506630] - [net] bridge: Add multicast data-path hooks (Herbert Xu) [506630] - [net] bridge: Add multicast start/stop hooks (Herbert Xu) [506630] - [net] bridge: Add multicast forwarding functions (Herbert Xu) [506630] - [net] bridge: Move NULL mdb check into br_mdb_ip_get (Herbert Xu) [506630] - [net] bridge: ensure br_multicast_query error path unlock (Herbert Xu) [506630] - [net] bridge: Fix RCU race in br_multicast_stop (Herbert Xu) [506630] - [net] bridge: Use RCU list primitive in __br_mdb_ip_get (Herbert Xu) [506630] - [net] bridge: cleanup: remove unneed check (Herbert Xu) [506630] - [net] bridge: depends on INET (Herbert Xu) [506630] - [net] bridge: Make IGMP snooping depend upon BRIDGE. (Herbert Xu) [506630] - [net] bridge: Add core IGMP snooping support (Herbert Xu) [506630] - [net] bridge: Fix br_forward crash in promiscuous mode (Herbert Xu) [506630] - [net] bridge: Split may_deliver/deliver_clone out (Herbert Xu) [506630] - [net] bridge: Use BR_INPUT_SKB_CB on xmit path (Herbert Xu) [506630] - [net] bridge: Avoid unnecessary clone on forward path (Herbert Xu) [506630] - [net] bridge: Allow tail-call on br_pass_frame_up (Herbert Xu) [506630] - [net] bridge: Do br_pass_frame_up after other ports (Herbert Xu) [506630] - [net] bridge: Kill clone argument to br_flood_* (Herbert Xu) [506630] - [net] Add netdev_alloc_skb_ip_align() helper (Herbert Xu) [506630] - [fs] partitions: Validate map_count in Mac part tables (Danny Feng) [679284] {CVE-2011-1010} - [fs] nfs: Only increment seqid for cmds seen by server (Sachin Prabhu) [651409] - [scsi] ipr: fix a race on multiple configuration changes (Steve Best) [651429] - [misc] vmware: increase apic_calibration_diff to 10000 (Prarit Bhargava) [665197] - [net] tun: introduce tun_file (Michael S. Tsirkin) [672619] - [virt] xen blktap: bump MAX_TAP_DEV from 100 to 256 (Laszlo Ersek) [452650] - [fs] nfs: Too many GETATTR/ACCESS calls after direct I/O (Jeff Layton) [626974] - [net] bonding: fix add/remove of slaves when master down (Flavio Leitner) [671238] - [net] sctp: make sctp_ctl_sock_init try IPv4 if v6 fails (Jiri Pirko) [674175] - [net] Fix netdev_run_todo dead-lock (Jiri Pirko) [679487] - [net] niu: Fix races between up/down and get_stats (Jiri Pirko) [679407] - [misc] introduce ACCESS_ONCE (Jiri Pirko) [679407] - [x86] fix AMD family 0x15 guest boot issue on 64-bit host (Frank Arnold) [667234] - [sound] alsa: cache mixer values on usb-audio devices (Don Zickus) [678074] - [xen] prevent cross-vendor migration of HVM domains (Paolo Bonzini) [621916] - [xen] new domctl to get 1 record from HVM save context (Michal Novotny) [674514] [2.6.18-245.el5] - [block] cciss: version bump (Tomas Henzl) [635143] - [block] cciss: add option to enforce simple mode (Tomas Henzl) [635143] - [block] cciss: patch to make kdump work in rhel5 (Tomas Henzl) [635143] - [block] cciss: cleanup warnings (Tomas Henzl) [635143] - [block] cciss: patch to support kdump on new controllers (Tomas Henzl) [635143] - [block] cciss: factor out code to find max commands (Tomas Henzl) [635143] - [block] cciss: split out cciss_defs (Tomas Henzl) [635143] - [block] cciss: scsi tape updates (Tomas Henzl) [635143] - [block] cciss: remove fail_all_cmds (Tomas Henzl) [635143] - [block] cciss: factor out cciss_passthru (Tomas Henzl) [635143] - [block] cciss: factor out cciss_getdrivver (Tomas Henzl) [635143] - [block] cciss: factor out cciss_getfirmver (Tomas Henzl) [635143] - [block] cciss: factor out cciss_getbustypes (Tomas Henzl) [635143] - [block] cciss: factor out cciss_getheartbeat (Tomas Henzl) [635143] - [block] cciss: factor out cciss_setnodename (Tomas Henzl) [635143] - [block] cciss: factor out cciss_getnodename (Tomas Henzl) [635143] - [block] cciss: factor out cciss_setintinfo (Tomas Henzl) [635143] - [block] cciss: factor out cciss_getintinfo (Tomas Henzl) [635143] - [block] cciss: factor out cciss_getpciinfo (Tomas Henzl) [635143] - [block] cciss: factor out cciss_reset_devices (Tomas Henzl) [635143] - [block] cciss: factor out cciss_find_cfg_addrs (Tomas Henzl) [635143] - [block] cciss: factor out cciss_wait_for_mode_change_ack (Tomas Henzl) [635143] - [block] cciss: factor out cciss_p600_dma_prefetch_quirk (Tomas Henzl) [635143] - [block] cciss: factor out cciss_enable_scsi_prefetch (Tomas Henzl) [635143] - [block] cciss: factor out CISS_signature_present (Tomas Henzl) [635143] - [block] cciss: factor out cciss_find_board_params (Tomas Henzl) [635143] - [block] cciss: factor out cciss_find_cfgtables (Tomas Henzl) [635143] - [block] cciss: factor out wait_for_board_ready (Tomas Henzl) [635143] - [block] cciss: factor out cciss_find_memory_BAR (Tomas Henzl) [635143] - [block] cciss: remove board_id from cciss_interrupt_mode (Tomas Henzl) [635143] - [block] cciss: factor out cciss_board_disabled (Tomas Henzl) [635143] - [block] cciss: factor out cciss_lookup_board_id (Tomas Henzl) [635143] - [block] cciss: save off pdev struct early (Tomas Henzl) [635143] - [block] cciss: add performant mode support (Tomas Henzl) [635143] - [block] cciss: new controller support (Tomas Henzl) [635143] - [block] cciss: remove generic sa support (Tomas Henzl) [635143] - [block] cciss: copyright update (Tomas Henzl) [635143] - [x86_64] vdso: fix gtod via export of sysctl_vsyscall (Prarit Bhargava) [673616] - [pci] msi: remove infiniband compat code (Prarit Bhargava) [636260] - [pci] msi: remove pci_save_msi|x_state() functions (Prarit Bhargava) [636260] - [pci] msi: use msi_desc save areas in msi state functions (Prarit Bhargava) [636260] - [pci] msi: use msi_desc save areas in drivers/pci code (Prarit Bhargava) [636260] - [misc] kdump: fixup mcp55 quick to skip non HT devices (Neil Horman) [477032] - [security] selinux: properly handle empty tty_files list (Lachlan McIlroy) [674226] - [fs] xfs: fix double free of log tickets (Lachlan McIlroy) [657166] - [fs] ext4: protect inode bitmap clearing w/ spinlock (Lukas Czerner) [663563] - [fs] procfs: fix numbering in /proc/locks (Jerome Marchand) [622647] - [fs] seq_file: Introduce the seq_open_private() (Jerome Marchand) [622647] - [fs] Rework /proc/locks w/seq_files and seq_list helpers (Jerome Marchand) [622647] - [fs] common helpers for seq_files working with list_heads (Jerome Marchand) [622647] - [fs] nfs: Remove incorrect do_vfs_lock message (Jeff Layton) [632399] - [fs] nfs: allow redirtying of a completed unstable write (Jeff Layton) [648657] - [fs] nfsd4: fix seqid on lock req incompat w/open mode (Jeff Layton) [517629] - [net] sunrpc: a better way to set tcp_slot_table_entries (Harshula Jayasuriya) [654293] - [x86] Convert BUG() to use unreachable() (Dean Nelson) [677396] - [s390] Convert BUG() to use unreachable() (Dean Nelson) [677396] - [powerpc] Convert BUG() to use unreachable() (Dean Nelson) [677396] - [misc] add support for __builtin_unreachable (Dean Nelson) [677396] - [fs] xfs: more swap extent fixes for dynamic fork offsets (Dave Chinner) [661300] - [fs] xfs: handle dynamic fork offsets in xfs_swap_extents (Dave Chinner) [661300] - [lib] fix vscnprintf() if @size is == 0 (Anton Arapov) [667327] - [net] netpoll: fix use after free (Amerigo Wang) [556811] - [net] netpoll: fix a softirq warning (Amerigo Wang) [556811] - [net] netconsole: Introduce netconsole netdev notifier (Amerigo Wang) [556811] - [net] bridge: support netpoll over bridge (Amerigo Wang) [556811] - [net] netconsole: Use netif_running() in write_msg() (Amerigo Wang) [556811] - [net] netconsole: Simplify boot/module option setup logic (Amerigo Wang) [556811] - [net] netconsole: Remove bogus check (Amerigo Wang) [556811] - [net] netconsole: Cleanups, codingstyle, prettyfication (Amerigo Wang) [556811] - [net] netpoll: setup error handling (Amerigo Wang) [556811] - [char] virtio_console: fix memory leak (Amit Shah) [656836] - [media] dvb: fix av7110 negative array offset (Mauro Carvalho Chehab) [672402] {CVE-2011-0521} [2.6.18-244.el5] - [message] mptfusion: add required mptctl_release call (Tomas Henzl) [660871] - [fs] gfs2: no exclusive glocks on mmapped read-only fs (Steven Whitehouse) [672724] - [scsi] ibmvfc: Driver version 1.0.9 (Steve Best) [651885] - [scsi] ibmvfc: Handle Virtual I/O Server reboot (Steve Best) [651885] - [scsi] ibmvfc: Log link up/down events (Steve Best) [651885] - [scsi] ibmvfc: Fix rport add/delete race oops (Steve Best) [651885] - [scsi] ibmvfc: Remove stale param to ibmvfc_init_host (Steve Best) [651885] - [scsi] ibmvfc: Fix locking in ibmvfc_remove (Steve Best) [651885] - [scsi] ibmvfc: Fixup TMF response handling (Steve Best) [651885] - [fs] nfs: pure nfs client performance using odirect (Jeff Layton) [643441] - [mm] fix install_special_mapping skips security_file_mmap (Frantisek Hrbata) [662197] {CVE-2010-4346} - [virt] xen: setup memory zones the same way as native (Andrew Jones) [525898] - [s390] qeth: wait for recovery finish in open function (Hendrik Brueckner) [668844] - [s390] cio: fix unuseable device after offline operation (Hendrik Brueckner) [668842] - [s390] qdio: use proper QEBSM operand for SIGA-{R,S} (Hendrik Brueckner) [668464] - [s390] qdio: zfcp stall with > 63 active qdio devices (Hendrik Brueckner) [662134] - [s390] qeth: enable VIPA add/remove for offline devices (Hendrik Brueckner) [661106] - [s390] hvc_iucv: no iucv_unregister if register failed (Hendrik Brueckner) [661021] - [s390] qeth: l3 add vlan hdr in passthru frames (Hendrik Brueckner) [659822] - [s390] cio: suppress chpid event in case of config error (Hendrik Brueckner) [668838] - [xen] x86: fix guest memmove in __pirq_guest_unbind (Yufang Zhang) [659642] [2.6.18-243.el5] - [scsi] device_handler: fix alua_rtpg port group id check (Mike Snitzer) [669961] - [net] cnic: fix big endian bug with device page tables (Steve Best) [669527] - [fs] only return EIO once on msync/fsync after IO failure (Rik van Riel) [652369] - [net] bonding: convert netpoll tx blocking to a counter (Neil Horman) [659594] - [net] conntrack: fix oops specify hashsize module option (Neil Horman) [667810] - [misc] mce: reduce thermal throttle message severity (Matthew Garrett) [666972] - [acpi] reduce the number of resched IPIs (Matthew Garrett) [653398] - [virt] xen: make netfront driver return info to ethtool (Laszlo Ersek) [643292] - [virt] xen: synch arch/i386/pci/irq-xen.c (Laszlo Ersek) [623979] - [virt] netback: take lock when removing entry from list (Laszlo Ersek) [648854] - [virt] xen: make netloop permanent (Laszlo Ersek) [567540] - [net] virtio: add get_drvinfo support to virtio_net (Laszlo Ersek) [645646] - [virt] xen: implement get_drvinfo for netloop driver (Laszlo Ersek) [643872] - [virt] xen: implement get_drvinfo for netback driver (Laszlo Ersek) [643872] - [net] virtio_net: update trans_start properly (Jiri Olsa) [653828] - [net] gro: reset dev pointer on reuse (Andy Gospodarek) [600350] - [net] atl1e: add new Atheros GbE NIC driver (Bob Picco) [465379] - [fs] gfs2: support for growing a full filesytem (Benjamin Marzinski) [661904] - [fs] gfs2: reserve more blocks for transactions (Benjamin Marzinski) [637970] - [fs] gfs2: add fallocate support (Benjamin Marzinski) [626585] - [fs] nfs: break nfsd v4 lease on unlink, link, and rename (J. Bruce Fields) [610093] - [fs] nfs: break lease on nfsd v4 setattr (J. Bruce Fields) [610093] - [net] ipv6: add missing support for local_reserved_ports (Amerigo Wang) [669603] - [misc] add ignore_loglevel kernel parameter (Amerigo Wang) [662102] - [misc] add bootmem_debug kernel parameter (Amerigo Wang) [662102] - [xen] unmask ISVM bit on SVM guests (Paolo Bonzini) [665972] - [xen] add MSR_IA32_THERM_CONTROL for dom0 CPU throttling (Laszlo Ersek) [614007] [2.6.18-242.el5] - [net] be2net: fix missing trans_start update (Ivan Vecera) [671595] - [message] mptfusion: release resources in error path (Tomas Henzl) [648413] - [fs] gfs2: fix recovery stuck on transaction lock (Robert S Peterson) [553803] - [net] fix unix socket local dos (Neil Horman) [656760] {CVE-2010-4249} - [net] core: clear allocs for privileged ethtool actions (Jiri Pirko) [672433] {CVE-2010-4655} - [net] limit socket backlog add operation to prevent DoS (Jiri Pirko) [657309] {CVE-2010-4251} - [block] fix accounting bug on cross partition merges (Jerome Marchand) [646816] - [fs] nfs: fix units bug causing hang on nfsv4 recovery (J. Bruce Fields) [659243] - [fs] nfs: set source addr when v4 callback is generated (J. Bruce Fields) [659255] - [char] virtio: Wake console outvq on host notifications (Amit Shah) [673459] - [net] ipv4: fix IGMP behavior on v2/v3 query responses (Jiri Pirko) [634276] - [net] ipv6: honor SO_BINDTODEVICE parameter when routing (Jiri Olsa) [568881] [2.6.18-241.el5] - [net] tcp: fix shrinking windows with window scaling (Jiri Pirko) [627496] - [virt] xen: no enable extended PCI cfg space via IOports (Don Dutile) [661478] - [fs] gfs2: remove iopen glocks from cache on delete fail (Benjamin Marzinski) [666080] - [char] virtio: make console port names a KOBJ_ADD event (Amit Shah) [669909] - [net] e1000: Avoid unhandled IRQ (Dean Nelson) [651512] - [net] e1000: fix screaming IRQ (Dean Nelson) [651512] [2.6.18-240.el5] - [acpi] bus: check if list is empty before kfree()ing it (Matthew Garrett) [670373] - [net] ipv6: fragment local tunnel IPSec6 pkts if needed (Herbert Xu) [661110] - [block] cciss: fix null pointer problem in tur usage (Tomas Henzl) [664592] [2.6.18-239.el5] - [scsi] megaraid: give FW more time to recover from reset (Tomas Henzl) [665427] - [fs] gfs2: fix statfs error after gfs2_grow (Robert S Peterson) [660661] - [mm] prevent file lock corruption using popen(3) (Larry Woodman) [664931] - [net] sctp: fix panic from bad socket lock on icmp error (Neil Horman) [665477] {CVE-2010-4526} IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-2689 CVE-2011-2525 CVE-2011-1780 cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 [3.2-32] - Dont include backup files Resolves: #700157 [3.2-31] - Use 'mktemp' for temporary files Resolves: #700157 [3.2-30] - Added man page references to systemwide .bash_logout Resolves: #592979 [3.2-29] - Readline glitch, when editing line with more spaces and resizing window Resolves: #525474 [3.2-28] - Fix the memory leak in read builtin Resolves: #618393 - Dont append slash to non-directories Resolves: #583919 [3.2-27] - Test .dynamic section if has PROGBITS or NOBITS Resolves: #484809 - Better random number generator Resolves: #492908 - Allow to source scripts with embeded NULL chars Resolves: #503701 [3.2-26] - vi mode redo insert fixed Resolves: #575076 - Dont show broken pipe messages for builtins Resolves: #546529 - Dont include loadables in doc dir Resolves: #663656 - Enable system-wide .bash_logout for login shells Resolves: #592979 [3.2-25] - Dont abort source builtin Resolves: #448508 - Correctly place cursor Resolves: #463880 - Minor man page clarification for trap builtin Resolves: #504904 LOW Copyright 2011 Oracle, Inc. CVE-2008-5374 cpe:/a:oracle:exadata_dbserver:11.2.3.2.2::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.2.1::ol5 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:exadata_dbserver:11.2.3.2.0::ol5 cpe:/a:oracle:linux:5:7:base cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 6 [2.8.3-3] - Bump the release since the bz was set to the wrong target [2.8.3-2] - Fix another umount race (bz# 673250, CVE-2010-3879) MODERATE Copyright 2011 Oracle, Inc. CVE-2010-3879 CVE-2011-0541 CVE-2011-0542 CVE-2011-0543 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.0.20-3.1] - fixes integer overflow by processing certain PAF audio files (#722841) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2696 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.3.11-6.el6_1.6] - A little change in configure part - Resolves: #723467 [2.3.11-6.el6_1.5] - Use -fno-strict-aliasing instead of __attribute__((__may_alias__)) - Resolves: #723467 [2.3.11-6.el6_1.4] - Allow FT_Glyph to alias (to pass Rpmdiff) - Resolves: #723467 [2.3.11-6.el6_1.3] - Add freetype-2.3.11-CVE-2011-0226.patch (Add better argument check for 'callothersubr'.) - based on patches by Werner Lemberg, Alexei Podtelezhnikov and Matthias Drochner - Resolves: #723467 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-0226 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.4.6.0.1.el6_1.2] - remove doc/SystemTap_Beginners_Guide/en-US in tarball - comment bz683569.patch in specfile [1.4-6.2] - bz716476 (patch) - bz716489 (patch) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2503 CVE-2011-2502 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [1.3-9] - bz716489 (patch) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2503 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.0.4-2] - Added patch to make plugin table size mismatch a warning instead of error [1.0.4-1] - Bump to 1.0.4 - Resolves rhbz#718180 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2514 CVE-2011-2513 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.28.2-1.1] - Patch for CVE-2011-2524 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2524 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base Oracle Linux 5 [2:1.2.10-7.1.el5_7.5] - Install the correct fix for CVE-2011-2690 Resolves: #721303 [2:1.2.10-7.1.el5_7.4] - Back-port fixes for CVE-2011-2690, CVE-2011-2692 Note: CVE-2011-2691, announced at the same time, does not apply to 1.2.10; likewise for CVE-2011-2501 Resolves: #721303 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2692 CVE-2011-2690 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2:1.2.46-1] - Update to libpng 1.2.46, includes fixes for CVE-2011-2501, CVE-2011-2690, CVE-2011-2691, CVE-2011-2692 Resolves: #721305 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2692 CVE-2011-2501 CVE-2011-2690 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 5 [3.0.2-38.3:.1] - Applied patch to fix improper sanitization of command line options (CVE-2011-2697, bug #721001). MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2697 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:linux:5:8:base Oracle Linux 6 [4.0.4-1:.1] - Applied patch to fix improper sanitization of command line options (CVE-2011-2697, bug #721001). MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2964 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base Oracle Linux 5 Oracle Linux 6 [1:1.2.24-5] - Merge changes from RHEL-6 branch: * Drop default patch fuzz * Merge CVE-2010-4352.patch from RHEL-6_0-Z - Apply patches for CVE-2011-2200 - Resolves: #725313 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2200 cpe:/a:oracle:exadata_dbserver:12.1.2.1.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.1.2::ovs3 cpe:/a:oracle:exadata_dbserver:11.2.3.2.1::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.2.2::ol5 cpe:/a:oracle:exadata_dbserver:12.1::ol5 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:exadata_dbserver:12.1.1.1.0::ol5 cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:exadata_dbserver:11.2.3.3.0::ol5 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:exadata_dbserver:11.2.3.2.0::ol5 cpe:/a:oracle:exadata_dbserver:12.1.2.1.1::ovs3 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 5 Oracle Linux 6 [1.4.1-2] - cve-2011-2895.patch: LZW decompression heap corruption IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-2895 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5::u10_base Oracle Linux 5 Oracle Linux 6 [12:4.1.1-19.P1.1] - A pair of defects cause the server to halt upon processing certain packets (CVE-2011-2748, CVE-2011-2749, #729883) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2749 CVE-2011-2748 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 firefox: [3.6.20-2.0.1.el6_1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [3.6.20-2] - Update to 3.6.20 xulrunner: [1.9.2.20-2.0.1.el6_1] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.20-2] - Update to 1.9.2.20 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-0084 CVE-2011-2378 CVE-2011-2981 CVE-2011-2982 CVE-2011-2984 CVE-2011-2983 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.1.12-1.0.1.el6_1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.12-1] - Update to 3.1.12 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-2378 CVE-2011-2982 CVE-2011-0084 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [1:2.0.9-2.1] - fix potential crash when parsing header names that contain NUL characters (#728672) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1929 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.6.32-131.12.1.el6] - [netdrv] be2net: clear intr bit in be_probe() (Ivan Vecera) [726308 722596] [2.6.32-131.11.1.el6] - [mm] hold the page lock until after set_page_stable_node (Andrea Arcangeli) [726095 683658] - [netdrv] be2net: remove certain cmd failure logging (Ivan Vecera) [725329 719304] - [net] nl80211: missing check for valid SSID size in scan operation (Stanislaw Gruszka) [718157 718158] {CVE-2011-2517} - [net] bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace. (Thomas Graf) [703022 703023] {CVE-2011-2492} - [net] inet_diag: fix validation of user data in inet_diag_bc_audit() (Thomas Graf) [714540 714541] {CVE-2011-2213} - [fs] proc: restrict access to /proc/PID/io (Oleg Nesterov) [716829 716830] {CVE-2011-2495} - [fs] validate size of EFI GUID partition entries (Anton Arapov) [703029 703030] {CVE-2011-1776} - [fs] ext4: Fix max file size and logical block counting of extent format file (Lukas Czerner) [722568 722569] {CVE-2011-2695} - [virt] kvm: Disable device assignment without interrupt remapping (Alex Williamson) [716306 711504] {CVE-2011-1898} - [virt] iommu-api: Extension to check for interrupt remapping (Alex Williamson) [716306 711504] {CVE-2011-1898} - [netdrv] r8169: fix Rx checksum offloading bugs (Ivan Vecera) [723807 635596] - [netdrv] be2net: changes for BE3 native mode support (Ivan Vecera) [723820 695231] [2.6.32-131.10.1.el6] - [virt] ksm: fix race between ksmd and exiting task (Andrea Arcangeli) [710340 710341] {CVE-2011-2183} - [kernel] proc: signedness issue in next_pidmap() (Jerome Marchand) [697824 697825] {CVE-2011-1593} - [net] bluetooth: Prevent buffer overflow in l2cap config request (Jiri Pirko) [716809 716810] {CVE-2011-2497} - [fs] NLM: Don't hang forever on NLM unlock requests (Jeff Layton) [709548 709549] {CVE-2011-2491} - [fs] NFS: Fix NFSv3 exclusive open semantics (Jeff Layton) [719925 694210] - [fs] GFS2: Incorrect inode state during deallocation (Steven Whitehouse) [714982 712139] - [virt] KVM: Fix register corruption in pvclock_scale_delta (Avi Kivity) [719910 712102] - [netdrv] ehea: Fix memory hotplug oops (Steve Best) [720914 702036] - [net] Fix memory leak/corruption on VLAN GRO_DROP (Herbert Xu) [695175 695176] {CVE-2011-1576} - [md] Fix resync hang after surprise removal (James Paradis) [719928 707268] - GFS2: make sure fallocate bytes is a multiple of blksize (Benjamin Marzinski) [720863 695763] {CVE-2011-2689} - [kernel] Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code (Oleg Nesterov) [715521 690033] {CVE-2011-1182} - [redhat] config: enable parallel port printer support (Aristeu Rozanski) [713827 635968] [2.6.32-131.9.1.el6] - [scsi] cciss: Annotate cciss_kdump_soft_reset and cciss_sent_reset as __devinit (Tomas Henzl) [715397 698268] - [scsi] cciss: Don't wait forever for soft reset to complete, give up after awhile (Tomas Henzl) [715397 698268] - [scsi] cciss: use cmd_alloc not cmd_special_alloc for the kdump soft reset command (Tomas Henzl) [715397 698268] - [scsi] cciss: do not use bit 2 doorbell reset (Tomas Henzl) [715397 698268] - [scsi] cciss: do not attempt PCI power management reset method if we know it won't work (Tomas Henzl) [715397 698268] - [scsi] cciss: increase timeouts for post-reset no-ops (Tomas Henzl) [715397 698268] - [scsi] cciss: remove superfluous sleeps around reset code (Tomas Henzl) [715397 698268] - [scsi] cciss: do soft reset if hard reset is broken (Tomas Henzl) [715397 698268] - [scsi] cciss: clarify messages around reset behavior (Tomas Henzl) [715397 698268] - [scsi] cciss: increase time to wait for board reset to start (Tomas Henzl) [715397 698268] - [scsi] cciss: factor out irq_request code (Tomas Henzl) [715397 698268] - [scsi] cciss: factor out scatterlist allocation functions (Tomas Henzl) [715397 698268] - [scsi] cciss: factor out command pool allocation functions (Tomas Henzl) [715397 698268] - [scsi] cciss: use new doorbell-bit-5 reset method (Tomas Henzl) [715397 698268] - [scsi] cciss: wait longer for no-op to complete after resetting controller (Tomas Henzl) [715397 698268] - [scsi] cciss: do a better job of detecting controller reset failure (Tomas Henzl) [715397 698268] - [scsi] hpsa: do not attempt PCI PM reset if we know it will not work (Tomas Henzl) [715397 698268] - [scsi] hpsa: remove superfluous sleeps around reset code (Tomas Henzl) [715397 698268] - [scsi] hpsa: do soft reset if hard reset is broken (Tomas Henzl) [715397 698268] - [scsi] hpsa: clarify messages around reset behavior (Tomas Henzl) [715397 698268] - [scsi] hpsa: factor out irq request code (Tomas Henzl) [715397 698268] - [scsi] hpsa: factor out cmd_pool allocation functions (Tomas Henzl) [715397 698268] - [scsi] hpsa: do not use bit 2 doorbell reset, it causes NMIs (Tomas Henzl) [715397 698268] - [scsi] hpsa: wait longer for no-op to complete after resetting controller (Tomas Henzl) [715397 698268] - [scsi] hpsa: use new doorbell-bit-5 reset method (Tomas Henzl) [715397 698268] - [scsi] hpsa: adjust timing of post-reset sleeps (Tomas Henzl) [715397 698268] - [scsi] hpsa: do a better job of detecting controller reset failure (Tomas Henzl) [715397 698268] [2.6.32-131.8.1.el6] - [fs] GFS2: force a log flush when invalidating the rindex glock (Benjamin Marzinski) [717018 702263] [2.6.32-131.7.1.el6] - [virt] xen: bump memory limit for x86_64 domU PV guest to 128Gb (Igor Mammedov) [716539 669739] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1898 CVE-2011-2492 CVE-2011-1182 CVE-2011-1576 CVE-2011-1593 CVE-2011-1776 CVE-2011-2183 CVE-2011-2495 CVE-2011-2213 CVE-2011-2517 CVE-2011-2497 CVE-2011-2695 CVE-2011-2491 CVE-2011-2689 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [0.7.32.10-1.0.1.el5_7.1] - Add oracle-bug-reporting.patch [0.7.32.10-1:.1] - Applied patch to fix CVE-2011-2899 (bug #728348). MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2899 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [0.8.7-18.0.1.el6_1.1 ] - Replace docs/et.png in tarball with blank image [libvirt-0.8.7-18.el6_1.1] - debug: Avoid null dereference on uuid lookup api (rhbz#728546) - Fix auditing of disk hotunplug operations (rhbz#728516) - storage: Fix regression with backing format (rhbz#726617) - Fix performance problem of virStorageVolCreateXMLFrom() (rhbz#715400) - qemu: Translate boot config into bootindex if possible (rhbz#715401) - remote: Protect against integer overflow (rhbz#717202) Resolves: rhbz#728546, rhbz#728516, rhbz#715400, rhbz#715401, rhbz#717202 Resolves: rhbz#726617 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2511 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [2.6.18-274.3.1.0.1.el5] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-274.3.1.el5] - [xen] fix off-by-one shift in x86_64 __addr_ok (Laszlo Ersek) [728043 719850] {CVE-2011-2901} [2.6.18-274.2.1.el5] - Fix up some fallout from RHEL5.7 kernel package structure changes [2.6.18-274.1.1.el5] - [net] sctp: fix memory reclaim and panic in sctp_sock_rfree (Thomas Graf) [714869 714867] - [x86_64] Revert ACPI APIC mode test (Prarit Bhargava) [728163 721361] - [net] sctp: reset packet information after packet transmit (Thomas Graf) [727592 725573] - [fs] block: initialise bd_super in bdget (Lachlan McIlroy) [726628 707425] - [fs] nfs: Remove bogus call to nfs4_drop_state_owner (Jeff Layton) [726625 724923] - [net] be2net: clear interrupt bit in be_probe (Ivan Vecera) [723552 713703] - [net] be2net: remove certain cmd failure logging (Ivan Vecera) [726619 716821] - [wireless] nl80211: check for valid SSID size in scan operation (Stanislaw Gruszka) [718154 718155] {CVE-2011-2517} - [fs] xfs: handle NULL mount struct in error reports (Eric Sandeen) [727835 720551] - [fs] proc: restrict access to /proc/PID/io (Oleg Nesterov) [716827 716828] {CVE-2011-2495} - [fs] lockd: don't use file's credentials on RPCSEC_GSS mounts (Max Matveev) [722855 701574] - [fs] xfs: add a missing mutex_unlock to a dio error path (Jeff Moyer) [727590 718232] - [net] sunrpc: Don't hang forever on NLM unlock requests (Jeff Layton) [709546 709547] {CVE-2011-2491} - [xen] x86_emulate: Fix SAHF emulation (Igor Mammedov) [718883 718884] - [xen] Fix x86_emulate handling of imul with immediate operands (Igor Mammedov) [712885 700565] - [fs] Fix wrongly vfree'ing a kmalloc'ed area (Larry Woodman) [721300 719495] - [fs] dlm: bump default hash table and maximum allocatable sizes (Bryn M. Reeves) [719930 715603] - [net] tipc: Overhaul of socket locking logic (Max Matveev) [719746 704192] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-2482 CVE-2011-2491 CVE-2011-2517 CVE-2011-2519 CVE-2011-2495 CVE-2011-2901 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [3.0.33-3.29.el5.4] - Security Release, Add fix also for CVE-2011-2724 - related: #722552 [3.0.33-3.29.el5.3] - Security Release, fixes CVE-2010-0547, CVE-2010-0787, CVE-2011-2694, CVE-2011-2522, CVE-2011-1678 - resolves: #722552 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1678 CVE-2011-2522 CVE-2010-0547 CVE-2011-2694 CVE-2010-0787 CVE-2011-3585 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [3.5.4-0.83.2] - Security Release, add fix for CVE-2011-2724 - related: #722555 [3.5.4-0.83.1] - Security Release, fixes CVE-2011-2694, CVE-2011-2522, CVE-2011-1678 - resolves: #722555 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2694 CVE-2011-1678 CVE-2011-2522 CVE-2011-2724 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 cifs-utils: [4.8.1-2.2] - fix handling of check_newline return code in mount.cifs (bz 725508) [4.8.1-2.1] - mount.cifs: handle ENOSPC/EFBIG condition when altering mtab (bz 725508) samba: [3.5.6-86.4] - Fix cleartext authentication after applying Windows security patch KB2536276 - resolves: #728517 [3.5.6-86.3] - Security Release, fixes CVE-2011-2694, CVE-2011-2522 - resolves: #722560 [3.5.6-86.2] - Fix cups location publishing - resolves: #716374 [3.5.6-86.1] - Fix joining principal - resolves: #717563 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2522 CVE-2011-2724 CVE-2011-3585 CVE-2011-1678 CVE-2011-2694 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [82-6.3] - do not forget to set the group id in mount.ecryptfs_private [82-6.2] - fix regression in ecryptfs-setup-private [82-6.1] - security fixes: - privilege escalation via mountpoint race conditions (CVE-2011-1831, CVE-2011-1832) - race condition when checking source during mount (CVE-2011-1833) - mtab corruption via improper handling (CVE-2011-1834) - key poisoning via insecure temp directory handling (CVE-2011-1835) - arbitrary file overwrite via lock counter race (CVE-2011-1837) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1832 CVE-2011-1835 CVE-2011-1831 CVE-2011-1834 CVE-2011-1837 CVE-2011-3145 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:9:base cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:6:7:base cpe:/a:oracle:linux:6::latest cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:8:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6:10:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:5:base cpe:/a:oracle:linux:6::unsupported Oracle Linux 5 Oracle Linux 6 [1.9.2.20-3.0.1.el6_1] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.20-3] - Distrust a specific Certificate Authority IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.1.12-2.0.1.el6_1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.12-2] - Distrust a specific Certificate Authority IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 Oracle Linux 5 [2.2.15-9.0.1.el6_1.2] - replace index.html with Oracle's index page - update vstring in specfile [2.2.15-9.2,] - updated patch for CVE-2011-3192 from upstream (#733062) [2.2.15-9.1] - fix #733062 - backported CVE-2011-3192 fix from httpd trunk IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-3192 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [4.6.2-3.el6_1.2] - add patch to resolve buffer overflow (CVE-2011-3200) Resolves: #733647 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3200 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2010.63-3.5] - BR java-openjdk [2010.63-3.4] - fix inclusion of code-signing-only certs in .trust.crt - Initial build (#448497) IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base Oracle Linux 6 [3.1.14-1.0.2.el6_1] - Replace clean.gif in tarball [3.1.14-1.0.1.el6_1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [3.1.14-1] - Update to 3.1.14 IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 firefox: [3.6.22-1.0.1.el6_1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [3.6.22-1] - Update to 3.6.22 xulrunner: [1.9.2.22-1.0.1.el6_1] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [- 1.9.2.22-1] - Update to 1.9.2.22 IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [3.12.9-12.0.1.el6_1] - Use blank image instead of clean.gif in nss-3.12.9-stripped.tar.bz2 [3.12.9-12] - Retagging [3.12.10-12] - Update builtins certs to those from NSSCKBI_1_87_RTM [3.12.9-11] - Update builtins certs to those from NSSCKBI_1_86_RTM [3.12.9-10] - Update builtins certs to NSSCKBI_1_85_RTM IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 6 [2.26.0-5.el6_1.1] - Store node type separately in RsvgNode (CVE-2011-3146) Resolves: #735266 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3146 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base Oracle Linux 6 [7:3.1.10-1.el6_1.1] - Resolves: #735447 - CVE-2011-3205 squid: buffer overflow flaw in Squid's Gopher reply parser MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3205 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 Oracle Linux 5 [2.3.16-6.3] - Resolves: #735391 - CVE-2011-3208 nntpd buffer overflow IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-3208 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1:4.6.2-17.1] - Resolves: #rhbz737812 fix multiple flaws in Qt CVE-2011-3193, CVE-2011-3194 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3193 CVE-2011-3194 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [4.2.1-1.1] - Resolves: #737815, qt/harfbuzz buffer overflow, CVE-2011-3193 - Resolves: #234633, UTF-8 overlong sequence decoding vulnerability, CVE-2007-0242 MODERATE Copyright 2011 Oracle, Inc. CVE-2007-0242 CVE-2011-3193 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [1.14.9.8.0.1.el5_7.3] - Bump release [1.14.9.8.el5_1.3] - Prevent buffer overflow errors in harfbuzz module (CVE-2011-3193) - Resolves: #737819 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3193 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:linux:5::u10_base Oracle Linux 6 [4.6.2-20] - Resolves: #rhbz737813 fix multiple flaws in Qt CVE-2011-3193, CVE-2011-3194 [4.6.2-19] - Resolves: rhbz#679759, missing executable bit in qt-examples binaries - Resolves: rhbz#716694, move macros.qt4 to -devel - Resolves: rhbz#680088, rpmdiff failure [4.6.2-18] - Resolves: rhbz#562132, Malayalam rakar is not getting reordered MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3194 CVE-2011-3193 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [0.8.1-9_el6_1.3] - ifcfg-rh: CVE-2011-3364: filter newline characters when writing into ifcfg-* files (rh #737338) [0.8.1-9_el6_1.2] - ifcfg-rh: CVE-2011-3364: filter newline characters when writing into ifcfg-* files (rh #737338) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3364 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 firefox: [3.6.23-2.0.1.el6_1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [3.6.23-2] - Update to 3.6.23 xulrunner: [1.9.2.23-1.0.1.el6_1.1] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.23-1.1] - Rebuild. [1.9.2.23-1] - Update to 1.9.2.23 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-2998 CVE-2011-3000 CVE-2011-2372 CVE-2011-2995 CVE-2011-2999 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.1.15-1.0.1.el6_1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.15-1] - Update to 3.1.15 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-2999 CVE-2011-3000 CVE-2011-2995 CVE-2011-2372 CVE-2011-2998 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [4.8.0-16.1] - fix CVE-2011-3378 (#742154) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-3378 cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 6 [2.6.32-131.17.1.el6] - Revert: [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723432 723433] {CVE-2011-2699} [2.6.32-131.16.1.el6] - [net] br_multicast: Ensure to initialize BR_INPUT_SKB_CB(skb)->mrouters_only. (Frantisek Hrbata) [739477 738110] [2.6.32-131.15.1.el6] - rebuild [2.6.32-131.14.1.el6] - [scsi] megaraid_sas: Convert 6, 10, 12 byte CDB's for FastPath IO (Tomas Henzl) [710047 705835] - [x86] perf, x86: Fix Intel fixed counters base initialization (Don Zickus) [719229 736284] {CVE-2011-2521} - [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723432 723433] {CVE-2011-2699} - [fs] Ecryptfs: Add mount option to check uid of device being mounted = expect uid (Eric Sandeen) [731175 731176] {CVE-2011-1833} - [char] tpm: Fix uninitialized usage of data buffer (Stanislaw Gruszka) [684674 684675] {CVE-2011-1160} - [kernel] perf: Fix software event overflow (Frantisek Hrbata) [730707 730708] {CVE-2011-2918} - [serial] 8250_pci: ifdef for powerpc, to only add functionality to this arch (Steve Best) [732382 696695] - [serial] 8250: Fix capabilities when changing the port type (Steve Best) [732382 696695] - [serial] 8250_pci Add EEH support to the 8250 driver for IBM/Digi PCIe 2-port Adapter (Steve Best) [732382 696695] - [serial] 8250_pci: Add support for the Digi/IBM PCIe 2-port Adapter (Steve Best) [732382 696695] - [ppc] pseries/iommu: Add additional checks when changing iommu mask (Steve Best) [736065 704401] - [ppc] pseries/iommu: Use correct return type in dupe_ddw_if_already_created (Steve Best) [736065 704401] - [ppc] iommu: Restore iommu table pointer when restoring iommu ops (Steve Best) [736065 704401] - [ppc] Fix kexec with dynamic dma windows (Steve Best) [736065 704401] [2.6.32-131.13.1.el6] - [net] af_packet: prevent information leak (Jiri Pirko) [728032 728033] {CVE-2011-2898} - [net] gro: Only reset frag0 when skb can be pulled (Jiri Pirko) [726555 726556] {CVE-2011-2723} - [fs] FS-Cache: Only call mark_tech_preview() when caching is actually begun (David Howells) [713463 696396] - [fs] Fix mark_tech_preview() to not disable lock debugging (David Howells) [713463 696396] - [fs] ext4: Rewrite ext4_page_mkwrite() to use generic helpers (Eric Sandeen) [723551 692167] - [fs] vfs: Block mmapped writes while the fs is frozen (Eric Sandeen) [723551 692167] - [fs] vfs: Create __block_page_mkwrite() helper passing error values back (Eric Sandeen) [723551 692167] - [mm] avoid wrapping vm_pgoff in mremap() and stack expansion (Jerome Marchand) [716540 716541] {CVE-2011-2496} - [pci] MSI: Restore read_msi_msg_desc(); add get_cached_msi_msg_desc() (Don Zickus) [728522 696511] - [pci] MSI: Remove unsafe and unnecessary hardware access (Don Zickus) [728522 696511] - [net] sock: do not change prot->obj_size (Jiri Pirko) [726626 725711] - [virt] x86: report valid microcode update ID (Marcelo Tosatti) [727838 694747] - [agp] fix arbitrary kernel memory writes (Jerome Marchand) [699307 699308] {CVE-2011-2022 CVE-2011-1745} - [agp] fix OOM and buffer overflow (Jerome Marchand) [699305 699306] {CVE-2011-1746} - [kernel] taskstats: don't allow duplicate entries in listener mode (Jerome Marchand) [715447 715448] {CVE-2011-2484} - [netdrv] bnx2x: remove a log-spamming message (Michal Schmidt) [732379 712000] - [scsi] ibmvscsi: Improve CRQ reset reliability (Steve Best) [727618 700165] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1833 CVE-2011-1160 CVE-2011-2484 CVE-2011-2898 CVE-2011-1745 CVE-2011-2496 CVE-2011-1746 CVE-2011-2022 CVE-2011-2918 CVE-2011-2521 CVE-2011-2723 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.6.32-4.2] Resolves: #742069 CVE-2011-3380 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3380 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [1.7.7-29.2] - cve-2011-4818.patch: Multiple input sanitization flaws in GLX and Render MODERATE Copyright 2011 Oracle, Inc. CVE-2010-4819 CVE-2010-4818 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [6:4.3.4-11.4] - Resolves: bz#743951, use ca-certificates' ca-bundle.crt [6:4.3.4-11.3] - Resolves: bz#743515, CVE-2011-3365 - input validation failure MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3365 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 5 Oracle Linux 6 [8.4.9-1] - Update to PostgreSQL 8.4.9, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-9.html http://www.postgresql.org/docs/8.4/static/release-8-4-8.html including the fix for CVE-2011-2483 Resolves: #740735 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2483 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 [8.4.9-1.el5_7.1] - Update to PostgreSQL 8.4.9, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-9.html http://www.postgresql.org/docs/8.4/static/release-8-4-8.html including the fix for CVE-2011-2483 Resolves: #740739 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2483 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.9-9.2] - apply upstream patch to fix a null pointer derference with the LDAP kdb backend (CVE-2011-1527), an assertion failure with multiple kdb backends (CVE-2011-1528), and a null pointer dereference with multiple kdb backends (CVE-2011-1529) (#740084) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1527 CVE-2011-1528 CVE-2011-1529 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [1:1.6.0.0-1.40.1.9.10] - Resolves: rhbz#744788 - Bumped to IcedTea6 1.9.8 -removed font copying Security fixes - S7000600, CVE-2011-3547: InputStream skip() information leak - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow - S7032417, CVE-2011-3552: excessive default UDP socket limit under SecurityManager - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting engine - S7055902, CVE-2011-3521: IIOP deserialization code execution - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress error checks - S7064341, CVE-2011-3389: JSSE - S7070134, CVE-2011-3558: Hotspot unspecified issue - S7077466, CVE-2011-3556: RMI DGC server remote code execution - S7083012, CVE-2011-3557: RMI registry privileged code execution - S7096936, CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection NetX - PR794: javaws does not work if a Web Start app jar has a Class-Path element in the manifest CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-3544 CVE-2011-3551 CVE-2011-3554 CVE-2011-3556 CVE-2011-3389 CVE-2011-3557 CVE-2011-3521 CVE-2011-3547 CVE-2011-3548 CVE-2011-3552 CVE-2011-3553 CVE-2011-3558 CVE-2011-3560 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [3.5.10-24.1] - Resolves: bz#746160, CVE-2011-3365, input validation failure in KSSL MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3365 cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:8:base Oracle Linux 5 kernel: [2.6.18-274.7.1.0.1.el5] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887] - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-274.7.1.el5] - Revert: [xen] passthrough: block VT-d MSI trap injection (Paolo Bonzini) [716301 716302] {CVE-2011-1898} [2.6.18-274.6.1.el5] - [net] bridge: fix use after free in __br_deliver (Amerigo Wang) [730949 703045] {CVE-2011-2942} - [misc] remove div_long_long_rem (Prarit Bhargava) [732879 732614] {CVE-2011-3209} - [net] be2net: fix crash receiving non-member VLAN packets (Ivan Vecera) [736430 730239] {CVE-2011-3347} - [net] be2net: Use NTWK_RX_FILTER command for promiscous mode (Ivan Vecera) [736430 730239] {CVE-2011-3347} - [net] be2net: non-member vlan pkts not received in promisc mode (Ivan Vecera) [736430 730239] {CVE-2011-3347} - [net] be2net: remove bogus unlikely on vlan check (Ivan Vecera) [736430 730239] {CVE-2011-3347} - [x86] nmi: make NMI_NONE default watchdog in x86_64 hvm guests (Laszlo Ersek) [739823 707966] [2.6.18-274.5.1.el5] - [fs] proc: fix compile warning in pdeaux addition (Jarod Wilson) [732775 675781] - [fs] proc: Fix procfs race vs rmmod or hot-remove (David Howells) [732775 675781] - [net] Compute protocol seq numbers and fragment IDs using MD5 (Jiri Pirko) [732662 732663] {CVE-2011-3188} - [crypto] Move md5_transform to lib/md5.c (Jiri Pirko) [732662 732663] {CVE-2011-3188} - [fs] nfs: Fix client not honoring nosharecache mount option (David Jeffery) [734772 730097] - [mm] avoid wrapping vm_pgoff in mremap and stack expansion (Jerome Marchand) [716543 716544] {CVE-2011-2496} - [mm] Fix incorrect off-by-one centisec dirty values (Larry Woodman) [733665 691087] - [net] bnx2x: fix bringup of BCM57710 (Michal Schmidt) [737475 680411] - [virt] xen/netfront: no disable s/g when renegotiating features (Paolo Bonzini) [738392 733416] - [fs] aio: fix aio+dio completion path regression w/3rd-party bits (Jeff Moyer) [734157 727504] - [virt] xen: Allow arbitrary mtu size until frontend connected (Paolo Bonzini) [738389 697021] - [misc] hypervisor: fix race in interrupt hook code (Prarit Bhargava) [730689 692966] - [net] cnic, bnx2: Check iSCSI support early in bnx2_init_one (Neil Horman) [734761 710272] - [net] igb: fix WOL on 2nd port on i350 (Stefan Assmann) [730682 718988] - [misc] irq: fix interrupt handling for kdump under high load (Stefan Assmann) [728521 720212] [2.6.18-274.4.1.el5] - [serial] ifdef for powerpc, to only add functionality to this arch (Steve Best) [732377 707051] - [serial] 8250: Fix capabilities when changing the port type (Steve Best) [732377 707051] - [serial] 8250_pci EEH support for IBM/Digi PCIe 2-port Adapter (Steve Best) [732377 707051] - [serial] 8250_pci: Add support for Digi/IBM PCIe 2-port Adapter (Steve Best) [732377 707051] - [fs] ecryptfs: Add mount option to check uid of mounting device (Eric Sandeen) [731173 731174] {CVE-2011-1833} - [scsi] qla2xxx: Re-add checks for null fcport references (Chad Dupuis) [736275 728219] - [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723430 723431] {CVE-2011-2699} - [net] ipv6: Remove unused skb argument of ipv6_select_ident (Jiri Pirko) [723430 723431] {CVE-2011-2699} - [misc] taskstats: don't allow duplicate entries in listener mode (Jerome Marchand) [715449 715450] {CVE-2011-2484} - [net] gro: Only reset frag0 when skb can be pulled (Herbert Xu) [726553 679682] {CVE-2011-2723} - [xen] passthrough: block VT-d MSI trap injection (Paolo Bonzini) [716301 716302] {CVE-2011-1898} - [xen] iommu: disable bus-mastering on hw that causes IOMMU fault (Laszlo Ersek) [730342 730343] {CVE-2011-3131} - [usb] auerswald: fix buffer overflow (Don Zickus) [722395 722396] {CVE-2009-4067} - [fs] cifs: fix possible memory corruption in CIFSFindNext (Jeff Layton) [732870 736654 732869 732471] {CVE-2011-3191} - [fs] cifs: revert special handling for matching krb5 sessions (Jeff Layton) [697395 697396] {CVE-2011-1585} - [fs] cifs: check for NULL session password (Jeff Layton) [697395 697396] {CVE-2011-1585} - [fs] cifs: fix NULL pointer dereference in cifs_find_smb_ses (Jeff Layton) [697395 697396] {CVE-2011-1585} - [fs] cifs: clean up cifs_find_smb_ses (Jeff Layton) [697395 697396] {CVE-2011-1585} - [net] be2net: account for skb allocation failures (Ivan Vecera) [733152 730108] - [net] bnx2x: downgrade Max BW error message to debug (Michal Schmidt) [732440 727614] - [net] sock: do not change prot->obj_size (Jiri Pirko) [736742 725713] - [net] be2net: Fix Tx stall issue (Ivan Vecera) [732946 722549] - [net] be2net: rx-dropped wraparound fix (Ivan Vecera) [732945 722302] - [net] be2net: fix netdev_stats_update (Ivan Vecera) [732945 722302] - [char] tpm: Fix uninitialized usage of data buffer (Stanislaw Gruszka) [684672 684673] {CVE-2011-1160} - [fs] ext4: Fix max size and logical block counting of extent file (Lukas Czerner) [722562 722563] {CVE-2011-2695} - [fs] nfs: have nfs_flush_list issue FLUSH_SYNC writes in parallel (Jeff Layton) [730686 728508] - [xen] mm: fix race with ept_entry management (Andrew Jones) [730685 729529] - [xen] hvm: support more opcodes for MMIO (Paolo Bonzini) [728518 723755] ocfs2: [1.4.9-1.el5] - Backport the discontig block group features from mainline ocfs2 into EL5.x kernels IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1585 CVE-2009-4067 CVE-2011-2723 CVE-2011-3347 CVE-2011-2496 CVE-2011-2695 CVE-2011-2699 CVE-2011-3191 CVE-2011-1833 CVE-2011-2484 CVE-2011-3131 CVE-2011-3188 CVE-2011-1160 CVE-2011-2942 CVE-2011-3209 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.2.15-9.0.1.el6_1.3] - replace index.html with Oracle's index page - update vstring in specfile [2.2.15-9.3] - add security fixes for CVE-2011-3347, CVE-2011-3368 (#743901) - fix regressions in CVE-2011-3192 patch (#736592) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3348 CVE-2011-3368 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [2.2.3-53.0.2.el5_7.3] - Fix mod_ssl always performing full renegotiation (orabug 12423387) - replace index.html with Oracle's index page oracle_index.html - update vstring and distro in specfile [2.2.3-53.3] - add security fix for CVE-2011-3368 (#743903) - fix regressions in byterange handling (#736593) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3368 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 [3.0.3-132.el5_7.2] - Release device backends before restarting guest on the destination machine (rhbz 743850) - Fix SCSI buffer overflow and disable SCSI CD-ROMs (rhbz 736289) [3.0.3-132.el5_7.1] - hotplug: set netback/tap MTU to the same value as the bridge MTU (rhbz 738608) - copy the MTU of the physical interface to the Xen bridge (rhbz 738610) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3346 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.3.11-6.el6_1.7] - Add freetype-2.3.11-CVE-2011-3256.patch (Handle some border cases.) - Resolves: #747083 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-3256 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.0.0-10.5] - initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207 (#736087) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3207 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [2.6.32-4.4] Resolves: #748969 CVE-2011-4073 updated patch by upstream [2.6.32-4.3] Resolves: #748969 CVE-2011-4073 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-4073 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 Oracle Linux 5 [5.3.3-3.3] - improve CVE-2011-1466 fix to cover CAL_GREGORIAN, CAL_JEWISH [5.3.3-3.1] - add security fixes for CVE-2011-2483, CVE-2011-0708, CVE-2011-1148, CVE-2011-1466, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471, CVE-2011-1938, and CVE-2011-2202 (#740731) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2202 CVE-2011-0708 CVE-2011-1148 CVE-2011-1468 CVE-2011-1469 CVE-2011-1938 CVE-2011-1466 CVE-2011-1471 CVE-2011-2483 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:5::latest Oracle Linux 6 [4:5.10.1-119.1] - 731246 (CVE-2011-2939)CVE-2011-2939 heap overflow - decoding Unicode string - 743010 - perl: code injection vulnerability in Digest->new() - Resolves: rhbz#743090, rhbz#743092 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2939 CVE-2011-3597 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 5 Oracle Linux 6 firefox: [3.6.24-3.0.1.el6_1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones [3.6.24-3] - Update to 3.6.24 xulrunner: [1.9.2.24-2.0.1.el6_1.1] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.24-2] - Update to 1.9.2.24 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-3650 CVE-2011-3647 CVE-2011-3648 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:5::latest Oracle Linux 6 [3.1.16-2.0.1.el6_1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.16-2] - Update to 3.1.16 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-3647 CVE-2011-3648 CVE-2011-3650 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.0.6-1] - Updated to 1.0.6 - Resolves: rhbz#744738 - Resolves: rhbz#745414 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3377 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 Oracle Linux 5 nspr: [4.8.7-2] - Update to 4.8.8 nss: [3.12.10-2.0.1.el6_1] - Update clean.gif in the nss-3.12.10-stripped.tar.bz2 tarball [3.12.10-2] - Update builtins certs to those from NSSCKBI_1_88_RTM [3.12.10-1] - Update to 3.12.10 nss-util: [3.12.10-1] - Update to 3.12.10 IMPORTANT Copyright 2011 Oracle, Inc. cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 5 Oracle Linux 6 [2.3.11-6.el6_1.8] - Add freetype-2.3.11-CVE-2011-3439.patch (Various loading fixes.) - Resolves: #754011 IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-3439 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 5 Oracle Linux 6 [32:9.7.3-2.3.P3] - fix DOS against recursive servers (#754398) [32:9.7.3-2.2.P3] - update to 9.7.3-P3 (CVE-2011-2464) [32:9.7.3-2.1.P1] - update to 9.7.3-P1 (CVE-2011-1910) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-4313 cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:11.2::ol5 Oracle Linux 5 [32:9.7.0-6.P2.4] - fix DOS against recursive servers (#754398) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-4313 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.6.32-131.21.1.el6] - [net] ipv6/udp: fix the wrong headroom check (Thomas Graf) [753167 698170] [2.6.32-131.20.1.el6] - [net] vlan: fix panic when handling priority tagged frames (Andy Gospodarek) [742849 714936] {CVE-2011-3593} - [netdrv] igb: fix WOL on second port of i350 device (Frantisek Hrbata) [743807 718293] - [kernel] fix taskstats io infoleak (Jerome Marchand) [716847 716848] {CVE-2011-2494} - [tpm] Zero buffer after copying to userspace (Jiri Benc) [732632 732633] {CVE-2011-1162} - [scsi] Revert megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [741167 736667] - [x86] acpi: Prevent acpiphp from deadlocking on PCI-to-PCI bridge remove (Prarit Bhargava) [745557 732706] - [net] sctp: deal with multiple COOKIE_ECHO chunks (Frantisek Hrbata) [743510 729220] - [scsi] iscsi_tcp: fix locking around iscsi sk user data (Mike Christie) [741704 647268] - [kernel] first time swap use results in heavy swapping (Hendrik Brueckner) [747868 722461] - [scsi] Reduce error recovery time by reducing use of TURs (Mike Christie) [744811 691945] - [fs] cifs: add fallback in is_path_accessible for old servers (Jeff Layton) [738301 692709] {CVE-2011-3363} - [fs] cifs: always do is_path_accessible check in cifs_mount (Jeff Layton) [738301 692709] {CVE-2011-3363} - [net] ipv6: fix NULL dereference in udp6_ufo_fragment() (Jason Wang) [748808 740465] - [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723432 723433] {CVE-2011-2699} [2.6.32-131.19.1.el6] - [scsi] scan: don't fail scans when host is in recovery (Mike Christie) [734774 713682] - [netdrv] b43: allocate receive buffers big enough for max frame len + offset (RuiRui Yang) [738204 738205] {CVE-2011-3359} - [fs] fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (RuiRui Yang) [736764 736765] {CVE-2011-3353} - [fs] cifs: fix possible memory corruption in CIFSFindNext (Jeff Layton) [737482 730354] {CVE-2011-3191} - [kernel] perf tools: do not look at ./config for configuration (Jiri Benc) [730203 730204] {CVE-2011-2905} - [x86] mm: Fix pgd_lock deadlock (Andrew Jones) [737570 691310] - [mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Andrew Jones) [737570 691310] - [mm] Revert 'fix pgd_lock deadlock' (Andrew Jones) [737570 691310] - [fs] corrupted GUID partition tables can cause kernel oops (Jerome Marchand) [695981 695982] {CVE-2011-1577} - [net] Compute protocol sequence numbers and fragment IDs using MD5. (Jiri Pirko) [732664 732665] {CVE-2011-3188} - [crypto] Move md5_transform to lib/md5.c (Jiri Pirko) [732664 732665] {CVE-2011-3188} - [fs] SUNRPC: Fix use of static variable in rpcb_getport_async (Steve Dickson) [740230 723650] - [fs] NFSv4.1: update nfs4_fattr_bitmap_maxsz (Steve Dickson) [740230 723650] - [fs] SUNRPC: Fix a race between work-queue and rpc_killall_tasks (Steve Dickson) [740230 723650] - [fs] SUNRPC: Ensure we always run the tk_callback before tk_action (Steve Dickson) [740230 723650] - [misc] enclosure: fix error path to actually return ERR_PTR() on error (Tomas Henzl) [741166 713730] - [virt] KVM: make guest mode entry to be rcu quiescent state (Gleb Natapov) [740352 712653] - [virt] rcu: provide rcu_virt_note_context_switch() function (Gleb Natapov) [740352 712653] [2.6.32-131.18.1.el6] - [sched] wait_for_completion_interruptible_timeout() should return signed long (J. Bruce Fields) [745413 738379] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-2494 CVE-2011-2905 CVE-2011-1577 CVE-2011-2699 CVE-2011-3359 CVE-2011-4326 CVE-2011-1162 CVE-2011-3188 CVE-2011-3191 CVE-2011-3353 CVE-2011-3363 CVE-2011-3593 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 kernel [2.6.18-274.12.1.0.1.el5] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887] - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497) [2.6.18-274.12.1.el5] - Revert: [virt] kvm: fix lost tick accounting for 32 bit kvm-clock (Rik van Riel) [747875 731599] [2.6.18-274.11.1.el5] - [fs] gfs2: speed up large file delete/unlink (Robert S Peterson) [743806 738440] - [fs] cifs: fix wrong buffer length returned by SendReceive (Sachin Prabhu) [750842 720363] - [virt] kvm: fix lost tick accounting for 32 bit kvm-clock (Rik van Riel) [747875 731599] - [virt] xen/netback: disable features not supported by netfront (Paolo Bonzini) [746600 746225] - [fs] nfs: don't redirty inodes with no outstanding commits (Jeff Layton) [750477 739665] - [net] tg3: call netif_carrier_off to initialize operstate value (John Feeney) [744700 635982] - [xen] make test_assign_device domctl dependent on intremap hw (Laszlo Ersek) [745726 740203] - [xen] Propagate target dom within XEN_DOMCTL_test_assign_device (Laszlo Ersek) [745726 740203] - [net] sctp: encode PROTOCOL VIOLATION error cause correctly (Thomas Graf) [750457 636828] - [fs] cifs: always do is_path_accessible check in cifs_mount (Jeff Layton) [738299 738300] {CVE-2011-3363} - [fs] cifs: add fallback in is_path_accessible for old servers (Jeff Layton) [738299 738300] {CVE-2011-3363} - [char] tpm: Zero buffer after copying to userspace (Jiri Benc) [732630 732631] {CVE-2011-1162} - [fs] hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops (Phillip Lougher) [712775 712776] {CVE-2011-2203} - [net] sctp: Set correct error cause value for missing parameters (Thomas Graf) [750451 629938] - [misc] kernel: plug taskstats io infoleak (Jerome Marchand) [716845 716846] {CVE-2011-2494} - [usb] Make device reset stop retrying after disconnect (Don Zickus) [750841 709699] - [net] ipv6: properly use ICMP6MSGOUT_INC_STATS in ndisc_send_skb (Jiri Pirko) [743611 698728] - [scsi] Reduce error recovery time by reducing use of TURs (Mike Christie) [741273 694625] - [mm] s390: fix first time swap use results in heavy swapping (Hendrik Brueckner) [747876 722482] - [virt] xen: fix GFP mask handling in dma_alloc_coherent (Laszlo Ersek) [742282 730247] - [s390] kernel: fix system hang if hangcheck timer expires (Hendrik Brueckner) [747872 730313] - [usb] fix interface sysfs file-creation bug (Don Zickus) [750848 637930] - [usb] don't touch sysfs stuff when altsetting is unchanged (Don Zickus) [750848 637930] - [base] Fix potential deadlock in driver core (Don Zickus) [750848 637930] - [security] keys: Fix NULL deref in user-defined key type (David Howells) [751300 751301] - [xen] passthrough: block VT-d MSI trap injection (Paolo Bonzini) [716301 716302] {CVE-2011-1898} [2.6.18-274.10.1.el5] - [net] be2net: enable NETIF_F_LLTX and add own locking of Tx path (Ivan Vecera) [750912 731806] - [net] be2net: fix multicast filter programming (Ivan Vecera) [750912 731806] - [net] be2net: fix cmd-rx-filter not notifying MCC (Ivan Vecera) [750912 731806] - [net] be2net: use RX_FILTER cmd to program multicast addresses (Ivan Vecera) [750912 731806] [2.6.18-274.9.1.el5] - [fs] nfs: re-add call to filemap_fdatawrite (David Jeffery) [750508 748999] [2.6.18-274.8.1.el5] - [fs] nfs: Don't call iput holding nfs_access_cache_shrinker lock (Steve Dickson) [749459 585935] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-2203 CVE-2011-1162 CVE-2011-1898 CVE-2011-4110 CVE-2011-2494 CVE-2011-3363 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.8.3-3] - Security fixes (CVE-2011-1777, CVE-2011-1778) (#739939) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1778 CVE-2011-1777 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 Oracle Linux 5 [2.3.16-6.4] - fix CVE-2011-3481: NULL pointer dereference via crafted References header in email (#738391) - fix CVE-2011-3372: nntpd authentication bypass (#740822) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3481 CVE-2011-3372 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:linux:5:8:base Oracle Linux 6 [2.12-1.47] - Don't start AVC thread until credentials are installed (#700507) [2.12-1.46] - Update systemtaparches [2.12-1.45] - Update configure script [2.12-1.44] - Add gdb hooks (#711927) [2.12-1.43] - Don't assume AT_PAGESIZE is always available (#739184) - Define IP_MULTICAST_ALL (#738763) [2.12-1.42] - Avoid race between {,__de}allocate_stack and __reclaim_stacks during fork (#738665) [2.12-1.41] - Locale-independent parsing in libintl (#737778) [2.12-1.40] - Change setgroups to affect all the threads in the process (#736346) [2.12-1.39] - Make sure AVC thread has capabilities (#700507) - Fix memory leak in dlopen with RTLD_NOLOAD (#699724) [2.12-1.38] - Build libresolv with stack protector (#730379) [2.12-1.37] - Maintain stack alignment when cancelling threads (#731042) [2.12-1.36] - Fix missing debuginfo (#729036) [2.12-1.35] - Report write error in addmnt even for cached streams (#688980, CVE-2011-1089) - Handle Lustre filesystem (#712248) [2.12-1.34] - Query NIS domain only when needed (#718057) - Update: Use mmap for allocation of buffers used for __abort_msg (#676591) [2.12-1.33] - Don't use gethostbyaddr to determine canonical name (#714823) [2.12-1.32] - ldd: never run file directly (#713134) [2.12-1.31] - Support Intel processor model 6 and model 0x2c (#695595) - Optimize memcpy for SSSE3 (#695812) - Optimize strlen for SSE2 (#695963) [2.12-1.30] - Support f_flags in Linux statfs implementation (#711987) [2.12-1.29] - Avoid overriding CFLAGS (#706903) [2.12-1.28] - Use mmap for allocation of buffers used for __abort_msg (#676591) [2.12-1.27] - Fix PLT use due to __libc_alloca_cutoff - Schedule nscd cache pruning more accurately from re-added values (#703481) - Fix POWER4 optimized strncmp to not read past differing bytes (#694386) [2.12-1.26] - Create debuginfo-common on biarch platforms (#676467) - Use Rupee sign in Indian locales (#692838) - Signal temporary host lookup errors in nscd as such to the requester (#703480) - Define initgroups callback for nss_files (#705465) LOW Copyright 2011 Oracle, Inc. CVE-2011-1089 CVE-2009-5064 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [2.6.32-220.el6] - [drm] i915: fix unmap race condition introduced with VT-d fix (Dave Airlie) [750583] - [scsi] iscsi: revert lockless queuecommand dispatch (Rob Evers) [751426] [2.6.32-219.el6] - [kernel] KEYS: Fix a NULL pointer deref in the user-defined key type (David Howells) [751190] {CVE-2011-4110} - [scsi] fc class: fix building of Fibre Channel DUP drivers in 6.2 (Mike Christie) [750268] - [fs] nfs: dont call __mark_inode_dirty while holding i_lock (Steve Dickson) [747391] - [netdrv] vxge: allow rebinding the driver with a different number of SR-IOV VFs (Michal Schmidt) [694742] - [netdrv] vxge: fix crash of VF when unloading PF (Michal Schmidt) [694742] - [ata] revert libata: remove SCSI host lock (David Milburn) [751426] - [crypto] ansi_cprng: enforce key != seed in fips mode (Jarod Wilson) [751198] - [net] mac80211: Fix reassociation processing within ESS roaming (John Linville) [750350] - [net] nl80211: Allow association to change channels during reassociation (John Linville) [750350] - [net] mac80211: let cfg80211 manage auth state (John Linville) [750350] - [net] cfg80211: avoid sending spurious deauth to userspace (John Linville) [750350] - [net] mac80211: recalculate idle later in MLME (John Linville) [750350] - [net] mac80211: avoid spurious deauth frames/messages (John Linville) [750350] - [net] cfg80211: Allow reassociation in associated state (John Linville) [750350] - [net] cfg80211: remove warning in deauth case (John Linville) [750350] - [net] netfilter: fix nf_conntrack refcount leak in l4proto->error() (Thomas Graf) [745472] - [scsi] qla2xxx: Remove check for null fcport from host reset handler (Chad Dupuis) [744741] - [scsi] qla2xxx: Perform implicit logout during rport tear-down (Chad Dupuis) [744741] - [scsi] Revert 'qla2xxx: Remove host_lock in queuecommand function' (Chad Dupuis) [744741] - [drm] nv50/disp: shutdown display on suspend/hibernate (Ben Skeggs) [740857] - [edac] Add sb_edac driver into the Red Hat Building system (Mauro Carvalho Chehab) [647700] - [edac] Fix incorrect edac mode reporting in sb_edac (Mauro Carvalho Chehab) [647700] - [edac] Add an experimental new driver to support Sandy Bridge CPUs (Mauro Carvalho Chehab) [647700] [2.6.32-218.el6] - [netdrv] benet: remove bogus 'unlikely' on vlan check (Ivan Vecera) [736429] {CVE-2011-3347} - [netdrv] be2net: non-member vlan pkts not received in promiscous mode (Ivan Vecera) [736429] {CVE-2011-3347} - [netdrv] be2net: fix crash receiving non-member VLAN packets (Ivan Vecera) [736429] {CVE-2011-3347} - [mm] fix race between mremap and removing migration entry (Andrea Arcangeli) [751084] [2.6.32-217.el6] - [fs] GFS2: rewrite fallocate code to write blocks directly (Benjamin Marzinski) [750208] {CVE-2011-4098} - [netdrv] bnx2x: link fixes for 57810 (Andy Gospodarek) [749421] - [netdrv] enic: fix accidental GRO off by default (Stefan Assmann) [749390] - [scsi] qla2xxx: Correct inadvertent clearing of RISC_INTR status (Chad Dupuis) [748978] - [debug] lockdep: double MAX_LOCKDEP_ENTRIES (Kyle McMartin) [748941] - [x86] Add missing KERN_DEBUG to x86 module printk (Prarit Bhargava) [747837] - [x86] Update module alternatives message (Prarit Bhargava) [745596] - [x86] UV: KABI breakage in uv_blade_info (George Beshers) [745253] - [net] vlan: fix panic when handling priority tagged frames (Andy Gospodarek) [714936] {CVE-2011-3593} - [scsi] qla4xxx: Autologin persisted target entries update (Mike Christie) [747696] - [mm] oom: fix integer overflow of points in oom_badness (Frantisek Hrbata) [741207] {CVE-2011-4097} [2.6.32-216.el6] - [scsi] lockless queuecommand dispatch fixup (Rob Evers) [749018] - [scsi] iscsi class: export pid of process that created session (Mike Christie) [747696] - [scsi] qla4xxx: Autologin persisted target entries (Mike Christie) [747696] - [netdrv] iwlagn: enable 11n aggregation without checking traffic load (John Linville) [744361] - [s390x] qdio: EQBS retry after CCQ 96 (Hendrik Brueckner) [747578] - [s390x] dasd: fix UID readout for z/VM (Hendrik Brueckner) [746000] - [x86] PCI: irq and pci_ids patch for Intel Panther Point DeviceIDs (Prarit Bhargava) [747638] - [netdrv] Help 6.1 out of tree drivers cope with ABI breakage (Thomas Graf) [746570] - [mm] shmem: let shared anonymous be nonlinear again (Larry Woodman) [690129] - [fs] ext4: fix BUG_ON() in ext4_ext_insert_extent() (Lukas Czerner) [742091] {CVE-2011-3638} - [ipc] mqueue: separate mqueue default value from maximum value (Motohiro Kosaki) [746606] - [ipc] mqueue: dont use kmalloc with KMALLOC_MAX_SIZE (Motohiro Kosaki) [746606] - [ipc] mqueue: revert bump up DFLT_*MAX (Motohiro Kosaki) [746606] - [kernel] ipc/mqueue: Up the hard limit on message queues per namespace (Doug Ledford) [746606] - [kernel] ipc/mqueue: update maximums for the mqueue subsystem (Doug Ledford) [746606] - [kernel] ipc/mqueue: enforce hard limits (Doug Ledford) [746606] - [kernel] ipc/mqueue: switch back to using non-max values on create (Doug Ledford) [746606 746898] - [kernel] ipc/mqueue: cleanup definition names and locations (Doug Ledford) [746606] - [kernel] Revert 'Restore max mqueue message size to its previous RHEL 5 value' (Doug Ledford) [746606] [2.6.32-215.el6] - [virt] index of virtio disk is not decremented when removed (Mark Wu) [692767] - [edac] i7core_edac: Initialize memory name with cpu, channel, bank (Mauro Carvalho Chehab) [712957] - [kernel] perf: Optimize event scheduling locking (Steve Best) [744986] - [drm] i915: set the right SDVO transcoder for CPT (Adam Jackson) [735122] - [scsi] libfc: Prevent race that causes panic during FCoE port destroy (Neil Horman) [735959] - [scsi] qla4xxx: Update driver version to 5.02.00-k8 (Mike Christie) [732622] - [scsi] qla4xxx: updated device id check for BFS (Mike Christie) [732622] - [scsi] qla4xxx: Fixed target discovery failed issue (Mike Christie) [732622] - [scsi] qla4xxx: Fixed active session re-open issue (Mike Christie) [732622] - [scsi] qla4xxx: Fixed device blocked issue on link up-down (Mike Christie) [732622] - [scsi] qla4xxx: Fixed session destroy issue on link up-down (Mike Christie) [732622] - [scsi] qla4xxx: Clear DDB map index on the basis of AEN (Mike Christie) [732622] - [scsi] qla4xxx: Free Device Database (DDB) reserved by FW (Mike Christie) [732622] - [scsi] qla4xxx: Fix getting BIDI CHAP for boot targets (Mike Christie) [732622] - [scsi] qla4xxx: Fix exporting boot targets to sysfs (Mike Christie) [732622] - [scsi] qla4xxx: Do not add duplicate CHAP entry in FLASH (Mike Christie) [732622] - [scsi] qla4xxx: Fix bidirectional CHAP (Mike Christie) [732622] - [scsi] qla4xxx: Add new FLT firmware region (Mike Christie) [732622] - [scsi] qla4xxx: Update license (Mike Christie) [732622] - [scsi] iscsi class: fix vlan configuration (Mike Christie) [732622] - [scsi] qla4xxx: fix data alignment and use nl helpers (Mike Christie) [732622] - [scsi] iscsi class: fix link local mispelling (Mike Christie) [732622] - [scsi] qla4xxx: Added Get ACB support using BSG (Mike Christie) [732622] - [scsi] qla4xxx: Added restore factory defaults support using BSG (Mike Christie) [732622] - [scsi] qla4xxx: added support to update initiator iscsi port (Mike Christie) [732622] - [scsi] scsi_transport_iscsi: Added support to update initiator iscsi port (Mike Christie) [732622] - [scsi] qla4xxx: Added vendor specific sysfs attributes (Mike Christie) [732622] - [scsi] qla4xxx: Add read/update NVRAM support for 40xx adapters using BSG (Mike Christie) [732622] - [scsi] qla4xxx: Add get ACB state support using BSG (Mike Christie) [732622] - [scsi] qla4xxx: Code cleanup for read/update flash using BSG (Mike Christie) [732622] - [scsi] qla4xxx: Added support to update mtu (Mike Christie) [732622] - [scsi] scsi_transport_iscsi: Added support to update mtu (Mike Christie) [732622] - [scsi] libfc: improve flogi retries to avoid lport stuck (Mike Christie) [745667] - [scsi] libfc: avoid exchanges collision during lport reset (Mike Christie) [745667] - [scsi] libfc: fix checking FC_TYPE_BLS (Mike Christie) [745667] - [scsi] libfc: revert fix deadlock bug in fc_exch_abort_locked (Mike Christie) [745667] - [dm] log userspace: Allow for 'log device name' response in CTR msg exchange (Jonathan E Brassow) [746254] - [dm] kcopyd: fix job_pool leak (Mike Snitzer) [748441] - [netdrv] igb: Fix for Alt MAC Address feature on 82580 and later (Andy Gospodarek) [748503] [2.6.32-214.el6] - [dm] table: add immutable feature (Mike Snitzer) [747438] - [mm] reduce overhead on paravirt functions (Larry Woodman) [743554] [2.6.32-213.el6] - [netdrv] Fixing use of netif_set_real_num_tx_queues in niu.c (Neil Horman) [742117] - [netdrv] Fixing use of netif_set_real_num_tx_queues in myri10ge.c (Neil Horman) [742117] - [netdrv] Fixing use of netif_set_real_num_tx_queues in igb_main.c (Neil Horman) [742117] - [netdrv] Fixing use of netif_set_real_num_tx_queues in cxgb4_main.c (Neil Horman) [742117] - [netdrv] Fixing use of netif_set_real_num_tx_queues in cxgb3_main.c (Neil Horman) [742117] - [netdrv] Fixing use of netif_set_real_num_tx_queues in bnx2.c (Neil Horman) [742117] - [ppc] kabi: add symbol 'paca' to ppc KABI (Jiri Olsa) [737466] - [fs] proc: fix oops on invalid /proc/pid/maps access (Johannes Weiner) [746613] {CVE-2011-3637} - [nfs] fix pNFS hang and oops on umounts (Steve Dickson) [746861] - [scsi] qla4xxx: export address/port of connection (Mike Christie) [728156] - [netdrv] Fix pktgen to not oops on unsupported drivers (Neil Horman) [678794] - [kernel] tracing: Update the comm field in the right variable in update_max_tr (Jiri Olsa) [736955] - [kernel] kabi: Add missing compat_alloc_user_space symbol to kABI (Jiri Olsa) [747047] - [kernel] fix taskstats io infoleak (Jerome Marchand) [716848] {CVE-2011-2494} - [x86] ACPI, APEI, HEST: Detect duplicated hardware error source ID (Don Zickus) [737189] - [netdrv] Add latest cxgb3 firmware (Neil Horman) [742011] [2.6.32-212.el6] - [net] bridge: fix use after free in __br_deliver() (Amerigo Wang) [730756] {CVE-2011-2942} - [scsi] Update lpfc version for 8.3.5.45.4p driver release (Rob Evers) [746668] - [scsi] Fix crash when cfg_fcp_eq_count is zero (Rob Evers) [746668] - [scsi] Fix kernel crash during boot with SLI4 card installed (Rob Evers) [746668] - [scsi] Properly clean up EQ and CQ child lists to prevent kernel crash (Rob Evers) [746668] - [kabi] add missing symbols for Emulex be2net driver (Jiri Olsa) [745712] - [netdrv] netxen-firmware: Install the 4.0.579 firmware (Kyle McMartin) [741776] - [perf] symbols: Treat all memory maps without dso file as loaded (Jiri Olsa) [726582] - [debug] increase MAX_STACK_TRACE_ENTRIES (Kyle McMartin) [645777] - [fs] cifs: add fallback in is_path_accessible for old servers (Jeff Layton) [692709] {CVE-2011-3363} - [tpm] Zero buffer after copying to userspace (Jiri Benc) [732633] {CVE-2011-1161 CVE-2011-1162} - [pci] intel-iommu: IOTLB hang workaround (Dave Airlie) [728476] - [drm] i915: Fix hang on Ironlake mobile GPU with VT-d (Dave Airlie) [728476] - [drm] i915: Remove early exit on i915_gpu_idle (Dave Airlie) [728476] - [drm] nv50/bios: fixup mpll programming from the init table parser (Ben Skeggs) [744992] - [drm] nv50/vram: fix incorrect detection of bank count on newer chipsets (Ben Skeggs) [744992] - [drm] radeon: fix llano output setup + memory corruption (Dave Airlie) [747292] - [drm] radeon caicos enablement fixes (Dave Airlie) [747291] - [pci] Disable SRIOV on powerpc (Prarit Bhargava) [742089] - [pci] Add pci=nosriov to disable SRIOV (Prarit Bhargava) [742089] - [x86] apic: ack all pending irqs when crashed/on kexec (Takao Indoh) [704142] [2.6.32-211.el6] - [scsi] libsas: fix warnings when checking sata/stp protocol (David Milburn) [695950] - [scsi] libsas: disable scanning lun > 0 on ata devices (David Milburn) [695950] - [scsi] libsas: Allow expander T-T attachments (David Milburn) [695950] - [usb] xhci: Make xHCI driver endian-safe (Don Zickus) [745967] - [infiniband] RDMA/cxgb3: Dont post zero-byte read if endpoint is going away (Neil Horman) [717379] - [scsi] isci: atapi support (David Milburn) [743692] - [x86] amd: Move BSP code to cpu_dev helper (Larry Woodman) [739456] - [x86] Add a BSP cpu_dev helper (Larry Woodman) [739456] - [x86] amd: Avoid cache aliasing penalties on AMD family 15h (Larry Woodman) [739456] - [net] ipv6: fix NULL dereference in udp6_ufo_fragment() (Jason Wang) [740465] - [netdrv] cxgb4: Updating NIC driver firmware (Neil Horman) [717806] - [netdrv] cxgb3: Fix NULL pointer dereference in t3_l2t_get (Neil Horman) [729737] - [netdrv] bnx2x: remaining fixes from upstream 3.1 (Michal Schmidt) [743917] - [netdrv] e1000e: fix WoL on 82578DM and 82567V3 (Andy Gospodarek) [699042] - [netdrv] tg3: Use netif_set_real_num_tx_queues() (Jiri Pirko) [740477] - [netdrv] bnx2x: critical fixes (Veaceslav Falico) [745211] - [netdrv] bonding: properly stop queuing work when requested (Andy Gospodarek) [736904] - [netdrv] tg3: negate USE_PHYLIB flag check (Jiri Pirko) [746006] - [x86] Add new cpu capabilities to /proc/cpuinfo (Prarit Bhargava) [745799] - [kabi] add missing multipath symbols for s390x (Aristeu Rozanski) [714992] - [perf] sched: Fix script command documentation (Jiri Olsa) [726589] - [pm] hibernate: Fix memory corruption related to swap (Stanislaw Gruszka) [701857] - [scsi] hpsa: add heartbeat sysfs host attribute (Tomas Henzl) [730027] - [scsi] Revert megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [736667] - [fs] GFS2: Fix ->page_mkwrite() races (Steven Whitehouse) [725091] - [scsi] scsi_transport_fc: Fix deadlock during fc_remove_host (Mike Christie) [714320] - [kernel] workqueue: Fix workqueue deadlock during destroy_workqueue (Mike Christie) [714320] - [sched] Avoid expensive initial update_cfs_load() (Larry Woodman) [741569 742414] - [sched] Simplify update_cfs_shares parameters (Larry Woodman) [741569 742414] - [sched] Fix/remove redundant cfs_rq checks (Larry Woodman) [741569 742414] - [sched] Fix sign under-flows in wake_affine (Larry Woodman) [741569 742414] - [sched] Update effective_load() to use global share weights (Larry Woodman) [741569 742414] - [sched] Fix interactivity bug by charging unaccounted run-time on entity re-weight (Larry Woodman) [741569 742414] - [sched] Move periodic share updates to entity_tick() (Larry Woodman) [741569 742414] - [sched] Fix UP build breakage (Larry Woodman) [741569 742414] - [sched] Update tg->shares after cpu.shares write (Larry Woodman) [741569 742414] [2.6.32-210.el6] - [drm] i915: fix IVB cursor support (Adam Jackson) [741780] - [drm] i915: always set FDI composite sync bit (Adam Jackson) [745564] - [netdrv] bnx2i: Fixed the endian on TTT for NOP out transmission (Mike Christie) [745676] - [scsi] megaraid_sas: Add driver workaround for PERC5/1068 kdump kernel panic (Tomas Henzl) [723218] - [ata] AHCI: Add new Panther Point RAID DeviceID (Prarit Bhargava) [745484] - [scsi] isci: export phy events via ->lldd_control_phy() (David Milburn) [743654] - [scsi] isci: The port state should be set to stopping on the last phy (David Milburn) [743654] - [scsi] isci: fix decode of DONE_CRC_ERR TC completion status (David Milburn) [743654] - [scsi] isci: SATA/STP I/O is only returned in the normal path to libsas (David Milburn) [743654] - [scsi] isci: fix support for large smp requests (David Milburn) [743654] - [scsi] isci: fix missed unlock in apc_agent_timeout() (David Milburn) [743654] - [scsi] isci: fix event-get pointer increment (David Milburn) [743654] - [scsi] isci: add version number (David Milburn) [743654] - [scsi] isci: dynamic interrupt coalescing (David Milburn) [743654] - [scsi] isci: fix sata response handling (David Milburn) [743654] - [scsi] isci: Leave requests alone if already terminating (David Milburn) [743654] - [fs] jbd: Fix forever sleeping process in do_get_write_access() (Harshula Jayasuriya) [744979] - [fs] jbd2: Fix forever sleeping process in do_get_write_access() (Harshula Jayasuriya) [744979] - [net] ipv6: fix refcnt problem related to POSTDAD state (Weiping Pan) [709280 731608] - [x86] paravirt: PTE updates in k(un)map_atomic need to be synchronous, regardless of lazy_mmu mode (Igor Mammedov) [632802] - [s390x] qdio: 2nd stage retry on SIGA-W busy conditions (Hendrik Brueckner) [732708] - [s390x] kernel: NSS creation with initrd fails (Hendrik Brueckner) [730780] - [s390x] qeth: wrong number of output queues for HiperSockets (Hendrik Brueckner) [730701] - [s390x] qeth: l3 ipv6 vlan not working on shared OSA chpid (Hendrik Brueckner) [727850] - [x86] Intel pci: Provide option to enable 64-bit IOMMU pass through mode (George Beshers) [696420] - [x86] intel-iommu: Remove Host Bridge devices from identity mapping (George Beshers) [696420] - [x86] intel-iommu: Add domain check in domain_remove_one_dev_info (George Beshers) [696420] - [x86] intel-iommu: Use coherent DMA mask when requested (George Beshers) [696420] - [x86] intel-iommu: Dont cache iova above 32bit (George Beshers) [696420] - [x86] intel-iommu: Speed up processing of the identity_mapping function (George Beshers) [696420] - [x86] intel-iommu: Check for identity mapping candidate using system dma mask (George Beshers) [696420] - [scsi] tcm_fc: Fix to activate non-offload path for FCoE target (Andy Grover) [638007] [2.6.32-209.el6] - [pci] edd: Treat 'XPRS' host bus type the same as 'PCI' (Mike Christie) [742059] - [scsi] be2iscsi: Move driver Version (Mike Christie) [738163 738934] - [scsi] be2iscsi: memset wrb for ring create (Mike Christie) [738163 738934] - [scsi] be2iscsi: Fix for case where task->sc was cleanedup earlier (Mike Christie) [738163 738934] - [scsi] be2iscsi: Fix for wrong dmsg setting in wrb (Mike Christie) [738163 738934] - [scsi] be2iscsi: Fix for kdump failure (Mike Christie) [738163 738934] - [sched] wait_for_completion_interruptible_timeout() should return signed long (J. Bruce Fields) [738379] [2.6.32-208.el6] - [net] fix net_dev_xmit tracepoint use of freed skb (Jiri Pirko) [705253] - [block] kabi: symbols missing for FusionIO iomemory-vsl driver (Jiri Olsa) [735227] - [netdrv] kabi: symbols missing for Emulex be2net driver (Jiri Olsa) [735229] - [virt] xen: use maximum reservation to limit amount of usable RAM (Igor Mammedov) [743590] - [usb] additional regression fix for device removal (Don Zickus) [744154] - [usb] fix regression occurring during device removal (Don Zickus) [744154] - [usb] Lower USB storage settling delay to something more reasonable (Don Zickus) [743959] [2.6.32-207.el6] - [netdrv] bna: Multiple Definition and Interface Setup Fix (Ivan Vecera) [743347] - [netdrv] bna: Driver Version changed to 3.0.2.2 (Ivan Vecera) [743347] - [netdrv] bna: Add Callback to Fix RXQ Stop (Ivan Vecera) [743347] - [netdrv] bna: PLL Init Fix and Add Stats Attributes (Ivan Vecera) [743347] - [netdrv] bna: Brocade 1860 HW Enablement (Ivan Vecera) [743347] - [netdrv] bna: Implement FW Download for New HW (Ivan Vecera) [743347] - [netdrv] bna: Capability Map and MFG Block Changes for New HW (Ivan Vecera) [743347] - [netdrv] bna: PCI Probe Conf Lock Fix (Ivan Vecera) [743347] - [netdrv] bna: Eliminate Small Race Condition Window in RX Path (Ivan Vecera) [743347] - [netdrv] bna: Set Ring Param Fix (Ivan Vecera) [743347] - [netdrv] bna: Semaphore Lock Fix (Ivan Vecera) [743347] - [netdrv] bna: make function tables cont (Ivan Vecera) [743347] - [netdrv] bna: Driver Version changed to 3.0.2.1 (Ivan Vecera) [743347] - [netdrv] bna: SKB PCI UNMAP Fix (Ivan Vecera) [743347] - [netdrv] bna: TX Queue Depth Fix (Ivan Vecera) [743347] - [netdrv] bna: MBOX IRQ Flag Check after Locking (Ivan Vecera) [743347] - [netdrv] bna: Async Mode Tx Rx Init Fix (Ivan Vecera) [743347] - [netdrv] bna: Ethtool Enhancements and Fix (Ivan Vecera) [743347] - [netdrv] bna: Initialization and Locking Fix (Ivan Vecera) [743347] - [netdrv] bna: Formatting and Code Cleanup (Ivan Vecera) [743347] - [netdrv] bna: TX Path and RX Path Changes (Ivan Vecera) [743347] - [netdrv] bna: Interrupt Polling and NAPI Init Changes (Ivan Vecera) [743347] - [netdrv] bna: PCI Probe Fix (Ivan Vecera) [743347] - [netdrv] bna: Naming Change and Minor Macro Fix (Ivan Vecera) [743347] - [netdrv] bna: off by one in bfa_msgq_rspq_pi_update() (Ivan Vecera) [743347] - [netdrv] bna: unlock on error path in pnad_pci_probe() (Ivan Vecera) [743347] - [scsi] libfc: fix deadlock bug in fc_exch_abort_locked (Mike Christie) [740096] - [scsi] bnx2fc: Bumped version to 1.0.8 (Mike Christie) [740096] - [scsi] bnx2fc: Return error statistics of remote peer (Mike Christie) [740096] - [scsi] fcoe/libfcoe: Move common code for fcoe_get_lesb to fcoe_transport (Mike Christie) [740096] - [scsi] bnx2fc: call ctlr_link_up only when the interface is enabled (Mike Christie) [740096] - [scsi] bnx2fc: Add driver documentation (Mike Christie) [740096] - [scsi] bnx2fc: Bumped version to 1.0.7 (Mike Christie) [740096] - [scsi] bnx2fc: Handle bnx2fc_map_sg failure (Mike Christie) [740096] - [scsi] bnx2fc: Replace scsi_dma_map() with dma_map_sg() (Mike Christie) [740096] - [x86] acpi: Prevent acpiphp from deadlocking on PCI-to-PCI bridge remove (Prarit Bhargava) [732706] - [x86] UV2: add missing kABI bits (George Beshers) [741432] - [ppc] pci: Check devices status property when scanning OF tree (Steve Best) [738450] - [drm] radeon/kms: reject video mode that would go over bandwidth limit on RN50 (Jerome Glisse) [729976] - [fs] deal with races in /proc/*/syscall, stack, personality (Johannes Weiner) [692039] - [fs] proc: enable writing to /proc/pid/mem (Johannes Weiner) [692039] - [fs] proc: make check_mem_permission() return an mm_struct on success (Johannes Weiner) [692039] - [fs] proc: hold cred_guard_mutex in check_mem_permission() (Johannes Weiner) [692039] - [fs] proc: disable mem_write after exec (Johannes Weiner) [692039] - [mm] implement access_remote_vm (Johannes Weiner) [692039] - [mm] factor out main logic of access_process_vm (Johannes Weiner) [692039] - [mm] use mm_struct to resolve gate vmas in __get_user_pages (Johannes Weiner) [692039] - [mm] rename in_gate_area_no_task to in_gate_area_no_mm (Johannes Weiner) [692039] - [mm] make in_gate_area take an mm_struct instead of a task_struct (Johannes Weiner) [692039] - [mm] make get_gate_vma take an mm_struct instead of a task_struct (Johannes Weiner) [692039] - [x86] mark associated mm when running a task in 32 bit compatibility mode (Johannes Weiner) [692039] - [x86] add context tag to mark mm when running a task in 32-bit compatibility mode (Johannes Weiner) [692039] - [fs] auxv: require the target to be tracable (or yourself) (Johannes Weiner) [692039] - [fs] close race in /proc/*/environ (Johannes Weiner) [692039] - [fs] report errors in /proc/*/*map* sanely (Johannes Weiner) [692039] - [fs] pagemap: close races with suid execve (Johannes Weiner) [692039] - [fs] make sessionid permissions in /proc/*/task/* match those in /proc/* (Johannes Weiner) [692039] {CVE-2011-1020} [2.6.32-206.el6] - [ppc] ibmveth: Fix leak when recycling skb and hypervisor returns error (Steve Best) [740548] - [fs] nfs: Do not allow multiple mounts on same mountpoint when using -o noac (Sachin Prabhu) [584768] - [scsi] megaraid: fix FastPath and update to v5.40 (Tomas Henzl) [726225] - [acpi] APEI: set enable bit for OSC call (Matthew Garrett) [734509] - [block] Whitelist symbols for dm-switch multipathing driver (Shyam Iyer) [714992] - [x86] Missing 'unregister_cpu_notifier' in powernow-k8.c (Prarit Bhargava) [741302] - [virt] xen-netfront: fix MTU reset after migration (Paolo Bonzini) [733651] [2.6.32-205.el6] - [mm] add extra free kbytes tunable (Rik van Riel) [696395] - [build] Makefile: include RHEL_RELEASE in version.h (Aristeu Rozanski) - [ppc] Fix bogus it_blocksize in VIO iommu code (Steve Best) [738449] - [ppc] hvcs: Ensure page aligned partner info buffer (Steve Best) [739749] - [virt] KVM: Enable RDRAND feature support for KVM (Don Dugger) [721131] - [virt] x86, cpu: Add CPU flags for F16C and RDRND (Don Dugger) [721131] - [mm] zram: prevent accessing an unallocated table when init fails early (Jerome Marchand) [732707] - [mm] zram: fix zram locking (Jerome Marchand) [732707] - [ppc] eeh: Display eeh error location for bus and device (Steve Best) [707843] - [ppc] pseries/eeh: Handle functional reset on non-PCIe device (Steve Best) [707843] - [ppc] pseries/eeh: Propagate needs_freset flag to device at PE (Steve Best) [707843] - [ppc] eeh: Add support for ibm, configure-pe RTAS call (Steve Best) [707843] - [scsi] isci: initial sgpio write support (David Milburn) [735318] - [scsi] isci: fix sgpio register definitions (David Milburn) [735318] - [scsi] libsas: sgpio write support (David Milburn) [735318] - [drm] i915: set GFX_MODE to pre-Ivybridge default value even on Ivybridge (Adam Jackson) [695793] [2.6.32-204.el6] - [netdrv] firmware: add bnx2x FW 7.0.23 (Michal Schmidt) [733693] - [netdrv] bnx2x: Add new PHY BCM54616 (Michal Schmidt) [733888] - [netdrv] bnx2x: fixes from upstream 3.1-rc (Michal Schmidt) [733693] - [netdrv] bnx2x: driver-side changes for firmware 7.0.23 (Michal Schmidt) [733693] - [netdrv] bnx2x: add missing DCB callbacks (Michal Schmidt) [733693] - [scsi] scan: dont fail scans when host is in recovery (Mike Christie) [713682] - [usb] dont let errors prevent system sleep (Don Zickus) [732457 732909 735048 735050 735263] - [usb] dont let the hub driver prevent system sleep (Don Zickus) [732457 732909 735048 735050 735263] - [usb] xhci: Reject double add of active endpoints (Don Zickus) [732457 732909 735048 735050 735263] - [usb] Free bandwidth when usb_disable_device is called (Don Zickus) [732457 732909 735048 735050 735263] - [usb] disable endpoints after unbinding interfaces, not before (Don Zickus) [732457 732909 735048 735050 735263] - [usb] xhci: Dont warn about zeroed bMaxBurst descriptor field (Don Zickus) [732457 732909 735048 735050 735263] - [usb] xHCI 1.0: Force Stopped Event(FSE) (Don Zickus) [732457 732909 735048 735050 735263] - [usb] xHCI 1.0: introduce Incompatible Device Error (Don Zickus) [732457 732909 735048 735050 735263] - [usb] xhci: Add reset on resume quirk for asrock p67 host (Don Zickus) [732457 732909 735048 735050 735263] - [usb] xhci: Always set urb->status to zero for isoc endpoints (Don Zickus) [732457 732909 735048 735050 735263] - [usb] Fix up URB error codes to reflect implementation (Don Zickus) [732457 732909 735048 735050 735263] - [usb] config: use proper endian access for wMaxPacketSize (Don Zickus) [732457 732909 735048 735050 735263] - [usb] xhci: fix OS want to own HC (Don Zickus) [732457 732909 735048 735050 735263] - [usb] xhci: Dont submit commands or URBs to halted hosts (Don Zickus) [732457 732909 735048 735050 735263] - [usb] usbcore: warm reset USB3 port in SS.Inactive state (Don Zickus) [732457 732909 735048 735050 735263] - [usb] Refine USB3.0 device suspend and resume (Don Zickus) [732457 732909 735048 735050 735263] - [usb] fix system suspend with USB3.0 device connected to USB3.0 hub (Don Zickus) [732457 732909 735048 735050 735263] - [usb] Clear 'warm' port reset change (Don Zickus) [732457 732909 735048 735050 735263] - [netdrv] b43: allocate receive buffers big enough for max frame len + offset (RuiRui Yang) [738205] {CVE-2011-3359} - [netdrv] tg3: call netif_carrier_off to initialize operstate value (John Feeney) [727330] - [fs] fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (RuiRui Yang) [736765] {CVE-2011-3353} - [fs] cifs: fix possible memory corruption in CIFSFindNext (Jeff Layton) [730354] {CVE-2011-3191} - [fs] nfsd4: fix open downgrade, again (J. Bruce Fields) [729176] - [fs] jbd[2]: Use WRITE_SYNC_PLUG in journal_commit_transaction (Jeff Moyer) [720918] - [fs] mbcache: Limit the maximum number of cache entries (Eric Sandeen) [731585] - [netdrv] netxen: Add firmware version 4.0.557[579]. (Chad Dupuis) [741776] - [netdrv] netxen: Add pcie workaround (Chad Dupuis) [741774] - [netdrv] netxen: add vlan LRO support (Chad Dupuis) [741774] - [netdrv] netxen: add fw version compatibility check (Chad Dupuis) [741774] - [netdrv] netxen: drivers/net: Remove casts of void * (Chad Dupuis) [741774] - [netdrv] netxen: fix race in skb->len access (Chad Dupuis) [741774] - [netdrv] netxen: drivers/net: Remove unnecessary semicolons (Chad Dupuis) [741774] - [netdrv] netxen: ethtool: cosmetic: Use ethtool ethtool_cmd_speed API (Chad Dupuis) [741774] - [netdrv] netxen: ethtool: Use full 32 bit speed range in ethtools set_settings (Chad Dupuis) [741774] [2.6.32-203.el6] - [fs] xfs: avoid direct I/O write vs buffered I/O race (Dave Chinner) [732976] - [fs] xfs: dont serialise adjacent concurrent direct IO appending writes (Dave Chinner) [732976] - [fs] xfs: dont serialise direct IO reads on page cache checks (Dave Chinner) [732976] - [fs] gfs2: Ignore buffers with wrong state during fsync (Abhijith Das) [740066] - [fs] GFS2: balance pages on gfs2_fallocate. (Benjamin Marzinski) [737989] - [fs] xfs: avoid synchronous transactions when deleting attr blocks (Dave Chinner) [740312] - [fs] GFS2: large file delete/unlink is slow (Robert S Peterson) [739987] - [fs] ext4: optimize ext4_check_dir_entry() (Eric Sandeen) [714007] - [fs] Fix do_lookup false negative. (David Howells) [693841] - [netdrv] tg3: Fix VLAN creation problem (John Feeney) [731268 732769] - [netdrv] ixgbe: fix improper check of dma address for NULL (Neil Horman) [683611] - [netdrv] e1000: dont enable dma receives until after dma address has been setup (Dean Nelson) [703357] - [net] sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [729220] [2.6.32-202.el6] - [net] br_multicast: Ensure to initialize BR_INPUT_SKB_CB(skb)->mrouters_only. (Herbert Xu) [738110] [2.6.32-201.el6] - [x86] Add rh_kabi.c and protect struct alt_instr under KABI (Prarit Bhargava) [737753] - [x86] Fix module alt_instr KABI breakage (Prarit Bhargava) [737753] [2.6.32-200.el6] - [build] Makefile: update RHEL_MINOR to 2 (Aristeu Rozanski) - [scsi] scsi_lib: pause between error retries (Rob Evers) [736812] - [kernel] perf tools: do not look at ./config for configuration (Jiri Benc) [730204] {CVE-2011-2905} - [scsi] Fix out of spec CD-ROM problem with media change (Rob Evers) [703366] - [netdrv] bna: Driver Version changed to 3.0.2.0 (Ivan Vecera) [701486] - [netdrv] bna: Remove Obsolete Files (Ivan Vecera) [701486] - [netdrv] bna: Remove Unused Code (Ivan Vecera) [701486] - [netdrv] bna: ENET and Tx Rx Redesign Enablement (Ivan Vecera) [701486] - [netdrv] bna: Add New HW Defs (Ivan Vecera) [701486] - [netdrv] bna: Tx and Rx Redesign (Ivan Vecera) [701486] - [netdrv] bna: Introduce ENET as New Driver and FW Interface (Ivan Vecera) [701486] - [netdrv] bna: MSGQ Implementation (Ivan Vecera) [701486] - [netdrv] bna: Remove Obsolete File bfi_ctreg.h (Ivan Vecera) [701486] - [netdrv] bna: Consolidated HW Registers for Supported HWs (Ivan Vecera) [701486] - [netdrv] bna: Remove get_regs Ethtool Support (Ivan Vecera) [701486] - [netdrv] bna: HW Interface Init Update (Ivan Vecera) [701486] - [netdrv] bna: Remove Unnecessary CNA Check (Ivan Vecera) [701486] - [netdrv] bna: Header File Consolidation (Ivan Vecera) [701486] - [netdrv] bna: HW Error Counter Fix (Ivan Vecera) [701486] - [netdrv] bna: Add HW Semaphore Unlock Logic (Ivan Vecera) [701486] - [netdrv] bna: IOC Event Name Change (Ivan Vecera) [701486] - [netdrv] bna: Mboxq Flush When IOC Disabled (Ivan Vecera) [701486] - [netdrv] bna: Minor IRQ Index and Definition Change (Ivan Vecera) [701486] - [netdrv] bna: State Machine Fault Handling Cleanup (Ivan Vecera) [701486] - [netdrv] bna: IOC Event Notification Enhancement (Ivan Vecera) [701486] - [netdrv] bna: CheckPatch Cleanup (Ivan Vecera) [701486] - [netdrv] bna: Print Driver Version (Ivan Vecera) [701486] - [netdrv] bna: use netdev_alloc_skb_ip_align() (Ivan Vecera) [701486] - [netdrv] bna: ethtool: cosmetic: Use ethtool ethtool_cmd_speed API (Ivan Vecera) [701486] - [netdrv] bna: ethtool: Use full 32 bit speed range in ethtools set_settings (Ivan Vecera) [701486] - [net] bna: fix compile warning of bfa_ioc_smem_pgoff defined but not used (Ivan Vecera) [701486] - [netdrv] bna: Fix set-but-unused variables. (Ivan Vecera) [701486] - [netdrv] bna: use device model DMA API (Ivan Vecera) [701486] - [netdrv] bna: Remove unnecessary memset(,0,) (Ivan Vecera) [701486] [2.6.32-199.el6] - [scsi] libfcoe: fix compilation when fcoe.ko is not used (Mike Christie) [727304] - [scsi] bnx2fc: Bumped version to 1.0.6 (Mike Christie) [727304] - [scsi] bnx2fc: Fix FW assert during RSCN stress tests (Mike Christie) [727304] - [scsi] bnx2fc: Fix panic caused because of incorrect errror handling in create() (Mike Christie) [727304] - [scsi] bnx2fc: Avoid calling bnx2fc_if_destroy with unnecessary locks (Mike Christie) [727304] - [scsi] bnx2fc: Validate vlan id in NETDEV_UNREGISTER handler (Mike Christie) [727304] - [scsi] bnx2fc: No abort issued for REC when it times out (Mike Christie) [727304] - [scsi] bnx2fc: Send solicitation only after vlan discovery is complete (Mike Christie) [727304] - [scsi] bnx2fc: Reset max receive frame size during link up (Mike Christie) [727304] - [scsi] bnx2fc: Do not use HBA_DBG macro when lport is not available (Mike Christie) [727304] - [scsi] bnx2fc: increase cleanup wait time (Mike Christie) [727304] - [scsi] bnx2fc: Bump version to 1.0.5 (Mike Christie) [727304] - [scsi] bnx2fc: Prevent creating of NPIV port with duplicate WWN (Mike Christie) [727304] - [scsi] bnx2fc: Obtain WWNN/WWPN from the shared memory (Mike Christie) [727304] - [scsi] fcoe: Move common functions to fcoe_transport library (Mike Christie) [727304] - [scsi] bnx2fc: Drop incoming ABTS (Mike Christie) [727304] - [scsi] bnx2fc: code cleanup in bnx2fc_offload_session (Mike Christie) [727304] - [scsi] bnx2fc: Fix NULL pointer deref during arm_cq (Mike Christie) [727304] - [scsi] bnx2fc: Do not reuse the fcoe connection id immediately (Mike Christie) [727304] - [scsi] bnx2fc: Clear DESTROY_CMPL flag after firmware destroy (Mike Christie) [727304] - [scsi] bnx2fc: Handle NETDEV_UNREGISTER for vlan devices (Mike Christie) [727304] - [scsi] bnx2fc: Reorganize cleanup code between interface_cleanup and if_destroy (Mike Christie) [727304] - [scsi] bnx2fc: Change function names of bnx2fc_netdev_setup/bnx2fc_netdev_cleanup (Mike Christie) [727304] - [scsi] bnx2fc: Do not attempt destroying NPIV port twice (Mike Christie) [727304] - [scsi] bnx2fc: Remove erroneous kref_get on IO request (Mike Christie) [727304] - [scsi] bnx2fc: Enable bsg_request support for bnx2fc (Mike Christie) [727304] - [scsi] bnx2fc: Bug fixes in percpu_thread_create/destroy (Mike Christie) [727304] - [scsi] bnx2fc: Reset the max receive frame size (Mike Christie) [727304] - [netdrv] cnic: Wait for all Context IDs to be deleted before sending FCOE_DESTROY_FUNC (Mike Christie) [727304] - [netdrv] cnic: Fix Context ID space calculation (Mike Christie) [727304] - [netdrv] cnic: Return proper error code if we fail to send netlink message (Mike Christie) [727304] - [netdrv] cnic: Fix ring setup/shutdown code (Mike Christie) [727304] - [netdrv] cnic: Fix port_mode setting (Mike Christie) [727304] - [netdrv] cnic: Replace get_random_bytes() with random32() (Mike Christie) [727304] - [scsi] cnic, bnx2i: Add support for new devices - 57800, 57810, and 57840 (Mike Christie) [727304] - [netdrv] cnic: Add VLAN ID as a parameter during netevent upcall (Mike Christie) [727304] - [x86] mm: Fix pgd_lock deadlock (Andrew Jones) [691310] - [mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Andrew Jones) [691310] - [mm] Revert 'fix pgd_lock deadlock' (Andrew Jones) [691310] - [scsi] libfc: fix referencing to fc_fcp_pkt from the frame pointer via fr_fsp() (Mike Christie) [734961] - [scsi] libfc: block SCSI eh thread for blocked rports (Mike Christie) [734961] - [scsi] libfc: fix fc_eh_host_reset (Mike Christie) [734961] - [scsi] fcoe: Fix deadlock between fips recv_work and rtnl (Mike Christie) [734961] - [scsi] fcoe: add fip retry to avoid missing critical keep alive (Mike Christie) [734961] - [scsi] libfc: fix warn on in lport retry (Mike Christie) [734961] - [scsi] libfc: Remove the reference to FCP packet from scsi_cmnd in case of error (Mike Christie) [734961] - [scsi] libfc: cleanup sending SRR request (Mike Christie) [734961] - [scsi] libfc: two minor changes in comments (Mike Christie) [734961] - [scsi] libfc, fcoe: ignore rx frame with wrong xid info (Mike Christie) [734961] - [scsi] libfc: release exchg cache (Mike Christie) [734961] - [scsi] libfc: use FC_MAX_ERROR_CNT (Mike Christie) [734961] - [scsi] fcoe: remove unused ptype field in fcoe_rcv_info (Mike Christie) [734961] - [scsi] fcoe: Rearrange fcoe port and NPIV port cleanup (Mike Christie) [734961] - [x86] intel_idle: Fix mismerge (Matthew Garrett) [733730] - [x86] x2apic: enable the bios request for x2apic optout (Prarit Bhargava) [696902] - [x86] ACPI: fix ioremap failure regression (Stanislaw Gruszka) [731546] [2.6.32-198.el6] - [fs] corrupted GUID partition tables can cause kernel oops (Jerome Marchand) [695982] {CVE-2011-1577} - [x86] perf: Fix Intel fixed counters base initialization (Don Zickus) [736284] {CVE-2011-2521} - [netdrv] iwlagn: use 6000g2b uCode for 130 series devices (Stanislaw Gruszka) [737185] - [block] Missing portions of DM/MD RAID1 plugging patch (Jonathan E Brassow) [735124] - [net] Compute protocol sequence numbers and fragment IDs using MD5. (Jiri Pirko) [732665] {CVE-2011-3188} - [crypto] Move md5_transform to lib/md5.c (Jiri Pirko) [732665] {CVE-2011-3188} [2.6.32-197.el6] - [block] blktrace: fix handling of requests with SYNC and META flags (Mike Snitzer) [726437] - [block] blktrace: add FLUSH/FUA support (Mike Snitzer) [726437] - [kernel] Restore max mqueue message size to its previous RHEL 5 value (Doug Ledford) [730632] [2.6.32-196.el6] - [scsi] qla4xxx: updated device id check for BFS (Chad Dupuis) [732622] - [fs] nfsd4: return nfserr_symlink on v4 OPEN of non-regular file (J. Bruce Fields) [697659] - [netdrv] bnx2: Fix some late breaking bnx2 bugs (Neil Horman) [728328] - [netdrv] e1000: save skb counts in TX to avoid cache misses (Dean Nelson) [690780] - [netdrv] bonding: reset queue mapping prior to transmission (Neil Horman) [726688] - [netdrv] e1000e: update to upstream version 1.4.4 (Andy Gospodarek) [730607] - [netdrv] bonding: add missing xmit_hash_policy=layer2+3 info (Weiping Pan) [706018] - [net] vlan: do not transfer real_num_tx_queues (Weiping Pan) [735015] - [mm] thp: tail page refcounting fix (Andrea Arcangeli) [732986] - [virt] xen: x86_32: do not enable iterrupts when returning from exception in interrupt context (Igor Mammedov) [713399] - [mm] oom: task->mm == NULL doesnt mean the memory was freed (Frantisek Hrbata) [734732] - [scsi] scsi_dh_rdac: Associate HBA and storage in rdac_controller to support partitions in storage (Mike Snitzer) [733763] - [scsi] scsi_dh_rdac: Use WWID from C8 page instead of Subsystem id from C4 page to identify storage (Mike Snitzer) [733763] - [scsi] lpfc: Update lpfc version for 8.3.5.45.3p driver release (Rob Evers) [733500] - [scsi] lpfc: Fix compiler warning due to uninitialized local variable (Rob Evers) [733500] - [scsi] lpfc: Fix bus reset handler fails with bad failure code (Rob Evers) [733500] - [scsi] lpfc: Fix proper error code return value for management API (Rob Evers) [733500] - [scsi] lpfc: Fixed ctlreg write bug (Rob Evers) [733500] - [scsi] lpfc: Fix default adapter name for the OCe15100 (Rob Evers) [733500] - [scsi] lpfc: Fix cable pull failure on interface type 2 SLI-4 adapters (Rob Evers) [733500] - [scsi] lpfc: Fixed not able to perform firmware reset through sysfs board_mode attribute (Rob Evers) [733500] - [scsi] lpfc: Fixed SLI4 device firmware reset with SR-IOV virtual functions (Rob Evers) [733500] - [scsi] lpfc: Fixed not recovering SLI port in handling error attention with RN bit set (Rob Evers) [733500] - [scsi] lpfc: Fix two crashes when unsolicted ELS ECHO_CMD is received (Rob Evers) [733500] - [scsi] lpfc: Fix direct connect does not come up for SLI4 FC ports (Rob Evers) [733500] - [scsi] lpfc: Fixed long wait when firmware reset to a SLI port without required privilege (Rob Evers) [733500] - [scsi] lpfc: Fix request firmware support for little endian systems (Rob Evers) [733500] [2.6.32-195.el6] - [drm] radeon/kms: set a default max_pixel_clock (Dave Airlie) [729545] - [pci] pciehp: change wait time for valid configuration access (Myron Stowe) [727720] - [pci] ACPI: Report ASPM support to BIOS if not disabled from command line (Myron Stowe) [732501] - [ppc] pci: Add calls to set_pcie_port_type() and set_pcie_hotplug_bridge() (Steve Best) [734192] - [ppc] pci: Add missing hookup to pci_slot (Steve Best) [734192] - [ppc] pci: Add missing call to header fixup (Steve Best) [734192] - [virt] xen events: implement mask_ack (Andrew Jones) [733672] - [virt] Revert '[virt] xen/events: change to using fasteoi' (Andrew Jones) [733672] - [scsi] be2iscsi: Add pci_disable device (Mike Christie) [688076] - [scsi] be2iscsi: Adding a shutdown Routine (Mike Christie) [688076] - [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723433] {CVE-2011-2699} - [fs] Ecryptfs: Add mount option to check uid of device being mounted = expect uid (Eric Sandeen) [731176] {CVE-2011-1833} MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1020 CVE-2011-3347 CVE-2011-3638 CVE-2011-4110 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [qemu-kvm-0.12.1.2-2.209.el6] - kvm-hda-do-not-mix-output-and-input-streams-RHBZ-740493-v2.patch [bz#740493] - kvm-hda-do-not-mix-output-and-input-stream-states-RHBZ-740493-v2.patch [bz#740493] - kvm-intel-hda-fix-stream-search.patch [bz#740493] - Resolves: bz#740493 (audio playing doesn't work when sound recorder is opened) [qemu-kvm-0.12.1.2-2.208.el6] - kvm-migration-flush-migration-data-to-disk.patch [bz#721114] - Resolves: bz#721114 (qemu fails to restore guests that were previously suspended on host shutdown) [qemu-kvm-0.12.1.2-2.207.el6] - kvm-migration-s-dprintf-DPRINTF-v2.patch [bz#669581] - kvm-migration-simplify-state-assignmente-v2.patch [bz#669581] - vm-migration-Check-that-migration-is-active-before-canc-v2.patch [bz#669581] - kvm-Reorganize-and-fix-monitor-resume-after-migration-v2.patch [bz#669581] - kvm-migration-add-error-handling-to-migrate_fd_put_notif-v2.patch [bz#669581] - kvm-migration-If-there-is-one-error-it-makes-no-sense-to-v2.patch [bz#669581] - kvm-buffered_file-Use-right-opaque-v2.patch [bz#669581] - kvm-buffered_file-reuse-QEMUFile-has_error-field-v2.patch [bz#669581] - kvm-migration-don-t-write-when-migration-is-not-active-v2.patch [bz#669581] - kvm-migration-set-error-if-select-return-one-error-v2.patch [bz#669581] - kvm-migration-change-has_error-to-contain-errno-values-v2.patch [bz#669581] - kvm-migration-return-real-error-code-v2.patch [bz#669581] - kvm-migration-rename-qemu_file_has_error-to-qemu_file_ge-v2.patch [bz#669581] - kvm-savevm-Rename-has_error-to-last_error-field-v2.patch [bz#669581] - kvm-migration-use-qemu_file_get_error-return-value-when--v2.patch [bz#669581] - kvm-migration-make-save_live-return-errors-v2.patch [bz#669581] - kvm-savevm-qemu_fille_buffer-used-to-return-one-error-fo-v2.patch [bz#669581] - kvm-Fix-segfault-on-migration-completion.patch [bz#669581 bz#749806] - Resolves: bz#669581 (Migration Never end while Use firewall reject migration tcp port) - Resolves: bz#749806 (Migration segfault on migrate_fd_put_notify()/qemu_file_get_error()) [qemu-kvm-0.12.1.2-2.206.el6] - kvm-Revert-savevm-qemu_fille_buffer-used-to-return-one-e.patch [bz#669581] - kvm-Revert-migration-make-save_live-return-errors.patch [bz#669581] - kvm-Revert-migration-use-qemu_file_get_error-return-valu.patch [bz#669581] - kvm-Revert-savevm-Rename-has_error-to-last_error-field.patch [bz#669581] - kvm-Revert-migration-rename-qemu_file_has_error-to-qemu_.patch [bz#669581] - kvm-Revert-migration-return-real-error-code.patch [bz#669581] - kvm-Revert-migration-change-has_error-to-contain-errno-v.patch [bz#669581] - kvm-Revert-migration-set-error-if-select-return-one-erro.patch [bz#669581] - kvm-Revert-migration-don-t-write-when-migration-is-not-a.patch [bz#669581] - kvm-Revert-buffered_file-reuse-QEMUFile-has_error-field.patch [bz#669581] - kvm-Revert-buffered_file-Use-right-opaque.patch [bz#669581] - kvm-Revert-migration-If-there-is-one-error-it-makes-no-s.patch [bz#669581] - kvm-Revert-migration-add-error-handling-to-migrate_fd_pu.patch [bz#669581] - kvm-Revert-Reorganize-and-fix-monitor-resume-after-migra.patch [bz#669581] - kvm-Revert-migration-Check-that-migration-is-active-befo.patch [bz#669581] - kvm-Revert-migration-simplify-state-assignmente.patch [bz#669581] - kvm-Revert-migration-s-dprintf-DPRINTF.patch [bz#669581] - Related: bz#669581 (Migration Never end while Use firewall reject migration tcp port) - Fixes bz#749806 (Migration segfault on migrate_fd_put_notify()/qemu_file_get_error()) [qemu-kvm-0.12.1.2-2.205.el6] - kvm-qxl-fix-guest-cursor-tracking.patch [bz#744518] - kvm-qxl-create-slots-on-post_load-in-vga-state.patch [bz#740547] - kvm-qxl-reset-update_surface.patch [bz#690427] - Resolves: bz#690427 (qemu-kvm crashes when update/roll back of qxl driver in WindowsXP guest) - Resolves: bz#740547 (qxl: migrating when not in native mode causes a 'panic: virtual address out of range') - Resolves: bz#744518 (qemu-kvm core dumps when qxl-linux guest migrate with reboot) [qemu-kvm-0.12.1.2-2.204.el6] - kvm-savevm-qemu_fille_buffer-used-to-return-one-error-fo.patch [bz#669581] - Resolves: bz#669581 (Migration Never end while Use firewall reject migration tcp port) [qemu-kvm-0.12.1.2-2.203.el6] - kvm-qemu-kvm-fix-improper-nmi-emulation-2.patch [bz#738565] - Resolves: bz#738565 ([FJ6.2 Bug]: Failed to capture kdump due to redundant NMIs) [qemu-kvm-0.12.1.2-2.202.el6] - kvm-Revert-qemu-kvm-fix-improper-nmi-emulation.patch [bz#738565] - Related: bz#738565 ([FJ6.2 Bug]: Failed to capture kdump due to redundant NMIs) [qemu-kvm-0.12.1.2-2.201.el6] - kvm-migration-s-dprintf-DPRINTF.patch [bz#669581] - kvm-migration-simplify-state-assignmente.patch [bz#669581] - kvm-migration-Check-that-migration-is-active-before-canc.patch [bz#669581] - kvm-Reorganize-and-fix-monitor-resume-after-migration.patch [bz#669581] - kvm-migration-add-error-handling-to-migrate_fd_put_notif.patch [bz#669581] - kvm-migration-If-there-is-one-error-it-makes-no-sense-to.patch [bz#669581] - kvm-buffered_file-Use-right-opaque.patch [bz#669581] - kvm-buffered_file-reuse-QEMUFile-has_error-field.patch [bz#669581] - kvm-migration-don-t-write-when-migration-is-not-active.patch [bz#669581] - kvm-migration-set-error-if-select-return-one-error.patch [bz#669581] - kvm-migration-change-has_error-to-contain-errno-values.patch [bz#669581] - kvm-migration-return-real-error-code.patch [bz#669581] - kvm-migration-rename-qemu_file_has_error-to-qemu_file_ge.patch [bz#669581] - kvm-savevm-Rename-has_error-to-last_error-field.patch [bz#669581] - kvm-migration-use-qemu_file_get_error-return-value-when-.patch [bz#669581] - kvm-migration-make-save_live-return-errors.patch [bz#669581] - kvm-qemu-kvm-fix-improper-nmi-emulation.patch [bz#738565] - kvm-scsi-fix-accounting-of-writes.patch [bz#744780] - kvm-scsi-disk-bump-SCSIRequest-reference-count-until-aio.patch [bz#744780] - Resolves: bz#669581 (Migration Never end while Use firewall reject migration tcp port) - Resolves: bz#738565 ([FJ6.2 Bug]: Failed to capture kdump due to redundant NMIs) - Resolves: bz#744780 (use-after-free in QEMU SCSI target code) [qemu-kvm-0.12.1.2-2.200.el6] - kvm-Introduce-the-RunState-type.patch [bz#617889] - kvm-RunState-Add-additional-states.patch [bz#617889] - kvm-runstate_set-Check-for-valid-transitions.patch [bz#617889] - kvm-Drop-the-incoming_expected-global-variable.patch [bz#617889] - kvm-Drop-the-vm_running-global-variable.patch [bz#617889] - kvm-Monitor-QMP-Don-t-allow-cont-on-bad-VM-state.patch [bz#617889] - kvm-QMP-query-status-Introduce-status-key.patch [bz#617889] - kvm-HMP-info-status-Print-the-VM-state.patch [bz#617889] - kvm-RunState-Rename-enum-values.patch [bz#617889] - kvm-runstate-Allow-to-transition-from-paused-to-postmigr.patch [bz#617889] - kvm-savevm-qemu_savevm_state-Drop-stop-VM-logic.patch [bz#617889] - kvm-runstate-Allow-user-to-migrate-twice.patch [bz#617889] - kvm-RunState-Don-t-abort-on-invalid-transitions.patch [bz#617889] - Resolves: bz#617889 (QMP: provide VM stop reason) [qemu-kvm-0.12.1.2-2.199.el6] - kvm-usb-hid-activate-usb-tablet-mouse-after-migration.patch [bz#741878] - kvm-ps2-migrate-ledstate.patch [bz#729294] - Resolves: bz#729294 (Keyboard leds/states are not synchronized after migration of guest) - Resolves: bz#741878 (USB tablet mouse does not work well when migrating between 6.2<->6.2 hosts and 6.1<->6.2 hosts) [qemu-kvm-0.12.1.2-2.198.el6] - kvm-bz716261-kvm-Extend-kvm_arch_get_supported_cpuid-to-.patch [bz#716261] - kvm-bz716261-Enable-XSAVE-related-CPUID.patch [bz#716261] - kvm-bz716261-Fix-XSAVE-feature-bit-enumeration.patch [bz#716261] - kvm-bz716261-Synchronize-kernel-headers.patch [bz#716261] - kvm-bz716261-kvm-Enable-XSAVE-live-migration-support.patch [bz#716261] - kvm-bz716261-Put-XSAVE-area-in-a-sub-section.patch [bz#716261] - kvm-bz716261-Enable-xsave-as-a-cpu-flag.patch [bz#716261] - kvm-allow-more-than-1T-in-KVM-x86-guest.patch [bz#743391] - kvm-blockdev-Belatedly-remove-driveopts.patch [bz#742458] - kvm-ide-Remove-useless-IDEDeviceInfo-members-unit-drive.patch [bz#742458] - kvm-block-New-bdrv_next.patch [bz#742458] - kvm-block-Decouple-savevm-from-DriveInfo.patch [bz#742458] - kvm-savevm-Survive-hot-unplug-of-snapshot-device.patch [bz#743269] - kvm-ide-Replace-IDEState-members-is_cdrom-is_cf-by-drive.patch [bz#742458] - kvm-ide-split-ide-command-interpretation-off.patch [bz#742458] - kvm-ide-fix-whitespace-gap-in-ide_exec_cmd.patch [bz#742458] - kvm-trace-Trace-bdrv_set_locked.patch [bz#742458] - kvm-atapi-Drives-can-be-locked-without-media-present.patch [bz#742469] - kvm-atapi-Report-correct-errors-on-guest-eject-request.patch [bz#742458] - kvm-ide-Split-atapi.c-out.patch [bz#742458] - kvm-ide-atapi-Factor-commands-out.patch [bz#742458] - kvm-ide-atapi-Use-table-instead-of-switch-for-commands.patch [bz#742458] - kvm-ide-atapi-Replace-bdrv_get_geometry-calls-by-s-nb_se.patch [bz#742458] - kvm-ide-atapi-Introduce-CHECK_READY-flag-for-commands.patch [bz#742458] - kvm-atapi-Move-comment-to-proper-place.patch [bz#742458] - kvm-atapi-Explain-why-we-need-a-media-not-present-state.patch [bz#742458] - kvm-block-QMP-Deprecate-query-block-s-type-drop-info-blo.patch [bz#742458] - kvm-blockdev-Make-eject-fail-for-non-removable-drives-ev.patch [bz#742476] - kvm-block-Reset-device-model-callbacks-on-detach.patch [bz#742458] - kvm-block-raw-win32-Drop-disabled-code-for-removable-hos.patch [bz#742458] - kvm-block-Make-BlockDriver-method-bdrv_set_locked-return.patch [bz#742458] - kvm-block-Make-BlockDriver-method-bdrv_eject-return-void.patch [bz#742458] - kvm-block-Don-t-let-locked-flag-prevent-medium-load.patch [bz#742480] - kvm-scsi-disk-Codingstyle-fixes.patch [bz#742458] - kvm-scsi-Remove-references-to-SET_WINDOW.patch [bz#742458] - kvm-scsi-Remove-REZERO_UNIT-emulation.patch [bz#742458] - kvm-scsi-Sanitize-command-definitions.patch [bz#742458] - kvm-scsi-disk-Remove-drive_kind.patch [bz#742458] - kvm-scsi-disk-no-need-to-call-scsi_req_data-on-a-short-r.patch [bz#742458] - kvm-scsi-pass-status-when-completing.patch [bz#742458] - kvm-trace-Fix-harmless-mismerge-of-hw-scsi-bus.c-events.patch [bz#742458] - kvm-scsi-move-sense-handling-to-generic-code.patch [bz#742458] - kvm-block-Attach-non-qdev-devices-as-well.patch [bz#742458] - kvm-block-Generalize-change_cb-to-BlockDevOps.patch [bz#742458] - kvm-block-Split-change_cb-into-change_media_cb-resize_cb.patch [bz#742458] - kvm-ide-Update-command-code-definitions-as-per-ACS-2-Tab.patch [bz#742458] - kvm-ide-Clean-up-case-label-indentation-in-ide_exec_cmd.patch [bz#742458] - kvm-ide-Give-vmstate-structs-internal-linkage-where-poss.patch [bz#742458] - kvm-block-raw-Fix-to-forward-method-bdrv_media_changed.patch [bz#742458] - kvm-block-Leave-tracking-media-change-to-device-models.patch [bz#742458] - kvm-fdc-Make-media-change-detection-more-robust.patch [bz#742458] - kvm-block-Clean-up-bdrv_flush_all.patch [bz#742458] - kvm-savevm-Include-writable-devices-with-removable-media.patch [bz#742484] - kvm-scsi-fill-in-additional-sense-length-correctly.patch [bz#742458] - kvm-ide-Fix-ATA-command-READ-to-set-ATAPI-signature-for-.patch [bz#742458] - kvm-ide-Use-a-table-to-declare-which-drive-kinds-accept-.patch [bz#742458] - kvm-ide-Reject-ATA-commands-specific-to-drive-kinds.patch [bz#742458] - kvm-ide-atapi-Clean-up-misleading-name-in-cmd_start_stop.patch [bz#742458] - kvm-ide-atapi-Track-tray-open-close-state.patch [bz#742458] - kvm-scsi-disk-Factor-out-scsi_disk_emulate_start_stop.patch [bz#742458] - kvm-scsi-disk-Track-tray-open-close-state.patch [bz#742458] - kvm-block-Revert-entanglement-of-bdrv_is_inserted-with-t.patch [bz#742458] - kvm-block-Drop-tray-status-tracking-no-longer-used.patch [bz#742458] - kvm-ide-atapi-Track-tray-locked-state.patch [bz#742458] - kvm-scsi-disk-Track-tray-locked-state.patch [bz#742458] - kvm-block-Leave-enforcing-tray-lock-to-device-models.patch [bz#742458] - kvm-block-Drop-medium-lock-tracking-ask-device-models-in.patch [bz#742458] - kvm-block-Rename-bdrv_set_locked-to-bdrv_lock_medium.patch [bz#742458] - kvm-ide-atapi-Don-t-fail-eject-when-tray-is-already-open.patch [bz#742458] - kvm-scsi-disk-Fix-START_STOP-to-fail-when-it-can-t-eject.patch [bz#742458] - kvm-ide-atapi-Preserve-tray-state-on-migration.patch [bz#743342] - kvm-block-Clean-up-remaining-users-of-removable.patch [bz#742458] - kvm-block-Drop-BlockDriverState-member-removable.patch [bz#742458] - kvm-block-Show-whether-the-virtual-tray-is-open-in-info-.patch [bz#723270] - kvm-block-New-change_media_cb-parameter-load.patch [bz#742458] - kvm-ide-atapi-scsi-disk-Make-monitor-eject-f-then-change.patch [bz#676528] - Resolves: bz#676528 (Can't insert media after previous media was forcefully ejected) - Resolves: bz#716261 ([Intel 6.2 FEAT] Add support for XSAVE/XRSTOR qemu-kvm changes) - Resolves: bz#723270 (Report cdrom tray status in a monitor command such as info block) - Resolves: bz#742458 (Tracker Bug:Big block layer backport) - Resolves: bz#742469 (Drives can not be locked without media present) - Resolves: bz#742476 (Make eject fail for non-removable drives even with -f) - Resolves: bz#742480 (Don't let locked flag prevent medium load) - Resolves: bz#742484 (should be also have snapshot on floppy) - Resolves: bz#743269 (Hot unplug of snapshot device crashes) - Resolves: bz#743342 (IDE CD-ROM tray state gets lost on migration) - Resolves: bz#743391 (KVM guest limited to 40bit of physical address space) [qemu-kvm-0.12.1.2-2.197.el6] - kvm-device-assignment-pci_cap_init-add-82599-VF-quirk.patch [bz#742080] - kvm-savevm-teach-qemu_fill_buffer-to-do-partial-refills.patch [bz#725565] - kvm-savevm-some-coding-style-cleanups.patch [bz#725565] - kvm-savevm-define-qemu_get_byte-using-qemu_peek_byte.patch [bz#725565] - kvm-savevm-improve-subsections-detection-on-load.patch [bz#725565] - kvm-Revert-savevm-fix-corruption-in-vmstate_subsection_l.patch [bz#725565] - kvm-QMP-HMP-Drop-the-live-snapshot-commands.patch [bz#742401] - kvm-usb-hub-wakeup-on-attach.patch [bz#733272] - Resolves: bz#725565 (migration subsections are still broken) - Resolves: bz#733272 (Usb stick passthrough failed under uhci+ehci) - Resolves: bz#742080 (Device assignment of 82599 VFs no longer work after patch for v1 PCIe Capability structures) - Resolves: bz#742401 (qemu-kvm disable live snapshot support) [qemu-kvm-0.12.1.2-2.196.el6] - kvm-usb-linux-add-get_endp.patch [bz#733272] - kvm-usb-host-reapurb-error-report-fix.patch [bz#733272] - kvm-usb-host-fix-halted-endpoints.patch [bz#733272] - kvm-usb-host-limit-open-retries.patch [bz#733272] - kvm-usb-host-fix-configuration-tracking.patch [bz#733272] - kvm-usb-host-claim-port.patch [bz#733272] - kvm-usb-host-endpoint-table-fixup.patch [bz#733272] - kvm-usb-host-factor-out-code.patch [bz#733272] - kvm-usb-host-handle-USBDEVFS_SETCONFIGURATION-returning-.patch [bz#733272] - Resolves: bz#733272 (Usb stick passthrough failed under uhci+ehci) [qemu-kvm-0.12.1.2-2.195.el6] - Require spice-server-devel >= 0.8.2-4 [bz#737921] - Resolves: bz#737921 (No Spice password is set on target host after migration) [qemu-kvm-0.12.1.2-2.194.el6] - kvm-spice-turn-client_migrate_info-to-async.patch [bz#737921] - kvm-spice-support-the-new-migration-interface-spice-0.8..patch [bz#737921] - kvm-pci-devfn-check-device-slot-number-in-range.patch [bz#678729] - Resolves: bz#678729 (Hotplug VF/PF with invalid addr value leading to qemu-kvm process quit with core dump) - Resolves: bz#737921 (No Spice password is set on target host after migration) [qemu-kvm-0.12.1.2-2.193.el6] - kvm-usb-bus-Don-t-allow-speed-mismatch-while-attaching-d.patch [bz#728120] - kvm-usb-vmstate-add-parent-dev-path.patch [bz#734995] - kvm-usb-claim-port-at-device-initialization-time.patch [bz#734995] - kvm-usb-host-tag-as-unmigratable.patch [bz#723870] - kvm-usb-storage-fix-NULL-pointer-dereference.patch [bz#733010] - kvm-register-signal-handler-after-initializing-SDL.patch [bz#735716] - kvm-report-that-QEMU-process-was-killed-by-a-signal.patch [bz#735716] - kvm-Tidy-up-message-printed-when-we-exit-on-a-signal.patch [bz#735716] - kvm-Monitor-Convert-do_screen_dump-to-QObject.patch [bz#729969] - kvm-usb-hub-need-to-check-dev-attached.patch [bz#734995] - kvm-usb-fix-port-reset.patch [bz#734995] - kvm-qdev-print-bus-properties-too.patch [bz#678731] - kvm-ide-link-BMDMA-and-IDEState-at-device-creation.patch [bz#739480] - Resolves: bz#678731 (Update qemu-kvm -device pci-assign,? properties) - Resolves: bz#723870 (tag devices without migration support) - Resolves: bz#728120 (print error on usb speed mismatch between device and bus/port) - Resolves: bz#729969 (Make screendump command available in QMP) - Resolves: bz#733010 (core dump when issue fdisk -l in guest which has two usb-storage attached) - Resolves: bz#734995 (Core dump when hotplug three usb-hub into the same port under both uhci and ehci) - Resolves: bz#735716 (QEMU should report the PID of the process that sent it signals for troubleshooting purposes) - Resolves: bz#739480 (qemu-kvm core dumps when migration with reboot) [qemu-kvm-0.12.1.2-2.192.el6] - kvm-spice-workaround-a-spice-server-bug.patch [bz#697441] - kvm-balloon-Disassociate-handlers-from-balloon-device-on.patch [bz#736975] - kvm-virtio-balloon-Disassociate-from-the-balloon-handler.patch [bz#736975] - kvm-virtio-serial-Plug-memory-leak-on-qdev-exit.patch [bz#738019] - kvm-spice-set-qxl-ssd.running-true-before-telling-spice-.patch [bz#733993] - kvm-qemu-kvm-vm_stop-pause-threads-before-calling-other-.patch [bz#729621] - kvm-Fix-termination-by-signal-with-no-shutdown.patch [bz#738487] - kvm-qemu-option-Remove-enable-nesting-from-help-text.patch [bz#738555] - Resolves: bz#697441 (JSON corruption when closing SPICE window) - Resolves: bz#729621 (ASSERT worker->running failed on source qemu during migration with Spice session) - Resolves: bz#733993 (migration target can crash (assert(d->ssd.running))) - Resolves: bz#736975 (Qemu-kvm fails to unregister virtio-balloon-pci device when unplugging) - Resolves: bz#738019 (Memleak in virtio-serial code: VirtIOSerialBus not freed) - Resolves: bz#738487 (Fix termination by signal with -no-shutdown) - Resolves: bz#738555 (Stop exposing -enable-nested) [qemu-kvm-0.12.1.2-2.191.el6] - kvm-CVE-2011-2527-os-posix-set-groups-properly-for-runas.patch [bz#722583] - CVE: CVE-2011-2527 - Resolves: bz#722583 (when started as root, extra groups are not dropped correctly) [qemu-kvm-0.12.1.2-2.190.el6] - kvm-Add-flag-to-indicate-external-users-to-block-device.patch [bz#633370] - kvm-block-enable-in_use-flag.patch [bz#633370] - kvm-block-add-drive-copy-on-read-on-off.patch [bz#633370] - kvm-qed-replace-is_write-with-flags-field.patch [bz#633370] - kvm-qed-extract-qed_start_allocating_write.patch [bz#633370] - kvm-qed-make-qed_aio_write_alloc-reusable.patch [bz#633370] - kvm-qed-add-support-for-copy-on-read.patch [bz#633370] - kvm-qed-avoid-deadlock-on-emulated-synchronous-I-O.patch [bz#633370] - kvm-block-add-bdrv_aio_copy_backing.patch [bz#633370] - kvm-qmp-add-block_stream-command.patch [bz#633370] - kvm-qmp-add-block_job_cancel-command.patch [bz#633370] - kvm-qmp-add-query-block-jobs-command.patch [bz#633370] - kvm-qmp-add-block_job_set_speed-command.patch [bz#633370] - kvm-block-add-drive-stream-on-off.patch [bz#633370] - kvm-qed-intelligent-streaming-implementation.patch [bz#633370] - Resolves: bz#633370 ([6.1 FEAT] Enhance QED image format to support streaming from remote systems) [qemu-kvm-0.12.1.2-2.189.el6] - kvm-qemu-img-Require-larger-zero-areas-for-sparse-handli.patch [bz#730587] - kvm-qxl-send-interrupt-after-migration-in-case-ram-int_p.patch [bz#732949] - kvm-qxl-s-qxl_set_irq-qxl_update_irq.patch [bz#732949] - kvm-block-include-flush-requests-in-info-blockstats-v2.patch [bz#715017] - kvm-block-explicit-I-O-accounting-v2.patch [bz#715017] - kvm-block-latency-accounting-v2.patch [bz#715017] - Resolves: bz#715017 (Report disk latency (read and write) for each storage device) - Resolves: bz#730587 (qemu-img convert takes 25m for specific images when using cache=none) - Resolves: bz#732949 (Guest screen becomes abnormal after migration with spice) [qemu-kvm-0.12.1.2-2.188.el6] - kvm-x86-Introduce-kvmclock-device-to-save-restore-it-fixed.patch [bz#658467] - kvm-use-kernel-provided-para_features-instead-of-statica-take2.patch [bz#624983] - kvm-add-kvmclock-to-its-second-bit-v2-take2.patch [bz#624983] - kvm-create-kvmclock-when-one-of-the-flags-are-present-take2.patch [bz#624983] - kvm-x86-Allow-multiple-cpu-feature-matches-of-lookup_fea-take2.patch [bz#624983] - Resolves: bz#624983 (QEMU should support the newer set of MSRs for kvmclock) - Resolves: bz#658467 (kvm clock breaks migration result stability - for unit test propose) [qemu-kvm-0.12.1.2-2.187.el6] - Revert patches that broke the build - kvm-Revert-block-latency-accounting.patch [bz#715017] - kvm-Revert-block-explicit-I-O-accounting.patch [bz#715017] - kvm-Revert-block-include-flush-requests-in-info-blocksta.patch [bz#715017] - kvm-Revert-x86-Allow-multiple-cpu-feature-matches-of-loo.patch [bz#624983] - kvm-Revert-kvm-create-kvmclock-when-one-of-the-flags-are.patch [bz#624983] - kvm-Revert-add-kvmclock-to-its-second-bit-v2.patch [bz#624983] - kvm-Revert-use-kernel-provided-para_features-instead-of-.patch [bz#624983] - kvm-Revert-kvm-x86-Introduce-kvmclock-device-to-save-res.patch [bz#658467] - Related: bz#624983 (QEMU should support the newer set of MSRs for kvmclock) - Related: bz#658467 (kvm clock breaks migration result stability - for unit test propose) - Related: bz#715017 (Report disk latency (read and write) for each storage device) [qemu-kvm-0.12.1.2-2.186.el6] - kvm-x86-Introduce-kvmclock-device-to-save-restore-it.patch [bz#658467] - kvm-use-kernel-provided-para_features-instead-of-statica.patch [bz#624983] - kvm-add-kvmclock-to-its-second-bit-v2.patch [bz#624983] - kvm-create-kvmclock-when-one-of-the-flags-are-presen.patch [bz#624983] - kvm-x86-Allow-multiple-cpu-feature-matches-of-lookup_fea.patch [bz#624983] - kvm-vhost-net-cleanup-host-notifiers-at-last-step.patch [bz#695285] - kvm-block-include-flush-requests-in-info-blockstats.patch [bz#715017] - kvm-block-explicit-I-O-accounting.patch [bz#715017] - kvm-block-latency-accounting.patch [bz#715017] - kvm-revert-floppy-save-and-restore-DIR-register.patch [bz#718664] - kvm-qemu-sockets-avoid-strlen-of-NULL-pointer.patch [bz#734860] - Resolves: bz#624983 (QEMU should support the newer set of MSRs for kvmclock) - Resolves: bz#658467 (kvm clock breaks migration result stability - for unit test propose) - Resolves: bz#695285 (guest quit with 'Guest moved used index from 256 to 915' error when save_vm) - Resolves: bz#715017 (Report disk latency (read and write) for each storage device) - Resolves: bz#718664 (Migration from host RHEL6.1+ to host RHEL6.0.z failed with floppy) - Resolves: bz#734860 (qemu-kvm: segfault when missing host parameter for socket chardev) [qemu-kvm-0.12.1.2-2.185.el6] - kvm-virtio-prevent-indirect-descriptor-buffer-overflow.patch [bz#713593] - Resolves: bz#713593 (CVE-2011-2212 virtqueue: too-large indirect descriptor buffer overflow [rhel-6.2]) - CVE: CVE-2011-2212 [qemu-kvm-0.12.1.2-2.184.el6] - kvm-bz719818-KVM-qemu-support-for-SMEP.patch [bz#719818] - kvm-vmstate-add-no_migrate-flag-to-VMStateDescription.patch [bz#723870] - kvm-ehci-doesn-t-support-migration.patch [bz#723870] - kvm-usb-storage-first-migration-support-bits.patch [bz#723870] - Resolves: bz#719818 (KVM qemu support for Supervisor Mode Execution Protection (SMEP)) - Resolves: bz#723870 (tag devices without migration support) [qemu-kvm-0.12.1.2-2.183.el6] - kvm-spice-add-sanity-check-for-spice-ports.patch [bz#715582 bz#717958] - kvm-block-add-discard-support.patch [bz#711354] - kvm-qemu-option-New-qemu_opts_reset.patch [bz#711354] - kvm-error-New-qemu_opts_loc_restore.patch [bz#711354] - kvm-scsi-Rebase-to-upstream-v0.15.0-rc2.patch [bz#711354] - kvm-qxl-upon-reset-if-spice-worker-is-stopped-the-comman.patch [bz#728984] - kvm-qxl-allowing-the-command-rings-to-be-not-empty-when-.patch [bz#728984] - Resolves: bz#711354 (Fix and enable enough of SCSI to make usb-storage work) - Resolves: bz#715582 (qemu-kvm doesn't report error when supplied negative spice port value) - Resolves: bz#717958 (qemu-kvm start vnc even though -spice ... is supplied) - Resolves: bz#728984 (Target qemu process - assertion failed during migration) [qemu-kvm-0.12.1.2-2.182.el6] - kvm-spice-catch-spice-server-initialization-failures.patch [bz#682227] - kvm-qcow2-Fix-L1-table-size-after-bdrv_snapshot_goto.patch [bz#729572] - spec: require spice-server-devel >= 0.8.2-2 [bz#723676] - kvm-Add-missing-trace-call-to-oslib-posix.c-qemu_vmalloc.patch [bz#714773] - Resolves: bz#682227 (qemu-kvm doesn't exit when binding to specified port fails) - Resolves: bz#714773 (qemu missing marker for qemu.kvm.qemu_vmalloc) - Related: bz#723676 (spice-server: update to upstream spice 0.8.2) - Resolves: bz#729572 (qcow2: Loading internal snapshot can corrupt image) [qemu-kvm-0.12.1.2-2.181.el6] - kvm-docs-Add-QED-image-format-specification.patch [bz#633380] - kvm-qed-Add-QEMU-Enhanced-Disk-image-format.patch [bz#633380] - kvm-qed-Table-L2-cache-and-cluster-functions.patch [bz#633380] - kvm-qed-Read-write-support.patch [bz#633380] - kvm-qed-Consistency-check-support.patch [bz#633380] - kvm-docs-Fix-missing-carets-in-QED-specification.patch [bz#633380] - kvm-qed-Refuse-to-create-images-on-block-devices.patch [bz#633380] - kvm-qed-Images-with-backing-file-do-not-require-QED_F_NE.patch [bz#633380] - kvm-docs-Describe-zero-data-clusters-in-QED-specificatio.patch [bz#633380] - kvm-qed-Add-support-for-zero-clusters.patch [bz#633380] - kvm-qed-Fix-consistency-check-on-32-bit-hosts.patch [bz#633380] - kvm-block-add-BDRV_O_INCOMING-migration-consistency-hint.patch [bz#633380] - kvm-qed-honor-BDRV_O_INCOMING-for-live-migration-support.patch [bz#633380] - spec file: spec-file-whitelist-QED-image-format [bz#633380] - kvm-qemu-tool-Stub-out-qemu-timer-functions.patch [bz#633380] - kvm-qed-Periodically-flush-and-clear-need-check-bit.patch [bz#633380] - kvm-qed-support-for-growing-images.patch [bz#633380] - kvm-usb-ehci-trace-rename-next-to-nxt.patch [bz#720979] - kvm-qxl-make-sure-primary-surface-is-saved-on-migration.patch [bz#729869] - Resolves: bz#633380 ([6.2 FEAT] Include QED image format for KVM guests) - Resolves: bz#720979 (do not use next as a variable name in qemu-kvm systemtap tapset) - Resolves: bz#729869 (qxl: primary surface not saved on migration) [qemu-kvm-0.12.1.2-2.180.el6] - kvm-virtio-event-index-support.patch [bz#710943] - kvm-pc-rhel-6.1-and-back-compat-event-idx-support.patch [bz#710943] - kvm-qdev-implement-qdev_prop_set_bit.patch [bz#729104] - kvm-pci-insert-assert-that-auto-assigned-address-functio.patch [bz#729104] - kvm-pci-introduce-multifunction-property.patch [bz#729104] - kvm-pci_bridge-make-pci-bridge-aware-of-pci-multi-functi.patch [bz#729104] - kvm-pci-set-multifunction-property-for-normal-device.patch [bz#729104] - kvm-pci-don-t-overwrite-multi-functio-bit-in-pci-header-.patch [bz#729104] - kvm-pci-set-PCI-multi-function-bit-appropriately.patch [bz#729104] - kvm-Add-user_print-handler-to-qxl_screendump-monitor-com.patch [bz#705070] - Resolves: bz#705070 (QMP: screendump command does not allow specification of monitor to capture) - Resolves: bz#710943 (event index support in virtio and vhost-net) - Resolves: bz#729104 (qemu-kvm: pci needs multifunction property) [qemu-kvm-0.12.1.2-2.179.el6] - kvm-usb-linux-make-iso-urb-count-contigurable.patch [bz#723858 bz#723863] - kvm-usb-linux-track-inflight-iso-urb-count.patch [bz#723858 bz#723863] - kvm-ehci-add-freq-maxframes-properties.patch [bz#723858 bz#723863] - kvm-usb-bus-Don-t-allow-attaching-a-device-to-a-bus-with.patch [bz#723858 bz#723863] - kvm-usb-Proper-error-propagation-for-usb_device_attach-e.patch [bz#723858 bz#723863] - kvm-usb-Add-a-speedmask-to-devices.patch [bz#723858 bz#723863] - kvm-usb-linux-allow-compatible-high-speed-devices-to-con.patch [bz#723858 bz#723863] - kvm-usb-ignore-USB_DT_DEBUG.patch [bz#723858 bz#723863] - kvm-usb-Add-a-usb_fill_port-helper-function.patch [bz#723858 bz#723863] - kvm-usb-Move-initial-call-of-usb_port_location-to-usb_fi.patch [bz#723858 bz#723863] - kvm-usb-Add-a-register_companion-USB-bus-op.patch [bz#723858 bz#723863] - kvm-usb-Make-port-wakeup-and-complete-ops-take-a-USBPort.patch [bz#723858 bz#723863] - kvm-usb-Replace-device_destroy-bus-op-with-a-child_detac.patch [bz#723858 bz#723863] - kvm-usb-ehci-drop-unused-num-ports-state-member.patch [bz#723858 bz#723863] - kvm-usb-ehci-Connect-Status-bit-is-read-only-don-t-allow.patch [bz#723858 bz#723863] - kvm-usb-ehci-cleanup-port-reset-handling.patch [bz#723858 bz#723863] - kvm-usb-assert-on-calling-usb_attach-port-NULL-on-a-port.patch [bz#723858 bz#723863] - kvm-usb-ehci-Fix-handling-of-PED-and-PEDC-port-status-bi.patch [bz#723858 bz#723863] - kvm-usb-ehci-Add-support-for-registering-companion-contr.patch [bz#723858 bz#723863] - kvm-usb-uhci-Add-support-for-being-a-companion-controlle.patch [bz#723858 bz#723863] - kvm-pci-add-ich9-usb-controller-ids.patch [bz#723858 bz#723863] - kvm-uhci-add-ich9-controllers.patch [bz#723858 bz#723863] - kvm-ehci-fix-port-count.patch [bz#723858 bz#723863] - kvm-ehci-add-ich9-controller.patch [bz#723858 bz#723863] - kvm-usb-documentation-update.patch [bz#723858 bz#723863] - kvm-usb-fixup-bluetooth-descriptors.patch [bz#723858 bz#723863] - kvm-usb-hub-remove-unused-descriptor-arrays.patch [bz#723858 bz#723863] - kvm-usb-update-documentation.patch [bz#723858 bz#723863] - kvm-usb_register_port-do-not-set-port-opaque-and-port-in.patch [bz#723858 bz#723863] - kvm-qxl-fix-cmdlog-for-vga.patch [bz#700134] - kvm-qxl-interface_get_command-fix-reported-mode.patch [bz#700134] - kvm-spice-add-worker-wrapper-functions.patch [bz#700134] - kvm-spice-add-qemu_spice_display_init_common.patch [bz#700134] - kvm-spice-qxl-move-worker-wrappers.patch [bz#700134] - kvm-qxl-fix-surface-tracking-locking.patch [bz#700134] - kvm-qxl-add-io_port_to_string.patch [bz#700134] - kvm-qxl-error-handling-fixes-and-cleanups.patch [bz#700134] - kvm-qxl-make-qxl_guest_bug-take-variable-arguments.patch [bz#700134] - kvm-qxl-put-QXL_IO_UPDATE_IRQ-into-vgamode-whitelist.patch [bz#700134] - kvm-qxl-allow-QXL_IO_LOG-also-in-vga.patch [bz#700134] - kvm-qxl-only-disallow-specific-io-s-in-vga-mode.patch [bz#700134] - kvm-qxl-async-io-support-using-new-spice-api.patch [bz#700134] - kvm-qxl-add-QXL_IO_FLUSH_-SURFACES-RELEASE-for-guest-S3-.patch [bz#706711] - kvm-qxl-Remove-support-for-the-unused-unstable-device-ID.patch [bz#706711] - kvm-qxl-bump-pci-rev.patch [bz#706711] - kvm-move-balloon-handling-to-balloon.c.patch [bz#694378] - kvm-balloon-Make-functions-local-vars-static.patch [bz#694378] - kvm-balloon-Add-braces-around-if-statements.patch [bz#694378] - kvm-balloon-Simplify-code-flow.patch [bz#694378] - kvm-virtio-balloon-Separate-status-handling-into-separat.patch [bz#694378] - kvm-balloon-Separate-out-stat-and-balloon-handling.patch [bz#694378] - kvm-balloon-Fix-header-comment-add-Copyright.patch [bz#694378] - kvm-virtio-balloon-Fix-header-comment-add-Copyright.patch [bz#694378] - kvm-balloon-Don-t-allow-multiple-balloon-handler-registr.patch [bz#725625] - kvm-virtio-balloon-Check-if-balloon-registration-failed.patch [bz#725625] - kvm-balloon-Reject-negative-balloon-values.patch [bz#694373] - kvm-virtio-balloon-Add-exit-handler-fix-memleaks.patch [bz#726014] - kvm-virtio-balloon-Unregister-savevm-section-on-device-u.patch [bz#726023] - kvm-virtio-blk-Fix-memleak-on-exit.patch [bz#726015] - kvm-virtio-net-don-t-use-vdev-after-virtio_cleanup.patch [bz#726020] - kvm-virtio-Plug-memleak-by-freeing-vdev.patch [bz#726020] - kvm-qemu-img-Use-qemu_blockalign.patch [bz#728905] - kvm-Fix-automatically-assigned-network-names-for-netdev.patch [bz#623907] - kvm-Fix-netdev-name-lookup-in-device-device_add-netdev_d.patch [bz#623907] - kvm-do-not-reset-no_shutdown-after-we-shutdown-the-vm.patch [bz#728464] - Resolves: bz#623907 (device_add rejects valid netdev when NIC with same ID exists) - Resolves: bz#694373 (ballooning value reset to original value after setting a negative number) - Resolves: bz#694378 (Core dump occurs when ballooning memory to 0) - Resolves: bz#700134 ([qemu-kvm] - qxl runs i/o requests synchronously) - Resolves: bz#706711 (qemu-kvm process quits when windows guest doing S3 w/ qxl device) - Resolves: bz#723858 (usb: add companion controller support) - Resolves: bz#723863 (usb: fixes various issues.) - Resolves: bz#725625 (Hot unplug one virtio balloon device cause another balloon device unavailable) - Resolves: bz#726014 (Fix memleak on exit in virtio-balloon) - Resolves: bz#726015 (Fix memleak on exit in virtio-blk) - Resolves: bz#726020 (Fix memleaks in all virtio devices) - Resolves: bz#726023 (Migration after hot-unplug virtio-balloon will not succeed) - Resolves: bz#728464 (QEMU does not honour '-no-shutdown' flag after the first shutdown attempt) - Resolves: bz#728905 (qemu-img: use larger output buffer for cache option 'none') [qemu-kvm-0.12.1.2-2.178.el6] - Require new sgabios package [bz#684949] - Resolves: bz#684949 ([RFE] Ability to display VM BIOS messages on boot) [qemu-kvm-0.12.1.2-2.177.el6] - kvm-Revert-hw-qxl-render-drop-cursor-locks-replace-with-.patch [bz#674583 bz#705070] - kvm-Revert-qxl-spice-remove-qemu_mutex_-un-lock_iothread.patch [bz#674583 bz#705070] - kvm-Revert-qxl-implement-get_command-in-vga-mode-without.patch [bz#674583 bz#705070] - kvm-Revert-qxl-spice-display-move-pipe-to-ssd.patch [bz#674583 bz#705070] - kvm-spice-don-t-create-updates-in-spice-server-context.patch [bz#674583 bz#705070] - kvm-spice-don-t-call-displaystate-callbacks-from-spice-s.patch [bz#674583 bz#705070] - kvm-spice-drop-obsolete-iothread-locking.patch [bz#674583 bz#705070] - kvm-Make-spice-dummy-functions-inline-to-fix-calls-not-c.patch [bz#674583 bz#705070] - kvm-add-qdev_find_by_id.patch [bz#674583 bz#705070] - kvm-add-qxl_screendump-monitor-command.patch [bz#674583 bz#705070] - Resolves: bz#674583 (qemu-kvm build fails without --enable-spice) - Resolves: bz#705070 (QMP: screendump command does not allow specification of monitor to capture) [qemu-kvm-0.12.1.2-2.176.el6] - kvm-net-Consistently-use-qemu_macaddr_default_if_unset.patch [bz#712046] - kvm-virtio-serial-bus-replay-guest_open-on-migration.patch [bz#725965] - kvm-qdev-Fix-printout-of-bit-device-properties-with-bit-.patch [bz#727580] - Resolves: bz#712046 (Qemu allocates an existed macaddress to hotpluged nic) - Resolves: bz#725965 (spice client mouse doesn't work after migration) - Resolves: bz#727580 (bit property doesn't print correctly) [qemu-kvm-0.12.1.2-2.175.el6] - kvm-report-serial-devices-created-with-device-in-the-PII.patch [bz#707130] - kvm-device-assignment-handle-device-with-incorrect-PCIe-.patch [bz#720972] - Resolves: bz#707130 (ACPI description of serial and parallel ports incorrect with -chardev/-device) - Resolves: bz#720972 (Unable to attach PCI device on a booted virt guest) [qemu-kvm-0.12.1.2-2.174.el6] - kvm-usb-hid-RHEL-6.1-migration-compatibility.patch [bz#720237] - Resolves: bz#720237 (usb migration compatibility) [qemu-kvm-0.12.1.2-2.173.el6] - kvm-Change-snapshot_blkdev-hmp-to-use-correct-argument-t.patch [bz#676982] - kvm-QMP-add-snapshot-blkdev-sync-command.patch [bz#676982] - kvm-Add-missing-documentation-for-qemu-img-p.patch [bz#722728] - Resolves: bz#676982 (RFE: no qmp command for live snapshot) - Resolves: bz#722728 (Update qemu-img convert/re-base man page) [qemu-kvm-0.12.1.2-2.172.el6] - kvm-ide-Split-error-status-from-status-register.patch [bz#698537] - kvm-ide-Fix-ide_drive_pio_state_needed.patch [bz#698537] - kvm-ide-Add-forgotten-VMSTATE_END_OF_LIST-in-subsection.patch [bz#698537] - kvm-ide-Clear-error_status-after-restarting-flush.patch [bz#698537] - kvm-qemu-img-Add-cache-command-line-option.patch [bz#713743] - kvm-virtio-serial-bus-use-bh-for-unthrottling.patch [bz#709397] - kvm-usb-bluetooth-compile-out.patch [bz#723864] - kvm-clarify-support-statement-in-KVM-help.patch [bz#725054] - Resolves: bz#698537 - Resolves: bz#709397 - Resolves: bz#713743 - Resolves: bz#723864 - Resolves: bz#725054 [qemu-kvm-0.12.1.2-2.171.el6] - kvm-Add-qemu_ram_alloc_from_ptr-function.patch [bz#696102] - kvm-exec-remove-code-duplication-in-qemu_ram_alloc-and-q.patch [bz#696102] - kvm-Move-extern-of-mem_prealloc-to-cpu-all.h.patch [bz#696102] - kvm-Add-qemu_ram_remap.patch [bz#696102] - kvm-s390-Detect-invalid-invocations-of-qemu_ram_free-rem.patch [bz#696102] - kvm-MCE-unpoison-memory-address-across-reboot.patch [bz#696102] - Resolves: bz#696102 ([Intel 6.2 FEAT] KVM: un-poison page when guest reboot: QEMU part) [qemu-kvm-0.12.1.2-2.170.el6] - kvm-raw-posix-Linearize-direct-I-O-on-Linux-NFS.patch [bz#711213] - kvm-virtio-console-Prevent-abort-s-in-case-of-host-chard.patch [bz#720535] - Resolves: bz#711213 (QEMU should use pass preadv/pwritev a single vector when using cache=none and NFS) - Resolves: bz#720535 ((virtio serial) Guest aborted when transferring data from guest to host) [qemu-kvm-0.12.1.2-2.169.el6] - kvm-rtl8139-cleanup-FCS-calculation.patch [bz#583922] - kvm-rtl8139-add-vlan-tag-extraction.patch [bz#583922] - kvm-rtl8139-add-vlan-tag-insertion.patch [bz#583922] - kvm-usb-serial-Fail-instead-of-crash-when-chardev-is-mis.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-Add-exit-notifiers.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-Return-usb-device-to-host-on-usb_del-command.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-Return-usb-device-to-host-on-exit.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Store-devpath-into-USBHostDevice-when-usb_.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-introduce-a-usb_linux_get_configuration-fu.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Get-the-active-configuration-from-sysfs-ra.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-data-structs-and-helpers-for-usb-descriptors.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hid-use-new-descriptor-infrastructure.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-serial-use-new-descriptor-infrastructure.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-storage-use-new-descriptor-infrastructure.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-scsi-disk-fix-build-disable-cdrom-emulation.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-enable-usb-storage-scsi-bus-scsi-disk.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-wacom-use-new-descriptor-infrastructure.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-bluetooth-use-new-descriptor-infrastructure.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hub-use-new-descriptor-infrastructure.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-descriptors-add-settable-strings.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-storage-serial-number-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-network-use-new-descriptor-infrastructure.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-move-USB_REQ_SET_ADDRESS-handling-to-common-code.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-move-USB_REQ_-GET-SET-_CONFIGURATION-handling-to.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-move-remote-wakeup-handling-to-common-code.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-create-USBPortOps-move-attach-there.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-rework-attach-detach-workflow.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-usb_wakeup-wakeup-callback-to-port-ops.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-uhci-remote-wakeup-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hub-remote-wakeup-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hid-remote-wakeup-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hid-change-serial-number-to-42.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-speed-mask-to-ports.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-attach-callback.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-usb_desc_attach.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-device-qualifier-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-storage-high-speed-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-storage-fix-status-reporting.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-storage-handle-long-responses.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-mass-storage-fix.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-keep-track-of-physical-port-address.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-port-property.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-rewrite-fw-path-fix-numbering.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-zap-pdev-from-usbport.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-USB-keyboard-emulation-key-mapping-error.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hid-modifiers-should-generate-an-event.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-keyboard-add-event-event-queue.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hid-move-head-n-to-common-struct.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-core-add-migration-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hub-add-migration-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-hid-add-migration-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-bus-use-snprintf.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-Add-bootindex-handling-into-usb-storage-device.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-trivial-spelling-fixes.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-initialise-data-element-in-Linux-USB_DISCONNECT-.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-introduce-a-usb_linux_alt_setting-function.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Get-the-alt.-setting-from-sysfs-rather-the.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-s-dprintf-DPRINTF-to-reduce-conflicts.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Add-support-for-buffering-iso-usb-packets.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Refuse-packets-for-endpoints-which-are-not.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Refuse-iso-packets-when-max-packet-size-is.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-We-only-need-to-keep-track-of-15-endpoints.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Add-support-for-buffering-iso-out-usb-pack.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-control-buffer-fixes.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-uhci-switch-to-QTAILQ-cherry-picked-from-commit-ddf6.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-uhci-keep-uhci-state-pointer-in-async-packet-struct.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-ohci-get-ohci-state-via-container_of.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-musb-get-musb-state-via-container_of-cherry-picked-f.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-move-complete-callback-to-port-ops-cherry-picked.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Add-missing-break-statement.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-Add-Interface-Association-Descriptor-descriptor-.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-update-config-descriptors-to-identify-number-of-.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-remove-fallback-to-bNumInterfaces-if-no-.nif.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-support-for-grouped-interfaces-and-the-Inter.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-Bug-757654-UHCI-fails-to-signal-stall-response-patch.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-Pass-the-packet-to-the-device-s-handle_control-c.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-use-usb_generic_handle_packet.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-fix-device-path-aka-physical-port-handling.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-add-hostport-property.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-track-aurbs-in-list.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-walk-async-urb-list-in-cancel.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-split-large-xfers.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-fix-max_packet_size-for-highspeed.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-storage-don-t-call-usb_packet_complete-twice.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-usb_handle_packet.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-keep-track-of-packet-owner.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-move-cancel-callback-to-USBDeviceInfo.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-add-ehci-adapter.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-catch-ENODEV-in-more-places.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-trace-mmio-and-usbsts-usb-ehci-trace-mmio-a.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-trace-state-machine-changes.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-trace-port-state.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-improve-mmio-tracing.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-ehci-trace-workaround.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-trace-buffer-copy.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-add-queue-data-struct.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-multiqueue-support.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-fix-offset-writeback-in-ehci_buffer_rw.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-fix-error-handling.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-ehci-fix-a-number-of-unused-but-set-variable-warning.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-cancel-async-packets-on-unplug.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-drop-EXECUTING-checks.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-Fix-USB-mouse-Set_Protocol-behavior.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-The-USB-tablet-should-not-claim-boot-protocol-suppor.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-itd-handling-fixes.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-ehci-split-trace-calls-to-handle-arg-count-limit.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Get-speed-from-sysfs-rather-then-from-the-.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Teach-about-super-speed.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Don-t-do-perror-when-errno-is-not-set.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Ensure-devep-0.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Don-t-try-to-open-the-same-device-twice.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-only-cleanup-in-host_close-when-host_open-.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-linux-Enlarge-buffer-for-descriptors-to-8192-byt.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-bus-Add-knowledge-of-USB_SPEED_SUPER-to-usb_spee.patch [bz#561414 bz#632299 bz#645351 bz#711354] - kvm-usb-bus-Don-t-detach-non-attached-devices-on-device-.patch [bz#561414 bz#632299 bz#645351 bz#711354] - Resolves: bz#561414 (Writes to virtual usb-storage produce I/O errors) - Resolves: bz#583922 (Guests in same vlan could not ping successfully using rtl8139 nic) - Resolves: bz#632299 (higher CPU load observed for virtualization workload on RHEL 6 than on RHEL 5.5) - Resolves: bz#645351 (Add support for USB 2.0 (EHCI) to QEMU) - Resolves: bz#711354 (Fix and enable enough of SCSI to make usb-storage work) [qemu-kvm-0.12.1.2-2.168.el6] - kvm-vnc-fix-numlock-capslock-tracking.patch [bz#599306] - kvm-Add-an-isa-device-for-SGA.patch [bz#684949] - kvm-pc-add-rhel-6.2-pc-and-make-it-the-default.patch [bz#716906] - Resolves: bz#599306 (Some strange behaviors on key's appearance viewed by using vnc) - Resolves: bz#684949 ([RFE] Ability to display VM BIOS messages on boot) - Resolves: bz#716906 (add 6.2 machine type) [qemu-kvm-0.12.1.2-2.167.el6] - kvm-qemu-img-create-Fix-displayed-default-cluster-size.patch [bz#570830] - kvm-Fix-the-RARP-protocol-ID.patch [bz#715141] - Resolves: bz#570830 (The 'cluster_size' shows wrong size to zero when creating a qcow2 without specify the option) - Resolves: bz#715141 (Wrong Ethertype for RARP) [qemu-kvm-0.12.1.2-2.166.el6] - kvm-virtio-guard-against-negative-vq-notifies.patch [bz#707094] - kvm-blockdev-Belatedly-remove-MAX_DRIVES.patch [bz#627585] - kvm-blockdev-Hide-QEMUMachine-from-drive_init.patch [bz#627585] - kvm-qdev-Move-declaration-of-qdev_init_bdrv-into-qdev.h.patch [bz#627585] - kvm-blockdev-Collect-block-device-code-in-new-blockdev.c.patch [bz#627585] - kvm-Fix-regression-for-drive-file.patch [bz#627585] - kvm-block-Move-error-actions-from-DriveInfo-to-BlockDriv.patch [bz#627585] - kvm-blockdev-Fix-error-message-for-invalid-drive-CHS.patch [bz#627585] - kvm-blockdev-Make-drive_init-use-error_report.patch [bz#627585] - kvm-blockdev-Put-BlockInterfaceType-names-and-max_devs-i.patch [bz#627585] - kvm-blockdev-Fix-regression-in-drive-if-scsi-index-N.patch [bz#627585] - kvm-blockdev-Make-drive_add-take-explicit-type-index-par.patch [bz#627585] - kvm-blockdev-Factor-drive_index_to_-bus-unit-_id-out-of-.patch [bz#627585] - kvm-blockdev-New-drive_get_by_index.patch [bz#627585] - kvm-blockdev-Reject-multiple-definitions-for-the-same-dr.patch [bz#627585] - kvm-blockdev-Replace-drive_add-s-fmt-.-by-optstr-paramet.patch [bz#627585] - kvm-blockdev-Fix-drive_add-for-drives-without-media.patch [bz#627585] - kvm-blockdev-Plug-memory-leak-in-drive_uninit.patch [bz#627585] - kvm-blockdev-Plug-memory-leak-in-drive_init-error-paths.patch [bz#627585] - kvm-vhost-fix-double-free-on-device-stop.patch [bz#699635] - kvm-QMP-QError-New-QERR_UNSUPPORTED.patch [bz#644919] - kvm-QMP-add-inject-nmi-qmp-command.patch [bz#644919] - kvm-HMP-Use-QMP-inject-nmi-implementation.patch [bz#644919] - Resolves: bz#627585 (Improve error messages for bad options in -drive and -device) - Resolves: bz#644919 (RFE: QMP command to trigger an NMI in the guest) - Resolves: bz#699635 ([REG][6.1] After executing virsh dump with --live option and the completion, the subsequent virsh dump command to the same domain behaves abnormally) - Resolves: bz#707094 (qemu-kvm: OOB memory access caused by negative vq notifies [rhel-6.2]) [qemu-kvm-0.12.1.2-2.165.el6] - kvm-ide-Factor-ide_dma_set_inactive-out.patch [bz#701775] - kvm-ide-Set-bus-master-inactive-on-error.patch [bz#701775] - kvm-ide-cleanup-warnings.patch [bz#701775] - kvm-virtio-correctly-initialize-vm_running.patch [bz#701442] - kvm-Add-virtio-disk-identification-support.patch [bz#710349] - kvm-spice-add-option-for-disabling-copy-paste-support-rh.patch [bz#693645] - Resolves: bz#693645 (RFE: add spice option to enable/disable copy paste) - Resolves: bz#701442 (vhost-net not enabled on hotplug) - Resolves: bz#701775 (KVM: stdio is flooded) - Resolves: bz#710349 (Backport serial number support for virtio-blk devices) [qemu-kvm-0.12.1.2-2.164.el6] - kvm-e1000-check-buffer-availability.patch [bz#684127] - kvm-Add-error-message-for-loading-snapshot-without-VM-st.patch [bz#680378] - kvm-BZ710046-qemu-kvm-prints-warning-Using-CPU-model.patch [bz#710046] - Resolves: bz#680378 (no error message when loading zero size internal snapshot) - Resolves: bz#684127 (e1000:Execute multiple netperf clients caused system call interrupted) - Resolves: bz#710046 (qemu-kvm prints warning 'Using CPU model [...]' (with patch)) [qemu-kvm-0.12.1.2-2.163.el6] - kvm-qemu-img-Initial-progress-printing-support.patch [bz#621482] - kvm-Add-dd-style-SIGUSR1-progress-reporting.patch [bz#621482] - kvm-Remove-obsolete-enabled-variable-from-progress-state.patch [bz#621482] - kvm-qemu-progress.c-printf-isn-t-signal-safe.patch [bz#621482] - kvm-qemu-img.c-Remove-superfluous-parenthesis.patch [bz#621482] - kvm-Add-documentation-for-qemu_progress_-init-print.patch [bz#621482] - kvm-Add-qerror-message-if-the-change-target-filename-can.patch [bz#655719] - Resolves: bz#621482 ([RFE] Be able to get progress from qemu-img) - Resolves: bz#655719 (no error pops when change cd to non-exist file) [qemu-kvm-0.12.1.2-2.162.el6] - kvm-virtio-serial-Disallow-generic-ports-at-id-0.patch [bz#700511] - kvm-virtio-serial-Don-t-clear-have_data-pointer-after-un.patch [bz#681736] - kvm-char-Prevent-multiple-devices-opening-same-chardev.patch [bz#656779] - kvm-char-Allow-devices-to-use-a-single-multiplexed-chard.patch [bz#656779] - kvm-char-Detect-chardev-release-by-NULL-handlers-as-well.patch [bz#656779] - kvm-virtio-console-Keep-chardev-open-for-other-users-aft.patch [bz#700512] - kvm-Revert-cdrom-Make-disc-change-event-visible-to-guest.patch [bz#700065] - kvm-Revert-cdrom-Allow-the-TEST_UNIT_READY-command-after.patch [bz#700065] - kvm-atapi-Add-medium-ready-to-medium-not-ready-transitio.patch [bz#700065] - Resolves: bz#656779 (Core dumped when hot plug/un-plug virtio serial port to the same chardev) - Resolves: bz#681736 (Guest->Host communication stops for other ports after one port is unplugged) - Resolves: bz#700065 (Switch to upstream solution for cdrom patches) - Resolves: bz#700511 (virtio-serial: Disallow generic ports at id 0) - Resolves: bz#700512 (Keep chardev open for later reuse) [qemu-kvm-0.12.1.2-2.161.el6] - kvm-Fix-phys-memory-client-pass-guest-physical-address-n.patch [bz#700859] - Resolves: bz#700859 (Fix phys memory client for vhost) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2527 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [2.0.0-209.0.1.el6] - Make sure '--allow-missing' is effective by adding to MKDUMPRD_ARGS in kdump.sysconfig, kdump.sysconfig.i386, and kdump.sysconfig.x86_64 [12590865] [11678808] [2.0.0-209] - Improve debugfs mounting code, from Dave Young. Resolve bug 748748. [2.0.0-208] - Search DUP firmware directory too, from Caspar Zhang. Resolve bug 747233. [2.0.0-207] - Don't run kdump service on s390x, from Caspar Zhang. Resolve bug 746207. [2.0.0-206] - Fix some security flaws, resolve bug 743165. [2.0.0-205] - Fix a scriptlet failure in fence-agents, resolve bug 739050. [2.0.0-204] - Add new config 'force_rebuild', resolve bug 598067. [2.0.0-203] - Warn users to use maxcpus=1 instead of nr_cpus=1 for older kernels, resolve bug 727892. [2.0.0-202] - Pass 'noefi acpi_rsdp=X' to the second kernel, resolve bug 681796. [2.0.0-201] - Include patch 602 for rawbuild, resolve bug 708503. [2.0.0-200] - Remove the warning for reserved memory on x86, resolve BZ 731394. [2.0.0-199] - Add debug_mem_level debugging option, from Jan Stancek. Resolve Bug 734528. [2.0.0-198] - Fix the error message on /etc/cluster_iface, resolve bug 731236. From Ryan O'Hara. [2.0.0-197] - Add coordination between kdump and cluster fencing for long kernel panic dumps, resolve bug 585332. From Ryan O'Hara. [2.0.0-196] - Use nr_cpus=1 instead of maxcpus=1 on x86, resolve Bug 725484. [2.0.0-195] - Fix segfault on ppc machine with 1TB memory, resolve Bug 709441. [2.0.0-194] - Specify kernel version for every modprobe, resolve Bug 719105. [2.0.0-193] - Don't handle raid device specially, resolve Bug 707805. [2.0.0-192] - Read mdadm.conf correctly, resolve Bug 707805. [2.0.0-191] - Use makedumpfile as default core_collector for ssh dump. Resolve Bug 693025. [2.0.0-190] - Revert the previous patch, resolve Bug 701339. [2.0.0-189] - Disable THP in kdump kernel, resolve Bug 701339. MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3588 CVE-2011-3589 CVE-2011-3590 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [2.1.3-9.el6] - Add current password prompt when changing own password in web UI (#751179) - Remove extraneous trailing ' from netgroup patch (#749352) [2.1.3-8.el6] - Updated patch for CVE-2011-3636 to include CR in the HTTP headers. xmlrpc-c in RHEL-6 doesn't suppose the dont_advertise option so that is not set any more. Another fake header, X-Original-User_Agent, is added so there is no more trailing junk after the Referer header. (#749870) [2.1.3-7.el6] - Require an HTTP Referer header to address CSRF attackes. CVE-2011-3636. (#749870) [2.1.3-6.el6] - Users not showing up in nis netgroup triple (#749352) [2.1.3-5.el6] - Add update file to remove entitlement roles, privileges and permissions (#739060) [2.1.3-4.el6] - Quote worker option in krb5kdc (#748754) [2.1.3-3.el6] - hbactest fails while you have svcgroup in hbacrule (#746227) - Add Kerberos domain mapping for system hostname (#747443) - Format certificates as PEM in browser (#701325) [2.1.3-2.el6] - ipa-client-install hangs if the discovered server is unresponsive (#745392) - Fix minor problems in help system (#747028) - Remove help fix from Disable automember patch (#746717) - Update minimum version of sssd to 1.5.1-60 to pick up SELinux fix (#746265) [2.1.3-1.el6] - Update to upstream 2.1.3 release (#736170) - Additional branding (#742264) - Disable automember cli (#746717) - ipa-client-install sometimes fails to start sssd properly (#736954) - ipa-client-install adds duplicate information to krb5.conf (#714597) - ipa-client-install should configure hostname (#714919) - inconsistency in enabling 'delete' buttons (#730751) - hbactest does not resolve canonical names during simulation (#740850) - Default DNS Administration Role - Permissions missing (#742327) - named fails to start after installing ipa server when short (#742875) - Duplicate hostgroup and netgroup should not be allowed (#743253) - named fails to start (#743680) - Global password policy should not be able to be deleted (#744074) - Client install fails when anonymous bind is disabled (#744101) - Internal Server Error adding invalid reverse DNS zone (#744234) - ipa hbactest does not evaluate indirect members from groups. (#744410) - Leaks KDC password and master password via command line arguments (#744422) - Traceback when upgrading from ipa-server-2.1.1-1 (#744798) - IPA User's Primary GID is not being set to their UPG's GID (#745552) - --forwarder option of ipa-dns-install allows invalid IP addr (#745698) - UI does not grant access based on roles (#745957) - Unable to add external user for RunAs User for Sudo (#746056) - Typo in error message while adding invalid ptr record. (#746199) - Don't use python 2.7-only syntax (#746229) - Error when using ipa-client-install with --no-sssd option (#746276) - Installation fails if sssd.conf exists and is already config (#746298) - External hosts are not removed properly from sudorule (#709665) - Competely remove entitlement support (#739060) - Add winsync section to ipa-replica-manage man page (#744306) [2.1.2-2.el6] - Remove python-rhsm as a Requires (#739060) [2.1.2-1.el6] - Update to upstream 2.1.2 release (#736170) - More completely disable entitlement support (#739060) - Drop patch to ignore return value from restorecon (upstreamed) - Set min version of 389-ds-base to 1.2.9.12-2 - Set min version of dogtag to 9.0.3-20 - Rebased hide-pkinit, ipa-RHEL-index and remove-persistent-search patches (#700586) [2.1.1-4.el6] - Update RHEL patch (#740094) [2.1.1-3.el6] - Ignore return value from restorecon (#739604) - Disable entitlement support (#739060, #739061) [2.1.1-2.el6] - Update minimum xmlrpc-c version (#736787) - Fix package installation order causing SELinux problems (#737516) [2.1.1-1.el6] - Update to upstream 2.1.1 release (#732803) [2.1.0-1.el6] - Resolves: rhbz#708388 - Update to upstream 2.1.0 release [2.0.0-25] - Remove client debug logging patch (#705800) [2.0.0-24] - Wait for 389-ds tasks to complete (#698421) - Set replica to restart ipa on boot (#705794) - Improve client debug logging (#705800) - Managed Entries not configured on replicas (#703869) - Don't create bogus aRecord when creating new zone (#704012) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-3636 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [1.2.3-15] - mout.nfs: Don't roll back to IPv4 whe IPv6 fails (bz 744657) - rpcdebug: Added pNFS and FSCache debugging (bz 747400) [1.2.3-14] - mount.nfs: Backported how upstream handles the SIGXFSZ signal (bz 697981) [1.2.3-13] - mount.nfs: Reworked the code that deals with RLIMIT_FSIZE (bz 697981) [1.2.3-12] - Removed the stripping of debugging information from rpcdebug (bz 729001) [1.2.3-11] - mount.nfs: Fixed problem in mount error verbosity patch (bz 731693) [1.2.3-10] - mount.nfs: add error verbosity to invalid versions (bz 731693) [1.2.3-9] - umount.nfs: Got IPV6 unmounts working again (bz 732673) - mountd: return multiple hosts exporting the same directory (bz 726112) - mount: Better error message for invalid version (bz 723780) [1.2.3-8] - initscripts: just try to mount rpc_pipefs always (bz 692702) - Rely on crypto module autoloading in init scripts - svcgssd: Document '-n' for svcgssd (bz 697359) - mount.nfs: anticipate RLIMIT_FSIZE (bz 697981) - exportfs manpage: Ipv6 update (bz 715078) - mountd: Stop segfault in mtab code (bz 723438) - exportfs: wilcards in exports can lead to unintended mounts (bz 715391) - umount: allow spaces in unmount paths (bz 702273) - specfile: reordered how libgssglue is linked in (bz 720479) LOW Copyright 2011 Oracle, Inc. CVE-2011-2500 CVE-2011-1749 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [2.2-17.0.1.el6] - Direct traceroute to linux.oracle.com (John Haxby) [orabug 11713272] - Allow '-' in ticket (SR) numbers (John Haxby) - Disable --upload option as it will not work with Oracle support - Check oraclelinux-release instead of redhat-release to get OS version (John Haxby) [bug 11681869] - Remove RH ftp URL and support email - add sos-oracle-enterprise.patch [2.2-17] - Do not collect subscription manager keys in general plugin Resolves: bz750607 [2.2-16] - Fix execution of RHN hardware.py from hardware plugin Resolves: bz736718 - Fix hardware plugin to support new lsusb path Resolves: bz691477 [2.2-15] - Fix brctl collection when a bridge contains no interfaces Resolves: bz697899 - Fix up2dateclient path in hardware plugin Resolves: bz736718 [2.2-14] - Collect brctl show and showstp output Resolves: bz697899 - Collect nslcd.conf in ldap plugin Resolves: bz682124 [2.2-11] - Truncate files that exceed specified size limit Resolves: bz683219 - Add support for collecting Red Hat Subscrition Manager configuration Resolves: bz714293 - Collect /etc/init on systems using upstart Resolves: bz694813 - Don't strip whitespace from output of external programs Resolves: bz713449 - Collect ipv6 neighbour table in network module Resolves: bz721163 - Collect basic cgroups configuration data Resolves: bz729455 [2.2-10] - Fix collection of data from LVM2 reporting tools in devicemapper plugin Resolves: bz704383 - Add /proc/vmmemctl collection to vmware plugin Resolves: bz709491 [2.2-9] - Collect yum repository list by default Resolves: bz600813 - Add basic Infiniband plugin Resolves: bz673244 - Add plugin for scsi-target-utils iSCSI target Resolves: bz677124 - Fix autofs plugin LC_ALL usage Resolves: bz683404 - Fix collection of lsusb and add collection of -t and -v outputs Resolves: bz691477 - Extend data collection by qpidd plugin Resolves: bz726360 - Add ethtool pause, coalesce and ring (-a, -c, -g) options to network plugin Resolves: bz726427 LOW Copyright 2011 Oracle, Inc. CVE-2011-4083 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [1.8.7.352-3] - mkconfig.rb: fix for continued lines. * ruby-1.8.7-p352-mkconfig.rb-fix-for-continued-lines.patch - Resolves: rhbz#730287 [1.8.7.352-2] - Fix of ruby interpreter crash in FIPS mode. * ruby-1.8.7-FIPS.patch - Resolves: rhbz#717709 [1.8.7.352-1] - Update to Ruby 1.8.7-p352. * Remove Patch43: ruby-1.8.7-CVE-2011-1004.patch; subsumed * Remove Patch44: ruby-1.8.7-CVE-2011-1005.patch; subsumed * Remove Patch200: ruby-1.8.7-webrick-CVE.patch; subsumed - Resolves: rhbz#706332 - Fix of conflict between 32bit and 64bit library versions. - Resolves: rhbz#674787 - Add systemtap static probes. - Resolves: rhbz#673162 - Remove duplicate path entry - Resolves: rhbz#722887 [1.8.7.299-8] - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' * ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' * ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in BigDecimal on 64bit platforms' * ruby-1.8.7-CVE-2011-0188.patch - Resolves: rhbz#709964 LOW Copyright 2011 Oracle, Inc. CVE-2011-3009 CVE-2011-2705 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [0.8.3-5] - Fix regression when converting Win7 32 bit to RHEV (RHBZ#738236) [0.8.3-4] [element] [0.8.3-3] - Add missing dependency on new Sys::Virt [0.8.3-2] - Fix for CVE-2011-1773 - Document limitations wrt Windows Recovery Console [0.8.3-1] - Include missing virt-v2v.db - Rebase to upstream release 0.8.3 [0.8.2-2] - Split configuration into /etc/virt-v2v.conf and /var/lib/virt-v2v/virt-v2v.db - Improve usability as non-root user (RHBZ#671094) - Update man pages to use -os as appropriate (RHBZ#694370) - Warn if user specifies both -n and -b (RHBZ#700759) - Fix cleanup when multiboot OS is detected (RHBZ#702007) - Ensure the cirrus driver is installed if required (RHBZ#708961) - Remove unnecessary dep on perl(IO::Handle) - Fix conversion of xen guests using aio storage backend. - Suppress warning for chainloader grub entries. - Only configure a single scsi_hostadapter for converted VMware guests. [0.8.2-1] - Rebase to upstream release 0.8.2 [0.7.1-4] - Fix detection of Windows XP Pro x64 (RHBZ#679017) - Fix error message when converting Red Hat Desktop (RHBZ#678950) LOW Copyright 2011 Oracle, Inc. CVE-2011-1773 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [1.4.2-44] - Init script should source /etc/sysconfig/cups (bug #744791) [1.4.2-43] - The scheduler might leave old job data files in the spool directory (STR #3795, STR #3880, bug #735505). [1.4.2-42] - A further fix for imageto* filters crashing with bad GIF files (STR #3914, bug #714118). [1.4.2-41] - The imageto* filters could crash with bad GIF files (STR #3867, bug #714118). [1.4.2-40] - Map ASCII to ISO-8859-1 in the transcoding code (STR #3832, bug #681836). - Check for empty values for some configuration directives (STR #3861, bug #706673). - The network backends no longer try to collect SNMP supply and status information for raw queues (STR #3809, bug #709896). - Handle EAI_NONAME when resolving hostnames (bug #712430). LOW Copyright 2011 Oracle, Inc. CVE-2011-2896 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [2.17.2-12.4] - fix CVE-2011-1675 - mount fails to anticipate RLIMIT_FSIZE - fix CVE-2011-1677 - umount may fail to remove /etc/mtab~ lock file [2.17.2-12.3] - fix fatal typos in patch for #723546 [2.17.2-12.2] - rename /etc/hushlogin to /etc/hushlogins (#696731) [2.17.2-12.1] - fix #723546 - Defects revealed by Coverity scan - fix #723352 - cfdisk cannot read default installer partitioning - fix #712158 - uid/gid overflow in ipcs - fix #696959 - wipefs(8) reject partitioned devices - fix #694648 - document blank line at head of fstab - fix #684203 - umount fails on inconsistent fstab - fix #679831 --lines does not work - fix #679741 - canonicalize swap device - fix #692119 - include fstrim tool - fix #675999 - blkid crashes on a server with more than 128 storage devices - fix #696731 - display failed login attempts - fix #726092 - Pass host name from agetty to login - fix #716995 - Remove Deprecation Statement in /etc/udev/rules.d/60-raw.rules - fix #712808 - uuidd should depend on chkconfig - fix #723638 - Backport upstream extensions for lsblk (RHEL6.2) LOW Copyright 2011 Oracle, Inc. CVE-2011-1677 CVE-2011-1675 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [2.16-5.5] - remove some obsolete parameters from capsh manpage [2.16-5.4] - add capsh manpage (#730957) [2.16-5.3] - make sure to chdir ('/') after calling chroot http://cwe.mitre.org/data/definitions/243.html LOW Copyright 2011 Oracle, Inc. CVE-2011-4099 cpe:/a:oracle:exadata_dbserver:18.1.31.0.0::ol6 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:exadata_dbserver:21.2.11.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.5.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.9.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.6::ovs3 cpe:/a:oracle:linux:6::latest cpe:/a:oracle:exadata_dbserver:18.1.32.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.3.11.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.13.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.2.22.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.24.0.0::ol6 cpe:/a:oracle:exadata_dbserver:12.1.2.3.1::ol6 cpe:/a:oracle:exadata_dbserver:18.1.7.0.0::ol6 cpe:/a:oracle:exadata_dbserver:21.2.0.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.5.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.15.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.1.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.7.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.3.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.16.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.4.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.17.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.10.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.1.1::ol6 cpe:/a:oracle:exadata_dbserver:18.1.34.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.3.0.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.20.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.8.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.3.5::ol6 cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:exadata_dbserver:12.1.2.2.1::ol6 cpe:/a:oracle:exadata_dbserver:12.1.2.3.7::ol6 cpe:/a:oracle:exadata_dbserver:21.2.23.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.23.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.4.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.17.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.17.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.12.0.0::ovs3 cpe:/a:oracle:linux:6:5:base cpe:/a:oracle:exadata_dbserver:18.1.8.0.0::ol6 cpe:/a:oracle:exadata_dbserver:12.1.2.3.0::ol6 cpe:/a:oracle:exadata_dbserver:12.1.2.1.0::ol6 cpe:/a:oracle:exadata_dbserver:19.3.10.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.16.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.1.3::ol6 cpe:/a:oracle:exadata_dbserver:18.1.14.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.2.5.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.22.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.18.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.27.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.27.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.28.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.33.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.15.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.19.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.2.3::ol6 cpe:/a:oracle:exadata_dbserver:18.1.26.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.25.0.0::ol6 cpe:/a:oracle:exadata_dbserver:12.2.1.1.2::ol6 cpe:/a:oracle:exadata_dbserver:19.2.2.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.4::ol6 cpe:/a:oracle:exadata_dbserver:21.2.21.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.2.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.15.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.6.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.16.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.7.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.11.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.9.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.3.9.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.13.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.26.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.32.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.3.3::ol6 cpe:/a:oracle:exadata_dbserver:20.1.18.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.28.0.0::ol6 cpe:/a:oracle:exadata_dbserver:21.2.8.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.22.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.3.6.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.1.0.0::ol6 cpe:/a:oracle:exadata_dbserver:12.2.1.1.2::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.29.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.5::ol6 cpe:/a:oracle:exadata_dbserver:19.3.13.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.4.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.0.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.30.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.2.13.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.20.0.0::ol6 cpe:/a:oracle:exadata_dbserver:21.2.16.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.3.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.12.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.12.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.2.2::ol6 cpe:/a:oracle:exadata_dbserver:18.1.6.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.3.2::ol6 cpe:/a:oracle:exadata_dbserver:20.1.20.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.5::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.21.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.8.0.0::ovs3 cpe:/a:oracle:linux:6:9:base cpe:/a:oracle:exadata_dbserver:18.1.5.0.0::ol6 cpe:/a:oracle:exadata_dbserver:21.2.2.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.7::ol6 cpe:/a:oracle:exadata_dbserver:21.2.19.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.14.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.0::ol6 cpe:/a:oracle:exadata_dbserver:12.2.1.1.4::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.3.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.16.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.10.0.0::ol6 cpe:/a:oracle:exadata_dbserver:20.1.13.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.19.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.25.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.18.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.22.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.19.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.14.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.30.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.4.0.0::ol6 cpe:/a:oracle:exadata_dbserver:12.2.1.1.3::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.18.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.1.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.0.0.0::ovs3 cpe:/a:oracle:linux:6:7:base cpe:/a:oracle:exadata_dbserver:18.1.34.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.8::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.3.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.4.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.5.0.0::ovs3 cpe:/a:oracle:linux:6:10:base cpe:/a:oracle:exadata_dbserver:12.2.1.1.6::ol6 cpe:/a:oracle:exadata_dbserver:18.1.2.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.14.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.12.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.21.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.14.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.17.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.24.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.7::ovs3 cpe:/a:oracle:linux:6:8:base cpe:/a:oracle:exadata_dbserver:19.3.3.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.7.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.8.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.6.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.1.0.0.0::ovs3 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:exadata_dbserver:19.2.12.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.1.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.3::ol6 cpe:/a:oracle:exadata_dbserver:18.1.7.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.6.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.17.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.2.14.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.12.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.21.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.9.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.11.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.13.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.33.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.0.0.0::ol6 cpe:/a:oracle:exadata_dbserver:19.2.10.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.0.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.24.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.18.0.0::ol6 cpe:/a:oracle:exadata_dbserver:21.2.6.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.22.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.29.0.0::ol6 cpe:/a:oracle:exadata_dbserver:12.1.2.2.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.9.0.0::ovs3 cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:exadata_dbserver:20.1.4.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.1::ol6 cpe:/a:oracle:exadata_dbserver:20.1.2.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.20.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.19.0.0::ovs3 cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:exadata_dbserver:18.1.20.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.15.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.11.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.15.0.0::ol6 cpe:/a:oracle:exadata_dbserver:21.2.20.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.7.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:21.2.10.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.8.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.3.4::ol6 cpe:/a:oracle:exadata_dbserver:12.2.1.1.8::ol6 cpe:/a:oracle:exadata_dbserver:19.2.18.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.31.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.9.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:20.1.1.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.5.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.1.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.1.2.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.2.0.0::ol6 cpe:/a:oracle:exadata_dbserver:18.1.19.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.1.1.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.3.16.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.15.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.2.1.1.1::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.1.2::ol6 cpe:/a:oracle:exadata_dbserver:20.1.11.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.17.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.3.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:18.1.10.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:19.2.21.0.0::ovs3 cpe:/a:oracle:exadata_dbserver:12.1.2.3.6::ol6 cpe:/a:oracle:exadata_dbserver:18.1.23.0.0::ol6 Oracle Linux 6 [1.9.4-4] - fix patch application for #747361 [1.9.4-3] - ignore REST cache creation failures as non-root user (#747361) [1.9.4-2] - fix XML-Util provides [1.9.4-1] - update to 1.9.4 (#651897) - update XML_RPC to 1.5.4, Structures_Graph to 1.0.4, Archive_Tar to 1.3.7 [1.9.1-1] - update to 1.9.1 (#651897) - fix installation of XML_RPC license file LOW Copyright 2011 Oracle, Inc. CVE-2011-1072 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:6:7:base cpe:/a:oracle:linux:6::latest cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base cpe:/a:oracle:linux:6::unsupported Oracle Linux 6 [2.7.6-4.0.1.el6] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.7.6-4] - Fixes another XPath problem CVE-2011-2834 - Resolves: rhbz#732335 [2.7.6-3] - Fixes various other issues in 2.7.6 XPath evaluation - Resolves: rhbz#732335 [2.7.6-2] - Fix a potential crasher in XPath or XSLT, CVE-2011-1944 - Resolves: rhbz#710397 LOW Copyright 2011 Oracle, Inc. CVE-2011-1944 CVE-2011-2821 CVE-2010-4494 CVE-2011-0216 CVE-2011-2834 CVE-2010-4008 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:2:base Oracle Linux 6 [qemu-kvm-0.12.1.2-2.209.el6_2.1] - kvm-ccid-Fix-buffer-overrun-in-handling-of-VSC_ATR-messa.patch [bz#751312] - CVE: CVE-2011-4111 - Resolves: bz#751312 (CVE-2011-4111 qemu: ccid: buffer overflow in handling of VSC_ATR message [rhel-6.2.z]) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-4111 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [0:6.0.24-35] - Resolves: cve-2011-3190 - Resolves: cve-2011-2204 - Resolves: cve-2011-2526 - Resolves: cve-2011-1184 - Resolves: rhbz 748807 - tomcat6 broken when LANG=fr MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2526 CVE-2011-3190 CVE-2011-5064 CVE-2011-5062 CVE-2011-5063 CVE-2011-1184 CVE-2011-2204 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [1.9-22.1] - add candidate patch to fix a NULL pointer dereference while processing TGS requests (MITKRB5-SA-2011-007, #754046) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1530 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [-7:3.1.10-1.el6_2.1] - Resolves: #755016 - CVE-2011-4096: Invalid free by processing CNAME DNS record MODERATE Copyright 2011 Oracle, Inc. CVE-2011-4096 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [4:5.8.8-32.0.1.el5_7.6] - Up release number and rebuild [4:5.8.8-32.el5.6] - CVE-2010-2761 CVE-2010-4410 perl: CGI module multiple issues fixed by security patch based on commit from version 3.50 - Related: rhbz#743626 [4:5.8.8-32.el5.5] - CVE-2010-2761 CVE-2010-4410 perl: CGI module multiple issues fixed by update of CGI module to 3.54 - Resolves: rhbz#743626 [4:5.8.8-32.el5.4] - 743010 - perl: code injection vulnerability in Digest->new() - Resolves: rhbz#743094 MODERATE Copyright 2011 Oracle, Inc. CVE-2010-2761 CVE-2010-4410 CVE-2011-3597 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:exadata_dbserver:11.2::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.900.1-15.1] - CERT VU#887409: heap buffer overflow flaws lead to arbitrary code execution (#749149) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-4516 CVE-2011-4517 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:5:base Oracle Linux 5 [10.35.58-8.el5.3] - Actually apply the patch for - CVE-2009-4274 #760849 [10.35.58-8.el5.2] - fix xpmtoppm overfow - CVE-2009-4274 (#760849) [10.35.58-8.el5.1] - fix libjasper heap buffer overflow CVE-2011-4516 CVE-2011-4517 (#760849) IMPORTANT Copyright 2011 Oracle, Inc. CVE-2009-4274 CVE-2011-4516 CVE-2011-4517 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.8.11-12.1] - fixed wrong permissions on ipmievd.pid (#756684) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-4339 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [4.2.1-9.1] - Resolves: rhbz#766539 CVE-2011-4599 localeID overflow MODERATE Copyright 2011 Oracle, Inc. CVE-2011-4599 cpe:/a:oracle:linux:6:4:base cpe:/a:oracle:linux:5:9:base cpe:/a:oracle:linux:5::u10_base cpe:/a:oracle:linux:6:3:base cpe:/a:oracle:linux:5::latest cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6:6:base cpe:/a:oracle:linux:5:10:base cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:11:base cpe:/a:oracle:linux:6:5:base cpe:/a:oracle:linux:5:8:base Oracle Linux 6 [12:4.1.1-25.P1.1] - DoS due to processing certain regular expressions (CVE-2011-4539, #765682) MODERATE Copyright 2011 Oracle, Inc. CVE-2011-4539 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 6 [2.7.9-3.el6_2.2] - Add patch for CVE-2011-4602 (RH bug #766452). [2.7.9-3.el6_2.1] - Add patch for CVE-2011-4601 (RH bug #766452). MODERATE Copyright 2011 Oracle, Inc. CVE-2011-4601 CVE-2011-4602 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:3:base Oracle Linux 5 [0:5.5.23-0jpp.22] - Resolves: CVE-2011-0013 rhbz 675931 - Resolves: CVE-2010-3718 rhbz 675931 - Resolves: CVE-2011-1184 rhbz 744983 - Resolves: CVE-2011-2204 rhbz 719181 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2204 CVE-2010-3718 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 CVE-2011-0013 CVE-2011-1184 cpe:/a:oracle:linux:5:8:base cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.6.32-220.2.1.el6] - [dm] fixing test for NULL pointer testing (Paolo Bonzini) [752379 752380] {CVE-2011-4127} [2.6.32-220.1.1.el6] - [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752379 752380] {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752379 752380] {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752379 752380] {CVE-2011-4127} - [x86] amd: Fix align_va_addr kernel parameter (Frank Arnold) [758028 753237] - [md] RAID1: Do not call md_raid1_unplug_device while holding spinlock (Jonathan E Brassow) [755545 752528] - [pci] intel-iommu: Default to non-coherent for domains unattached to iommus (Don Dutile) [757671 746484] - [x86] initialize min_delta_ns in one_hpet_msi_clockevent() (Prarit Bhargava) [756426 728315] - [x86] Update hpet_next_event() (Prarit Bhargava) [756426 728315] - [kernel] sched: Use resched IPI to kick off the nohz idle balance (Vivek Goyal) [750459 717179] - [drm] i915: enable ring freq scaling, RC6 and graphics turbo on Ivy Bridge (Prarit Bhargava) [758513 752163] - [drm] i915: load a ring frequency scaling table (Prarit Bhargava) [758513 752163] - [x86] cpufreq: expose a cpufreq_quick_get_max routine (Prarit Bhargava) [758513 752163] - [sched] Cleanup/optimize clock updates (Larry Woodman) [751403 750237] - [sched] fix skip_clock_update optimization (Larry Woodman) [751403 750237] - [block] virtio-blk: Use ida to allocate disk index (Michael S. Tsirkin) [756427 692767] - [virt] virtio_blk: Replace cryptic number with the macro (Michael S. Tsirkin) [756427 692767] - [kernel] ida: simplified functions for id allocation (Michael S. Tsirkin) [756427 692767] - [virt] revert virtio-blk: Use ida to allocate disk index (Aristeu Rozanski) [756427 692767] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-4127 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 [1.6.1-63.el5_7] - Fix for CVE-2011-4862 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-4862 cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:exadata_dbserver:11.2::ol5 cpe:/a:oracle:exadata_dbserver:11.2.3.1.0::ol5 cpe:/a:oracle:linux:5::latest Oracle Linux 6 [1.0.1-7] - Correct patch, bump release [1.0.1-6] - Fix for CVE-2011-4862 CRITICAL Copyright 2011 Oracle, Inc. CVE-2011-4862 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [2.6.32-100.28.9.el6] - sync up the version [2.6.32-100.28.8.el6] - [block] check for proper length of iov entries earlier in blk_rq_map_user_iov (Xiaotian Feng) {CVE-2010-4668} - scm: lower SCM_MAX_FD (Eric Dumazet) {CVE-2010-4249} - perf_events: Fix perf_counter_mmap() hook in mprotect() (Pekka Enberg) {CVE-2010-4169} - tcp: Increase TCP_MAXSEG socket option minimum (David S. Miller) {CVE-2010-4165} - Enable module force load option [orabug 11782146] - Enable vmw balloon and pvscsi (Guru Anbalagane) [orabug 11697522] [2.6.32-100.28.7.el6] - build from git [2.6.32-100.28.6.el6] - Remove crashkernel option if it is present [bug 11714928] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4165 CVE-2010-4668 CVE-2010-4249 CVE-2010-4169 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.6.32-100.28.11.el6] - fs/partitions: Validate map_count in Mac partition tables {CVE-2011-1010} - nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (v3) {CVE-2011-1090} [2.6.32-100.28.10.el6] - Use cciss for some Smart Array controller for OL5 [orabug 11899706] - CVEs from RHSA-2011-0421 - install_special_mapping skips security_file_mmap check {CVE-2010-4346} - orinoco: fix TKIP countermeasure behaviour {CVE-2010-4648} - net: clear heap allocation for ethtool_get_regs() {CVE-2010-4655} - usb: iowarrior: don't trust report_size for buffer size {CVE-2010-4656} - [media] [v3,media] av7110: check for negative array offset {CVE-2011-0521} - RDMA/cma: Fix crash in request handlers {CVE-2011-0695} - IB/cm: Bump reference count on cm_id before invoking callback {CVE-2011-0695} - gro: reset skb_iif on reuse {CVE-2011-1478} IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4648 CVE-2010-4655 CVE-2011-0521 CVE-2011-1010 CVE-2011-1090 CVE-2011-0695 CVE-2011-1478 CVE-2010-4346 CVE-2010-4656 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.6.32-100.28.15.el6] - sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set {CVE-2011-1573} - dccp: fix oops on Reset after close {CVE-2011-1093} - bridge: netfilter: fix information leak {CVE-2011-1080} - Bluetooth: bnep: fix buffer overflow {CVE-2011-1079} - net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules {CVE-2011-1019} - ipip: add module alias for tunl0 tunnel device - gre: add module alias for gre0 tunnel device - drm/radeon/kms: check AA resolve registers on r300 {CVE-2011-1016} - drm/radeon: fix regression with AA resolve checking {CVE-2011-1016} - drm: fix unsigned vs signed comparison issue in modeset ctl ioctl {CVE-2011-1013} - proc: protect mm start_code/end_code in /proc/pid/stat {CVE-2011-0726} - ALSA: caiaq - Fix possible string-buffer overflow {CVE-2011-0712} - xfs: zero proper structure size for geometry calls {CVE-2011-0711} - xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 {CVE-2011-0711} - ima: fix add LSM rule bug {CVE-2011-0006} - IB/uverbs: Handle large number of entries in poll CQ {CVE-2010-4649, CVE-2011-1044} - CAN: Use inode instead of kernel address for /proc file {CVE-2010-4565} [2.6.32-100.28.14.el6] - IB/qib: fix qib compile warning. - IB/core: Allow device-specific per-port sysfs files. - dm crypt: add plain64 iv. - firmware: add firmware for qib. - Infiniband: Add QLogic PCIe QLE InfiniBand host channel adapters support. IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1079 CVE-2011-1013 CVE-2011-0726 CVE-2011-0711 CVE-2011-1044 CVE-2011-1573 CVE-2011-1080 CVE-2011-1019 CVE-2010-4565 CVE-2011-1093 CVE-2011-0712 CVE-2010-4649 CVE-2011-1016 CVE-2011-0006 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 A [2.6.32-100.28.17.el6] - [net] Extend prot->slab size when add sock extend fields. [2.6.32-100.28.16.el6] - kernel: Fix unlimited socket backlog DoS {CVE-2010-4251} - RDS: Fix congestion issues for loopback - rds: prevent BUG_ON triggering on congestion map updates {CVE-2011-1023} - epoll: prevent creating circular epoll structures {CVE-2011-1082} - fs: fix corrupted OSF partition table parsing {CVE-2011-1163} - fs: Increase OSF partition limit from 8 to 18 {CVE-2011-1163} - netfilter: arp_tables: fix infoleak to userspace {CVE-2011-1170} - netfilter: ip_tables: fix infoleak to userspace {CVE-2011-1171} - ipv6: netfilter: ip6_tables: fix infoleak to userspace {CVE-2011-1172} - [SCSI] mpt2sas: prevent heap overflows and unchecked reads {CVE-2011-1494, CVE-2011-1495} IMPORTANT Copyright 2011 Oracle, Inc. CVE-2010-4251 CVE-2011-1023 CVE-2011-1082 CVE-2011-1170 CVE-2011-1494 CVE-2011-1495 CVE-2011-1172 CVE-2011-1163 CVE-2011-1171 cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:0:ga_patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.6.32-100.35.1.el6uek] - [net] dccp: handle invalid feature options length {CVE-2011-1770} - [net] can: add missing socket check in can/raw release {CVE-2011-1748} - [net] can: Add missing socket check in can/bcm release {CVE-2011-1598} IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1770 CVE-2011-1598 CVE-2011-1748 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.6.32-100.37.1.el6uek] - [net] gre: fix netns vs proto registration ordering {CVE-2011-1767} - [net] tunnels: fix netns vs proto registration ordering {CVE-2011-1768} MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1767 CVE-2011-1768 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:6:patch cpe:/a:oracle:linux:5::latest Oracle Linux 6 [2.6.32-200.16.1.el6uek] - Revert change to restore DEFAULTKERNEL [2.6.32-200.15.1.el6uek] - Add -u parameter to kernel_variant_post to make it work properly for uek [orabug 12819958] [2.6.32-200.14.1.el6uek] - Restore DEFAULTKERNEL value to kernel-uek [orabug 12819958] [2.6.32-200.13.1.el6uek] - make default kernel kernel-uek (Kevin Lyons) [orabug 12803424] [2.6.32-200.12.1.el6uek] - SCSI: Fix oops dereferencing queue (Martin K. Petersen) [orabug 12741636] [2.6.32-200.11.1.el6uek] - inet_diag: fix inet_diag_bc_audit() (Eric Dumazet) [CVE-2011-2213] [2.6.32-200.10.8.el6uek] - block: export blk_{get,put}_queue() (Jens Axboe) - [SCSI] Fix oops caused by queue refcounting failure (James Bottomley) - [dm-mpath] maintain reference count for underlying devices (Martin K. Petersen) [2.6.32-200.10.7.el6uek] - [net] gre: fix netns vs proto registration ordering {CVE-2011-1767} - [net] tunnels: fix netns vs proto registration ordering {CVE-2011-1768} - [rps] don't free rx_queue until netdevice is freed (Dave Kleikamp) [orabug 11071685] [2.6.32-200.10.6.el6uek] - Add entropy generation to nics (John Sobecki) [10622900] - [SCSI] compat_ioct: fix bsg SG_IO [orabug 12732464] - ipc/sem.c: error path in try_atomic_semop() left spinlock locked [2.6.32-200.10.5.el6uek] - update kabi [2.6.32-200.10.4.el6uek] - block: Fix double free in blk_integrity_unregister [orabug 12707880] - block: Make the integrity mapped property a bio flag [orabug 12707880] - dm mpath: do not fail paths after integrity errors [orabug 12707880] - dm ioctl: refactor dm_table_complete [orabug 12707880] - block: Require subsystems to explicitly allocate bio_set integrity mempool [orabug 12707880] - dm: improve block integrity support [orabug 12707880] - sd: Update protection mode strings [orabug 12707880] - [SCSI] fix propogation of integrity errors [orabug 12707880] - [SCSI] modify change_queue_depth to take in reason why it is being called [orabug 12707880] - [SCSI] scsi error: have scsi-ml call change_queue_depth to handle QUEUE_FULL [orabug 12707880] - [SCSI] add queue_depth ramp up code [orabug 12707880] - [SCSI] scsi_dh: Change the scsidh_activate interface to be asynchronous [orabug 12707880] - SCSI: Updated RDAC device handler [orabug 12707880] - [SCSI] scsi_dh: propagate SCSI device deletion [orabug 12707880] - [SCSI] scsi_dh: fix reference counting in scsi_dh_activate error path [orabug 12707880] - qla2xxx: Driver update from QLogic [orabug 12707880] - lpfc 8.3.5.44 driver update from Emulex [orabug 12707880] - Add Hydra (hxge) support [orabug 12314121] - update hxge to 1.3.1 [orabug 12314121] - Hide mwait, TSC invariance and MTRR capability in published CPUID [2.6.32-200.10.3.el6uek] - [config] Revert Add some usb devices supported - [config] make all usb drivers part of the kernel. - [fs] NFS: Don't SIGBUS if nfs_vm_page_mkwrite races with a cache invalidation [orabug 10435482] [2.6.32-200.10.2.el6uek] - [config] Add some usb devices supported. [2.6.32-200.10.1.el6uek] - update kabi changes and revision to -200 series MODERATE Copyright 2011 Oracle, Inc. CVE-2011-2213 CVE-2011-1768 CVE-2011-1767 cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:6::latest_archive Oracle Linux 5 Oracle Linux 6 [2.6.32-200.19.1.el6uek] - Apply new fix for CVE-2011-1576. [2.6.32-200.18.1.el6uek] - Revert 'proc: fix a race in do_io_accounting' [2.6.32-200.17.1.el6uek] - net: Fix memory leak/corruption on VLAN GRO_DROP {CVE-2011-1576} - iommu-api: Extension to check for interrupt remapping {CVE-2011-1898} - KVM: IOMMU: Disable device assignment without interrupt remapping {CVE-2011-1898} - ext4: Fix max file size and logical block counting of extent format file {CVE-2011-2695} - nl80211: fix overflow in ssid_len {CVE-2011-2517} - Bluetooth: Prevent buffer overflow in l2cap config request {CVE-2011-2497} - proc: fix a race in do_io_accounting() {CVE-2011-2495} - proc: restrict access to /proc/PID/io {CVE-2011-2495} - Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace {CVE-2011-2492} - NLM: Don't hang forever on NLM unlock requests {CVE-2011-2491} - ksm: fix NULL pointer dereference in scan_get_next_rmap_item() {CVE-2011-2183} IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1898 CVE-2011-2517 CVE-2011-2497 CVE-2011-2491 CVE-2011-2695 CVE-2011-2495 CVE-2011-2492 CVE-2011-1576 CVE-2011-2183 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.6.32-200.20.1.el6uek] - af_packet: prevent information leak {CVE-2011-2898} - gro: Only reset frag0 when skb can be pulled {CVE-2011-2723} - vm: fix vm_pgoff wrap in stack expansion {CVE-2011-2496} - vm: fix vm_pgoff wrap in upward expansion {CVE-2011-2496} - taskstats: don't allow duplicate entries in listener mode {CVE-2011-2484} - Ecryptfs: Add mount option to check uid of device being mounted {CVE-2011-1833} IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-2496 CVE-2011-2484 CVE-2011-2898 CVE-2011-2723 CVE-2011-1833 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.6.32-200.23.1.el6uek] - net: Remove atmclip.h to prevent break kabi check. - KConfig: add CONFIG_UEK5=n to ol6/config-generic [2.6.32-200.22.1.el6uek] - ipv6: make fragment identifications less predictable (Joe Jin) {CVE-2011-2699} - vlan: fix panic when handling priority tagged frames (Joe Jin) {CVE-2011-3593} - ipv6: udp: fix the wrong headroom check (Maxim Uvarov) {CVE-2011-4326} - b43: allocate receive buffers big enough for max frame len + offset (Maxim Uvarov) {CVE-2011-3359} - fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (Maxim Uvarov) {CVE-2011-3353} - cifs: fix possible memory corruption in CIFSFindNext (Maxim Uvarov) {CVE-2011-3191} - crypto: md5 - Add export support (Maxim Uvarov) {CVE-2011-2699} - fs/partitions/efi.c: corrupted GUID partition tables can cause kernel oops (Maxim Uvarov) {CVE-2011-1577} - block: use struct parsed_partitions *state universally in partition check code (Maxim Uvarov) - net: Compute protocol sequence numbers and fragment IDs using MD5. (Maxim Uvarov) {CVE-2011-3188} - crypto: Move md5_transform to lib/md5.c (Maxim Uvarov) {CVE-2011-3188} - perf tools: do not look at ./config for configuration (Maxim Uvarov) {CVE-2011-2905} - Make TASKSTATS require root access (Maxim Uvarov) {CVE-2011-2494} - TPM: Zero buffer after copying to userspace (Maxim Uvarov) {CVE-2011-1162} - TPM: Call tpm_transmit with correct size (Maxim Uvarov){CVE-2011-1161} - fnic: fix panic while booting in fnic(Xiaowei Hu) - Revert 'PCI hotplug: acpiphp: set current_state to D0 in register_slot' (Guru Anbalagane) - xen: drop xen_sched_clock in favour of using plain wallclock time (Jeremy Fitzhardinge) [2.6.32-200.21.1.el6uek] - PCI: Set device power state to PCI_D0 for device without native PM support (Ajaykumar Hotchandani) [orabug 13033435] IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1577 CVE-2011-3191 CVE-2011-3593 CVE-2011-2494 CVE-2011-1162 CVE-2011-3188 CVE-2011-3353 CVE-2011-4326 CVE-2011-2699 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:6:1:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 [2.6.32-300.3.1.el6uek] - proc: fix oops on invalid /proc/<pid>/maps access (Linux Torvalds) - Revert 'capabilities: do not grant full privs for setuid w/ file caps + no effective caps' (Joe Jin) - [mm]: Use MMF_COMPAT instead ia32_compat to prevent kabi be broken (Joe Jin) - proc: enable writing to /proc/pid/mem (Stephen Wilson) - proc: make check_mem_permission() return an mm_struct on success (Stephen Wilson) - proc: hold cred_guard_mutex in check_mem_permission() (Joe Jin) - proc: disable mem_write after exec (Stephen Wilson) - mm: implement access_remote_vm (Stephen Wilson) - mm: factor out main logic of access_process_vm (Stephen Wilson) - mm: use mm_struct to resolve gate vma's in __get_user_pages (Stephen Wilson) - mm: arch: rename in_gate_area_no_task to in_gate_area_no_mm (Stephen Wilson) - mm: arch: make in_gate_area take an mm_struct instead of a task_struct (Stephen Wilson) - mm: arch: make get_gate_vma take an mm_struct instead of a task_struct (Stephen Wilson) - x86: mark associated mm when running a task in 32 bit compatibility mode (Stephen Wilson) - x86: add context tag to mark mm when running a task in 32-bit compatibility mode (Stephen Wilson) - auxv: require the target to be tracable (or yourself) (Al Viro) - close race in /proc/*/environ (Al Viro) - report errors in /proc/*/*map* sanely (Al Viro) - pagemap: close races with suid execve (Al Viro) - make sessionid permissions in /proc/*/task/* match those in /proc/* (Al Viro) - Revert 'report errors in /proc/*/*map* sanely' (Joe Jin) - Revert 'proc: fix oops on invalid /proc/<pid>/maps access' (Joe Jin) [2.6.32-300.2.1.el6uek] - [kabi] Add missing kabi (Srinivas Maturi) - report errors in /proc/*/*map* sanely (Joe Jin) [2.6.32-300.1.1.el6uek] - [SCSI] qla4xxx: fix build error for OL6 (Joe Jin) - Ecryptfs: Add mount option to check uid of device being mounted = expect uid (Maxim Uvarov) - proc: fix oops on invalid /proc/<pid>/maps access (Linus Torvalds) - x86/mm: Fix pgd_lock deadlock (Joe Jin) - x86, mm: Hold mm->page_table_lock while doing vmalloc_sync (Joe Jin) - proc: restrict access to /proc/PID/io (Vasiliy Kulikov) - futex: Fix regression with read only mappings (Shawn Bohrer) - x86-32, vdso: On system call restart after SYSENTER, use int db_5.ELSA-2011-2037x80 (H. Peter Anvin) - x86, UV: Remove UV delay in starting slave cpus (Jack Steiner) - Include several Xen pv hugepage fixes. (Dave McCracken) - GRO: fix merging a paged skb after non-paged skbs (Michal Schmidt) - md/linear: avoid corrupting structure while waiting for rcu_free to complete. (NeilBrown) - xen: x86_32: do not enable iterrupts when returning from exception in interrupt context (Igor Mammedov) - xen/smp: Warn user why they keel over - nosmp or noapic and what to use instead. (Konrad Rzeszutek Wilk) - hvc_console: Improve tty/console put_chars handling (Hendrik Brueckner) - 3w-9xxx: fix iommu_iova leak (James Bottomley) - aacraid: reset should disable MSI interrupt (Vasily Averin) - libsas: fix failure to revalidate domain for anything but the first expander child. (Mark Salyzyn) - splice: direct_splice_actor() should not use pos in sd (Changli Gao) - libsas: fix panic when single phy is disabled on a wide port (Mark Salyzyn) - epoll: fix spurious lockdep warnings (Nelson Elhage) - kobj_uevent: Ignore if some listeners cannot handle message (Milan Broz) - kmod: prevent kmod_loop_msg overflow in __request_module() (Jiri Kosina) - nfsd4: ignore WANT bits in open downgrade (J. Bruce Fields) - nfsd4: Remove check for a 32-bit cookie in nfsd4_readdir() (Bernd Schubert) - iommu/amd: Fix wrong shift direction (Joerg Roedel) - cfq: Don't allow queue merges for queues that have no process references (Jeff Moyer) - cfq-iosched: get rid of the coop_preempt flag (Jens Axboe) - cfq: break apart merged cfqqs if they stop cooperating (Jeff Moyer) - cfq: change the meaning of the cfqq_coop flag (Jeff Moyer) - cfq: merge cooperating cfq_queues (Jeff Moyer) - cfq: calculate the seek_mean per cfq_queue not per cfq_io_context (Jeff Moyer) - kcore: fix test for end of list (Dan Carpenter) - deal with races in /proc/*/{syscall,stack,personality} (Al Viro) - NLM: Don't hang forever on NLM unlock requests (Maxim Uvarov) - vm: fix vm_pgoff wrap in upward expansion (Hugh Dickins) - vm: fix vm_pgoff wrap in stack expansion (Linus Torvalds) - net_sched: Fix qdisc_notify() (Eric Dumazet) - drivers/net/rionet.c: fix ethernet address macros for LE platforms (Alexandre Bounine) - ext2,ext3,ext4: don't inherit APPEND_FL or IMMUTABLE_FL for new inodes (Theodore Ts'o) - st: fix race in st_scsi_execute_end (Petr Uzel) - Make scsi_free_queue() kill pending SCSI commands (Bart Van Assche) - NFS/sunrpc: don't use a credential with extra groups. (NeilBrown) - netlink: validate NLA_MSECS length (Johannes Berg) - mtd: mtdchar: add missing initializer on raw write (Peter Wippich) - PM / Suspend: Off by one in pm_suspend() (Dan Carpenter) - hfs: add sanity check for file name length (Dan Carpenter) - md/raid5: abort any pending parity operations when array fails. (NeilBrown) - mm: avoid null pointer access in vm_struct via /proc/vmallocinfo (Mitsuo Hayasaka) - USB: Fix Corruption issue in USB ftdi driver ftdi_sio.c (Andrew Worsley) - usb-storage: Accept 8020i-protocol commands longer than 12 bytes (Alan Stern) - [SCSI] ql4xxx: upgrade to 5.02.14.00.32.01-c0 (Joe Jin) - [netdrv] be2net: Merge fixes for CVE-2011-3347 (Joe Jin) - ext4: fix BUG_ON() in ext4_ext_insert_extent() (Zheng Liu) - proc: fix a race in do_io_accounting() (Vasiliy Kulikov) - capabilities: do not grant full privs for setuid w/ file caps + no effective caps (Zhi Li) - KEYS: Fix a NULL pointer deref in the user-defined key type (Maxim Uvarov) - igb: Fix for Alt MAC Address feature on 82580 and later devices (Joe Jin) - [netdrv] enic: fix accidental GRO off by default (Joe Jin) - Fixing use of netif_set_real_num_tx_queues in cxgb4_main.c (Joe Jin) - firmware: Update cxgb4 NIC driver firmware (Joe Jin) - firmware Add latest cxgb3 firmware (Joe Jin) - [netdrv] cxgb3: misc fixes. (Joe Jin) - bnx2x: upgrade bnx2x (Joe Jin) - dcb: add DCBX mode to event notifier attributes (John Fastabend) - dcb: Use ifindex instead of ifname (Mark Rustad) - dcbnl: unlock on an error path in dcbnl_cee_fill() (Dan Carpenter) - dcbnl: Add CEE notification (Shmulik Ravid) - dcbnl: Aggregated CEE GET operation (Shmulik Ravid) - dcb: use nlmsg_free() instead of kfree() (Dan Carpenter) - dcb: Add missing error check in dcb_ieee_set() (John Fastabend) - dcb: fix return type on dcb_setapp() (John Fastabend) - dcb: Add dcb_ieee_getapp_mask() for drivers to query APP settings (John Fastabend) - dcb: Add ieee_dcb_delapp() and dcb op to delete app entry (John Fastabend) - dcb: Add ieee_dcb_setapp() to be used for IEEE 802.1Qaz APP data (John Fastabend) - net: dcbnl, add multicast group for DCB (John Fastabend) - dcb: Add DCBX capabilities bitmask to the get_ieee response (John Fastabend) - dcbnl: add support for retrieving peer configuration - cee (Shmulik Ravid) - dcbnl: add support for retrieving peer configuration - ieee (Shmulik Ravid) - net: dcbnl: check correct ops in dcbnl_ieee_set() (John Fastabend) - Don't potentially dereference NULL in net/dcb/dcbnl.c:dcbnl_getapp() (Jesper Juhl) - net: dcb: application priority is per net_device (John Fastabend) - dcbnl: make get_app handling symmetric for IEEE and CEE DCBx (John Fastabend) - dcb: use after free in dcb_flushapp() (Dan Carpenter) - dcb: unlock on error in dcbnl_ieee_get() (Dan Carpenter) - dcbnl: more informed return values for new dcbnl routines (Shmulik Ravid) - dcbnl: cleanup (Shmulik Ravid) - net_dcb: add application notifiers (John Fastabend) - [netdrv] firmware: add bnx2x FW 7.0.23 (Joe Jin) - [netdrv] Fixing use of netif_set_real_num_tx_queues in bnx2.c (Joe Jin) - [netdrv] tg3: drver update. (Joe Jin) - tg3: negate USE_PHYLIB flag check (Jiri Pirko) - [netdrv] e1000e: fix WoL on 82578DM and 82567V3 (Joe Jin) - e1000: don't enable dma receives until after dma address has been setup (Dean Nelson) - [SCSI] bnx2i: Fixed the endian on TTT for NOP out transmission (Eddie Wai) - [SCSI] bnx2fc: upgrade to 1.0.8 (Joe Jin) - [scsi] hpsa: add heartbeat sysfs host attribute (Joe Jin) - [SCSI] move PCI_DEVICE_ID_HP_CISSE to include/linux/pci_ids.h (Joe Jin) - [SCSI] lpfc: update to 8.3.5.45.4p (Joe Jin) - [SCSI] be2iscsi: upgrade to 4.1.239.0 (Joe Jin) - fcoe/libfcoe: Move common code for fcoe_get_lesb to fcoe_transport (Joe Jin) - libfc: Prevent race that causes panic during FCoE port destroy via sysfs (Joe Jin) - [SCSI] isci: dynamic interrupt coalescing (Dan Williams) - megaraid_sas: trim the space and tab. (Joe Jin) - megaraid_sas: Add driver workaround for PERC5/1068 kdump kernel panic (Joe Jin) - scsi_transport_fc: Fix deadlock during fc_remove_host (Joe Jin) - [SCSI] libfc: improve flogi retries to avoid lport stuck (Vasu Dev) - [SCSI] libfc: avoid exchanges collision during lport reset (Vasu Dev) - [SCSI] libfc: fix checking FC_TYPE_BLS (Vasu Dev) - [SCSI] libsas: fix warnings when checking sata/stp protocol (Dan Williams) - [SCSI] libsas: disable scanning lun > 0 on ata devices (Dan Williams) - [SCSI] libsas: Allow expander T-T attachments (Luben Tuikov) - [SCSI] isci: atapi support (Dan Williams) - isci: export phy events via ->lldd_control_phy() (Dan Williams) - [SCSI] isci: The port state should be set to stopping on the last phy. (Jeff Skirvin) - [SCSI] isci: fix decode of DONE_CRC_ERR TC completion status (Jeff Skirvin) - [SCSI] isci: SATA/STP I/O is only returned in the normal path to libsas (Jeff Skirvin) - [SCSI] isci: fix support for large smp requests (Dan Williams) - [SCSI] isci: fix missed unlock in apc_agent_timeout() (Jeff Skirvin) - [SCSI] isci: fix event-get pointer increment (Dan Williams) - [SCSI] isci: add version number (Dan Williams) - [SCSI] isci: fix sata response handling (Dan Williams) - [SCSI] isci: Leave requests alone if already terminating. (Jeff Skirvin) - [SCSI] isci: initial sgpio write support (Dan Williams) - [SCSI] isci: fix sgpio register definitions (Dan Williams) - [SCSI] libsas: sgpio write support (Dan Williams) - [SCSI] scsi scan: don't fail scans when host is in recovery (Mike Christie) - net: Remove atmclip.h to prevent break kabi check (Joe Jin) - SPEC: ol6 req dracut-kernel-004-242.0.3 (Maxim Uvarov) - SPEC: req udev-095-14.27.0.1.el5_7.1 or more (Maxim Uvarov) - SPEC: el5 mkinird more then 5.1.19.6-71.0.10 (Maxim Uvarov) - ipv6: make fragment identifications less predictable (Joe Jin) - vlan: fix panic when handling priority tagged frames (Joe Jin) - ipv6: udp: fix the wrong headroom check (Shan Wei) - b43: allocate receive buffers big enough for max frame len + offset (Maxim Uvarov) - fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (Miklos Szeredi) - cifs: fix possible memory corruption in CIFSFindNext (Jeff Layton) - crypto: md5 - Add export support (Maxim Uvarov) - fs/partitions/efi.c: corrupted GUID partition tables can cause kernel oops (Timo Warns) - block: use struct parsed_partitions *state universally in partition check code (Maxim Uvarov) - net: Compute protocol sequence numbers and fragment IDs using MD5 (Maxim Uvarov) - perf tools: do not look at ./config for configuration (Jonathan Nieder) - Make TASKSTATS require root access (Linus Torvalds) - TPM: Zero buffer after copying to userspace (Peter Huewe) - TPM: Call tpm_transmit with correct size (Peter Huewe) - PCI: Set device power state to PCI_D0 for device without native PM support (Ajaykumar Hotchandani) [2.6.32-300.0.12.el6uek] - Install include/drm headers (Maxim Uvarov) [orabug 13260234] - qla2xxx: Double check for command completion if abort mailbox command fails (Chad Dupuis) - Ensure full IOC buffer can be mapped (Martin K. Petersen) - Fix incorrect timeout handling (Martin K. Petersen) [2.6.32-300.0.11.el6uek] - fix pgoff in mbind vma merge (Caspar Zhang) [orabug 13370691] [2.6.32-300.0.10.el6uek] - compat_ioct: move initialization before use in sg_ioctl_trans() (Dan Carpenter) - genirq: Add IRQF_RESUME_EARLY and resume such IRQs earlier (Dan Carpenter) - xen/timer: Missing IRQF_NO_SUSPEND in timer code broke suspend [orabug 13359907] - pids: fix a race in pid generation that causes pids to be reused immediately (Salman) [orabug 13370594] - Revert 'mlx4: Updated the driver version from 1.5.1.6 August 2010 to 1.5.4.1 March 2011 update' (Maxim Uvarov) [orabug 13322248] [2.6.32-300.0.9.el6uek] - [firmware] bnx2x 7.0.20 (Maxim Uvarov) [orabug 13354737] - Revert 'qla2xxx: Double check for command completion if abort mailbox [orabug 13339986] - SPEC: fixes for spec file [orabugs 13359985, 13339700, 13348381] - kabi: Modify Kabi and enable kabicheck [2.6.32-300.0.8.el6uek] - ipv6: add a missing unregister_pernet_subsys call (Neil Horman) - SPEC: hwcap set to 1 for nosegneg (Guru Anbalagane) [orabug 13321811] - put firmware to kernel version specific location (Maxim Uvarov) [orabug 13254457] - xen: drop xen_sched_clock in favour of using plain wallclock time (Jeremy Fitzhardinge) - Revert '[scsi] add lockless to improve queuecommand performance' - fix fnic init panic and san disks are not visible (Xiaowei Hu) - SPEC: Add debug to the list of kernels that kernel-uek should replace in /etc/sysconfig/kernel (Kevin Lyons) [bug 13260459,13339700] - bfa: cleanup Makefile. (Joe Jin) - fc class: add fc host default default dev loss setting (Mike Christie) - fc class: add fc host dev loss sysfs file (Mike Christie) - add dev_loss_tmo support for lpfc, fnic and ibmvfc (Joe Jin) - scsi_transport_fc: Protect against overflow in dev_loss_tmo (Hannes Reinecke) - [netdrv] bna: cleanup Makefile. (Joe Jin) - PCI/e1000e: Add and use pci_disable_link_state_locked() (Yinghai Lu) - tracepoint: Move signal sending tracepoint to events/signal.h (Masami Hiramatsu) - perf_event, x86, mce: Use TRACE_EVENT() for MCE logging (Hidetoshi Seto) - xen: Add support for hugepages on Xen pv domains, including support for hugepages in the balloon driver. (Dave Mccracken) [2.6.32-300.0.7.el6uek] - Add entropy generation to NIC drivers - [netdrv] bnx2x: replace pci_find_capability to pci_pcie_cap - [pci] dma-mapping: dma-mapping.h: add dma_set_coherent_mask - PCI: introduce pci_is_pcie() - PCI: introduce pci_pcie_cap() - PCI: cache PCIe capability offset - [scsi] add lockless to improve queuecommand performance [2.6.32-300.0.6.el6uek] - [netdrv] ixgbe: correct Makefile. [2.6.32-300.0.5.el6uek] bnx2: upgrade to 2.1.11 vlan: allow null VLAN ID to be used ethtool: Add 20G bit definitions ethtool: Add Direct Attach support to connector port reporting bnx2i: add pci_id for brocadcom fcoe: Prevent creation of an NPIV port with duplicate WWPN bnx2i: upgrade to 2.7.0.3 bnx2fc: upgrade to 1.0.6 lpfc: upgrade to 0:8.3.5.45.3p mptsas: upgrade to 3.04.19 netdev: ethtool RXHASH flag be2net: upgrade to 4.0.160r be2iscsi: upgrade to 4.0.160r vmxnet3: upgrade to 1.1.18.0-k add vmxnet3 support e100: merge misc fixes. igb: upgrade to 3.0.6-k igbvf: upgrade to 2.0.0-k e1000: upgrade to 7.3.21-k6-1-NAPI e1000e: upgrade to 1.4.4-k ixgbevf: upgrade to 2.1.0-k [netdrv] bnx2x: upgrade to 1.70.00-0] [block] cciss: upgrade to 3.6.28] [scsi] hpsa: upgrade to 2.0.2-3] [scsi] arcmsr: upgrade to 1.20.00.15.el6u2 2010/08/05] [scsi] megaraid: minor update megaraid] fcoe: correct checking for bonding [scsi] ipr: upgrade to 2.5.2] [SCSI] sd: Combine DIF/DIX error handling] [SCSI] Fix printing of failed 32-byte commands] [SCSI] sd: Logical Block Provisioning update] [SCSI] sd: retry read_capacity on UNIT_ATTENTION] [SCSI] libfc: fix mm leak in handling incoming request for target discovery] [SCSI] libfc: release DDP context if frame_send() fails] [SCSI] libfc: don't call resp handler after FC_EX_TIMEOUT] [SCSI] libfc: fix race in SRR response] [SCSI] libfc: do not immediately retry the cmd when seq_send fails in fc_fcp_send_data] [SCSI] libfcoe: Remove unnecessary module state checks] [SCSI] libfc: Enhancement to RPORT state machine applicable only for VN2VN mode] [SCSI] fcoe: Unable to select the exchangeID from offload pool for storage targets] [SCSI] fcoe: Round-robin based selection of CPU for post-processing of incoming commands] [SCSI] fcoe: Amends previous patch, Round-robin based selection of CPU for post processing of incoming request for FCoE target] [SCSI] libfc:Fix for exchange/seq loopup failure when FCoE stack is used as target and connected to windows initaitor] [SCSI] libfc: post reset event on lport reset] [SCSI] fcoe: cleanup cpu selection for incoming requests] [SCSI] scsi_dh_alua: Attach to UNAVAILABLE/OFFLINE AAS devices] [SCSI] iscsi: add module alias] [SCSI] iscsi: fix iscsi_endpoint leak] [SCSI] libiscsi: add helper to convert addr to string] [SCSI] iscsi_tcp: use iscsi_conn_get_addr_param libiscsi function] [SCSI] iscsi class: add callout to get iscsi_endpoint values] [SCSI] libiscsi_tcp: use kmap in xmit path] [SCSI] iscsi_tcp: fix locking around iscsi sk user data] [SCSI] libiscsi_tcp: fix LLD data allocation] [SCSI] libsas: remove spurious sata control register read/write] [SCSI] libsas: fix SATA NCQ error] [SCSI] libsas: fix loopback topology bug during discovery] [SCSI] fcoe: remove unused ptype field in fcoe_rcv_info] [SCSI] libfc: use FC_MAX_ERROR_CNT] [SCSI] libfc: Remove the reference to FCP packet from scsi_cmnd in case of error] [SCSI] libfc: release exchg cache] [SCSI] libfc, fcoe: ignore rx frame with wrong xid info] [SCSI] libfc: two minor changes in comments] [SCSI] libfc: cleanup sending SRR request] [SCSI] libfc: fix warn on in lport retry] [SCSI] fcoe: add fip retry to avoid missing critical keep alive] libfc: fix fc_eh_host_reset [SCSI] libfc: block SCSI eh thread for blocked rports] [SCSI] libfc: fix referencing to fc_fcp_pkt from the frame pointer via fr_fsp()] [SCSI] scsi_lib: pause between error retries] KConfig: add CONFIG_UEK5=n to ol6/config-generic [SCSI] Fix race when removing SCSI devices] ipmi: reduce polling when interrupts are available ipmi: reduce polling ipmi: Fix IPMI errors due to timing problems [SCSI] scsi_dh: Make alua hardware handler's activate() async] [SCSI] scsi_dh_alua: Handle all states correctly] [SCSI] scsi_dh_alua: fix submit_stpg return] [SCSI] scsi_dh_alua: fix deadlock in stpg_endio] [SCSI] scsi_dh_alua: fix stpg_endio group state reporting] [SCSI] scsi_dh: cosmetic change to sizeof()] [SCSI] scsi_dh_rdac : Add definitions for different RDAC operating modes] [SCSI] scsi_dh_rdac : decide whether to send mode select based on operating mode] [SCSI] dh_rdac: Use WWID from C8 page instead of Subsystem id from C4 page to identify storage] [SCSI] dh_rdac: Associate HBA and storage in rdac_controller to support partitions in storage] [SCSI] scsi_dh: Make hp hardware handler's activate() async] [SCSI] scsi_dh_hp_sw: fix deadlock in start_stop_endio] cnic: upgrade to 2.5.7 update enic to 2.1.1.24 enic: remove VF [SCSI] libiscsi: use bh locking instead of irq with session lock] [SCSI] libiscsi: Check TMF state before sending PDU] iscsi: Use struct scsi_lun in iscsi structs instead of u8[8] [SCSI] fix id computation in scsi_eh_target_reset()] [SCSI] Reduce error recovery time by reducing use of TURs] [scsi] mpt2sas: upgrade 09.101.00.00] [SCSI] fcoe: Rearrange fcoe port and NPIV port cleanup] [SCSI] fcoe: Fix deadlock between fip's recv_work and rtnl] [SCSI] Add missing SPC-4 CDB and MAINTENANCE_[IN,OUT] service action definitions] [SCSI] scsi_debug: Thin provisioning support] [SCSI] scsi_debug: fix Thin provisioning support] [SCSI] scsi_debug: add max_queue + no_uld parameters] [SCSI] scsi_debug: Block Limits VPD page fixes] [SCSI] scsi_debug: fix map_region and unmap_region oops] [SCSI] scsi_debug: Update thin provisioning support] [SCSI] scsi_debug: Convert to use root_device_register() and root_device_unregister()] [SCSI] scsi_debug: set resid to indicate no data-in when medium error] [SCSI] scsi_debug: Fix 32-bit overflow in do_device_access causing memory corruption] [SCSI] scsi_debug: Logical Block Provisioning (SBC3r26)] [SCSI] scsi_debug: add consecutive medium errors] drivers/firmware/iscsi_ibft.c: use %pM to show MAC address drivers/firmware/iscsi_ibft.c: remove NIPQUAD_FMT, use %pI4 x86: Make sure wakeup trampoline code is below 1MB ibft, x86: Change reserve_ibft_region() to find_ibft_region() ibft: Update iBFT handling for v1.03 of the spec. [xen] remove unused functions.] bitmap: introduce bitmap_set, bitmap_clear, bitmap_find_next_zero_area [netdrv] s2io: upgrade to 2.0.26.28] [watchdog] hpwdt: upgrade to 1.3.0] qla2xxx: During loopdown perform Diagnostic loopback. qla2xxx: Save and restore irq in the response queue interrupt handler. qla2xxx: Prevent CPU lockups when 'ql2xdontresethba' module param is set. qla2xxx: Fix array out of bound warning. qla2xxx: Acquire hardware lock while manipulating dsd list. qla2xxx: check for marker IOCB during response queue processing. qla2xxx: Fix qla24xx revision check while enabling interrupts. qla2xxx: Implemeted beacon on/off for ISP82XX. qla2xxx: Double check for command completion if abort mailbox command fails. qla2xxx: T10 DIF - Convert HBA specific checks to capability based. qla2xxx: Add support for ISP82xx to capture dump (minidump) on failure. qla2xxx: Enable write permission to some debug related module parameters to be changed dynamically. qla2xxx: Provide method for updating I2C attached VPD. qla2xxx: Set the task attributes after memsetting fcp cmnd. qla2xxx: Update to the beacon implementation. qla2xxx: Correct inadvertent loop state transitions during port-update handling. qla2xxx: Return sysfs error codes appropriate to conditions. qla2xxx: Issue mailbox command only when firmware hung bit is reset for ISP82xx. qla2xxx: Don't call alloc_fw_dump for ISP82XX. qla2xxx: Remove qla2x00_wait_for_loop_ready function. qla2xxx: Display FCP_CMND priority on update. qla2xxx: Check for SCSI status on underruns. qla2xxx: Fix for active_mask warning. qla2xxx: Updated the driver version to 8.03.07.08.32.1-k. ixgbe-3.4.24 kernel.h: add BUILD_BUG_ON_NOT_POWER_OF_2() isci update isci firmware update tg3: Updated the driver version from 3.113 to 3.119 mlx4: Updated the driver version from 1.5.1.6 August 2010 to 1.5.4.1 [2.6.32-300.0.4.el6uek] - Add 32-bit value for MAX_LOCAL_APIC to fix i386-i686 build error after a9da091 [2.6.32-300.0.3.el6uek] - [NET] Update qlcnic driver to 5.0.24 [orabug 13005421] - [NET] Update netxen NIC driver to 4.0.76 [orabug 13005427] - [SCSI] Update megaraid_sas driver to v5.40-rc1 [orabug 13005432] - [NET] Update Brocade BNA driver to 3.0.2.2 [orabug 13005438] - [SCSI] Update Brocade BFA driver to 3.0.2.2 [orabug 13005441] - [NET] Update qlge driver to v1.00.00.29.00.00-01 [orabug 13005443] - [SCSI] mpt2sas: Add a module parameter that permits overriding protection capabilities (Martin K. Petersen) - [SCSI] mpt2sas: Return the correct sense key for DIF errors (Martin K. Petersen) - [SCSI] mpt2sas: Do not check DIF for unwritten blocks (Martin K. Petersen) - [NET] bnx2x: prevent flooded warning kernel info [orabug 12687487] (Joe Jin) - [SCSI] fix lport uninitalized bug in fnic [orabug 12866385] (Xiaowei Hu) - acpi: Handle xapic/x2apic entries in MADT at same time (Yinghai Lu yinghai@kernel.org) [2.6.32-300.0.2.el6uek] - Revert 'netns xfrm: fixup xfrm6_tunnel error propagation' - block: export blk_{get,put}_queue() - Revert 'block: export blk_{get,put}_queue()' [2.6.32-300.0.1.el6uek] - [SCSI] mpt2sas: Fix missing reference tag seed with Type 2 devices (Martin K. Petersen) - stable tree merge to 2.6.32.45 MODERATE Copyright 2011 Oracle, Inc. CVE-2011-1585 CVE-2011-1577 CVE-2011-4110 CVE-2011-2525 CVE-2011-3638 CVE-2011-1020 CVE-2011-2707 CVE-2011-4330 CVE-2011-2495 cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6:2:base cpe:/a:oracle:linux:5::latest Oracle Linux 5 Oracle Linux 6 kernel-uek [2.6.32-300.4.1.el6uek] - [pci] intel-iommu: Default to non-coherent for domains unattached to iommus (Joe Jin) - [dm] do not forward ioctls from logical volumes to the underlying device (Joe Jin) {CVE-2011-4127} - [block] fail SCSI passthrough ioctls on partition devices (Joe Jin) {CVE-2011-4127} - [block] add and use scsi_blk_cmd_ioctl (Joe Jin) {CVE-2011-4127} - [net] gro: reset vlan_tci on reuse (Dan Carpenter) {CVE-2011-1576} - [net] rose: Add length checks to CALL_REQUEST parsing (Ben Hutchings) {CVE-2011-1493} - [net] rose_loopback_timer sets VC number <= ROSE_DEFAULT_MAXVC (Bernard Pidoux F6BVP) {CVE-2011-1493} IMPORTANT Copyright 2011 Oracle, Inc. CVE-2011-1493 CVE-2011-1576 CVE-2011-4127 cpe:/a:oracle:linux:6:2:patch cpe:/a:oracle:linux:5:7:patch cpe:/a:oracle:linux:6::latest_archive cpe:/a:oracle:linux:5::latest